openstack 搭建详细步骤

该博文转载于(https://www.cnblogs.com/whwh/p/16200004.html)

一、openstack单点部署

1、配置虚拟机NAT网络连接

查看vmware的NAT网络默认配置

vmwarestation软件点击 上方“编辑”,选择“虚拟网络编辑器”
找到vmnet10,是NAT模式,子网地址是172.25.2.0,子网掩码是:255.255.255.0.
再点击“NAT设置”,可看到它的网关:172.25.2.2

配置当前虚拟机的网络配置

vmwarestation软件点击 上方“虚拟机”,选择“设置”;
首先没有NAT网卡的,点击“添加”,添加一个新的网络适配器。
已经创建号NAT网卡的,进行如下配置:
网络连接模式改为:"自定义(U):特定虚拟网络"
在下拉选项中,选中“VMnet10(NAT模式)”

配置linux网络

# 进入网络配置目录
cd /etc/sysconfig/network-scripts
# 编辑nat网卡的配置
vi ifcfg-ens33
# 修改或添加如下信息:
BOOTPROTO=static
ONBOOT=yes
IPADDR=172.25.2.101
NETMASK=255.255.255.0
GATEWAY=172.25.2.2
DNS=8.8.8.8

# 在vi编辑器中,输入:wq进行保存退出
vi /etc/resolv.conf
加入:
nameserver 8.8.8.8
输入:wq进行保存退出

# 关闭防火墙
systemctl stop firewalld.service
systemctl disable firewalld.service

# 重启网络
systemctl restart network

# 测试
ping www.baidu.com

2、yum源配置

# 关闭网络管理
systemctl disable NetworkManager
# 关闭selinux,修改文件为disabled
sed  -i 's/SELINUX=enforcing/SELINUX=disabled/g'  /etc/selinux/config
# selinux修改生效
setenforce 0

##################################更新yum源#################################
# 将官方的yum源备份到一个新目录:
mkdir /etc/yum.repos.d/repo.bak/
mv /etc/yum.repos.d/*.repo repo.bak/

# 更新下载阿里源
curl -o /etc/yum.repos.d/CentOS-Base.repo  http://mirrors.aliyun.com/repo/Centos-7.repo

# 清理yum
yum clean all
yum makecache

# 更新yum信息
yum update -y

# 查看当前存在的openstack版本安装源
yum list | grep openstack

# 安装安装源
yum install -y centos-release-openstack-queens

# 调整仓库配置文件
vi /etc/yum.repos.d/CentOS-QEMU-EV.repo
# 将文件中/$contentdir/改为/centos-7/

# 添加epel-repo源
curl -o /etc/yum.repos.d/epel-7.repo http://mirrors.aliyun.com/repo/epel-7.repo

# 添加openstack.queens.repo文件信息
cat > /etc/yum.repos.d/openstack-queens.repo << EOF
[queens]
name=queens
baseurl=https://mirrors.aliyun.com/centos/7/cloud/x86_64/openstack-queens/
enabled=1
gpgcheck=0
EOF

# 调整repo文件只保留
CentOS-Base.repo  CentOS-QEMU-EV.repo  epel-7.repo  openstack-queens.repo

# 更新源
yum clean all && yum makecache

# 安装openstack-packstack软件包
yum install -y openstack-packstack

# 安装预备
yum -y install  python-pip


# 一键部署openstack
packstack --allinone


# 1.出现error while loading shared libraries: leatherman_curl.so.1.3.0: cannot open shared object file: No such file or directory报错。
# 这种错误是因为,leatherman rpm包版本问题,现有是1.10,实际需要1.3
# 回退leatherman版本
yum downgrade leatherman
yum list | grep leatherman
leatherman.x86_64                        1.3.0-9.el7                   @queens  
leatherman.x86_64                        1.10.0-1.el7                  epel     
leatherman-devel.x86_64                  1.10.0-1.el7                  epel  

二、国赛双节点部署

1、准备虚拟机

创建虚拟机前,创建好vmnet2(仅主机模式),vmnet10(NAT模式)网卡,检查对应的适配器是否创建成功。
准备两台vmware虚拟机,手动最小化安装2台Centos7.2系统,第一个网卡为仅主机模式,第二个网卡为NAT模式,配置CPU虚拟机,4G以上内存,50G以上硬盘。

master节点网卡:

TYPE=Ethernet
BOOTPROTO=static
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
NAME=eno16777736
UUID=f34abd2e-89c9-4daf-a28c-54765164d59d
DEVICE=eno16777736
ONBOOT=yes
IPADDR=192.168.16.10
NETMASK=255.255.255.0

Node节点网卡:

TYPE=Ethernet
BOOTPROTO=static
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
NAME=eno16777736
UUID=8bbcc106-d60f-48cc-aafd-2bde0154fa2e
DEVICE=eno16777736
ONBOOT=yes
IPADDR=192.168.16.20
NETMASK=255.255.255.0

2、镜像挂载

镜像上传到master节点,然后完成挂载即可。

# 挂载linux镜像
cd /root/;
mount -o loop CentOS-7-x86_64-DVD-1511.iso /mnt/;
mkdir /opt/centos7.2;
cp -rvf /mnt/* /opt/centos7.2/
umount /mnt/;

# 挂载iaas镜像
cd /root/;
mount -o loop XianDian-IaaS-v2.2.iso /mnt/;
mkdir /opt/iaas;
cp -rvf /mnt/* /opt/iaas;
umount /mnt/;

3、本地yum配置

分别配置控制节点和计算节点的yum

# 控制节点:
rm -rf /etc/yum.repos.d/CentOS-*;
cat > /etc/yum.repos.d/local.repo <<EOF
[centos]
name=centos
baseurl=file:///opt/centos7.2
gpgcheck=0
enabled=1
[iaas]
name=iass
baseurl=file:///opt/iaas/iaas-repo
gpgcheck=0
enabled=1
EOF
# 计算节点:(如果没有可以后面再配)
rm -rf /etc/yum.repos.d/CentOS-*;
cat > /etc/yum.repos.d/local.repo << EOF
[centos]
name=centos
baseurl=ftp://192.168.16.10/centos7.2
gpgcheck=0
enabled=1
[iaas]
name=iass
baseurl=ftp://192.168.16.10/iaas/iaas-repo
gpgcheck=0
enabled=1
EOF

为计算节点提供ftp访问方式

# 控制节点——yum缓存清理
yum clean all
yum makecache

# 控制节点——安装vsftpd和ftp
yum install -y vsftpd
yum install -y ftp
rpm -qa| grep vsftpd

# 控制节点——修改vsftpd配置文件
在/etc/vsftpd/vsftpd.conf中添加一行代码:
anon_root=/opt

# 控制节点——安装网络工具包
yum install net-tools

# 重启vsftpd服务
systemctl restart vsftpd
# 开机启动vsftpd
systemctl enable vsftpd

# 控制节点、计算节点——关闭防火墙
setenforce 0;
iptables -F;
iptables -X;
iptables -Z;
systemctl stop firewalld;
systemctl disable firewalld;

# 计算节点
yum clean all
yum makecache

4、给计算节点(node)添加新磁盘并分区

在vmware上给计算节点虚拟机添加一个新磁盘
虚拟机——> 设置——> 添加——> 硬盘——> scsi模式——> 创建新虚拟磁盘——> 20G,拆分为多个文件——> 完成

# 重启计算节点虚拟机
reboot

# 查看当前虚拟机的磁盘情况
fdisk -l
# 可以看到Disk /dev/sdb: 21.5 GB是完全空闲的

# 创建两个空白磁盘空间
fdisk /dev/sdb
     n,p,回车,回车,+10G
	 n,p,回车,回车,回车
	 w

5、在controller和compute节点安装iaas-xiandian包

# 控制节点、计算节点分别执行,安装软件包
yum install -y  iaas-xiandian

控制节点、计算节点编辑修改配置文件/etc/xiandian/openrc.sh

##--------------------system Config--------------------##
##Controller Server Manager IP. example:x.x.x.x
HOST_IP=192.168.16.10

##Controller HOST Password. example:000000 
HOST_PASS=000000

##Controller Server hostname. example:controller
HOST_NAME=controller

##Compute Node Manager IP. example:x.x.x.x
HOST_IP_NODE=192.168.16.20

##Compute HOST Password. example:000000 
HOST_PASS_NODE=000000

##Compute Node hostname. example:compute
HOST_NAME_NODE=compute

##--------------------Chrony Config-------------------##
##Controller network segment IP.  example:x.x.0.0/16(x.x.x.0/24)
network_segment_IP=192.168.16.0/24

##--------------------Rabbit Config ------------------##
##user for rabbit. example:openstack
RABBIT_USER=openstack

##Password for rabbit user .example:000000
RABBIT_PASS=000000

##--------------------MySQL Config---------------------##
##Password for MySQL root user . exmaple:000000
DB_PASS=000000

##--------------------Keystone Config------------------##
##Password for Keystore admin user. exmaple:000000
DOMAIN_NAME=demo
ADMIN_PASS=000000
DEMO_PASS=000000

##Password for Mysql keystore user. exmaple:000000
KEYSTONE_DBPASS=000000

##--------------------Glance Config--------------------##
##Password for Mysql glance user. exmaple:000000
GLANCE_DBPASS=000000

##Password for Keystore glance user. exmaple:000000
GLANCE_PASS=000000

##--------------------Nova Config----------------------##
##Password for Mysql nova user. exmaple:000000
NOVA_DBPASS=000000

##Password for Keystore nova user. exmaple:000000
NOVA_PASS=000000

##--------------------Neturon Config-------------------##
##Password for Mysql neutron user. exmaple:000000
NEUTRON_DBPASS=000000

##Password for Keystore neutron user. exmaple:000000
NEUTRON_PASS=000000

##metadata secret for neutron. exmaple:000000
METADATA_SECRET=000000

##Tunnel Network Interface. example:x.x.x.x
INTERFACE_IP=192.168.16.10/192.168.16.20

##External Network Interface. example:eth1   第二张网卡
INTERFACE_NAME=eno33554960

##External Network The Physical Adapter. example:provider
Physical_NAME=provider

##First Vlan ID in VLAN RANGE for VLAN Network. exmaple:101
minvlan=1

##Last Vlan ID in VLAN RANGE for VLAN Network. example:200
maxvlan=2000

##--------------------Cinder Config--------------------##
##Password for Mysql cinder user. exmaple:000000
CINDER_DBPASS=000000

##Password for Keystore cinder user. exmaple:000000
CINDER_PASS=000000

##Cinder Block Disk. example:md126p3
BLOCK_DISK=sdb1

##--------------------Swift Config---------------------##
##Password for Keystore swift user. exmaple:000000
SWIFT_PASS=000000

##The NODE Object Disk for Swift. example:md126p4.
OBJECT_DISK=sdb2

##The NODE IP for Swift Storage Network. example:x.x.x.x.
STORAGE_LOCAL_NET_IP=192.168.16.20

##--------------------Heat Config----------------------##
##Password for Mysql heat user. exmaple:000000
HEAT_DBPASS=000000

##Password for Keystore heat user. exmaple:000000
HEAT_PASS=000000

##--------------------Zun Config-----------------------##
##Password for Mysql Zun user. exmaple:000000
ZUN_DBPASS=000000

##Password for Keystore Zun user. exmaple:000000
ZUN_PASS=000000

##Password for Mysql Kuryr user. exmaple:000000
KURYR_DBPASS=000000

##Password for Keystore Kuryr user. exmaple:000000
KURYR_PASS=000000

##--------------------Ceilometer Config----------------##
##Password for Gnocchi ceilometer user. exmaple:000000
CEILOMETER_DBPASS=000000

##Password for Keystore ceilometer user. exmaple:000000
CEILOMETER_PASS=000000

##--------------------AODH Config----------------##
##Password for Mysql AODH user. exmaple:000000
AODH_DBPASS=000000

##Password for Keystore AODH user. exmaple:000000
AODH_PASS=000000

##--------------------Barbican Config----------------##
##Password for Mysql Barbican user. exmaple:000000
BARBICAN_DBPASS=000000

##Password for Keystore Barbican user. exmaple:000000
BARBICAN_PASS=000000

6、脚本安装openstack平台

控制节点、计算节点分别执行如下脚本安装基础服务:
iaas-pre-host.sh

控制节点部署mysql数据库服务:
iaas-install-mysql.sh

控制节点部署keystone服务:
iaas-install-keystore.sh

控制节点部署glance服务:
iaas-install-glance.sh

控制节点部署nova服务:
iaas-install-nova-controller.sh
计算节点部署nova服务
iaas-install-nova-compute.sh


控制节点部署neutron
iaas-install-neutron-controller.sh
错误处理——修改脚本:
vi  /usr/local/bin/iaas-install-neutron-controller-gre.sh   
将最后一行的
systemctl enabled neutron-lbaas-agent   改为   systemctl enable neutron-lbaas-agent
再执行下面的脚本:
iaas-install-neutron-controller-gre.sh

计算节点部署neutron
iaas-install-neutron-compute.sh
iaas-install-neutron-compute-gre.sh

控制节点部署dashboard
iaas-install-dashboard.sh

三、Openstack平台使用

两节点部署,192.168.16.10为控制节点。192.168.16.20为计算节点。

1、创建镜像

# 控制节点上,找到qcow2镜像
[root@controller ~]# cd /opt/iaas/images/
[root@controller images]# ls
CentOS_6.5_x86_64_XD.qcow2  CentOS_7.2_x86_64_XD.qcow2  MySQL_5.6_XD.qcow2

# 上传镜像致Glance服务
# 在控制节点,通过glance命令,将qcow2镜像上传到平台
[root@controller images]# source /etc/keystone/admin-openrc.sh
[root@controller images]# glance image-create --name "centos7.2" --disk-format qcow2 --container-format bare --progress < CentOS_7.2_x86_64_XD.qcow2

2、创建虚拟机

(1)创建外部网络

选择菜单栏 项目——> 网络——> 网络。单击 创建网络 ,来创建虚拟机网络。
创建网络名net-gre,配置子网名称为net-subnet,网络地址为192.168.20.0/24,网关为192.168.20.2。
再配置DHCP地址池,激活DHCP,配置DNS为114.114.114.114。点击“已创建”创建网络。

选择菜单栏 管理员——> 系统——> 网络。对已创建的net-gre网络,点击 “编辑网络”,在弹框中勾选“外部网络”。

(2)创建内部网络

选择菜单栏 项目——> 网络——> 网络。单击 创建网络 ,来创建虚拟机网络。
创建网络名int-gre,配置子网名称为 int-subnet,网络地址为10.10.0.0/24,网关为10.10.0.1。
配置DHCP地址池,激活DHCP。点击“已创建”创建网络。

(3)创建路由器

选择菜单栏 项目——> 网络——> 路由。单击 新建路由,来创建路由。
创建路由名称为route,外部网络选择 net-gre。点击“新建路由”创建路由。

在route路由中内部网络接口:
单击新建的路由名称,选择 接口 标签。点击 "增加接口"按钮。
在弹框中,选择 int-gre 内部网络,再点击 提交 。

(4)安全组配置

管理访问策略安全组,选择菜单栏 项目——> 计算——> 访问&安全。单击default安全组 管理规则 按钮。

点击 添加规则 ,选择"所有ICMP协议",单击 添加 按钮;选择"所有TCP协议",单击 添加 按钮;选择"所有UDP协议",单击 添加 按钮。

(5)创建云主机

创建云主机,选择菜单栏 项目——> 计算——> 云主机。单击右侧 "创建云主机"按钮。

云主机名称为:test,数量:1。选择centos7.2镜像;选择m1.small资源类型;选择int-gre网络。然后单击"启动实例"按钮创建实例。

选择菜单栏 项目——> 计算——> 云主机。在主机下拉框中选择 "绑定浮动IP"菜单命令。在弹框中点击 "+"分配一个地址,单击 "分配IP"按钮。点击 "关联"按钮,关联浮动IP地址。

(6)连接云主机

打开CMD窗口,通过ping命令测试连通云主机。
使用secureCRT工具,连接云主机,用户名:root,密码:000000。

四、Keystone服务运维

在Openstack框架中,keystone(Openstack Identity Service)的功能是负责验证身份、校验服务规则和发布服务令牌的,它实现了Openstack的Identity API.keystone可分解为两个功能:权限管理和服务目录。

https://www.cnblogs.com/mh20131118/p/12942346.html

https://www.cnblogs.com/linuxk/p/9282996.html

1、keystone运维命令

# 环境配置
source /etc/keystone/admin-openrc.sh
# 创建 hqs用户
openstack user create --password ps1234 --email hqs@example.com --domain demo hqs
# 创建acme项目
openstack project create --domain demo acme
# 创建角色
openstack role create compute-user
# 绑定用户和项目权限
# 添加的用户需要分配一定的权限,需要把用户关联绑定到对应的项目和角色
openstack role add --user hqs --project acme compute-user

2、keystone查询命令

# 用户列表查询
[root@controller ~]# openstack user list
+----------------------------------+---------+
| ID                               | Name    |
+----------------------------------+---------+
| 0f217182b5af448c988f5464c706a337 | admin   |
| 1579d0526c8b4cf0ba1158960054fde0 | neutron |
| 408d6f8e000847a3a9a0f799a1ea2ef6 | hqs     |
| 560d1dca91184856822e3750ea2f4afb | nova    |
| 5ca7355fbe4f4b87b352a72f9c4b4a66 | cinder  |
| 93443c8fc497495e8bb9033a1a52fc1d | demo    |
| d5bcfce4e83d4ef696bcd87599399429 | swift   |
| e255b170101c41d3b839dbb013daef02 | glance  |
+----------------------------------+---------+
# 查询hqs用户详细信息
[root@controller ~]# openstack user show hqs
+-----------+----------------------------------+
| Field     | Value                            |
+-----------+----------------------------------+
| domain_id | 90f55d85d1824e2ca27318eefc57535e |
| email     | hqs@example.com                  |
| enabled   | True                             |
| id        | 408d6f8e000847a3a9a0f799a1ea2ef6 |
| name      | hqs                              |
+-----------+----------------------------------+
# 查询当前openstack平台所有项目
[root@controller ~]# openstack project list
+----------------------------------+---------+
| ID                               | Name    |
+----------------------------------+---------+
| 015510f69fd74453a700a529b7bee827 | demo    |
| 168c9d9e5cf448c2a3dab6335590566a | service |
| 386dbfcf77e444c7872e4e23d5829fcc | admin   |
| b66f515463e54b229b1d61d9313717ff | acme    |
+----------------------------------+---------+
# 查询acme项目详情
[root@controller ~]# openstack project show acme
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description |                                  |
| domain_id   | 90f55d85d1824e2ca27318eefc57535e |
| enabled     | True                             |
| id          | b66f515463e54b229b1d61d9313717ff |
| is_domain   | False                            |
| name        | acme                             |
| parent_id   | 90f55d85d1824e2ca27318eefc57535e |
+-------------+----------------------------------+
# 查询所有keystone角色
[root@controller ~]# openstack role list
+----------------------------------+--------------+
| ID                               | Name         |
+----------------------------------+--------------+
| 0190945cf6a84b60bb2f4631f85c30fa | compute-user |
| 4c438257d4a24e4aa4d4fcbeff248bce | user         |
| d8ac2f3e57664b7abee701d82c9bbf16 | admin        |
+----------------------------------+--------------+
# 查询compute-user角色详细信息
[root@controller ~]# openstack role show compute-user
+-----------+----------------------------------+
| Field     | Value                            |
+-----------+----------------------------------+
| domain_id | None                             |
| id        | 0190945cf6a84b60bb2f4631f85c30fa |
| name      | compute-user                     |
+-----------+----------------------------------+
# 查看平台所有服务所使用的端点地址
[root@controller ~]# openstack endpoint list
+------------+-----------+--------------+--------------+---------+-----------+---------------+
| ID         | Region    | Service Name | Service Type | Enabled | Interface | URL           |
+------------+-----------+--------------+--------------+---------+-----------+---------------+
| 14f90cb0cb | RegionOne | nova         | compute      | True    | internal  | http://contro |
....

五、Nova组件详解

计算节点通过Nova Computer进行虚拟机创建,通过libvirt调用kvm创建虚拟机,nova之间通信通过rabbitMQ队列进行通信。
Nova位于Openstack架构的中心,其他服务或者组件(比如Glance、Cinder、Neutron等)对它提供支持,另外它本身的架构也比较复杂。

作用:

    1. Nova是OpenStack最核心的服务模块,负责管理和维护云计算环境的计算资源,负责整个云环境虚拟机生命周期的管理。
    1. Nova是OpenStack的计算服务,负责维护和管理的网络和存储,提供计算服务。

https://www.cnblogs.com/mh20131118/p/12939358.html

https://www.cnblogs.com/linuxk/p/9454258.html

1、安全组相关操作:

nova
​	secgroup-add-default-rule   Add a rule to the set of rules that will be
​                                added to the 'default' security group for new
​                                tenants (nova-network only).
​    secgroup-add-group-rule     Add a source group rule to a security group.
​    secgroup-add-rule           Add a rule to a security group.
​    secgroup-create             Create a security group.
​    secgroup-delete             Delete a security group.
​    secgroup-delete-default-rule
​                                Delete a rule from the set of rules that will
​                                be added to the 'default' security group for
​                                new tenants (nova-network only).
​    secgroup-delete-group-rule  Delete a source group rule from a security
​                                group.
​    secgroup-delete-rule        Delete a rule from a security group.
​    secgroup-list               List security groups for the current tenant.
​    secgroup-list-default-rules
​                                List rules that will be added to the 'default'
​                                security group for new tenants.
​    secgroup-list-rules         List rules for a security group.
​    secgroup-update             Update a security group.

# 安全组查看:
[root@controller ~]# nova secgroup-list
+--------------------------------------+---------+------------------------+
| Id                                   | Name    | Description            |
+--------------------------------------+---------+------------------------+
| 486eaa38-8e3d-4214-96bc-e6fee9b81be6 | default | Default security group |
+--------------------------------------+---------+------------------------+

# 安全组创建
[root@controller ~]# nova  secgroup-create hqs 'Most great security group'
+--------------------------------------+------+---------------------------+
| Id                                   | Name | Description               |
+--------------------------------------+------+---------------------------+
| 1f2e9304-2fa0-45ac-a407-9816c72a1190 | hqs  | Most great security group |
+--------------------------------------+------+---------------------------+

# 安全组更新
[root@controller ~]# nova  secgroup-update 218faa36-c250-40d5-9775-534049e5771a  hqs111 'One of the most great security group '
+--------------------------------------+--------+---------------------------------------+
| Id                                   | Name   | Description                           |
+--------------------------------------+--------+---------------------------------------+
| 218faa36-c250-40d5-9775-534049e5771a | hqs111 | One of the most great security group  |
+--------------------------------------+--------+---------------------------------------+

# 安全组删除
[root@controller ~]# nova secgroup-delete hqs111

# 安全组规则查看
[root@controller ~]# nova secgroup-list-rules hqs    
+-------------+-----------+---------+----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+----------+--------------+
+-------------+-----------+---------+----------+--------------+
[root@controller ~]# nova secgroup-list-rules default
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range  | Source Group |
+-------------+-----------+---------+-----------+--------------+
| tcp         | 1         | 65535   | 0.0.0.0/0 |              |
| udp         | 1         | 65535   | 0.0.0.0/0 |              |
| icmp        | -1        | -1      | 0.0.0.0/0 |              |
|             |           |         |           | default      |
|             |           |         |           | default      |
+-------------+-----------+---------+-----------+--------------+

# 安全组规则添加
[root@controller ~]# nova  secgroup-add-rule hqs icmp -1 -1 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range  | Source Group |
+-------------+-----------+---------+-----------+--------------+
| icmp        | -1        | -1      | 0.0.0.0/0 |              |
+-------------+-----------+---------+-----------+--------------+
[root@controller ~]# nova  secgroup-add-rule hqs udp 1 65535 0.0.0.0/0   
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range  | Source Group |
+-------------+-----------+---------+-----------+--------------+
| udp         | 1         | 65535   | 0.0.0.0/0 |              |
+-------------+-----------+---------+-----------+--------------+
[root@controller ~]# nova  secgroup-add-rule hqs tcp 1 65535 0.0.0.0/0   
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range  | Source Group |
+-------------+-----------+---------+-----------+--------------+
| tcp         | 1         | 65535   | 0.0.0.0/0 |              |
+-------------+-----------+---------+-----------+--------------+

# 安全组规则删除
[root@controller ~]# nova  secgroup-delete-rule hqs icmp -1 -1 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range  | Source Group |
+-------------+-----------+---------+-----------+--------------+
| icmp        | -1        | -1      | 0.0.0.0/0 |              |
+-------------+-----------+---------+-----------+--------------+
[root@controller ~]# nova secgroup-list-rules hqs                       
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range  | Source Group |
+-------------+-----------+---------+-----------+--------------+
| udp         | 1         | 65535   | 0.0.0.0/0 |              |
| tcp         | 1         | 65535   | 0.0.0.0/0 |              |
+-------------+-----------+---------+-----------+--------------+

2、云主机类型操作

nova
	flavor-access-add           Add flavor access for the given tenant.
    flavor-access-list          Print access information about the given
                                flavor.
    flavor-access-remove        Remove flavor access for the given tenant.
    flavor-create               Create a new flavor.
    flavor-delete               Delete a specific flavor
    flavor-key                  Set or unset extra_spec for a flavor.
    flavor-list                 Print a list of available 'flavors' (sizes of
                                servers).
    flavor-show                 Show details about the given flavor.
	
# 云主机类型列表查看
[root@controller ~]# nova flavor-list
+--------------------------------------+-----------+-----------+------+-----------+------+-------+-------------+-----------+
| ID                                   | Name      | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |
+--------------------------------------+-----------+-----------+------+-----------+------+-------+-------------+-----------+
| 1                                    | m1.tiny   | 512       | 1    | 0         |      | 1     | 1.0         | True      |
| 2                                    | m1.small  | 2048      | 20   | 0         |      | 1     | 1.0         | True      |
| 3                                    | m1.medium | 4096      | 40   | 0         |      | 2     | 1.0         | True      |
| 4                                    | m1.large  | 8192      | 80   | 0         |      | 4     | 1.0         | True      |
| 5                                    | m1.xlarge | 16384     | 160  | 0         |      | 8     | 1.0         | True      |
| 7645393e-4f46-473a-85bf-6ea69669dac2 | m1-hqs    | 512       | 10   | 0         |      | 1     | 1.0         | True      |
+--------------------------------------+-----------+-----------+------+-----------+------+-------+-------------+-----------+

# 云主机类型添加
[root@controller ~]# nova  flavor-create m1.hqs 6 1024 10 1
+----+--------+-----------+------+-----------+------+-------+-------------+-----------+
| ID | Name   | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |
+----+--------+-----------+------+-----------+------+-------+-------------+-----------+
| 6  | m1.hqs | 1024      | 10   | 0         |      | 1     | 1.0         | True      |
+----+--------+-----------+------+-----------+------+-------+-------------+-----------+

# 云主机类型详情查看
[root@controller ~]# nova flavor-show m1.hqs
+----------------------------+--------+
| Property                   | Value  |
+----------------------------+--------+
| OS-FLV-DISABLED:disabled   | False  |
| OS-FLV-EXT-DATA:ephemeral  | 0      |
| disk                       | 10     |
| extra_specs                | {}     |
| id                         | 6      |
| name                       | m1.hqs |
| os-flavor-access:is_public | True   |
| ram                        | 1024   |
| rxtx_factor                | 1.0    |
| swap                       |        |
| vcpus                      | 1      |
+----------------------------+--------+

# 云主机类型删除
[root@controller ~]# nova flavor-delete  m1-hqs

3、云主机实例操作

# 实例列表查看
nova list

# 实例详情查看
nova show <server>

# 实例创建
nova boot <实例名称>
# 可选参数:
  --flavor <flavor>             虚拟机类型
  --image <image>               可选用的镜像
  --image-with <key=value>      镜像的元数据属性
  --boot-volume <volume_id>     启动逻辑卷的ID
  --snapshot <snapshot_id>      快照.
  --min-count <number>          Boot at least <number> servers (limited by
                                quota).
  --max-count <number>          Boot up to <number> servers (limited by
                                quota).
  --meta <key=value>            元数据Record arbitrary key/value metadata to
                                /meta_data.json on the metadata server. Can be
                                specified multiple times.
  --file <dst-path=src-path>    文件Store arbitrary files from <src-path> locally
                                to <dst-path> on the new server. Limited by
                                the injected_files quota value.
  --key-name <key-name>         密钥名称Key name of keypair that should be created
                                earlier with the command keypair-add.
  --user-data <user-data>       注入的用户数据user data file to pass to be exposed by the
                                metadata server.
  --availability-zone <availability-zone>
                                可用域The availability zone for server placement.
  --security-groups <security-groups>
                                安全组Comma separated list of security group names.
  --block-device-mapping <dev-name=mapping>
                                块存储格式化Block device mapping in the format <dev-
                                name>=<id>:<type>:<size(GB)>:<delete-on-
                                terminate>.
  --block-device key1=value1[,key2=value2...]   块设备参数
  --swap <swap_size>            交换空间大小Create and attach a local swap block device of
                                <swap_size> MB.
  --ephemeral size=<size>[,format=<format>]
                                连接块存储的大小Create and attach a local ephemeral block
                                device of <size> GB and format it to <format>.
  --hint <key=value>            自定义数据Send arbitrary key/value pairs to the
                                scheduler for custom use.
  --nic <net-id=net-uuid,net-name=network-name,v4-fixed-ip=ip-addr,v6-fixed-ip=ip-addr,port-id=port-uuid>
                                配置网络Create a NIC on the server. Specify option
                                multiple times to create multiple NICs. net-
                                id: attach NIC to network with this UUID net-
                                name: attach NIC to network with this name
                                (either port-id or net-id or net-name must be
                                provided), v4-fixed-ip: IPv4 fixed address for
                                NIC (optional), v6-fixed-ip: IPv6 fixed
                                address for NIC (optional), port-id: attach
                                NIC to port with this UUID (either port-id or
                                net-id must be provided).
  --config-drive <value>        驱动配置Enable config drive.
  --poll                        显示创建进度Report the new server boot progress until it
                                completes.
  --admin-pass <value>          Admin password for the instance.
  --access-ip-v4 <value>        Alternative access IPv4 of the instance.
  --access-ip-v6 <value>        Alternative access IPv6 of the instance.
  --description <description>   Description for the server. (Supported by API
                                versions '2.19' - '2.latest')


# 1、查看镜像
glance image-list
# 2、查看规格
nova flavor-list
# 3、查看安全组
nova secgroup-list
# 4、查看可用的网络
neutron net-list

nova boot    \
--image centos7.2      \
--availability-zone nova  \
--flavor m1.hqs    \
--security-groups hqs  \
--nic net-id=64306052-bcec-4209-ac4c-45b9d2de4dde  \
caocao-server1

# 5、实例创建
[root@controller images]# nova boot test-server --image centos7.2 --flavor m1.lxh --availability-zone nova --security-groups hqs  --nic net-id=451fd2af-e1eb-4437-bf71-53b5f91c10b5
+--------------------------------------+--------------------------------------------------+
| Property                             | Value                                            |
+--------------------------------------+--------------------------------------------------+
| OS-DCF:diskConfig                    | MANUAL                                           |
| OS-EXT-AZ:availability_zone          | nova                                             |
| OS-EXT-SRV-ATTR:host                 | -                                                |
| OS-EXT-SRV-ATTR:hostname             | test-server                                      |
| OS-EXT-SRV-ATTR:hypervisor_hostname  | -                                                |
| OS-EXT-SRV-ATTR:instance_name        | instance-0000000d                                |
| OS-EXT-SRV-ATTR:kernel_id            |                                                  |
| OS-EXT-SRV-ATTR:launch_index         | 0                                                |
| OS-EXT-SRV-ATTR:ramdisk_id           |                                                  |
| OS-EXT-SRV-ATTR:reservation_id       | r-zoria5fn                                       |
| OS-EXT-SRV-ATTR:root_device_name     | -                                                |
| OS-EXT-SRV-ATTR:user_data            | -                                                |
| OS-EXT-STS:power_state               | 0                                                |
| OS-EXT-STS:task_state                | scheduling                                       |
| OS-EXT-STS:vm_state                  | building                                         |
| OS-SRV-USG:launched_at               | -                                                |
| OS-SRV-USG:terminated_at             | -                                                |
| accessIPv4                           |                                                  |
| accessIPv6                           |                                                  |
| adminPass                            | ejFD96k8DUkW                                     |
| config_drive                         |                                                  |
| created                              | 2021-10-19T02:09:45Z                             |
| description                          | -                                                |
| flavor                               | m1.lxh (111)                                     |
| hostId                               |                                                  |
| host_status                          |                                                  |
| id                                   | 22d0a54b-2a6f-4ea8-8729-dc07055c19e5             |
| image                                | centos7.2 (8aec8782-c6af-41d8-a225-ada5a2af13dc) |
| key_name                             | -                                                |
| locked                               | False                                            |
| metadata                             | {}                                               |
| name                                 | test-server                                      |
| os-extended-volumes:volumes_attached | []                                               |
| progress                             | 0                                                |
| security_groups                      | hqs                                              |
| status                               | BUILD                                            |
| tenant_id                            | 386dbfcf77e444c7872e4e23d5829fcc                 |
| updated                              | 2021-10-19T02:09:55Z                             |
| user_id                              | 0f217182b5af448c988f5464c706a337                 |
+--------------------------------------+--------------------------------------------------+

# 实例停止
[root@controller ~]# nova stop hqs_server
Request to stop server hqs_server has been accepted.

# 实例启动
[root@controller ~]# nova start hqs_server
Request to start server hqs_server has been accepted.

# 实例重启
[root@controller ~]# nova reboot hqs_server
Request to reboot server <Server: hqs_server> has been accepted.
[root@controller ~]# nova list
+--------------------------------------+------------+---------+----------------+-------------+----------------------------------+
| ID                                   | Name       | Status  | Task State     | Power State | Networks                         |
+--------------------------------------+------------+---------+----------------+-------------+----------------------------------+
| b51590fc-33cc-4d54-8e54-c0530e912d2b | hqs_server | REBOOT  | reboot_started | Running     | int-gre=172.25.2.8               |
| c6cabeed-1176-4634-b493-b6be7c351a03 | test       | SHUTOFF | -              | Shutdown    | int-gre=172.25.2.3, 192.168.20.4 |
+--------------------------------------+------------+---------+----------------+-------------+----------------------------------+

# 实例挂起
[root@controller ~]# nova pause test
[root@controller ~]# nova list      
+--------------------------------------+------------+--------+----------------+-------------+----------------------------------+
| ID                                   | Name       | Status | Task State     | Power State | Networks                         |
+--------------------------------------+------------+--------+----------------+-------------+----------------------------------+
| b51590fc-33cc-4d54-8e54-c0530e912d2b | hqs_server | REBOOT | reboot_started | Running     | int-gre=172.25.2.8               |
| c6cabeed-1176-4634-b493-b6be7c351a03 | test       | PAUSED | -              | Paused      | int-gre=172.25.2.3, 192.168.20.4 |
+--------------------------------------+------------+--------+----------------+-------------+----------------------------------+

# 实例删除
[root@controller ~]# nova delete hqs_server
Request to delete server hqs_server has been accepted.
[root@controller ~]# nova list
+--------------------------------------+------+--------+------------+-------------+----------------------------------+
| ID                                   | Name | Status | Task State | Power State | Networks                         |
+--------------------------------------+------+--------+------------+-------------+----------------------------------+
| c6cabeed-1176-4634-b493-b6be7c351a03 | test | PAUSED | -          | Paused      | int-gre=172.25.2.3, 192.168.20.4 |
+--------------------------------------+------+--------+------------+-------------+----------------------------------+

4、浮动IP

nova
    floating-ip-associate       Associate a floating IP address to a server.
    floating-ip-bulk-create     Bulk create floating IPs    
                                by  range (nova-network only).
    floating-ip-bulk-delete     Bulk delete floating IPs by range (nova-
                                network only).
    floating-ip-bulk-list       List all floating IPs (nova-network only).
    floating-ip-create          Allocate a floating IP for the current tenant.
    floating-ip-delete          De-allocate a floating IP.
    floating-ip-disassociate    Disassociate a floating IP address from a
                                server.
    floating-ip-list            List floating IPs.
    floating-ip-pool-list       List all floating IP pools.

# 创建浮动IP
# 语法:nova floating-ip-create <pool>
[root@controller nova]# nova  floating-ip-create  net-gre
+--------------------------------------+--------------+-----------+----------+---------+
| Id                                   | IP           | Server Id | Fixed IP | Pool    |
+--------------------------------------+--------------+-----------+----------+---------+
| fcb2439d-ba4f-4467-ad60-34726d57aba4 | 192.168.37.5 | -         | -        | net-gre |
+--------------------------------------+--------------+-----------+----------+---------+

# 浮动IP的列表信息
[root@controller nova]# nova floating-ip-list
+--------------------------------------+--------------+-----------+----------+---------+
| Id                                   | IP           | Server Id | Fixed IP | Pool    |
+--------------------------------------+--------------+-----------+----------+---------+
| fcb2439d-ba4f-4467-ad60-34726d57aba4 | 192.168.37.5 | -         | -        | net-gre |
+--------------------------------------+--------------+-----------+----------+---------+

# 浮动IP地址池信息
[root@controller nova]# nova floating-ip-pool-list 
+---------+
| name    |
+---------+
| net-gre |
+---------+

# 查看浮动IP详细信息
[root@controller nova]# openstack ip  floating show 192.168.37.5
+---------------------+--------------------------------------+
| Field               | Value                                |
+---------------------+--------------------------------------+
| description         |                                      |
| dns_domain          |                                      |
| dns_name            |                                      |
| fixed_ip_address    | None                                 |
| floating_ip_address | 192.168.37.5                         |
| floating_network_id | 847163a4-65dd-456e-a839-4f810cce80cf |
| id                  | fcb2439d-ba4f-4467-ad60-34726d57aba4 |
| port_id             | None                                 |
| project_id          | 386dbfcf77e444c7872e4e23d5829fcc     |
| router_id           | None                                 |
| status              | DOWN                                 |
+---------------------+--------------------------------------+

# 浮动ip关联给实例
# 语法:nova floating-ip-associate [--fixed-address <fixed_address>] <server> <address>
# 参数:
#  <server>        Name or ID of server.(nova list)
#  <address>       IP Address.(nova floating-ip-list)
[root@controller nova]# nova floating-ip-associate caocao-server1 192.168.37.5
[root@controller nova]# nova list
+--------------------------------------+----------------+--------+------------+-------------+---------------------------------+
| ID                                   | Name           | Status | Task State | Power State | Networks                        |
+--------------------------------------+----------------+--------+------------+-------------+---------------------------------+
| e2c75e51-1a3b-4a0b-8765-d7ff6e8188e3 | caocao-server1 | ACTIVE | -          | Running     | int-gre=10.10.0.3, 192.168.37.5 |
+-----------------------

# 浮动IP解除关联实例
# 语法:nova floating-ip-disassociate <server> <address>
[root@controller nova]# nova floating-ip-disassociate caocao-server1 192.168.37.5
[root@controller nova]# nova list
+--------------------------------------+----------------+--------+------------+-------------+-------------------+
| ID                                   | Name           | Status | Task State | Power State | Networks          |
+--------------------------------------+----------------+--------+------------+-------------+-------------------+
| e2c75e51-1a3b-4a0b-8765-d7ff6e8188e3 | caocao-server1 | ACTIVE | -          | Running     | int-gre=10.10.0.3 |
+--------------------------------------+----------------+--------+------------+-------------+-------------------+

# 解除关联并删除浮动IP
[root@controller nova]# nova floating-ip-associate caocao-server1 192.168.37.5
[root@controller nova]# nova floating-ip-delete 192.168.37.5
[root@controller nova]# nova list
+--------------------------------------+----------------+--------+------------+-------------+-------------------+
| ID                                   | Name           | Status | Task State | Power State | Networks          |
+--------------------------------------+----------------+--------+------------+-------------+-------------------+
| e2c75e51-1a3b-4a0b-8765-d7ff6e8188e3 | caocao-server1 | ACTIVE | -          | Running     | int-gre=10.10.0.3 |
+---------
[root@controller nova]# nova floating-ip-list
+----+----+-----------+----------+------+
| Id | IP | Server Id | Fixed IP | Pool |
+----+----+-----------+----------+------+
+----+----+-----------+----------+------+

5、密钥管理

nova 
    keypair-add                 Create a new key pair for use with servers.
    keypair-delete              Delete keypair given by its name. (Supported
                                by API versions '2.0' - '2.latest') [hint: use
                                '--os-compute-api-version' flag to show help
                                message for proper version]
    keypair-list                Print a list of keypairs for a user (Supported
                                by API versions '2.0' - '2.latest') [hint: use
                                '--os-compute-api-version' flag to show help
                                message for proper version]
    keypair-show                Show details about the given keypair.
                                (Supported by API versions '2.0' - '2.latest')
                                [hint: use '--os-compute-api-version' flag to
                                show help message for proper version]

# 查看密钥列表
[root@controller ~]# nova keypair-list
+------+------+-------------------------------------------------+
| Name | Type | Fingerprint                                     |
+------+------+-------------------------------------------------+
| test | ssh  | 5c:7e:d8:bd:b9:33:cb:f9:eb:b8:52:c4:04:7c:8c:1e |
+------+------+-------------------------------------------------+

# 查看密钥详情
[root@controller ~]# nova  keypair-show test
+-------------+-------------------------------------------------+
| Property    | Value                                           |
+-------------+-------------------------------------------------+
| created_at  | 2021-10-28T14:06:12.000000                      |
| deleted     | False                                           |
| deleted_at  | -                                               |
| fingerprint | 5c:7e:d8:bd:b9:33:cb:f9:eb:b8:52:c4:04:7c:8c:1e |
| id          | 1                                               |
| name        | test                                            |
| type        | ssh                                             |
| updated_at  | -                                               |
| user_id     | 0f217182b5af448c988f5464c706a337                |
+-------------+-------------------------------------------------+
Public key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDc/qEc2ihvE7aLgSVH0lt5PDBwEYXW0CqMx8sGJPT1p3r0mxdJiti9pJxBRoX+oOhA/LFssaOGvtHDK79Njs3HynrXkxvKo6UfmBNQzt2z5C3nTP2U17JY2wrOh7YyYdhuuRirCLNHQk4hM1YY9BbPrCLjLlQ8Gms6vdgDCgT1gXuRppBTfQKrIKKRk6d5vIqBMoGM3fCaM34DiqwOS/uq8gQM8T/io9h6XrTKWznmZgzaFJ2S3XUZhAliSEgkraxZIM8L3QWumMlBVryYVUX6QEKv29hNWYZF/bxUqfQx50vBuIfHlKgkcccAVDy6OoZNmd6T1rdJXEdW+MWobHu7 Generated-by-Nova

# 创建密钥
[root@controller ~]# nova keypair-add hqs --key-type ssh 
-----BEGIN RSA PRIVATE KEY-----
MIIEpwIBAAKCAQEAw3YnZk1ej5j3+CjpWalgmVWxrdAVZGfpC3Qklz+0RW7p4nTn
VlkGL7mWEgx7fmRaBzZuwUuSuvFB79zWhGZqh7Dt0Zeibyy48u3AtZtDY1ZVkvss
Vq7zOdUgg+2C8Em7KTAXsuf1I7KPxgJHX7j9pluN8zBQKiYYi4K+RPCVtisw3ev0
Ey5vi7e1IuUawXpjWnGe+/yzCZWgL8X2uhyYH0cJUmO3PbFuX0aoZr/JsLbMfkeL
0hCDkpKgkx8L/VD6C8FW+Z3mfJGxJtGwakb+BGyOYZ3j/Sv7bh03QKPgViqJ9CGa
WL5/y8dYmFLYM45Gb60FLWPSHWLmH9SFnmV7UwIDAQABAoIBABkiGUDbU/xs8/2x
7Qd9cxFkZntuFUIa5ml1nrrgEyMWdvaKh7Cfs97xIy3g8wQ2jSj+Q9GRESX+nbbl
E6RksvANvRbFQ7q96m46ShxQAaNFV62VpIbk6huWnx63rK2PHYTXTUTQ9MGJVVll
s53IYL1CaodJwBUbXu6ZejPNJ8MLoyom7cH89uaP5K8Ej7pHObaxMBCkSylU0vcG
qJp0Gu1NbnQ823EYm5QeEqUfG8xLyXKOvAq3scZHg5hqdD6SDVOYm3uQM8TF8zkY
SSTYrwktj7g7vP6ZQ0zY3k/s/zxMbTIurwwNm8L93tPcgtJUMw+fPYu3OHr9nhBt
aeFJ6AkCggCBANoJLHA6j5Jgj0uLy+ur8BmU8qSCJ7Nmx3JZFj2ELoZcLzjniHqH
14QHqnBgFxaUAvmpy8wCMnIKrk83FdEkgk2vwSlsr1uEiz+MNHKqapWwiezR87HB
5XsgtHpOsBlTpzQlOL7TJX7kCtZYgyGbQJvLMeek+cqy2YsNp28AgFulAoIAgQDl
fr5dBmEMBtTVaAjZFlyhJIXpf93QeC9KTtCLJ0QXAVPpCLlnulC8W4JfuZDTFqOr
gnx1y84DfyoZ4/K6zPNfqguRRzE2sxMNDLNZeyZiA10uZwEh+AJtCf54FU2xZtVP
1eZ7I4QMR2jaDSj5nWgF90DYHoWLxOEeIVnTnFoplwKCAIANyxrGls3SYs1t6BAk
fqIX3DZldd5xGQVxFHW1upD+6wIJxYv6xHE75wg/R7TuNrrhdH5yD4mFcWuJk2CL
9JVRuNatejS1w3LTuFjxEBriEWMIWlfiXPPZkD4aprO5RnODdv9aAx2SI3cUDFFv
ZNT3hilIEEXFLv9YLqry+MMmCQKCAIBpG+OUN5e7KmXQWBW1V8iVBWVPzICLOoBu
SCq7kQBeiP0lfhlsqKjRnBfaP+NUysmrg9f9G5r/fv6JXR2O8M+GwRsLLtAbfWj8
URTTptOtkFzdI9Ag/rYdurYRybAL0E1ig1VMkLep6Ard06kwqic6lEPeuBvyJ/nz
EtNRWArzgQKCAIAQDXQbP+20nzHoWqy1sFYIpOYrC+pZGX3tZb8DfAKrhrL+FkGe
PSe6bNwgWVDEUwTyvoPUexvAVi7nZ1sqMw/Ar+KxCXcti+dzZZZa3typLQMceOr2
wFfpNMT/Kq2DTrgkXN+jpFczv/R0kNn5bOB/DIm8JUeN44k97lMzIrD7TA==
-----END RSA PRIVATE KEY-----

# 删除密钥
[root@controller ~]# nova  keypair-list
+------+------+-------------------------------------------------+
| Name | Type | Fingerprint                                     |
+------+------+-------------------------------------------------+
| hqs  | ssh  | e2:cc:e9:8f:1d:06:45:b4:52:0b:38:68:0d:15:b8:b9 |
| test | ssh  | 5c:7e:d8:bd:b9:33:cb:f9:eb:b8:52:c4:04:7c:8c:1e |
+------+------+-------------------------------------------------+
[root@controller ~]# nova keypair-delete hqs
[root@controller ~]# nova  keypair-list
+------+------+-------------------------------------------------+
| Name | Type | Fingerprint                                     |
+------+------+-------------------------------------------------+
| test | ssh  | 5c:7e:d8:bd:b9:33:cb:f9:eb:b8:52:c4:04:7c:8c:1e |
+------+------+-------------------------------------------------+

6、配额管理

# 待补全
[root@controller ~]# openstack quota show admin
+----------------------+----------------------------------+
| Field                | Value                            |
+----------------------+----------------------------------+
| backup_gigabytes     | 1000                             |
| backups              | 10                               |
| cores                | 20                               |
| firewall             | 10                               |
| firewall_policy      | 10                               |
| firewall_rule        | 100                              |
| fixed-ips            | -1                               |
| floating-ips         | 50                               |
| gigabytes            | 1000                             |
| health_monitor       | -1                               |
| injected-file-size   | 10240                            |
| injected-files       | 5                                |
| injected-path-size   | 255                              |
| instances            | 10                               |
| key-pairs            | 100                              |
| member               | -1                               |
| network              | 10                               |
| per_volume_gigabytes | -1                               |
| pool                 | 10                               |
| port                 | 50                               |
| project              | 386dbfcf77e444c7872e4e23d5829fcc |
| properties           | 128                              |
| ram                  | 51200                            |
| rbac_policy          | 10                               |
| router               | 10                               |
| secgroup-rules       | 100                              |
| secgroups            | 10                               |
| server_group_members | 10                               |
| server_groups        | 10                               |
| snapshots            | 10                               |
| subnet               | 10                               |
| subnetpool           | -1                               |
| vip                  | 10                               |
| volumes              | 10                               |
+----------------------+----------------------------------+

六、Neutron网络服务

# 查看网络列表信息
[root@controller ~]# openstack network list
+--------------------------------------+---------+--------------------------------------+
| ID                                   | Name    | Subnets                              |
+--------------------------------------+---------+--------------------------------------+
| 847163a4-65dd-456e-a839-4f810cce80cf | net-gre | 757f4819-48aa-4026-aff2-8e78b4161691 |
| 64306052-bcec-4209-ac4c-45b9d2de4dde | int-gre | d3aa832b-8bcf-4a7b-9692-540b468a711b |
+--------------------------------------+---------+--------------------------------------+

# 查看网络详细信息
[root@controller ~]# openstack network show net-gre
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | UP                                   |
| availability_zone_hints   |                                      |
| availability_zones        | nova                                 |
| created_at                | 2021-10-18T18:02:38                  |
| description               |                                      |
| id                        | 847163a4-65dd-456e-a839-4f810cce80cf |
| ipv4_address_scope        | None                                 |
| ipv6_address_scope        | None                                 |
| is_default                | False                                |
| mtu                       | 1458                                 |
| name                      | net-gre                              |
| port_security_enabled     | True                                 |
| project_id                | 386dbfcf77e444c7872e4e23d5829fcc     |
| provider:network_type     | gre                                  |
| provider:physical_network | None                                 |
| provider:segmentation_id  | 99                                   |
| router_external           | Internal                             |
| shared                    | False                                |
| status                    | ACTIVE                               |
| subnets                   | 757f4819-48aa-4026-aff2-8e78b4161691 |
| tags                      | []                                   |
| updated_at                | 2021-10-18T18:15:25                  |
+---------------------------+--------------------------------------+

# 创建网络
[root@controller ~]# openstack network create int-gre-test --project admin
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | UP                                   |
| availability_zone_hints   |                                      |
| availability_zones        |                                      |
| created_at                | 2021-10-28T14:25:07                  |
| description               |                                      |
| headers                   |                                      |
| id                        | 8e16c3a3-53f2-4ab7-b77f-3f1c1bf22dc6 |
| ipv4_address_scope        | None                                 |
| ipv6_address_scope        | None                                 |
| mtu                       | 1458                                 |
| name                      | int-gre-test                         |
| port_security_enabled     | True                                 |
| project_id                | 386dbfcf77e444c7872e4e23d5829fcc     |
| provider:network_type     | gre                                  |
| provider:physical_network | None                                 |
| provider:segmentation_id  | 91                                   |
| router_external           | Internal                             |
| shared                    | False                                |
| status                    | ACTIVE                               |
| subnets                   |                                      |
| tags                      | []                                   |
| updated_at                | 2021-10-28T14:25:07                  |
+---------------------------+--------------------------------------+

# 更新网络
[root@controller ~]# openstack network set  int-gre-test --enable --name int-test-gre
[root@controller ~]# openstack network list
+--------------------------------------+--------------+--------------------------------------+
| ID                                   | Name         | Subnets                              |
+--------------------------------------+--------------+--------------------------------------+
| 847163a4-65dd-456e-a839-4f810cce80cf | net-gre      | 757f4819-48aa-4026-aff2-8e78b4161691 |
| 64306052-bcec-4209-ac4c-45b9d2de4dde | int-gre      | d3aa832b-8bcf-4a7b-9692-540b468a711b |
| 8e16c3a3-53f2-4ab7-b77f-3f1c1bf22dc6 | int-test-gre |                                      |
+--------------------------------------+--------------+--------------------------------------+
[root@controller ~]# openstack network show int-test-gre
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | UP                                   |
| availability_zone_hints   |                                      |
| availability_zones        |                                      |
| created_at                | 2021-10-28T14:25:07                  |
| description               |                                      |
| id                        | 8e16c3a3-53f2-4ab7-b77f-3f1c1bf22dc6 |
| ipv4_address_scope        | None                                 |
| ipv6_address_scope        | None                                 |
| mtu                       | 1458                                 |
| name                      | int-test-gre                         |
| port_security_enabled     | True                                 |
| project_id                | 386dbfcf77e444c7872e4e23d5829fcc     |
| provider:network_type     | gre                                  |
| provider:physical_network | None                                 |
| provider:segmentation_id  | 91                                   |
| router_external           | Internal                             |
| shared                    | False                                |
| status                    | ACTIVE                               |
| subnets                   |                                      |
| tags                      | []                                   |
| updated_at                | 2021-10-28T14:28:04                  |
+---------------------------+--------------------------------------+

# 删除网络
[root@controller ~]# openstack network delete int-gre-test
posted @ 2022-04-28 22:31  郑琰  阅读(3255)  评论(0编辑  收藏  举报
#

# #