openstack 搭建详细步骤
该博文转载于(https://www.cnblogs.com/whwh/p/16200004.html)
一、openstack单点部署
1、配置虚拟机NAT网络连接
查看vmware的NAT网络默认配置
vmwarestation软件点击 上方“编辑”,选择“虚拟网络编辑器”
找到vmnet10,是NAT模式,子网地址是172.25.2.0,子网掩码是:255.255.255.0.
再点击“NAT设置”,可看到它的网关:172.25.2.2
配置当前虚拟机的网络配置
vmwarestation软件点击 上方“虚拟机”,选择“设置”;
首先没有NAT网卡的,点击“添加”,添加一个新的网络适配器。
已经创建号NAT网卡的,进行如下配置:
网络连接模式改为:"自定义(U):特定虚拟网络"
在下拉选项中,选中“VMnet10(NAT模式)”
配置linux网络
# 进入网络配置目录
cd /etc/sysconfig/network-scripts
# 编辑nat网卡的配置
vi ifcfg-ens33
# 修改或添加如下信息:
BOOTPROTO=static
ONBOOT=yes
IPADDR=172.25.2.101
NETMASK=255.255.255.0
GATEWAY=172.25.2.2
DNS=8.8.8.8
# 在vi编辑器中,输入:wq进行保存退出
vi /etc/resolv.conf
加入:
nameserver 8.8.8.8
输入:wq进行保存退出
# 关闭防火墙
systemctl stop firewalld.service
systemctl disable firewalld.service
# 重启网络
systemctl restart network
# 测试
ping www.baidu.com
2、yum源配置
# 关闭网络管理
systemctl disable NetworkManager
# 关闭selinux,修改文件为disabled
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
# selinux修改生效
setenforce 0
##################################更新yum源#################################
# 将官方的yum源备份到一个新目录:
mkdir /etc/yum.repos.d/repo.bak/
mv /etc/yum.repos.d/*.repo repo.bak/
# 更新下载阿里源
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
# 清理yum
yum clean all
yum makecache
# 更新yum信息
yum update -y
# 查看当前存在的openstack版本安装源
yum list | grep openstack
# 安装安装源
yum install -y centos-release-openstack-queens
# 调整仓库配置文件
vi /etc/yum.repos.d/CentOS-QEMU-EV.repo
# 将文件中/$contentdir/改为/centos-7/
# 添加epel-repo源
curl -o /etc/yum.repos.d/epel-7.repo http://mirrors.aliyun.com/repo/epel-7.repo
# 添加openstack.queens.repo文件信息
cat > /etc/yum.repos.d/openstack-queens.repo << EOF
[queens]
name=queens
baseurl=https://mirrors.aliyun.com/centos/7/cloud/x86_64/openstack-queens/
enabled=1
gpgcheck=0
EOF
# 调整repo文件只保留
CentOS-Base.repo CentOS-QEMU-EV.repo epel-7.repo openstack-queens.repo
# 更新源
yum clean all && yum makecache
# 安装openstack-packstack软件包
yum install -y openstack-packstack
# 安装预备
yum -y install python-pip
# 一键部署openstack
packstack --allinone
# 1.出现error while loading shared libraries: leatherman_curl.so.1.3.0: cannot open shared object file: No such file or directory报错。
# 这种错误是因为,leatherman rpm包版本问题,现有是1.10,实际需要1.3
# 回退leatherman版本
yum downgrade leatherman
yum list | grep leatherman
leatherman.x86_64 1.3.0-9.el7 @queens
leatherman.x86_64 1.10.0-1.el7 epel
leatherman-devel.x86_64 1.10.0-1.el7 epel
二、国赛双节点部署
1、准备虚拟机
创建虚拟机前,创建好vmnet2(仅主机模式),vmnet10(NAT模式)网卡,检查对应的适配器是否创建成功。
准备两台vmware虚拟机,手动最小化安装2台Centos7.2系统,第一个网卡为仅主机模式,第二个网卡为NAT模式,配置CPU虚拟机,4G以上内存,50G以上硬盘。
master节点网卡:
TYPE=Ethernet
BOOTPROTO=static
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
NAME=eno16777736
UUID=f34abd2e-89c9-4daf-a28c-54765164d59d
DEVICE=eno16777736
ONBOOT=yes
IPADDR=192.168.16.10
NETMASK=255.255.255.0
Node节点网卡:
TYPE=Ethernet
BOOTPROTO=static
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
NAME=eno16777736
UUID=8bbcc106-d60f-48cc-aafd-2bde0154fa2e
DEVICE=eno16777736
ONBOOT=yes
IPADDR=192.168.16.20
NETMASK=255.255.255.0
2、镜像挂载
镜像上传到master节点,然后完成挂载即可。
# 挂载linux镜像
cd /root/;
mount -o loop CentOS-7-x86_64-DVD-1511.iso /mnt/;
mkdir /opt/centos7.2;
cp -rvf /mnt/* /opt/centos7.2/
umount /mnt/;
# 挂载iaas镜像
cd /root/;
mount -o loop XianDian-IaaS-v2.2.iso /mnt/;
mkdir /opt/iaas;
cp -rvf /mnt/* /opt/iaas;
umount /mnt/;
3、本地yum配置
分别配置控制节点和计算节点的yum
# 控制节点:
rm -rf /etc/yum.repos.d/CentOS-*;
cat > /etc/yum.repos.d/local.repo <<EOF
[centos]
name=centos
baseurl=file:///opt/centos7.2
gpgcheck=0
enabled=1
[iaas]
name=iass
baseurl=file:///opt/iaas/iaas-repo
gpgcheck=0
enabled=1
EOF
# 计算节点:(如果没有可以后面再配)
rm -rf /etc/yum.repos.d/CentOS-*;
cat > /etc/yum.repos.d/local.repo << EOF
[centos]
name=centos
baseurl=ftp://192.168.16.10/centos7.2
gpgcheck=0
enabled=1
[iaas]
name=iass
baseurl=ftp://192.168.16.10/iaas/iaas-repo
gpgcheck=0
enabled=1
EOF
为计算节点提供ftp访问方式
# 控制节点——yum缓存清理
yum clean all
yum makecache
# 控制节点——安装vsftpd和ftp
yum install -y vsftpd
yum install -y ftp
rpm -qa| grep vsftpd
# 控制节点——修改vsftpd配置文件
在/etc/vsftpd/vsftpd.conf中添加一行代码:
anon_root=/opt
# 控制节点——安装网络工具包
yum install net-tools
# 重启vsftpd服务
systemctl restart vsftpd
# 开机启动vsftpd
systemctl enable vsftpd
# 控制节点、计算节点——关闭防火墙
setenforce 0;
iptables -F;
iptables -X;
iptables -Z;
systemctl stop firewalld;
systemctl disable firewalld;
# 计算节点
yum clean all
yum makecache
4、给计算节点(node)添加新磁盘并分区
在vmware上给计算节点虚拟机添加一个新磁盘
虚拟机——> 设置——> 添加——> 硬盘——> scsi模式——> 创建新虚拟磁盘——> 20G,拆分为多个文件——> 完成
# 重启计算节点虚拟机
reboot
# 查看当前虚拟机的磁盘情况
fdisk -l
# 可以看到Disk /dev/sdb: 21.5 GB是完全空闲的
# 创建两个空白磁盘空间
fdisk /dev/sdb
n,p,回车,回车,+10G
n,p,回车,回车,回车
w
5、在controller和compute节点安装iaas-xiandian包
# 控制节点、计算节点分别执行,安装软件包
yum install -y iaas-xiandian
控制节点、计算节点编辑修改配置文件/etc/xiandian/openrc.sh
##--------------------system Config--------------------##
##Controller Server Manager IP. example:x.x.x.x
HOST_IP=192.168.16.10
##Controller HOST Password. example:000000
HOST_PASS=000000
##Controller Server hostname. example:controller
HOST_NAME=controller
##Compute Node Manager IP. example:x.x.x.x
HOST_IP_NODE=192.168.16.20
##Compute HOST Password. example:000000
HOST_PASS_NODE=000000
##Compute Node hostname. example:compute
HOST_NAME_NODE=compute
##--------------------Chrony Config-------------------##
##Controller network segment IP. example:x.x.0.0/16(x.x.x.0/24)
network_segment_IP=192.168.16.0/24
##--------------------Rabbit Config ------------------##
##user for rabbit. example:openstack
RABBIT_USER=openstack
##Password for rabbit user .example:000000
RABBIT_PASS=000000
##--------------------MySQL Config---------------------##
##Password for MySQL root user . exmaple:000000
DB_PASS=000000
##--------------------Keystone Config------------------##
##Password for Keystore admin user. exmaple:000000
DOMAIN_NAME=demo
ADMIN_PASS=000000
DEMO_PASS=000000
##Password for Mysql keystore user. exmaple:000000
KEYSTONE_DBPASS=000000
##--------------------Glance Config--------------------##
##Password for Mysql glance user. exmaple:000000
GLANCE_DBPASS=000000
##Password for Keystore glance user. exmaple:000000
GLANCE_PASS=000000
##--------------------Nova Config----------------------##
##Password for Mysql nova user. exmaple:000000
NOVA_DBPASS=000000
##Password for Keystore nova user. exmaple:000000
NOVA_PASS=000000
##--------------------Neturon Config-------------------##
##Password for Mysql neutron user. exmaple:000000
NEUTRON_DBPASS=000000
##Password for Keystore neutron user. exmaple:000000
NEUTRON_PASS=000000
##metadata secret for neutron. exmaple:000000
METADATA_SECRET=000000
##Tunnel Network Interface. example:x.x.x.x
INTERFACE_IP=192.168.16.10/192.168.16.20
##External Network Interface. example:eth1 第二张网卡
INTERFACE_NAME=eno33554960
##External Network The Physical Adapter. example:provider
Physical_NAME=provider
##First Vlan ID in VLAN RANGE for VLAN Network. exmaple:101
minvlan=1
##Last Vlan ID in VLAN RANGE for VLAN Network. example:200
maxvlan=2000
##--------------------Cinder Config--------------------##
##Password for Mysql cinder user. exmaple:000000
CINDER_DBPASS=000000
##Password for Keystore cinder user. exmaple:000000
CINDER_PASS=000000
##Cinder Block Disk. example:md126p3
BLOCK_DISK=sdb1
##--------------------Swift Config---------------------##
##Password for Keystore swift user. exmaple:000000
SWIFT_PASS=000000
##The NODE Object Disk for Swift. example:md126p4.
OBJECT_DISK=sdb2
##The NODE IP for Swift Storage Network. example:x.x.x.x.
STORAGE_LOCAL_NET_IP=192.168.16.20
##--------------------Heat Config----------------------##
##Password for Mysql heat user. exmaple:000000
HEAT_DBPASS=000000
##Password for Keystore heat user. exmaple:000000
HEAT_PASS=000000
##--------------------Zun Config-----------------------##
##Password for Mysql Zun user. exmaple:000000
ZUN_DBPASS=000000
##Password for Keystore Zun user. exmaple:000000
ZUN_PASS=000000
##Password for Mysql Kuryr user. exmaple:000000
KURYR_DBPASS=000000
##Password for Keystore Kuryr user. exmaple:000000
KURYR_PASS=000000
##--------------------Ceilometer Config----------------##
##Password for Gnocchi ceilometer user. exmaple:000000
CEILOMETER_DBPASS=000000
##Password for Keystore ceilometer user. exmaple:000000
CEILOMETER_PASS=000000
##--------------------AODH Config----------------##
##Password for Mysql AODH user. exmaple:000000
AODH_DBPASS=000000
##Password for Keystore AODH user. exmaple:000000
AODH_PASS=000000
##--------------------Barbican Config----------------##
##Password for Mysql Barbican user. exmaple:000000
BARBICAN_DBPASS=000000
##Password for Keystore Barbican user. exmaple:000000
BARBICAN_PASS=000000
6、脚本安装openstack平台
控制节点、计算节点分别执行如下脚本安装基础服务:
iaas-pre-host.sh
控制节点部署mysql数据库服务:
iaas-install-mysql.sh
控制节点部署keystone服务:
iaas-install-keystore.sh
控制节点部署glance服务:
iaas-install-glance.sh
控制节点部署nova服务:
iaas-install-nova-controller.sh
计算节点部署nova服务
iaas-install-nova-compute.sh
控制节点部署neutron
iaas-install-neutron-controller.sh
错误处理——修改脚本:
vi /usr/local/bin/iaas-install-neutron-controller-gre.sh
将最后一行的
systemctl enabled neutron-lbaas-agent 改为 systemctl enable neutron-lbaas-agent
再执行下面的脚本:
iaas-install-neutron-controller-gre.sh
计算节点部署neutron
iaas-install-neutron-compute.sh
iaas-install-neutron-compute-gre.sh
控制节点部署dashboard
iaas-install-dashboard.sh
三、Openstack平台使用
两节点部署,192.168.16.10为控制节点。192.168.16.20为计算节点。
1、创建镜像
# 控制节点上,找到qcow2镜像
[root@controller ~]# cd /opt/iaas/images/
[root@controller images]# ls
CentOS_6.5_x86_64_XD.qcow2 CentOS_7.2_x86_64_XD.qcow2 MySQL_5.6_XD.qcow2
# 上传镜像致Glance服务
# 在控制节点,通过glance命令,将qcow2镜像上传到平台
[root@controller images]# source /etc/keystone/admin-openrc.sh
[root@controller images]# glance image-create --name "centos7.2" --disk-format qcow2 --container-format bare --progress < CentOS_7.2_x86_64_XD.qcow2
2、创建虚拟机
(1)创建外部网络
选择菜单栏 项目——> 网络——> 网络。单击 创建网络 ,来创建虚拟机网络。
创建网络名net-gre,配置子网名称为net-subnet,网络地址为192.168.20.0/24,网关为192.168.20.2。
再配置DHCP地址池,激活DHCP,配置DNS为114.114.114.114。点击“已创建”创建网络。
选择菜单栏 管理员——> 系统——> 网络。对已创建的net-gre网络,点击 “编辑网络”,在弹框中勾选“外部网络”。
(2)创建内部网络
选择菜单栏 项目——> 网络——> 网络。单击 创建网络 ,来创建虚拟机网络。
创建网络名int-gre,配置子网名称为 int-subnet,网络地址为10.10.0.0/24,网关为10.10.0.1。
配置DHCP地址池,激活DHCP。点击“已创建”创建网络。
(3)创建路由器
选择菜单栏 项目——> 网络——> 路由。单击 新建路由,来创建路由。
创建路由名称为route,外部网络选择 net-gre。点击“新建路由”创建路由。
在route路由中内部网络接口:
单击新建的路由名称,选择 接口 标签。点击 "增加接口"按钮。
在弹框中,选择 int-gre 内部网络,再点击 提交 。
(4)安全组配置
管理访问策略安全组,选择菜单栏 项目——> 计算——> 访问&安全。单击default安全组 管理规则 按钮。
点击 添加规则 ,选择"所有ICMP协议",单击 添加 按钮;选择"所有TCP协议",单击 添加 按钮;选择"所有UDP协议",单击 添加 按钮。
(5)创建云主机
创建云主机,选择菜单栏 项目——> 计算——> 云主机。单击右侧 "创建云主机"按钮。
云主机名称为:test,数量:1。选择centos7.2镜像;选择m1.small资源类型;选择int-gre网络。然后单击"启动实例"按钮创建实例。
选择菜单栏 项目——> 计算——> 云主机。在主机下拉框中选择 "绑定浮动IP"菜单命令。在弹框中点击 "+"分配一个地址,单击 "分配IP"按钮。点击 "关联"按钮,关联浮动IP地址。
(6)连接云主机
打开CMD窗口,通过ping命令测试连通云主机。
使用secureCRT工具,连接云主机,用户名:root,密码:000000。
四、Keystone服务运维
在Openstack框架中,keystone(Openstack Identity Service)的功能是负责验证身份、校验服务规则和发布服务令牌的,它实现了Openstack的Identity API.keystone可分解为两个功能:权限管理和服务目录。
https://www.cnblogs.com/mh20131118/p/12942346.html
https://www.cnblogs.com/linuxk/p/9282996.html
1、keystone运维命令
# 环境配置
source /etc/keystone/admin-openrc.sh
# 创建 hqs用户
openstack user create --password ps1234 --email hqs@example.com --domain demo hqs
# 创建acme项目
openstack project create --domain demo acme
# 创建角色
openstack role create compute-user
# 绑定用户和项目权限
# 添加的用户需要分配一定的权限,需要把用户关联绑定到对应的项目和角色
openstack role add --user hqs --project acme compute-user
2、keystone查询命令
# 用户列表查询
[root@controller ~]# openstack user list
+----------------------------------+---------+
| ID | Name |
+----------------------------------+---------+
| 0f217182b5af448c988f5464c706a337 | admin |
| 1579d0526c8b4cf0ba1158960054fde0 | neutron |
| 408d6f8e000847a3a9a0f799a1ea2ef6 | hqs |
| 560d1dca91184856822e3750ea2f4afb | nova |
| 5ca7355fbe4f4b87b352a72f9c4b4a66 | cinder |
| 93443c8fc497495e8bb9033a1a52fc1d | demo |
| d5bcfce4e83d4ef696bcd87599399429 | swift |
| e255b170101c41d3b839dbb013daef02 | glance |
+----------------------------------+---------+
# 查询hqs用户详细信息
[root@controller ~]# openstack user show hqs
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | 90f55d85d1824e2ca27318eefc57535e |
| email | hqs@example.com |
| enabled | True |
| id | 408d6f8e000847a3a9a0f799a1ea2ef6 |
| name | hqs |
+-----------+----------------------------------+
# 查询当前openstack平台所有项目
[root@controller ~]# openstack project list
+----------------------------------+---------+
| ID | Name |
+----------------------------------+---------+
| 015510f69fd74453a700a529b7bee827 | demo |
| 168c9d9e5cf448c2a3dab6335590566a | service |
| 386dbfcf77e444c7872e4e23d5829fcc | admin |
| b66f515463e54b229b1d61d9313717ff | acme |
+----------------------------------+---------+
# 查询acme项目详情
[root@controller ~]# openstack project show acme
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | |
| domain_id | 90f55d85d1824e2ca27318eefc57535e |
| enabled | True |
| id | b66f515463e54b229b1d61d9313717ff |
| is_domain | False |
| name | acme |
| parent_id | 90f55d85d1824e2ca27318eefc57535e |
+-------------+----------------------------------+
# 查询所有keystone角色
[root@controller ~]# openstack role list
+----------------------------------+--------------+
| ID | Name |
+----------------------------------+--------------+
| 0190945cf6a84b60bb2f4631f85c30fa | compute-user |
| 4c438257d4a24e4aa4d4fcbeff248bce | user |
| d8ac2f3e57664b7abee701d82c9bbf16 | admin |
+----------------------------------+--------------+
# 查询compute-user角色详细信息
[root@controller ~]# openstack role show compute-user
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | None |
| id | 0190945cf6a84b60bb2f4631f85c30fa |
| name | compute-user |
+-----------+----------------------------------+
# 查看平台所有服务所使用的端点地址
[root@controller ~]# openstack endpoint list
+------------+-----------+--------------+--------------+---------+-----------+---------------+
| ID | Region | Service Name | Service Type | Enabled | Interface | URL |
+------------+-----------+--------------+--------------+---------+-----------+---------------+
| 14f90cb0cb | RegionOne | nova | compute | True | internal | http://contro |
....
五、Nova组件详解
计算节点通过Nova Computer进行虚拟机创建,通过libvirt调用kvm创建虚拟机,nova之间通信通过rabbitMQ队列进行通信。
Nova位于Openstack架构的中心,其他服务或者组件(比如Glance、Cinder、Neutron等)对它提供支持,另外它本身的架构也比较复杂。
作用:
-
- Nova是OpenStack最核心的服务模块,负责管理和维护云计算环境的计算资源,负责整个云环境虚拟机生命周期的管理。
-
- Nova是OpenStack的计算服务,负责维护和管理的网络和存储,提供计算服务。
https://www.cnblogs.com/mh20131118/p/12939358.html
https://www.cnblogs.com/linuxk/p/9454258.html
1、安全组相关操作:
nova
secgroup-add-default-rule Add a rule to the set of rules that will be
added to the 'default' security group for new
tenants (nova-network only).
secgroup-add-group-rule Add a source group rule to a security group.
secgroup-add-rule Add a rule to a security group.
secgroup-create Create a security group.
secgroup-delete Delete a security group.
secgroup-delete-default-rule
Delete a rule from the set of rules that will
be added to the 'default' security group for
new tenants (nova-network only).
secgroup-delete-group-rule Delete a source group rule from a security
group.
secgroup-delete-rule Delete a rule from a security group.
secgroup-list List security groups for the current tenant.
secgroup-list-default-rules
List rules that will be added to the 'default'
security group for new tenants.
secgroup-list-rules List rules for a security group.
secgroup-update Update a security group.
# 安全组查看:
[root@controller ~]# nova secgroup-list
+--------------------------------------+---------+------------------------+
| Id | Name | Description |
+--------------------------------------+---------+------------------------+
| 486eaa38-8e3d-4214-96bc-e6fee9b81be6 | default | Default security group |
+--------------------------------------+---------+------------------------+
# 安全组创建
[root@controller ~]# nova secgroup-create hqs 'Most great security group'
+--------------------------------------+------+---------------------------+
| Id | Name | Description |
+--------------------------------------+------+---------------------------+
| 1f2e9304-2fa0-45ac-a407-9816c72a1190 | hqs | Most great security group |
+--------------------------------------+------+---------------------------+
# 安全组更新
[root@controller ~]# nova secgroup-update 218faa36-c250-40d5-9775-534049e5771a hqs111 'One of the most great security group '
+--------------------------------------+--------+---------------------------------------+
| Id | Name | Description |
+--------------------------------------+--------+---------------------------------------+
| 218faa36-c250-40d5-9775-534049e5771a | hqs111 | One of the most great security group |
+--------------------------------------+--------+---------------------------------------+
# 安全组删除
[root@controller ~]# nova secgroup-delete hqs111
# 安全组规则查看
[root@controller ~]# nova secgroup-list-rules hqs
+-------------+-----------+---------+----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+----------+--------------+
+-------------+-----------+---------+----------+--------------+
[root@controller ~]# nova secgroup-list-rules default
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| tcp | 1 | 65535 | 0.0.0.0/0 | |
| udp | 1 | 65535 | 0.0.0.0/0 | |
| icmp | -1 | -1 | 0.0.0.0/0 | |
| | | | | default |
| | | | | default |
+-------------+-----------+---------+-----------+--------------+
# 安全组规则添加
[root@controller ~]# nova secgroup-add-rule hqs icmp -1 -1 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| icmp | -1 | -1 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
[root@controller ~]# nova secgroup-add-rule hqs udp 1 65535 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| udp | 1 | 65535 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
[root@controller ~]# nova secgroup-add-rule hqs tcp 1 65535 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| tcp | 1 | 65535 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
# 安全组规则删除
[root@controller ~]# nova secgroup-delete-rule hqs icmp -1 -1 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| icmp | -1 | -1 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
[root@controller ~]# nova secgroup-list-rules hqs
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| udp | 1 | 65535 | 0.0.0.0/0 | |
| tcp | 1 | 65535 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
2、云主机类型操作
nova
flavor-access-add Add flavor access for the given tenant.
flavor-access-list Print access information about the given
flavor.
flavor-access-remove Remove flavor access for the given tenant.
flavor-create Create a new flavor.
flavor-delete Delete a specific flavor
flavor-key Set or unset extra_spec for a flavor.
flavor-list Print a list of available 'flavors' (sizes of
servers).
flavor-show Show details about the given flavor.
# 云主机类型列表查看
[root@controller ~]# nova flavor-list
+--------------------------------------+-----------+-----------+------+-----------+------+-------+-------------+-----------+
| ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |
+--------------------------------------+-----------+-----------+------+-----------+------+-------+-------------+-----------+
| 1 | m1.tiny | 512 | 1 | 0 | | 1 | 1.0 | True |
| 2 | m1.small | 2048 | 20 | 0 | | 1 | 1.0 | True |
| 3 | m1.medium | 4096 | 40 | 0 | | 2 | 1.0 | True |
| 4 | m1.large | 8192 | 80 | 0 | | 4 | 1.0 | True |
| 5 | m1.xlarge | 16384 | 160 | 0 | | 8 | 1.0 | True |
| 7645393e-4f46-473a-85bf-6ea69669dac2 | m1-hqs | 512 | 10 | 0 | | 1 | 1.0 | True |
+--------------------------------------+-----------+-----------+------+-----------+------+-------+-------------+-----------+
# 云主机类型添加
[root@controller ~]# nova flavor-create m1.hqs 6 1024 10 1
+----+--------+-----------+------+-----------+------+-------+-------------+-----------+
| ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |
+----+--------+-----------+------+-----------+------+-------+-------------+-----------+
| 6 | m1.hqs | 1024 | 10 | 0 | | 1 | 1.0 | True |
+----+--------+-----------+------+-----------+------+-------+-------------+-----------+
# 云主机类型详情查看
[root@controller ~]# nova flavor-show m1.hqs
+----------------------------+--------+
| Property | Value |
+----------------------------+--------+
| OS-FLV-DISABLED:disabled | False |
| OS-FLV-EXT-DATA:ephemeral | 0 |
| disk | 10 |
| extra_specs | {} |
| id | 6 |
| name | m1.hqs |
| os-flavor-access:is_public | True |
| ram | 1024 |
| rxtx_factor | 1.0 |
| swap | |
| vcpus | 1 |
+----------------------------+--------+
# 云主机类型删除
[root@controller ~]# nova flavor-delete m1-hqs
3、云主机实例操作
# 实例列表查看
nova list
# 实例详情查看
nova show <server>
# 实例创建
nova boot <实例名称>
# 可选参数:
--flavor <flavor> 虚拟机类型
--image <image> 可选用的镜像
--image-with <key=value> 镜像的元数据属性
--boot-volume <volume_id> 启动逻辑卷的ID
--snapshot <snapshot_id> 快照.
--min-count <number> Boot at least <number> servers (limited by
quota).
--max-count <number> Boot up to <number> servers (limited by
quota).
--meta <key=value> 元数据Record arbitrary key/value metadata to
/meta_data.json on the metadata server. Can be
specified multiple times.
--file <dst-path=src-path> 文件Store arbitrary files from <src-path> locally
to <dst-path> on the new server. Limited by
the injected_files quota value.
--key-name <key-name> 密钥名称Key name of keypair that should be created
earlier with the command keypair-add.
--user-data <user-data> 注入的用户数据user data file to pass to be exposed by the
metadata server.
--availability-zone <availability-zone>
可用域The availability zone for server placement.
--security-groups <security-groups>
安全组Comma separated list of security group names.
--block-device-mapping <dev-name=mapping>
块存储格式化Block device mapping in the format <dev-
name>=<id>:<type>:<size(GB)>:<delete-on-
terminate>.
--block-device key1=value1[,key2=value2...] 块设备参数
--swap <swap_size> 交换空间大小Create and attach a local swap block device of
<swap_size> MB.
--ephemeral size=<size>[,format=<format>]
连接块存储的大小Create and attach a local ephemeral block
device of <size> GB and format it to <format>.
--hint <key=value> 自定义数据Send arbitrary key/value pairs to the
scheduler for custom use.
--nic <net-id=net-uuid,net-name=network-name,v4-fixed-ip=ip-addr,v6-fixed-ip=ip-addr,port-id=port-uuid>
配置网络Create a NIC on the server. Specify option
multiple times to create multiple NICs. net-
id: attach NIC to network with this UUID net-
name: attach NIC to network with this name
(either port-id or net-id or net-name must be
provided), v4-fixed-ip: IPv4 fixed address for
NIC (optional), v6-fixed-ip: IPv6 fixed
address for NIC (optional), port-id: attach
NIC to port with this UUID (either port-id or
net-id must be provided).
--config-drive <value> 驱动配置Enable config drive.
--poll 显示创建进度Report the new server boot progress until it
completes.
--admin-pass <value> Admin password for the instance.
--access-ip-v4 <value> Alternative access IPv4 of the instance.
--access-ip-v6 <value> Alternative access IPv6 of the instance.
--description <description> Description for the server. (Supported by API
versions '2.19' - '2.latest')
# 1、查看镜像
glance image-list
# 2、查看规格
nova flavor-list
# 3、查看安全组
nova secgroup-list
# 4、查看可用的网络
neutron net-list
nova boot \
--image centos7.2 \
--availability-zone nova \
--flavor m1.hqs \
--security-groups hqs \
--nic net-id=64306052-bcec-4209-ac4c-45b9d2de4dde \
caocao-server1
# 5、实例创建
[root@controller images]# nova boot test-server --image centos7.2 --flavor m1.lxh --availability-zone nova --security-groups hqs --nic net-id=451fd2af-e1eb-4437-bf71-53b5f91c10b5
+--------------------------------------+--------------------------------------------------+
| Property | Value |
+--------------------------------------+--------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | nova |
| OS-EXT-SRV-ATTR:host | - |
| OS-EXT-SRV-ATTR:hostname | test-server |
| OS-EXT-SRV-ATTR:hypervisor_hostname | - |
| OS-EXT-SRV-ATTR:instance_name | instance-0000000d |
| OS-EXT-SRV-ATTR:kernel_id | |
| OS-EXT-SRV-ATTR:launch_index | 0 |
| OS-EXT-SRV-ATTR:ramdisk_id | |
| OS-EXT-SRV-ATTR:reservation_id | r-zoria5fn |
| OS-EXT-SRV-ATTR:root_device_name | - |
| OS-EXT-SRV-ATTR:user_data | - |
| OS-EXT-STS:power_state | 0 |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | - |
| OS-SRV-USG:terminated_at | - |
| accessIPv4 | |
| accessIPv6 | |
| adminPass | ejFD96k8DUkW |
| config_drive | |
| created | 2021-10-19T02:09:45Z |
| description | - |
| flavor | m1.lxh (111) |
| hostId | |
| host_status | |
| id | 22d0a54b-2a6f-4ea8-8729-dc07055c19e5 |
| image | centos7.2 (8aec8782-c6af-41d8-a225-ada5a2af13dc) |
| key_name | - |
| locked | False |
| metadata | {} |
| name | test-server |
| os-extended-volumes:volumes_attached | [] |
| progress | 0 |
| security_groups | hqs |
| status | BUILD |
| tenant_id | 386dbfcf77e444c7872e4e23d5829fcc |
| updated | 2021-10-19T02:09:55Z |
| user_id | 0f217182b5af448c988f5464c706a337 |
+--------------------------------------+--------------------------------------------------+
# 实例停止
[root@controller ~]# nova stop hqs_server
Request to stop server hqs_server has been accepted.
# 实例启动
[root@controller ~]# nova start hqs_server
Request to start server hqs_server has been accepted.
# 实例重启
[root@controller ~]# nova reboot hqs_server
Request to reboot server <Server: hqs_server> has been accepted.
[root@controller ~]# nova list
+--------------------------------------+------------+---------+----------------+-------------+----------------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+------------+---------+----------------+-------------+----------------------------------+
| b51590fc-33cc-4d54-8e54-c0530e912d2b | hqs_server | REBOOT | reboot_started | Running | int-gre=172.25.2.8 |
| c6cabeed-1176-4634-b493-b6be7c351a03 | test | SHUTOFF | - | Shutdown | int-gre=172.25.2.3, 192.168.20.4 |
+--------------------------------------+------------+---------+----------------+-------------+----------------------------------+
# 实例挂起
[root@controller ~]# nova pause test
[root@controller ~]# nova list
+--------------------------------------+------------+--------+----------------+-------------+----------------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+------------+--------+----------------+-------------+----------------------------------+
| b51590fc-33cc-4d54-8e54-c0530e912d2b | hqs_server | REBOOT | reboot_started | Running | int-gre=172.25.2.8 |
| c6cabeed-1176-4634-b493-b6be7c351a03 | test | PAUSED | - | Paused | int-gre=172.25.2.3, 192.168.20.4 |
+--------------------------------------+------------+--------+----------------+-------------+----------------------------------+
# 实例删除
[root@controller ~]# nova delete hqs_server
Request to delete server hqs_server has been accepted.
[root@controller ~]# nova list
+--------------------------------------+------+--------+------------+-------------+----------------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+------+--------+------------+-------------+----------------------------------+
| c6cabeed-1176-4634-b493-b6be7c351a03 | test | PAUSED | - | Paused | int-gre=172.25.2.3, 192.168.20.4 |
+--------------------------------------+------+--------+------------+-------------+----------------------------------+
4、浮动IP
nova
floating-ip-associate Associate a floating IP address to a server.
floating-ip-bulk-create Bulk create floating IPs
by range (nova-network only).
floating-ip-bulk-delete Bulk delete floating IPs by range (nova-
network only).
floating-ip-bulk-list List all floating IPs (nova-network only).
floating-ip-create Allocate a floating IP for the current tenant.
floating-ip-delete De-allocate a floating IP.
floating-ip-disassociate Disassociate a floating IP address from a
server.
floating-ip-list List floating IPs.
floating-ip-pool-list List all floating IP pools.
# 创建浮动IP
# 语法:nova floating-ip-create <pool>
[root@controller nova]# nova floating-ip-create net-gre
+--------------------------------------+--------------+-----------+----------+---------+
| Id | IP | Server Id | Fixed IP | Pool |
+--------------------------------------+--------------+-----------+----------+---------+
| fcb2439d-ba4f-4467-ad60-34726d57aba4 | 192.168.37.5 | - | - | net-gre |
+--------------------------------------+--------------+-----------+----------+---------+
# 浮动IP的列表信息
[root@controller nova]# nova floating-ip-list
+--------------------------------------+--------------+-----------+----------+---------+
| Id | IP | Server Id | Fixed IP | Pool |
+--------------------------------------+--------------+-----------+----------+---------+
| fcb2439d-ba4f-4467-ad60-34726d57aba4 | 192.168.37.5 | - | - | net-gre |
+--------------------------------------+--------------+-----------+----------+---------+
# 浮动IP地址池信息
[root@controller nova]# nova floating-ip-pool-list
+---------+
| name |
+---------+
| net-gre |
+---------+
# 查看浮动IP详细信息
[root@controller nova]# openstack ip floating show 192.168.37.5
+---------------------+--------------------------------------+
| Field | Value |
+---------------------+--------------------------------------+
| description | |
| dns_domain | |
| dns_name | |
| fixed_ip_address | None |
| floating_ip_address | 192.168.37.5 |
| floating_network_id | 847163a4-65dd-456e-a839-4f810cce80cf |
| id | fcb2439d-ba4f-4467-ad60-34726d57aba4 |
| port_id | None |
| project_id | 386dbfcf77e444c7872e4e23d5829fcc |
| router_id | None |
| status | DOWN |
+---------------------+--------------------------------------+
# 浮动ip关联给实例
# 语法:nova floating-ip-associate [--fixed-address <fixed_address>] <server> <address>
# 参数:
# <server> Name or ID of server.(nova list)
# <address> IP Address.(nova floating-ip-list)
[root@controller nova]# nova floating-ip-associate caocao-server1 192.168.37.5
[root@controller nova]# nova list
+--------------------------------------+----------------+--------+------------+-------------+---------------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+----------------+--------+------------+-------------+---------------------------------+
| e2c75e51-1a3b-4a0b-8765-d7ff6e8188e3 | caocao-server1 | ACTIVE | - | Running | int-gre=10.10.0.3, 192.168.37.5 |
+-----------------------
# 浮动IP解除关联实例
# 语法:nova floating-ip-disassociate <server> <address>
[root@controller nova]# nova floating-ip-disassociate caocao-server1 192.168.37.5
[root@controller nova]# nova list
+--------------------------------------+----------------+--------+------------+-------------+-------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+----------------+--------+------------+-------------+-------------------+
| e2c75e51-1a3b-4a0b-8765-d7ff6e8188e3 | caocao-server1 | ACTIVE | - | Running | int-gre=10.10.0.3 |
+--------------------------------------+----------------+--------+------------+-------------+-------------------+
# 解除关联并删除浮动IP
[root@controller nova]# nova floating-ip-associate caocao-server1 192.168.37.5
[root@controller nova]# nova floating-ip-delete 192.168.37.5
[root@controller nova]# nova list
+--------------------------------------+----------------+--------+------------+-------------+-------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+----------------+--------+------------+-------------+-------------------+
| e2c75e51-1a3b-4a0b-8765-d7ff6e8188e3 | caocao-server1 | ACTIVE | - | Running | int-gre=10.10.0.3 |
+---------
[root@controller nova]# nova floating-ip-list
+----+----+-----------+----------+------+
| Id | IP | Server Id | Fixed IP | Pool |
+----+----+-----------+----------+------+
+----+----+-----------+----------+------+
5、密钥管理
nova
keypair-add Create a new key pair for use with servers.
keypair-delete Delete keypair given by its name. (Supported
by API versions '2.0' - '2.latest') [hint: use
'--os-compute-api-version' flag to show help
message for proper version]
keypair-list Print a list of keypairs for a user (Supported
by API versions '2.0' - '2.latest') [hint: use
'--os-compute-api-version' flag to show help
message for proper version]
keypair-show Show details about the given keypair.
(Supported by API versions '2.0' - '2.latest')
[hint: use '--os-compute-api-version' flag to
show help message for proper version]
# 查看密钥列表
[root@controller ~]# nova keypair-list
+------+------+-------------------------------------------------+
| Name | Type | Fingerprint |
+------+------+-------------------------------------------------+
| test | ssh | 5c:7e:d8:bd:b9:33:cb:f9:eb:b8:52:c4:04:7c:8c:1e |
+------+------+-------------------------------------------------+
# 查看密钥详情
[root@controller ~]# nova keypair-show test
+-------------+-------------------------------------------------+
| Property | Value |
+-------------+-------------------------------------------------+
| created_at | 2021-10-28T14:06:12.000000 |
| deleted | False |
| deleted_at | - |
| fingerprint | 5c:7e:d8:bd:b9:33:cb:f9:eb:b8:52:c4:04:7c:8c:1e |
| id | 1 |
| name | test |
| type | ssh |
| updated_at | - |
| user_id | 0f217182b5af448c988f5464c706a337 |
+-------------+-------------------------------------------------+
Public key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDc/qEc2ihvE7aLgSVH0lt5PDBwEYXW0CqMx8sGJPT1p3r0mxdJiti9pJxBRoX+oOhA/LFssaOGvtHDK79Njs3HynrXkxvKo6UfmBNQzt2z5C3nTP2U17JY2wrOh7YyYdhuuRirCLNHQk4hM1YY9BbPrCLjLlQ8Gms6vdgDCgT1gXuRppBTfQKrIKKRk6d5vIqBMoGM3fCaM34DiqwOS/uq8gQM8T/io9h6XrTKWznmZgzaFJ2S3XUZhAliSEgkraxZIM8L3QWumMlBVryYVUX6QEKv29hNWYZF/bxUqfQx50vBuIfHlKgkcccAVDy6OoZNmd6T1rdJXEdW+MWobHu7 Generated-by-Nova
# 创建密钥
[root@controller ~]# nova keypair-add hqs --key-type ssh
-----BEGIN RSA PRIVATE KEY-----
MIIEpwIBAAKCAQEAw3YnZk1ej5j3+CjpWalgmVWxrdAVZGfpC3Qklz+0RW7p4nTn
VlkGL7mWEgx7fmRaBzZuwUuSuvFB79zWhGZqh7Dt0Zeibyy48u3AtZtDY1ZVkvss
Vq7zOdUgg+2C8Em7KTAXsuf1I7KPxgJHX7j9pluN8zBQKiYYi4K+RPCVtisw3ev0
Ey5vi7e1IuUawXpjWnGe+/yzCZWgL8X2uhyYH0cJUmO3PbFuX0aoZr/JsLbMfkeL
0hCDkpKgkx8L/VD6C8FW+Z3mfJGxJtGwakb+BGyOYZ3j/Sv7bh03QKPgViqJ9CGa
WL5/y8dYmFLYM45Gb60FLWPSHWLmH9SFnmV7UwIDAQABAoIBABkiGUDbU/xs8/2x
7Qd9cxFkZntuFUIa5ml1nrrgEyMWdvaKh7Cfs97xIy3g8wQ2jSj+Q9GRESX+nbbl
E6RksvANvRbFQ7q96m46ShxQAaNFV62VpIbk6huWnx63rK2PHYTXTUTQ9MGJVVll
s53IYL1CaodJwBUbXu6ZejPNJ8MLoyom7cH89uaP5K8Ej7pHObaxMBCkSylU0vcG
qJp0Gu1NbnQ823EYm5QeEqUfG8xLyXKOvAq3scZHg5hqdD6SDVOYm3uQM8TF8zkY
SSTYrwktj7g7vP6ZQ0zY3k/s/zxMbTIurwwNm8L93tPcgtJUMw+fPYu3OHr9nhBt
aeFJ6AkCggCBANoJLHA6j5Jgj0uLy+ur8BmU8qSCJ7Nmx3JZFj2ELoZcLzjniHqH
14QHqnBgFxaUAvmpy8wCMnIKrk83FdEkgk2vwSlsr1uEiz+MNHKqapWwiezR87HB
5XsgtHpOsBlTpzQlOL7TJX7kCtZYgyGbQJvLMeek+cqy2YsNp28AgFulAoIAgQDl
fr5dBmEMBtTVaAjZFlyhJIXpf93QeC9KTtCLJ0QXAVPpCLlnulC8W4JfuZDTFqOr
gnx1y84DfyoZ4/K6zPNfqguRRzE2sxMNDLNZeyZiA10uZwEh+AJtCf54FU2xZtVP
1eZ7I4QMR2jaDSj5nWgF90DYHoWLxOEeIVnTnFoplwKCAIANyxrGls3SYs1t6BAk
fqIX3DZldd5xGQVxFHW1upD+6wIJxYv6xHE75wg/R7TuNrrhdH5yD4mFcWuJk2CL
9JVRuNatejS1w3LTuFjxEBriEWMIWlfiXPPZkD4aprO5RnODdv9aAx2SI3cUDFFv
ZNT3hilIEEXFLv9YLqry+MMmCQKCAIBpG+OUN5e7KmXQWBW1V8iVBWVPzICLOoBu
SCq7kQBeiP0lfhlsqKjRnBfaP+NUysmrg9f9G5r/fv6JXR2O8M+GwRsLLtAbfWj8
URTTptOtkFzdI9Ag/rYdurYRybAL0E1ig1VMkLep6Ard06kwqic6lEPeuBvyJ/nz
EtNRWArzgQKCAIAQDXQbP+20nzHoWqy1sFYIpOYrC+pZGX3tZb8DfAKrhrL+FkGe
PSe6bNwgWVDEUwTyvoPUexvAVi7nZ1sqMw/Ar+KxCXcti+dzZZZa3typLQMceOr2
wFfpNMT/Kq2DTrgkXN+jpFczv/R0kNn5bOB/DIm8JUeN44k97lMzIrD7TA==
-----END RSA PRIVATE KEY-----
# 删除密钥
[root@controller ~]# nova keypair-list
+------+------+-------------------------------------------------+
| Name | Type | Fingerprint |
+------+------+-------------------------------------------------+
| hqs | ssh | e2:cc:e9:8f:1d:06:45:b4:52:0b:38:68:0d:15:b8:b9 |
| test | ssh | 5c:7e:d8:bd:b9:33:cb:f9:eb:b8:52:c4:04:7c:8c:1e |
+------+------+-------------------------------------------------+
[root@controller ~]# nova keypair-delete hqs
[root@controller ~]# nova keypair-list
+------+------+-------------------------------------------------+
| Name | Type | Fingerprint |
+------+------+-------------------------------------------------+
| test | ssh | 5c:7e:d8:bd:b9:33:cb:f9:eb:b8:52:c4:04:7c:8c:1e |
+------+------+-------------------------------------------------+
6、配额管理
# 待补全
[root@controller ~]# openstack quota show admin
+----------------------+----------------------------------+
| Field | Value |
+----------------------+----------------------------------+
| backup_gigabytes | 1000 |
| backups | 10 |
| cores | 20 |
| firewall | 10 |
| firewall_policy | 10 |
| firewall_rule | 100 |
| fixed-ips | -1 |
| floating-ips | 50 |
| gigabytes | 1000 |
| health_monitor | -1 |
| injected-file-size | 10240 |
| injected-files | 5 |
| injected-path-size | 255 |
| instances | 10 |
| key-pairs | 100 |
| member | -1 |
| network | 10 |
| per_volume_gigabytes | -1 |
| pool | 10 |
| port | 50 |
| project | 386dbfcf77e444c7872e4e23d5829fcc |
| properties | 128 |
| ram | 51200 |
| rbac_policy | 10 |
| router | 10 |
| secgroup-rules | 100 |
| secgroups | 10 |
| server_group_members | 10 |
| server_groups | 10 |
| snapshots | 10 |
| subnet | 10 |
| subnetpool | -1 |
| vip | 10 |
| volumes | 10 |
+----------------------+----------------------------------+
六、Neutron网络服务
# 查看网络列表信息
[root@controller ~]# openstack network list
+--------------------------------------+---------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+---------+--------------------------------------+
| 847163a4-65dd-456e-a839-4f810cce80cf | net-gre | 757f4819-48aa-4026-aff2-8e78b4161691 |
| 64306052-bcec-4209-ac4c-45b9d2de4dde | int-gre | d3aa832b-8bcf-4a7b-9692-540b468a711b |
+--------------------------------------+---------+--------------------------------------+
# 查看网络详细信息
[root@controller ~]# openstack network show net-gre
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | nova |
| created_at | 2021-10-18T18:02:38 |
| description | |
| id | 847163a4-65dd-456e-a839-4f810cce80cf |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| is_default | False |
| mtu | 1458 |
| name | net-gre |
| port_security_enabled | True |
| project_id | 386dbfcf77e444c7872e4e23d5829fcc |
| provider:network_type | gre |
| provider:physical_network | None |
| provider:segmentation_id | 99 |
| router_external | Internal |
| shared | False |
| status | ACTIVE |
| subnets | 757f4819-48aa-4026-aff2-8e78b4161691 |
| tags | [] |
| updated_at | 2021-10-18T18:15:25 |
+---------------------------+--------------------------------------+
# 创建网络
[root@controller ~]# openstack network create int-gre-test --project admin
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2021-10-28T14:25:07 |
| description | |
| headers | |
| id | 8e16c3a3-53f2-4ab7-b77f-3f1c1bf22dc6 |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| mtu | 1458 |
| name | int-gre-test |
| port_security_enabled | True |
| project_id | 386dbfcf77e444c7872e4e23d5829fcc |
| provider:network_type | gre |
| provider:physical_network | None |
| provider:segmentation_id | 91 |
| router_external | Internal |
| shared | False |
| status | ACTIVE |
| subnets | |
| tags | [] |
| updated_at | 2021-10-28T14:25:07 |
+---------------------------+--------------------------------------+
# 更新网络
[root@controller ~]# openstack network set int-gre-test --enable --name int-test-gre
[root@controller ~]# openstack network list
+--------------------------------------+--------------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+--------------+--------------------------------------+
| 847163a4-65dd-456e-a839-4f810cce80cf | net-gre | 757f4819-48aa-4026-aff2-8e78b4161691 |
| 64306052-bcec-4209-ac4c-45b9d2de4dde | int-gre | d3aa832b-8bcf-4a7b-9692-540b468a711b |
| 8e16c3a3-53f2-4ab7-b77f-3f1c1bf22dc6 | int-test-gre | |
+--------------------------------------+--------------+--------------------------------------+
[root@controller ~]# openstack network show int-test-gre
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2021-10-28T14:25:07 |
| description | |
| id | 8e16c3a3-53f2-4ab7-b77f-3f1c1bf22dc6 |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| mtu | 1458 |
| name | int-test-gre |
| port_security_enabled | True |
| project_id | 386dbfcf77e444c7872e4e23d5829fcc |
| provider:network_type | gre |
| provider:physical_network | None |
| provider:segmentation_id | 91 |
| router_external | Internal |
| shared | False |
| status | ACTIVE |
| subnets | |
| tags | [] |
| updated_at | 2021-10-28T14:28:04 |
+---------------------------+--------------------------------------+
# 删除网络
[root@controller ~]# openstack network delete int-gre-test