6
OpenStack实战九——创建第一台虚拟机
source link: https://chegva.com/2077.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
OpenStack实战九——创建第一台虚拟机
1. 创建虚拟网络
1.1 创建提供者网络(都在一个网段内)
1.在控制节点上,加载 admin 凭证(需使用admin权限来创建)
[root@linux-node1 ~]# source admin-openstack.sh
2.创建网络
#创建一个物理网卡为public(映射到eth0)的单一扁平网络flat,命名为public-net的 [root@linux-node1 ~]# neutron net-create --shared --provider:physical_network public --provider:network_type flat public-net Created a new network: +---------------------------+--------------------------------------+ | Field | Value | +---------------------------+--------------------------------------+ | admin_state_up | True | | availability_zone_hints | | | availability_zones | | | created_at | 2017-04-08T01:56:49 | | description | | | id | f3006de4-de03-4bec-af7f-40d3791b645e | | ipv4_address_scope | | | ipv6_address_scope | | | mtu | 1500 | | name | public-net #网络名称 | | port_security_enabled | True #端口安全打开 | | provider:network_type | flat #单一扁平网络 | | provider:physical_network | public #物理网卡 | | provider:segmentation_id | | | router:external | False | | shared | True | | status | ACTIVE #状态 | | subnets | | | tags | | | tenant_id | eac1d8e85417450bafe92987e5d56778 | | updated_at | 2017-04-08T01:56:49 | +---------------------------+--------------------------------------+ [root@linux-node1 ~]# openstack project list +----------------------------------+---------+ | ID | Name | +----------------------------------+---------+ | ab47f14a4ccf4f748f84d5100eb30300 | demo | | e5fbb037a631442db95f0f47acc5c576 | service | | eac1d8e85417450bafe92987e5d56778 | admin | +----------------------------------+---------+
3.查看网络
[root@linux-node1 ~]# neutron net-list +--------------------------------------+------------+---------+ | id | name | subnets | +--------------------------------------+------------+---------+ | f3006de4-de03-4bec-af7f-40d3791b645e | public-net | | +--------------------------------------+------------+---------+
4.在网络上创建一个子网
[root@linux-node1 ~]# neutron subnet-create --name public-subnet --allocation-pool start=192.168.56.100,end=192.168.56.200 --dns-nameserver 223.5.5.5 --gateway 192.168.56.2 public-net 192.168.56.0/24 #--name public-subnet:设定子网名称 #--allocation-pool start=192.168.56.100,end=192.168.56.200 #分配的地址池 #public-net 192.168.56.0/24 #提供者网络 Created a new subnet: +-------------------+------------------------------------------------------+ | Field | Value | +-------------------+------------------------------------------------------+ | allocation_pools | {"start": "192.168.56.100", "end": "192.168.56.200"} | | cidr | 192.168.56.0/24 | | created_at | 2017-04-08T02:07:09 | | description | | | dns_nameservers | 223.5.5.5 | | enable_dhcp | True | | gateway_ip | 192.168.56.2 | | host_routes | | | id | 0cf4b0dd-79de-44c4-be7c-ca6d8ee88f09 | | ip_version | 4 | | ipv6_address_mode | | | ipv6_ra_mode | | | name | public-subnet | | network_id | f3006de4-de03-4bec-af7f-40d3791b645e | | subnetpool_id | | | tenant_id | eac1d8e85417450bafe92987e5d56778 | | updated_at | 2017-04-08T02:07:09 | +-------------------+------------------------------------------------------+ [root@linux-node1 ~]# neutron net-list +--------------------------------------+------------+------------------------------------------------------+ | id | name | subnets | +--------------------------------------+------------+------------------------------------------------------+ | f3006de4-de03-4bec-af7f-40d3791b645e | public-net | 0cf4b0dd-79de-44c4-be7c-ca6d8ee88f09 192.168.56.0/24 | +--------------------------------------+------------+------------------------------------------------------+
2. 创建m1.nano规格的主机
2.1 默认的最小规格的主机需要512 MB内存。对于环境中计算节点内存不足4 GB的,我们推荐创建只需要64 MB的m1.nano规格的主机。若单纯为了测试的目的,请使用m1.nano规格的主机来加载CirrOS镜像。
[root@linux-node1 ~]# openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano #内存默认为M(可以改为G),磁盘空间默认为G, +----------------------------+---------+ | Field | Value | +----------------------------+---------+ | OS-FLV-DISABLED:disabled | False | | OS-FLV-EXT-DATA:ephemeral | 0 | | disk | 1 | | id | 0 | | name | m1.nano | | os-flavor-access:is_public | True | | ram | 64 | | rxtx_factor | 1.0 | | swap | | | vcpus | 1 | +----------------------------+---------+
2.2 查看云主机类型规格
[root@linux-node1 ~]# openstack flavor list +----+-----------+-------+------+-----------+-------+-----------+ | ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public | +----+-----------+-------+------+-----------+-------+-----------+ | 0 | m1.nano | 64 | 1 | 0 | 1 | True | | 1 | m1.tiny | 512 | 1 | 0 | 1 | True | | 2 | m1.small | 2048 | 20 | 0 | 1 | True | | 3 | m1.medium | 4096 | 40 | 0 | 2 | True | | 4 | m1.large | 8192 | 80 | 0 | 4 | True | | 5 | m1.xlarge | 16384 | 160 | 0 | 8 | True | +----+-----------+-------+------+-----------+-------+-----------+
3. 生成一个密钥对
3.1 大部分云镜像支持公共密钥认证而不是传统的密码认证。在启动实例前,你必须添加一个公共密钥到计算服务。
1.导入租户
demo的凭证[root@linux-node1 ~]# source demo-openstack.sh
2.生成和添加秘钥对
[root@linux-node1 ~]# ssh-keygen -q -N "" Enter file in which to save the key (/root/.ssh/id_rsa): #创建名称为mykey的openstack密钥对 [root@linux-node1 ~]# openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey +-------------+-------------------------------------------------+ | Field | Value | +-------------+-------------------------------------------------+ | fingerprint | 34:d5:71:98:78:5e:8c:be:fe:d8:e7:ee:4a:32:06:8d | | name | mykey | | user_id | d8a1029948b14dd2b5e7c1b6f43766de | +-------------+-------------------------------------------------+
3.验证公钥的添加
[root@linux-node1 ~]# openstack keypair list +-------+-------------------------------------------------+ | Name | Fingerprint | +-------+-------------------------------------------------+ | mykey | 34:d5:71:98:78:5e:8c:be:fe:d8:e7:ee:4a:32:06:8d | +-------+-------------------------------------------------+
4. 增加安全组规则
4.1 默认情况下, default安全组适用于所有实例并且包括拒绝远程访问实例的防火墙规则。对诸如CirrOS这样的Linux镜像,我们推荐至少允许ICMP (ping) 和安全shell(SSH)规则。
添加规则到 default 安全组
允许 ICMP (ping)
[root@linux-node1 ~]# openstack security group rule create --proto icmp default +-----------------------+--------------------------------------+ | Field | Value | +-----------------------+--------------------------------------+ | id | 491b09f4-d6dd-4a02-a64a-6b245e220a96 | | ip_protocol | icmp | | ip_range | 0.0.0.0/0 | | parent_group_id | f0e5a345-66a0-4b6d-a01d-cbe11888decd | | port_range | | | remote_security_group | | +-----------------------+--------------------------------------+
允许安全 shell (SSH) 的访问
[root@linux-node1 ~]# openstack security group rule create --proto tcp --dst-port 22 default +-----------------------+--------------------------------------+ | Field | Value | +-----------------------+--------------------------------------+ | id | a8824dd3-e2f0-46e9-a602-dcdf4c4e3411 | | ip_protocol | tcp | | ip_range | 0.0.0.0/0 | | parent_group_id | f0e5a345-66a0-4b6d-a01d-cbe11888decd | | port_range | 22:22 | | remote_security_group | | +-----------------------+--------------------------------------+
5. 启动一个实例
5.1 启动一台实例,您必须至少指定一个类型、镜像名称、网络、安全组、密钥和实例名称。
一个实例指定了虚拟机资源的大致分配,包括处理器、内存和存储。
列出可用类型:
[root@linux-node1 ~]# openstack flavor list +----+-----------+-------+------+-----------+-------+-----------+ | ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public | +----+-----------+-------+------+-----------+-------+-----------+ | 0 | m1.nano | 64 | 1 | 0 | 1 | True | | 1 | m1.tiny | 512 | 1 | 0 | 1 | True | | 2 | m1.small | 2048 | 20 | 0 | 1 | True | | 3 | m1.medium | 4096 | 40 | 0 | 2 | True | | 4 | m1.large | 8192 | 80 | 0 | 4 | True | | 5 | m1.xlarge | 16384 | 160 | 0 | 8 | True | +----+-----------+-------+------+-----------+-------+-----------+
列出可用镜像
[root@linux-node1 ~]# openstack image list +--------------------------------------+--------+--------+ | ID | Name | Status | +--------------------------------------+--------+--------+ | 258e0bf5-af6c-466d-9ef1-5f60bfadb39b | cirros | active | +--------------------------------------+--------+--------+
这个实例使用
cirros镜像。列出可用网络
[root@linux-node1 ~]# openstack network list +--------------------------------------+------------+--------------------------------------+ | ID | Name | Subnets | +--------------------------------------+------------+--------------------------------------+ | f3006de4-de03-4bec-af7f-40d3791b645e | public-net | 0cf4b0dd-79de-44c4-be7c-ca6d8ee88f09 | +--------------------------------------+------------+--------------------------------------+
这个实例使用
public-net公有网络。 你必须使用ID而不是名称才可以使用这个网络。列出可用的安全组
[root@linux-node1 ~]# openstack security group list +--------------------------------------+---------+------------------------+----------------------------------+ | ID | Name | Description | Project | +--------------------------------------+---------+------------------------+----------------------------------+ | f0e5a345-66a0-4b6d-a01d-cbe11888decd | default | Default security group | ab47f14a4ccf4f748f84d5100eb30300 | +--------------------------------------+---------+------------------------+----------------------------------+
这个实例使用
default安全组。
5.2 创建实例
创建第一台虚拟机实例
[root@linux-node1 ~]# openstack server create --flavor m1.nano --image cirros --nic net-id=f3006de4-de03-4bec-af7f-40d3791b645e --security-group default --key-name mykey provider-instance +--------------------------------------+-----------------------------------------------+ | Field | Value | +--------------------------------------+-----------------------------------------------+ | OS-DCF:diskConfig | MANUAL | | OS-EXT-AZ:availability_zone | | | OS-EXT-STS:power_state | 0 | | OS-EXT-STS:task_state | scheduling | | OS-EXT-STS:vm_state | building | | OS-SRV-USG:launched_at | None | | OS-SRV-USG:terminated_at | None | | accessIPv4 | | | accessIPv6 | | | addresses | | | adminPass | C6fhKuEPrR5V | | config_drive | | | created | 2017-04-09T08:19:10Z | | flavor | m1.nano (0) | | hostId | | | id | 937e0a08-23eb-4741-877b-077c941033fe | | image | cirros (258e0bf5-af6c-466d-9ef1-5f60bfadb39b) | | key_name | mykey | | name | provider-instance | | os-extended-volumes:volumes_attached | [] | | progress | 0 | | project_id | ab47f14a4ccf4f748f84d5100eb30300 | | properties | | | security_groups | [{u'name': u'default'}] | | status | BUILD | | updated | 2017-04-09T08:19:12Z | | user_id | d8a1029948b14dd2b5e7c1b6f43766de | +--------------------------------------+-----------------------------------------------+
5.3 查看实例的状态
1.查看实例创建状态
[root@linux-node1 ~]# openstack server list +--------------------------------------+-------------------+--------+---------------------------+ | ID | Name | Status | Networks | +--------------------------------------+-------------------+--------+---------------------------+ | 937e0a08-23eb-4741-877b-077c941033fe | provider-instance | ACTIVE | public-net=192.168.56.101 | +--------------------------------------+-------------------+--------+---------------------------+
2.ssh免密钥登录
[root@linux-node1 ~]# ssh [email protected] $ whoami cirros $ pwd /home/cirros
3.验证能否连接到互联网
$ ping -c 4 openstack.org PING openstack.org (162.242.140.107): 56 data bytes 64 bytes from 162.242.140.107: seq=0 ttl=128 time=196.063 ms 64 bytes from 162.242.140.107: seq=1 ttl=128 time=193.008 ms 64 bytes from 162.242.140.107: seq=2 ttl=128 time=194.733 ms 64 bytes from 162.242.140.107: seq=3 ttl=128 time=193.844 ms
5.4 使用虚拟控制台访问实例
1.获取你实例的
Virtual Network Computing (VNC)会话URL并从web浏览器访问它[root@linux-node1 ~]# openstack console url show provider-instance +-------+------------------------------------------------------------------------------------+ | Field | Value | +-------+------------------------------------------------------------------------------------+ | type | novnc | | url | http://192.168.56.11:6080/vnc_auto.html?token=d7c8a19c-8c52-48ae-849c-cc9e49b35aa2 | +-------+------------------------------------------------------------------------------------+ [root@linux-node1 ~]# lsof -i:6080 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME nova-novn 1073 nova 4u IPv4 21051 0t0 TCP *:6080 (LISTEN) nova-novn 8662 nova 4u IPv4 21051 0t0 TCP *:6080 (LISTEN) nova-novn 8662 nova 5u IPv4 42909 0t0 TCP linux-node1.example.com:6080->192.168.56.1:12477 (ESTABLISHED) nova-novn 8663 nova 4u IPv4 21051 0t0 TCP *:6080 (LISTEN) nova-novn 8663 nova 5u IPv4 42910 0t0 TCP linux-node1.example.com:6080->192.168.56.1:12478 (ESTABLISHED) nova-novn 8664 nova 4u IPv4 21051 0t0 TCP *:6080 (LISTEN) nova-novn 8664 nova 5u IPv4 42911 0t0 TCP linux-node1.example.com:6080->192.168.56.1:12483 (ESTABLISHED) nova-novn 8665 nova 4u IPv4 21051 0t0 TCP *:6080 (LISTEN) nova-novn 8665 nova 5u IPv4 42912 0t0 TCP linux-node1.example.com:6080->192.168.56.1:12484 (ESTABLISHED) nova-novn 8666 nova 4u IPv4 21051 0t0 TCP *:6080 (LISTEN) nova-novn 8666 nova 5u IPv4 42913 0t0 TCP linux-node1.example.com:6080->192.168.56.1:12485 (ESTABLISHED)
2.用浏览打开url操作虚机(需浏览器支持html5)
安志合个人博客,版权所有丨 如未注明,均为原创 丨转载请注明转自:https://chegva.com/2077.html | ☆★★每天进步一点点,加油!★★☆Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK