@
目录
- 前言
- 上传centos镜像
- 创建实例
- 创建外网卡
- 修改安全组规则
- 创建云主机实例
前言
简单创建云主机实例只需要上传一个测试镜像、创建一张外网卡、创建一个实例类型、修改安全组规则即可
注:这里的两条命令是为了解决 虚拟机 环境下的 QEMU模拟器错误 导致云主机无法使用的问题,旧版本先电v2.2不存在此问题,真实服务器请忽略。
## 更改配置文件并重启 nova-compute 服务 [root@compute ~]# crudini --set /etc/nova/nova.conf libvirt virt_type qemu [root@compute ~]# systemctl restart openstack-nova-compute 上传centos镜像
上传一个centos镜像,还可以设置最小启动磁盘与内存等,可以参考文档
ages]# openstack image create --disk-format qcow2 --container-format bare --file ./CentOS_7.2_x86_64_XD.qcow2 centos
[root@controller images]# openstack image create --disk-format qcow2 --container-format bare --file ./CentOS_7.2_x86_64_XD.qcow2 centos +------------------+------------------------------------------------------+ | Field | Value | +------------------+------------------------------------------------------+ | checksum | ea197f4c679b8e1ce34c0aa70ae2a94a | | container_format | bare | | created_at | 2022-04-30T20:53:21Z | | disk_format | qcow2 | | file | /v2/images/2be3f0d5-2090-490c-8b91-84d96912e7c6/file | | id | 2be3f0d5-2090-490c-8b91-84d96912e7c6 | | min_disk | 0 | | min_ram | 0 | | name | centos | | owner | 0635fff1ca6c42ab983e8a05d533eda3 | | protected | False | | schema | /v2/schemas/image | | size | 400752640 | | status | active | | tags | | | updated_at | 2022-04-30T20:53:23Z | | virtual_size | None | | visibility | shared | +------------------+------------------------------------------------------+ 创建实例
创建一个名为test0的实例
openstack flavor create --disk 10 --ram 1024 --vcpu 2 --id 99999 test0
[root@controller ~]# openstack flavor create --disk 10 --ram 1024 --vcpu 2 --id 99999 test0 +----------------------------+-------+ | Field | Value | +----------------------------+-------+ | OS-FLV-DISABLED:disabled | False | | OS-FLV-EXT-DATA:ephemeral | 0 | | disk | 10 | | id | 99999 | | name | test0 | | os-flavor-access:is_public | True | | properties | | | ram | 1024 | | rxtx_factor | 1.0 | | swap | | | vcpus | 2 | +----------------------------+-------+ 创建外网卡
注:若使用 虚拟机 搭建,外部网络类型请选择Flat;若使用 服务器 搭建,外部网络类型请选择VLAN;注意不要重复执行命令,二选一执行。
openstack network create --provider-network-type vlan --provider-physical-network provider network-vlan --provider-segment 200
[root@controller ~]# openstack network create --provider-network-type vlan --provider-physical-network provider ext-net --provider-segment 200 +---------------------------+-----------------------------------------------------------+ | Field | Value | +---------------------------+-----------------------------------------------------------+ | admin_state_up | UP | | availability_zone_hints | | | availability_zones | | | created_at | 2022-04-10T05:02:18Z | | description | | | dns_domain | None | | id | cccedc78-027d-40e9-afbd-708154923ca6 | | ipv4_address_scope | None | | ipv6_address_scope | None | | is_default | False | | is_vlan_transparent | None | | location | cloud='', project.domain_id=, project.domain_name='000000', project.id='1776912d52a7444d8b2d09eb86e8d1d9', project.name='admin', region_name='', zone= | | mtu | 1500 | | name | ext-net | | port_security_enabled | True | | project_id | 1776912d52a7444d8b2d09eb86e8d1d9 | | provider:network_type | vlan | | provider:physical_network | provider | | provider:segmentation_id | 200 | | qos_policy_id | None | | revision_number | 1 | | router:external | Internal | | segments | None | | shared | False | | status | ACTIVE | | subnets | | | tags | | | updated_at | 2022-04-10T05:02:18Z | +---------------------------+-----------------------------------------------------------+ 创建子网
openstack subnet create --network ext-net --allocation-pool start=10.60.3.10,end=10.60.3.200 --gateway 10.60.3.1 --subnet-range 10.60.3.0/24 ext-subnet
[root@controller ~]# openstack subnet list [root@controller ~]# openstack subnet create --network ext-net --allocation-pool start=10.60.3.10,end=10.60.3.200 --gateway 10.60.3.1 --subnet-range 10.60.3.0/24 ext-subnet +-------------------+------------------------------------------------------------------+ | Field | Value | +-------------------+------------------------------------------------------------------+ | allocation_pools | 10.60.3.10-10.60.3.200 | | cidr | 10.60.3.0/24 | | created_at | 2022-04-10T05:03:52Z | | description | | | dns_nameservers | | | enable_dhcp | True | | gateway_ip | 10.60.3.1 | | host_routes | | | id | 69c14fff-de95-440a-bc8e-fe9f43e4b424 | | ip_version | 4 | | ipv6_address_mode | None | | ipv6_ra_mode | None | | location | cloud='', project.domain_id=, project.domain_name='000000', project.id='1776912d52a7444d8b2d09eb86e8d1d9', project.name='admin', region_name='', zone= | | name | ext-subnet | | network_id | cccedc78-027d-40e9-afbd-708154923ca6 | | prefix_length | None | | project_id | 1776912d52a7444d8b2d09eb86e8d1d9 | | revision_number | 0 | | segment_id | None | | service_types | | | subnetpool_id | None | | tags | | | updated_at | 2022-04-10T05:03:52Z | +-------------------+------------------------------------------------------------------+ 修改安全组规则
添加所有的udp、icmp、tcp的出入口
查看安全组id
openstack security group list
[root@controller ~]# openstack security group list +--------------------------------------+---------+------------------------+----------------------------------+ | ID | Name | Description | Project | +--------------------------------------+---------+------------------------+----------------------------------+ | | | 712025d7-6aa6-40e4-9104-4df6706b6697 | default | Default security group | 0635fff1ca6c42ab983e8a05d533eda3 | | +--------------------------------------+---------+------------------------+----------------------------------+ 添加所有ifmp规则入口
openstack security group rule create --protocol icmp --ingress 712025d7-6aa6-40e4-9104-4df6706b6697
[root@controller ~]# openstack security group rule create --protocol icmp --ingress 712025d7-6aa6-40e4-9104-4df6706b6697 +-------------------+--------------------------------------+ | Field | Value | +-------------------+--------------------------------------+ | created_at | 2022-04-30T21:22:54Z | | description | | | direction | ingress | | ether_type | IPv4 | | id | 869e67e5-5571-4c03-a21c-715e3dd51a5c | | name | None | | port_range_max | None | | port_range_min | None | | project_id | 0635fff1ca6c42ab983e8a05d533eda3 | | protocol | icmp | | remote_group_id | None | | remote_ip_prefix | 0.0.0.0/0 | | revision_number | 0 | | security_group_id | 712025d7-6aa6-40e4-9104-4df6706b6697 | | updated_at | 2022-04-30T21:22:54Z | +-------------------+--------------------------------------+ 添加所有icmp规则出口
openstack security group rule create --protocol icmp --egress 712025d7-6aa6-40e4-9104-4df6706b6697
[root@controller ~]# openstack security group rule create --protocol icmp --egress 712025d7-6aa6-40e4-9104-4df6706b6697 +-------------------+--------------------------------------+ | Field | Value | +-------------------+--------------------------------------+ | created_at | 2022-04-30T21:27:42Z | | description | | | direction | egress | | ether_type | IPv4 | | id | ede63376-0eeb-4a6b-9dd9-f3a63418c85b | | name | None | | port_range_max | None | | port_range_min | None | | project_id | 0635fff1ca6c42ab983e8a05d533eda3 | | protocol | icmp | | remote_group_id | None | | remote_ip_prefix | 0.0.0.0/0 | | revision_number | 0 | | security_group_id | 712025d7-6aa6-40e4-9104-4df6706b6697 | | updated_at | 2022-04-30T21:27:42Z | +-------------------+--------------------------------------+ 添加所有udp规则入口
openstack security group rule create --protocol udp --ingress 712025d7-6aa6-40e4-9104-4df6706b6697
添加所有udp规则出口
openstack security group rule create --protocol udp --egress 712025d7-6aa6-40e4-9104-4df6706b6697
添加所有tcp规则入口
openstack security group rule create --protocol tcp --ingress 712025d7-6aa6-40e4-9104-4df6706b6697
添加所有tcp规则出口
openstack security group rule create --protocol tcp --egress 712025d7-6aa6-40e4-9104-4df6706b6697
查看安全组规则
openstack security group rule list 712025d7-6aa6-40e4-9104-4df6706b6697
[root@controller ~]# openstack security group rule list 712025d7-6aa6-40e4-9104-4df6706b6697 +--------------------------------------+-------------+-----------+------------+-----------------------+ | ID | IP Protocol | IP Range | Port Range | Remote Security Group | +--------------------------------------+-------------+-----------+------------+-----------------------+ | 869e67e5-5571-4c03-a21c-715e3dd51a5c | icmp | 0.0.0.0/0 | | None | | 8a91bc8e-c9cd-4bf1-86ae-0c6d9eef67e7 | udp | 0.0.0.0/0 | | None | | b525b93f-ffb6-4b84-be99-fdfd6f0fad75 | tcp | 0.0.0.0/0 | | None | | dfea0691-0903-4cdf-b775-297eb6858f0d | udp | 0.0.0.0/0 | | None | | ede63376-0eeb-4a6b-9dd9-f3a63418c85b | icmp | 0.0.0.0/0 | | None | | f9371589-1b17-4e5b-9f8d-798055cdc662 | tcp | 0.0.0.0/0 | | None | +--------------------------------------+-------------+-----------+------------+-----------------------+ 创建云主机实例
openstack server create --image centos --flavor test0 --network ext-net --security-group 712025d7-6aa6-40e4-9104-4df6706b6697 test
[root@controller ~]# openstack server create --image centos --flavor test0 --network ext-net --security-group 712025d7-6aa6-40e4-9104-4df6706b6697 test +-------------------------------------+-----------------------------------------------+ | Field | Value | +-------------------------------------+-----------------------------------------------+ | OS-DCF:diskConfig | MANUAL | | OS-EXT-AZ:availability_zone | | | OS-EXT-SRV-ATTR:host | None | | OS-EXT-SRV-ATTR:hypervisor_hostname | None | | OS-EXT-SRV-ATTR:instance_name | | | OS-EXT-STS:power_state | NOSTATE | | OS-EXT-STS:task_state | scheduling | | OS-EXT-STS:vm_state | building | | OS-SRV-USG:launched_at | None | | OS-SRV-USG:terminated_at | None | | accessIPv4 | | | accessIPv6 | | | addresses | | | adminPass | QPNdhd27eT9S | | config_drive | | | created | 2022-04-30T21:38:08Z | | flavor | test0 (99999) | | hostId | | | id | 3a8870c8-411a-4674-b075-568dbf7f2bb1 | | image | centos (cc01ec45-6683-4fe1-ab4b-d38ca295d3d0) | | key_name | None | | name | test | | progress | 0 | | project_id | 0635fff1ca6c42ab983e8a05d533eda3 | | properties | | | security_groups | name='712025d7-6aa6-40e4-9104-4df6706b6697' | | status | BUILD | | updated | 2022-04-30T21:38:08Z | | user_id | 71b51689f3e94be4927ed7d96ef6925b | | volumes_attached | | +-------------------------------------+-----------------------------------------------+ 查看并测试
[root@controller ~]# openstack server list +--------------------------------------+------------+--------+--------------------------------------------+--------+--------+ | ID | Name | Status | Networks | Image | Flavor | +--------------------------------------+------------+--------+--------------------------------------------+--------+--------+ | 7ae48fd3-7ec7-4011-af07-1d75bc9578a4 | test | ACTIVE | ext-net=10.60.3.11 | centos | test10 | +--------------------------------------+------------+--------+--------------------------------------------+--------+--------+ [root@controller ~]# ping 10.60.3.11 PING 10.60.3.11 (10.60.3.11) 56(84) bytes of data. 64 bytes from 10.60.3.11: icmp_seq=1 ttl=63 time=0.256 ms 64 bytes from 10.60.3.11: icmp_seq=2 ttl=63 time=0.279 ms 64 bytes from 10.60.3.11: icmp_seq=3 ttl=63 time=0.253 ms 64 bytes from 10.60.3.11: icmp_seq=4 ttl=63 time=0.242 ms 64 bytes from 10.60.3.11: icmp_seq=5 ttl=63 time=0.223 ms 热门文章
- 宠物鸟交易吧(宠物鸟交易平台)
- VPN翻墙免费 | 3月29日21.6M/S|免费SSR/Shadowrocket/Clash/V2ray订阅节点分享
- 动物诊疗许可证申领条件有哪些要求(动物诊疗许可证申领准备材料)
- 给动物打的疫苗是什么意思(给动物打疫苗的官方部门)
- mysqlbinlog 命令解析binlog文件
- 动物注射疫苗最佳的用药方法是什么 动物注射疫苗最佳的用药方法是什么药
- VPN翻墙免费 | 4月12日20.1M/S|免费Clash/Shadowrocket/SSR/V2ray订阅节点分享
- 厦门领养宠物 厦门领养宠物中心
- VPN翻墙免费 | 3月21日19.4M/S|免费Shadowrocket/SSR/V2ray/Clash订阅节点分享
- VPN翻墙免费 | 4月1日22.9M/S|免费SSR/V2ray/Shadowrocket/Clash订阅节点分享