一、实例创建(这也就是我们购买云主机的步骤)
### --- 实例创建(这也就是我们购买云主机的步骤)~~~ 创建秘钥对:提供一个密钥对的认证方式,是可选选项,也是可以自动识别的
~~~ 启动一个实例:也就是启动一台虚拟机
~~~ 通过虚拟控制台访问你的实例:通过虚拟控制台的方式访问我们的实例
~~~ 远程访问你的实例:通过IP地址添加一个浮动IP的方式去访问实例
~~~ 为你的实例添加额外云硬盘:添加云硬盘,挂载一个块存储,再往云硬盘中写入数据。二、代码构建OpenStack Launch an instance(openstack-controller节点操作)
### --- 利用OpenStack Networking(neutron)启动一个实例~~~ 创建秘钥对
~~~ 启动一个实例
~~~ 通过虚拟控制台访问你的实例
~~~ 远程访问你的实例
~~~ 为你的实例添加额外的云硬盘一、创建密钥对
### --- 大多数云镜像使用公钥认证,这有别于传统的用户名/密码认证,
~~~ 在启动一个实例之前,你必须使用ssh-keygen命令生成一个密钥对。
~~~ 并将公钥添加到你的OpenStack环境。
### --- 执行demo-openrc.sh[root@controller ~]# source demo-openrc.sh### --- 生成秘钥对[root@controller ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
69:3f:50:79:c8:69:72:09:78:c7:c9:88:13:32:f8:5f root@controller.nice.com
The key's randomart image is:
+--[ RSA 2048]----+
| .o .+.+ . |
| . o+ oo== |
| . o..X . |
| . E* . |
| . .S |
| .. o |
| o |
| . |
| |
+-----------------+### --- 添加公钥到OpenStack环境中,名称为demo-key[root@controller ~]# nova keypair-add --pub-key ~/.ssh/id_rsa.pub demo-key### --- 验证公钥是否添加成功[root@controller ~]# nova keypair-list
+----------+-------------------------------------------------+
| Name | Fingerprint |
+----------+-------------------------------------------------+
| demo-key | 69:3f:50:79:c8:69:72:09:78:c7:c9:88:13:32:f8:5f |
+----------+-------------------------------------------------+二、启动一个实例
~~~ 要启动一个实例,你必须最少指定flavor(云主机类型),image name(镜像名),
~~~ network(网络),security group(安全组),key(秘钥)和instance name(实例名)
### --- flavor用来指定一个虚拟的独立分派的资源,包括CPU,内存和存储。
~~~ 查看可用的flavor:默认给我们的云主机的类型:内存大小,磁盘大小都有说明[root@controller ~]# nova flavor-list //创建云主机的类型,默认提供5种类型,true为可用状态
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+
| ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+
| 1 | m1.tiny | 512 | 1 | 0 | | 1 | 1.0 | True |
| 2 | m1.small | 2048 | 20 | 0 | | 1 | 1.0 | True |
| 3 | m1.medium | 4096 | 40 | 0 | | 2 | 1.0 | True |
| 4 | m1.large | 8192 | 80 | 0 | | 4 | 1.0 | True |
| 5 | m1.xlarge | 16384 | 160 | 0 | | 8 | 1.0 | True |
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+### --- 列出可用的镜像:也可以在centos官方下载云主机版本,会提供。[root@controller ~]# nova image-list //可用我active状态
+--------------------------------------+---------------------+--------+--------+
| ID | Name | Status | Server |
+--------------------------------------+---------------------+--------+--------+
| 9254729e-15b4-4315-b396-3f3e2e5b339f | cirros-0.3.3-x86_64 | ACTIVE | |
+--------------------------------------+---------------------+--------+--------+### --- 列出可用的网络:[root@controller ~]# neutron net-list //demo-net,ext-net两种类型
+--------------------------------------+----------+-------------------------------------------------------+
| id | name | subnets |
+--------------------------------------+----------+-------------------------------------------------------+
| 594c06f8-09a3-4d37-b5aa-a6f250356332 | demo-net | 33b3861c-9dfc-4768-b226-ccd5e85577f9 192.168.2.0/24 |
| 128ca157-22e0-4ef1-86af-c326e510ef89 | ext-net | d81339e0-4025-454c-b858-0815d2730255 100.100.100.0/24 |
+--------------------------------------+----------+-------------------------------------------------------+### --- 列出可用的安全组 //列出安全组,安全组是默认的,什么都没有放,为default[root@controller ~]# nova secgroup-list
+--------------------------------------+---------+-------------+
| Id | Name | Description |
+--------------------------------------+---------+-------------+
| d1b78447-b8a0-4cb0-9972-62297f36142d | default | default |
+--------------------------------------+---------+-------------+### --- 启动实例:
~~~ DEMO_NET_ID:网络的demo-net的ID号
~~~ --security-group defult:指定安全组为defult
~~~ --key-name demo-key:秘钥为demo-key
~~~ demo-instance1:实例名词为demo-instance1
nova boot --flavor m1.tiny --image cirros-0.3.3-x86_64 --nic net-id=DEMO_NET_ID --security-group default --key-name demo-key demo-instance1
~~~ 例如:nova boot --flavor m1.tiny --image cirros-0.3.3-x86_64 --nic net-id=d36f6eb0-e59a-42b9-9209-5547e022484b --security-group default --key-name demo-key demo-instancel[root@controller ~]# nova boot --flavor m1.tiny --image cirros-0.3.3-x86_64 --nic net-id=594c06f8-09a3-4d37-b5aa-a6f250356332 --security-group default --key-name demo-key demo-instance1
+--------------------------------------+------------------------------------------------------------+
| Property | Value |
+--------------------------------------+------------------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | nova |
| OS-EXT-STS:power_state | 0 |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | - |
| OS-SRV-USG:terminated_at | - |
| accessIPv4 | |
| accessIPv6 | |
| adminPass | Mr8CH7Z6Jgdn |
| config_drive | |
| created | 2021-01-11T21:27:08Z |
| flavor | m1.tiny (1) |
| hostId | |
| id | 5be7195f-6d95-48be-97f6-b6b5c73d52a9 |
| image | cirros-0.3.3-x86_64 (9254729e-15b4-4315-b396-3f3e2e5b339f) |
| key_name | demo-key |
| metadata | {} |
| name | demo-instance1 |
| os-extended-volumes:volumes_attached | [] |
| progress | 0 |
| security_groups | default |
| status | BUILD |
| tenant_id | 5f158b7cfb7448d18921158f9c92918f |
| updated | 2021-01-11T21:27:08Z |
| user_id | a98a737625214eadb3e19a80bc6f4011 |
+--------------------------------------+------------------------------------------------------------+### --- 查看实例状态:若状态为BUTLD;NOSTATE孵化中,等一会查看会为ACTIVE;Running状态;
~~~ 表示已经运行成功;因为是需要进行虚拟机系统的安装,所以是比较慢的,[root@controller ~]# nova list
+--------------------------------------+----------------+--------+------------+-------------+----------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+----------------+--------+------------+-------------+----------------------+
| 5be7195f-6d95-48be-97f6-b6b5c73d52a9 | demo-instance1 | ACTIVE | - | Running | demo-net=192.168.2.2 |
+--------------------------------------+----------------+--------+------------+-------------+----------------------+三、通过虚拟控制台访问你的实例
### --- 获取用于访问你的实例的Virtual Network Computing(VNC)会话URL,并通过浏览器访问:
~~~ 确保你的客户端能够解析controller节点的FQDN名。
~~~ 通过Chrome浏览器访问实例VNC的地址:http://controller.nice.com:6080/vnc_auto.html?token=52e51b7a-f376-49b4-b083-974fe087f0ec
~~~ get-vnc查看一下VNC的访问地址[root@controller ~]# nova get-vnc-console demo-instance1 novnc
+-------+------------------------------------------------------------------------------------------+
| Type | Url |
+-------+------------------------------------------------------------------------------------------+
| novnc | http://controller.nice.com:6080/vnc_auto.html?token=52e51b7a-f376-49b4-b083-974fe087f0ec |
+-------+------------------------------------------------------------------------------------------+
### --- 确认能够连接demo-net租户网络的网关
$ ping -t4 192.168.2.2### --- 确认能够连接ext-net外部网络
$ ping -t 192.168.2.2四、远程访问你的实例(通过SSH去连接实例主机)
### --- 添加规则到名为default的安全组:(
~~~ 放在你所有的虚拟机租户的虚拟机之前的,定义为安全组;可能有很多个安全组,
~~~ 不同的主机会连接到不通的安全组上,需要指定
~~~ 连接ssh协议的时候需要放行安全组,安全组相当于防火墙规则,
~~~ 若想ping的话需要放行ICMP协议。
~~~ 允许ICMP协议(ping):
~~~ secgroup-add-rule default:default规则
~~~ icmp:icmp协议
~~~ -1-1:端口,-1代表没有
~~~ 10.0.0.0/0:连接地址[root@controller ~]# nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| icmp | -1 | -1 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+~~~ 允许ssh协议:[root@controller ~]# nova secgroup-add-rule default tcp 22 22 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| tcp | 22 | 22 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+### --- 在ext-net外部网络创建一个浮动IP地址:
~~~ 申请到了公网IP地址为:100.100.100.13[root@controller ~]# neutron floatingip-create ext-net
Created a new floatingip:
+---------------------+--------------------------------------+
| Field | Value |
+---------------------+--------------------------------------+
| fixed_ip_address | |
| floating_ip_address | 100.100.100.13 |
| floating_network_id | 128ca157-22e0-4ef1-86af-c326e510ef89 |
| id | 632dc0d7-66e1-4f95-8138-7a4708aca86d |
| port_id | |
| router_id | |
| status | DOWN |
| tenant_id | 5f158b7cfb7448d18921158f9c92918f |
+---------------------+--------------------------------------+### --- 分配浮动IP地址到你的实例:
~~~ 绑定的实例名称为demo-instance1
~~~ 绑定的地址为:100.100.100.13浮动IP地址为100.100.100.13[root@controller ~]# nova floating-ip-associate demo-instance1 100.100.100.13### --- 检查你的浮动IP地址状态:
~~~ 查看到绑定的公网地址为:demo-net=192.168.2.2, 100.100.100.13 [root@controller ~]# nova list
+--------------------------------------+----------------+--------+------------+-------------+--------------------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+----------------+--------+------------+-------------+--------------------------------------+
| 5be7195f-6d95-48be-97f6-b6b5c73d52a9 | demo-instance1 | ACTIVE | - | Running | demo-net=192.168.2.2, 100.100.100.13 |
+--------------------------------------+----------------+--------+------------+-------------+--------------------------------------+### --- 从任何一个可以和ext-net网络通讯的主机测试连通性(本地通过cmd窗口ping)ping -t4 100.100.100.13### --- 从任何一个可以和ext-net网络通讯的主机上通过ssh访问实例
~~~ (模拟的是公网地址,此刻相当于公网连接状态)[root@localhostr ~]# ssh cirros@100.100.100.13 // 实例内操作:100.100.100.13
[root@localhostr ~]# $ sudo fdisk -l // 现在是没有任何的其它磁盘,Device Boot Start End Blocks Id System
/dev/vda1 * 16065 2088449 1036192+ 83 Linux~~~ 或将私钥文件复制到外部客户端,通过秘钥对验证登录[root@localhostr ~]# ssh -i id_rsa cirros@100.100.100.13五、为你的实例添加额外的云硬盘并创建文件系统/并格式化/挂载/写入文件:
### --- 为你的实例添加额外的云硬盘并创建文件系统/并格式化/挂载/写入文件:
~~~ (把实例的云盘绑定过来)(在openstack-controller节点执行)[root@localhostr ~]# 如果你的环境中包含块存储服务,则你可以为你的实例添加云硬盘,
[root@localhostr ~]# 执行demo环境变量脚本
[root@controller ~]# source demo-openrc.sh### --- 列出卷:列出可用云盘[root@controller ~]# nova volume-list
+--------------------------------------+-----------+--------------+------+-------------+-------------+
| ID | Status | Display Name | Size | Volume Type | Attached to |
+--------------------------------------+-----------+--------------+------+-------------+-------------+
| cecefa8d-68dd-4610-a211-4bb4fa9542b0 | available | demo-volume1 | 1 | None | |
+--------------------------------------+-----------+--------------+------+-------------+-------------+### --- 附加demo-volume1卷到demo-instance1实例:
~~~ 可用云盘和实例进行绑定,通过可用云盘的ID号执行
~~~ volume-attach:可用云盘:volume-attach
~~~ demo-instance1 :实例名称
~~~ cecefa8d-68dd-4610-a211-4bb4fa9542b0:云盘的ID号[root@controller ~]# nova volume-list
+--------------------------------------+-----------+--------------+------+-------------+-------------+
| ID | Status | Display Name | Size | Volume Type | Attached to |
+--------------------------------------+-----------+--------------+------+-------------+-------------+
| cecefa8d-68dd-4610-a211-4bb4fa9542b0 | available | demo-volume1 | 1 | None | |
+--------------------------------------+-----------+--------------+------+-------------+-------------+[root@controller ~]# nova volume-attach demo-instance1 cecefa8d-68dd-4610-a211-4bb4fa9542b0
+----------+--------------------------------------+
| Property | Value |
+----------+--------------------------------------+
| device | /dev/vdb |
| id | cecefa8d-68dd-4610-a211-4bb4fa9542b0 |
| serverId | 5be7195f-6d95-48be-97f6-b6b5c73d52a9 |
| volumeId | cecefa8d-68dd-4610-a211-4bb4fa9542b0 |
+----------+--------------------------------------+### --- 列出卷
~~~ Accached to:查看到已经与一个实例进行了绑定:此处的ID号是虚拟机实例的ID号[root@controller ~]# nova volume-list
+--------------------------------------+--------+--------------+------+-------------+--------------------------------------+
| ID | Status | Display Name | Size | Volume Type | Attached to |
+--------------------------------------+--------+--------------+------+-------------+--------------------------------------+
| cecefa8d-68dd-4610-a211-4bb4fa9542b0 | in-use | demo-volume1 | 1 | None | 5be7195f-6d95-48be-97f6-b6b5c73d52a9 |
+--------------------------------------+--------+--------------+------+-------------+--------------------------------------+
