![]()
![]()
配置使用Openstack-创建规格虚拟机
使用Provider Network 创建网络-后续会用第二种Self Network模式创建网络
#https://docs.openstack.org/install-guide/launch-instance.html
##一、Create virtual networks
#https://docs.openstack.org/install-guide/launch-instance-networks-provider.html
#Provider network
#Create the provider network
#1.On the controller node, source the admin credentials to gain access to admin-only CLI commands:
source admin-openrc.sh
#2.Create the network
#这里的--provider-physical-network=external 是之前配置的名称 external
#ml2_conf.ini:[ml2_type_flat]、linuxbridge_agent.ini:[linux_bridge]
openstack network create --share --external \
--provider-physical-network external \
--provider-network-type flat external-net
[root@openstack-controller1 ~]# openstack network list
+--------------------------------------+--------------+---------+
| ID | Name | Subnets |
+--------------------------------------+--------------+---------+
| 6683301b-a189-40fa-ae51-4efe1bf70db1 | external-net | |
+--------------------------------------+--------------+---------+
#3.Create a subnet on the network:
openstack subnet create --network external-net \
--allocation-pool start=START_IP_ADDRESS,end=END_IP_ADDRESS \
--dns-nameserver DNS_RESOLVER --gateway PROVIDER_NETWORK_GATEWAY \
--subnet-range PROVIDER_NETWORK_CIDR provider
#Example:
#The provider network uses 203.0.113.0/24 with a gateway on 203.0.113.1.
#A DHCP server assigns each instance an IP address from 203.0.113.101 to 203.0.113.250.
#All instances use 8.8.4.4 as a DNS resolver.
openstack subnet create --network provider \
--allocation-pool start=203.0.113.101,end=203.0.113.250 \
--dns-nameserver 8.8.4.4 --gateway 203.0.113.1 \
--subnet-range 203.0.113.0/24 provider
#实际配置 - 和宿主机在同一个子网
#如果之后创建虚拟机 不能通外网 配置多个dns
#openstack subnet set --dns-nameserver 8.8.8.8 external-sub 是叠加dns配置 不会覆盖之前的配置
openstack subnet create --network external-net \
--allocation-pool start=192.168.40.50,end=192.168.40.100 \
--dns-nameserver 114.114.114.114 --gateway 192.168.40.2 \
--subnet-range 192.168.40.0/21 external-sub
+-------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------+
| allocation_pools | 192.168.40.50-192.168.40.100 |
| cidr | 192.168.40.0/21 |
| created_at | 2023-07-24T04:31:56Z |
| description | |
| dns_nameservers | 114.114.114.114 |
| enable_dhcp | True |
| gateway_ip | 192.168.40.2 |
| host_routes | |
| id | 31fdf25a-f95b-4495-b5c3-50c13df610b0 |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| location | cloud='', project.domain_id=, project.domain_name='Default', project.id='9f43f66e7d0b411a8219c163858c6f2a', project.name='admin', region_name='', zone= |
| name | external-sub |
| network_id | 6683301b-a189-40fa-ae51-4efe1bf70db1 |
| prefix_length | None |
| project_id | 9f43f66e7d0b411a8219c163858c6f2a |
| revision_number | 0 |
| segment_id | None |
| service_types | |
| subnetpool_id | None |
| tags | |
| updated_at | 2023-07-24T04:31:56Z |
+-------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------+
#查看配置-桥接到eth0网卡上了
[root@openstack-controller1 ~]# brctl show
bridge name bridge id STP enabled interfaces
brq6683301b-a1 8000.000c29c54a7a no eth0
#如果没有指向eth0手动配置、重启network服务、ping网关
brctl addif brq6683301b-a1 eth0
##二、Create m1.nano flavor
openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano
#Generate a key pair
#1.Source the demo project credentials:
source demo-openrc.sh
#2.Generate a key pair and add a public key:mykey
ssh-keygen -q -N ""
openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey
#3.Verify addition of the key pair:
openstack keypair list
##三、Add security group rules
#Add rules to the default security group:-Permit ICMP (ping):
openstack security group rule create --proto icmp default
#Permit secure shell (SSH) access:
openstack security group rule create --proto tcp --dst-port 22 default
[root@openstack-controller1 ~]# openstack security group list
+--------------------------------------+---------+------------------------+----------------------------------+------+
| ID | Name | Description | Project | Tags |
+--------------------------------------+---------+------------------------+----------------------------------+------+
| 355fe894-25cb-43ab-b3d9-8b3589454f07 | default | Default security group | 531738bf10f5448e8e0827460d035762 | [] |
+--------------------------------------+---------+------------------------+----------------------------------+------+
[root@openstack-controller1 ~]# openstack security group rule list
+--------------------------------------+-------------+-----------+-----------+------------+--------------------------------------+--------------------------------------+
| ID | IP Protocol | Ethertype | IP Range | Port Range | Remote Security Group | Security Group |
+--------------------------------------+-------------+-----------+-----------+------------+--------------------------------------+--------------------------------------+
| 6f7babc6-ccc4-41d2-bf56-592d475e239d | None | IPv4 | 0.0.0.0/0 | | 355fe894-25cb-43ab-b3d9-8b3589454f07 | 355fe894-25cb-43ab-b3d9-8b3589454f07 |
| 7a630909-8fdf-4107-8ad9-8ae92170999e | None | IPv6 | ::/0 | | None | 355fe894-25cb-43ab-b3d9-8b3589454f07 |
| a3078bba-a5a9-405f-96ae-4f56c8f9a924 | None | IPv6 | ::/0 | | 355fe894-25cb-43ab-b3d9-8b3589454f07 | 355fe894-25cb-43ab-b3d9-8b3589454f07 |
| ab040d40-21cd-4735-8180-f20c900a6efd | tcp | IPv4 | 0.0.0.0/0 | 22:22 | None | 355fe894-25cb-43ab-b3d9-8b3589454f07 |
| c4a3941f-2918-48f0-8077-56cef42cac14 | None | IPv4 | 0.0.0.0/0 | | None | 355fe894-25cb-43ab-b3d9-8b3589454f07 |
| ec7972fb-e5e7-44af-84c0-12a17d9c24e7 | icmp | IPv4 | 0.0.0.0/0 | | None | 355fe894-25cb-43ab-b3d9-8b3589454f07 |
+--------------------------------------+-------------+-----------+-----------+------------+--------------------------------------+--------------------------------------+
##四、Launch an instance
#Launch an instance on the provider network
#Determine instance options
#1.On the controller node, source the demo credentials to gain access to user-only CLI commands:
source demo-openrc.sh
#2.A flavor specifies a virtual resource allocation profile which includes processor, memory, and storage.
openstack flavor list
+----+---------+-----+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+---------+-----+------+-----------+-------+-----------+
| 0 | m1.nano | 64 | 1 | 0 | 1 | True |
+----+---------+-----+------+-----------+-------+-----------+
#3.List available images:
openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| 3fe6bb79-24e6-409f-b55e-c2de374dec27 | cirros | active |
+--------------------------------------+--------+--------+
#如果没有创建
source admin-openrc.sh
glance image-create --name "cirros" \
--file cirros-0.4.0-x86_64-disk.img \
--disk-format qcow2 --container-format bare \
--visibility public
#4.List available networks:
openstack network list
+--------------------------------------+--------------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+--------------+--------------------------------------+
| 6683301b-a189-40fa-ae51-4efe1bf70db1 | external-net | 31fdf25a-f95b-4495-b5c3-50c13df610b0 |
+--------------------------------------+--------------+--------------------------------------+
#5.List available security groups:
openstack security group list
+--------------------------------------+---------+------------------------+----------------------------------+------+
| ID | Name | Description | Project | Tags |
+--------------------------------------+---------+------------------------+----------------------------------+------+
| 355fe894-25cb-43ab-b3d9-8b3589454f07 | default | Default security group | 531738bf10f5448e8e0827460d035762 | [] |
+--------------------------------------+---------+------------------------+----------------------------------+------
#Launch the instance
#1.Launch the instance:
EG:
openstack server create --flavor m1.nano --image cirros \
--nic net-id=PROVIDER_NET_ID --security-group default \
--key-name mykey provider-instance
实际:
#PROVIDER_NET_ID :openstack network list列出来的ID值
openstack server create --flavor m1.nano --image cirros \
--nic net-id=6683301b-a189-40fa-ae51-4efe1bf70db1 --security-group default \
--key-name mykey first-openstack-vm1
+-----------------------------+-----------------------------------------------+
| Field | Value |
+-----------------------------+-----------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | |
| OS-EXT-STS:power_state | NOSTATE |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | None |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | |
| adminPass | p6NDU6v5ywEJ |
| config_drive | |
| created | 2023-07-24T04:53:08Z |
| flavor | m1.nano (0) |
| hostId | |
| id | f314db50-e2b1-43d4-a57a-cafadd4434f5 |
| image | cirros (3fe6bb79-24e6-409f-b55e-c2de374dec27) |
| key_name | mykey |
| name | first-openstack-vm1 |
| progress | 0 |
| project_id | 531738bf10f5448e8e0827460d035762 |
| properties | |
| security_groups | name='355fe894-25cb-43ab-b3d9-8b3589454f07' |
| status | BUILD |
| updated | 2023-07-24T04:53:08Z |
| user_id | 4c949cb8204b4dffa32aa899891cd352 |
| volumes_attached | |
+-----------------------------+-----------------------------------------------+
#2.Check the status of your instance:
openstack server list
+--------------------------------------+---------------------+--------+----------------------------+--------+---------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+---------------------+--------+----------------------------+--------+---------+
| f314db50-e2b1-43d4-a57a-cafadd4434f5 | first-openstack-vm1 | ACTIVE | external-net=192.168.40.61 | cirros | m1.nano |
+--------------------------------------+---------------------+--------+----------------------------+--------+---------+
#Access the instance using the virtual console
#1.Obtain a Virtual Network Computing (VNC) session URL for your instance and access it from a web browser:
示例:openstack console url show provider-instance
openstack console url show first-openstack-vm1
+-------+--------------------------------------------------------------------------------------------------------+
| Field | Value |
+-------+--------------------------------------------------------------------------------------------------------+
| type | novnc |
| url | http://openstack-vip.xks.local:6080/vnc_auto.html?path=%3Ftoken%3D8349cd5a-bbb7-4406-a0e9-0bbbafabc68e |
+-------+--------------------------------------------------------------------------------------------------------+
使用浏览器打开:http://192.168.40.248:6080/vnc_auto.html?path=%3Ftoken%3D8349cd5a-bbb7-4406-a0e9-0bbbafabc68e
启动会有问题需要进行配置参数
node1上:virsh capabilities 查看所支持的 类型选择 不停的选择直到成功拉起镜像
vim /etc/nova/nova.conf
hw_machine_type=x86_64 =pc-i440fx-rhel7.1.0
cpu_mode=host-passthrough
重启nova服务:bash nova-restart.sh
重新创建一个新的vm
openstack server create --flavor m1.nano --image cirros \
--nic net-id=6683301b-a189-40fa-ae51-4efe1bf70db1 --security-group default \
--key-name mykey first-openstack-vm2
openstack console url show first-openstack-vm2
+-------+--------------------------------------------------------------------------------------------------------+
| Field | Value |
+-------+--------------------------------------------------------------------------------------------------------+
| type | novnc |
| url | http://openstack-vip.xks.local:6080/vnc_auto.html?path=%3Ftoken%3D42948a30-dc4c-43c2-ae77-4a82fe0a3059 |
+-------+--------------------------------------------------------------------------------------------------------+
继续访问地址:http://192.168.40.248:6080/vnc_auto.html?path=%3Ftoken%3D42948a30-dc4c-43c2-ae77-4a82fe0a3059
账户密码:cirros/gocubsgo
[root@openstack-controller1 ~]# openstack server list
+--------------------------------------+---------------------+--------+----------------------------+--------+---------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+---------------------+--------+----------------------------+--------+---------+
| 924bca9d-d0c1-493b-a504-de6e62ec4fa5 | first-openstack-vm2 | ACTIVE | external-net=192.168.40.82 | cirros | m1.nano |
+--------------------------------------+---------------------+--------+----------------------------+--------+---------+
#2.Verify access to the provider physical network gateway:
ping -c 4 192.168.40.105
#3.Verify access to the internet:
ping -c 4 www.baidu.com
#Access the instance remotely
#1.Verify connectivity to the instance from the controller node or any host on the provider physical network:
[root@openstack-controller1 ~]# ping -c 4 192.168.40.82
64 bytes from 192.168.40.82: icmp_seq=1 ttl=64 time=0.813 ms
64 bytes from 192.168.40.82: icmp_seq=2 ttl=64 time=0.531 ms
#2.Access your instance using SSH from the controller node or any host on the provider physical network:
[root@openstack-controller1 ~]# ssh cirros@192.168.40.82
The authenticity of host '192.168.40.82 (192.168.40.82)' can't be established.
ECDSA key fingerprint is SHA256:2iipXE7Di5y1cqN0G8xJE0wR2IJeTZ75i7H/iU4dg+Q.
ECDSA key fingerprint is MD5:5e:68:d6:f7:a3:89:32:4b:43:95:ed:37:5f:a1:15:5a.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.40.82' (ECDSA) to the list of known hosts.
cirros@192.168.40.82's password:
$
![]()
浙公网安备 33010602011771号