OpenStack 是一种开源解决方案,使公司能够在尽可能短的时间内部署资源,类似于商用云环境。该解决方案的开发是在Openstack基础上进行的。 Openstack 能够控制大量计算、网络和存储资源,所有这些资源都通过 API 或仪表板进行管理。
如果您有兴趣构建基础设施即服务 (IaaS) 平台(包括私有云和公共云),OpenStack 是您应该考虑的解决方案。它配备了一个仪表板(Horizon),使管理员能够控制系统,同时使最终用户和租户能够通过 Web 界面配置资源。命令行界面和 REST API 还可用于管理和资源配置。
在本文中,我们将使用 Packstack 来安装 OpenStack 云平台。这只能用于开发并向潜在客户演示 OpenStack 的功能。不建议使用Packstack部署Production OpenStack云平台。对于此类应用程序,请考虑其他解决方案,例如 TripleO、Kolla-ansible、OpenStack Charms、OpenStack Kayobe、Mirantis Fuel、Red Hat OpenStack 或此类规模的任何其他解决方案。
在 Rocky Linux/AlmaLinux 8 上使用 Packstack 安装 OpenStack
Packstack 是一个命令行工具,它使用 Puppet 模块通过 SSH 自动在多个预安装的服务器上部署 OpenStack 的各个部分。它仅支持在基于 RHEL 的系统上部署 OpenStack,即 CentOS、Red Hat Enterprise Linux (RHEL)、Rocky Linux、AlmaLinux 等。
对于此设置,我们使用具有以下硬件规格的服务器。
CPU: Intel(R) Core(TM) i7-8700 CPU @ 3.20GHz (12 Cores)
Memory: 128GB RAM
Disk: 2 x 1TB SSD
Network: 1Gbit
IPV4 Adresses: 1 x IPV4 + /27 Subnet (30 IPs)您有责任在系统上安装 OpenStack 之前在服务器上安装操作系统。
第 1 步:更新系统并设置主机名
建议在服务器上设置正确的主机名。
sudo hostnamectl set-hostname openstack-node.example.com确保本地名称解析在您的服务器上正常运行。如果您的基础设施中有可用的 DNS 服务器,还可以考虑添加 A 记录。如果没有 DNS 服务器,则可以将设置映射到 hosts 文件中。
$ sudo vi /etc/hosts
192.168.10.11 openstack-node.example.com禁用 SELinux:
sudo setenforce 0
sudo sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config如果您在 Rocky Linux 8/AlmaLinux 8 上执行安装,请执行以下额外步骤:
# Disable Firewalld
sudo systemctl disable firewalld
sudo systemctl stop firewalld
# Install network-scripts package
sudo dnf install network-scripts -y
# Disable NetworkManager
sudo systemctl disable NetworkManager
sudo systemctl stop NetworkManager
# Start Network Service
sudo systemctl enable network
sudo systemctl start network使用以下命令更新您的操作系统软件包:
sudo dnf update -y成功升级后重新启动是一个不错的选择。
sudo reboot步骤 2:配置 OpenStack Yoga YUM 存储库
截至本文更新时,最新的 OpenStack 版本是 Yoga。如果您需要有关此 OpenStack 版本的更多详细信息,请参阅其官方文档。
sudo dnf -y install https://repos.fedorapeople.org/repos/openstack/openstack-yoga/rdo-release-yoga-1.el8.noarch.rpm确认存储库已添加并可在系统上使用。
$ sudo dnf repolist
repo id repo name
advanced-virtualization CentOS-8 - Advanced Virtualization
appstream Rocky Linux 8 - AppStream
baseos Rocky Linux 8 - BaseOS
centos-nfv-openvswitch CentOS-8 - NFV OpenvSwitch
centos-rabbitmq-38 CentOS-8 - RabbitMQ 38
ceph-pacific CentOS-8 - Ceph Pacific
extras Rocky Linux 8 - Extras
openstack-yoga OpenStack Yoga Repository让我们将系统上的所有软件包更新到存储库上的最新版本。
sudo dnf update -y第 3 步:安装 Packstack 包/生成答案文件
启用 PowerTools/CRB 存储库:
sudo dnf config-manager --enable powertools安装由 openstack-packstack 包提供的 packstack。
sudo dnf install -y openstack-packstack通过查询版本确认安装成功。
$ packstack --version
packstack 20.0.0命令选项:
$ packstack --help如果您需要在 Rocky Linux 9/Rocky Linux 8 上自定义安装 OpenStack,请生成 answers 文件,该文件定义修改 OpenStack 服务安装的变量。
sudo packstack --os-neutron-ml2-tenant-network-types=vxlan
--os-neutron-l2-agent=openvswitch
--os-neutron-ml2-type-drivers=vxlan,flat
--os-neutron-ml2-mechanism-drivers=openvswitch
--keystone-admin-passwd=StrongAdminPassword
--nova-libvirt-virt-type=kvm
--provision-demo=n
--cinder-volumes-create=n
--os-heat-install=y
--os-swift-install=n
--os-horizon-install=y
--gen-answer-file /root/answers.txt设置 Keystone/admin 用户密码 --keystone-admin-passwd。如果您没有额外的 Cinder 存储空间,您可以通过 cinder-volumes-create=y 对卷组使用循环设备,但性能不会很好。以上是标准设置,但您可以传递适合您所需部署的任意多个选项。
您可以修改生成的答案文件以添加更多选项。
sudo vi /root/answers.txt步骤 4:使用 Packstack 安装 OpenStack
最简单的方法是使用默认参数和设置进行部署,这会将主机配置为控制器和计算。
#Disable the demo provisioning
sudo packstack --allinone --provision-demo=n
# With Demo
sudo packstack --allinone如果您使用答案文件中的内容,请使用以下命令启动 OpenStack 部署:
sudo packstack --answer-file /root/answers.txt从部署中提取的示例安装输出:
Welcome to the Packstack setup utility
The installation log file is available at: /var/tmp/packstack/20220905-230443-accvjfxd/openstack-setup.log
Installing:
Clean Up [ DONE ]
Discovering ip protocol version [ DONE ]
Setting up ssh keys [ DONE ]
Preparing servers [ DONE ]
Pre installing Puppet and discovering hosts' details [ DONE ]
Preparing pre-install entries [ DONE ]
Setting up CACERT [ DONE ]
Preparing AMQP entries [ DONE ]
Preparing MariaDB entries [ DONE ]
Fixing Keystone LDAP config parameters to be undef if empty[ DONE ]
Preparing Keystone entries [ DONE ]
Preparing Glance entries [ DONE ]
Checking if the Cinder server has a cinder-volumes vg[ DONE ]
Preparing Cinder entries [ DONE ]
Preparing Nova API entries [ DONE ]
Creating ssh keys for Nova migration [ DONE ]
Gathering ssh host keys for Nova migration [ DONE ]
Preparing Nova Compute entries [ DONE ]
Preparing Nova Scheduler entries [ DONE ]
Preparing Nova VNC Proxy entries [ DONE ]
Preparing OpenStack Network-related Nova entries [ DONE ]
Preparing Nova Common entries [ DONE ]
Preparing Neutron API entries [ DONE ]
Preparing Neutron L3 entries [ DONE ]
Preparing Neutron L2 Agent entries [ DONE ]
Preparing Neutron DHCP Agent entries [ DONE ]
Preparing Neutron Metering Agent entries [ DONE ]
Checking if NetworkManager is enabled and running [ DONE ]
Preparing OpenStack Client entries [ DONE ]
Preparing Horizon entries [ DONE ]
Preparing Swift builder entries [ DONE ]
Preparing Swift proxy entries [ DONE ]
Preparing Swift storage entries [ DONE ]
Preparing Gnocchi entries [ DONE ]
Preparing Redis entries [ DONE ]
Preparing Ceilometer entries [ DONE ]
Preparing Aodh entries [ DONE ]
Preparing Puppet manifests [ DONE ]
Copying Puppet modules and manifests [ DONE ]
Applying 192.168.200.5_controller.pp
192.168.200.5_controller.pp: [ DONE ]
Applying 192.168.200.5_network.pp
192.168.200.5_network.pp: [ DONE ]
Applying 192.168.200.5_compute.pp
192.168.200.5_compute.pp: [ DONE ]
Applying 192.168.200.5_controller_post.pp
192.168.200.5_controller_post.pp: [ DONE ]
Applying Puppet manifests [ DONE ]
Finalizing [ DONE ]第 5 步:从 CLI/Horizon 仪表板访问 OpenStack
成功安装后,可以使用 openstack CLI 工具或 Web 仪表板管理 OpenStack。记下屏幕上打印的访问详细信息。
Additional information:
* Parameter CONFIG_NEUTRON_L2_AGENT: You have chosen OVN Neutron backend. Note that this backend does not support the VPNaaS plugin. Geneve will be used as the encapsulation method for tenant networks
* A new answerfile was created in: /root/packstack-answers-20220906-132920.txt
* Time synchronization installation was skipped. Please note that unsynchronized time on server instances might be problem for some OpenStack components.
* File /root/keystonerc_admin has been created on OpenStack client host 192.168.200.5. To use the command line tools you need to source the file.
* To access the OpenStack Dashboard browse to http://192.168.200.5/dashboard .
Please, find your login credentials stored in the keystonerc_admin in your home directory.
* Because of the kernel update the host 192.168.200.5 requires reboot.
* The installation log file is available at: /var/tmp/packstack/20220906-132920-0dgh5hr3/openstack-setup.log
* The generated manifests are available at: /var/tmp/packstack/20220906-132920-0dgh5hr3/manifests源 keystonerc_admin 文件:
sudo -i
source ~/keystonerc_admin使用下面共享的命令列出 OpenStack 服务:
$ openstack service list
+----------------------------------+-----------+--------------+
| ID | Name | Type |
+----------------------------------+-----------+--------------+
| 30b78dc06b9f4aa0ad5239e656d33f46 | cinderv3 | volumev3 |
| 324eeb0f88e2474786f00ff5d5d64819 | aodh | alarming |
| 39c6ce97e8994234b6e42a9f34e8001e | neutron | network |
| 3ec7e0dc135c41cc81651f5bee276a03 | keystone | identity |
| 7da8184e096a440b810602d4cc5e964b | glance | image |
| 907720359882414c90cbdce33d2dcac8 | gnocchi | metric |
| 9b99c9f02cc345ce8d71635a5519113f | placement | placement |
| c8f1c94982a64146897307dd8e3c8af8 | swift | object-store |
| f856abaa681746f0b5bab1c0a8ec7365 | nova | compute |
+----------------------------------+-----------+--------------+要访问 Horizon Dashboard,请使用 URL:http://ServerIPAddress/dashboard。在 cat ~/keystonerc_admin 中使用 admin 用户名和 Keystone 管理员密码登录
第 6 步:配置 Neutron 网络
检查服务器上的主接口:
$ ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether f2:37:74:a4:77:ae brd ff:ff:ff:ff:ff:ff
inet 192.168.200.5/24 brd 192.168.200.255 scope global ens18
valid_lft forever preferred_lft forever
inet6 fe80::f037:74ff:fea4:77ae/64 scope link
valid_lft forever preferred_lft forever
3: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 26:65:55:60:5b:aa brd ff:ff:ff:ff:ff:ff
4: br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether 96:12:ae:de:e9:40 brd ff:ff:ff:ff:ff:ff
inet6 fe80::9412:aeff:fede:e940/64 scope link
valid_lft forever preferred_lft forever
5: br-int: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether b2:bd:04:aa:2a:ae brd ff:ff:ff:ff:ff:ff将您的主接口网络配置迁移到网桥。这些是我的服务器上更新的网络配置。
$ sudo vi /etc/sysconfig/network-scripts/ifcfg-ens18
DEVICE=ens18
ONBOOT=yes
TYPE=OVSPort
DEVICETYPE=ovs
OVS_BRIDGE=br-ex
$ sudo vi /etc/sysconfig/network-scripts/ifcfg-br-ex
DEVICE=br-ex
BOOTPROTO=none
ONBOOT=yes
TYPE=OVSBridge
DEVICETYPE=ovs
USERCTL=yes
PEERDNS=yes
IPV6INIT=no
IPADDR=192.168.200.5
NETMASK=255.255.255.0
GATEWAY=192.168.200.1
DNS1=192.168.200.1更新网络配置后,创建 OVS 网桥并添加接口。
sudo ovs-vsctl add-port br-ex ens18进行更改后重新启动以确认设置正确:
sudo reboot由于 NetworkManager 服务已禁用,因此无法使用它来管理网络配置。使用network.service重新启动网络服务。
sudo systemctl restart network.service确认IP地址信息。
$ ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master ovs-system state UP group default qlen 1000
link/ether f2:37:74:a4:77:ae brd ff:ff:ff:ff:ff:ff
inet6 fe80::f037:74ff:fea4:77ae/64 scope link
valid_lft forever preferred_lft forever
3: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 02:ab:a7:4f:0a:9d brd ff:ff:ff:ff:ff:ff
4: br-int: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether b2:bd:04:aa:2a:ae brd ff:ff:ff:ff:ff:ff
5: br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether 02:86:4d:4d:c0:40 brd ff:ff:ff:ff:ff:ff
inet 192.168.200.5/24 brd 192.168.200.255 scope global br-ex
valid_lft forever preferred_lft forever
inet6 fe80::86:4dff:fe4d:c040/64 scope link
valid_lft forever preferred_lft forever在 OpenStack 上创建专用网络。
$ openstack network create private
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2022-09-06T12:03:11Z |
| description | |
| dns_domain | None |
| id | 6b311b90-3ee3-4ad8-a746-853d3952fabe |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| is_default | False |
| is_vlan_transparent | None |
| mtu | 1442 |
| name | private |
| port_security_enabled | True |
| project_id | 8b20c86cf35943af8a17cb1805ea52d1 |
| provider:network_type | geneve |
| provider:physical_network | None |
| provider:segmentation_id | 11 |
| qos_policy_id | None |
| revision_number | 1 |
| router:external | Internal |
| segments | None |
| shared | False |
| status | ACTIVE |
| subnets | |
| tags | |
| updated_at | 2022-09-06T12:03:11Z |
+---------------------------+--------------------------------------+为专用网络创建子网:
$ openstack subnet create --network private --allocation-pool
start=172.20.20.50,end=172.20.20.200
--dns-nameserver 8.8.8.8 --dns-nameserver 8.8.4.4
--subnet-range 172.20.20.0/24 private_subnet
+----------------------+--------------------------------------+
| Field | Value |
+----------------------+--------------------------------------+
| allocation_pools | 172.20.20.50-172.20.20.200 |
| cidr | 172.20.20.0/24 |
| created_at | 2022-09-06T12:04:27Z |
| description | |
| dns_nameservers | 8.8.4.4, 8.8.8.8 |
| dns_publish_fixed_ip | None |
| enable_dhcp | True |
| gateway_ip | 172.20.20.1 |
| host_routes | |
| id | b5983809-f905-4419-b995-91ec3e22b401 |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| name | private_subnet |
| network_id | 6b311b90-3ee3-4ad8-a746-853d3952fabe |
| project_id | 8b20c86cf35943af8a17cb1805ea52d1 |
| revision_number | 0 |
| segment_id | None |
| service_types | |
| subnetpool_id | None |
| tags | |
| updated_at | 2022-09-06T12:04:27Z |
+----------------------+--------------------------------------+创建公共网络:
$ openstack network create --provider-network-type flat
--provider-physical-network extnet
--external public
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2022-09-06T12:05:27Z |
| description | |
| dns_domain | None |
| id | 81ef07c8-9925-46e4-a1b8-25d860ef32bc |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| is_default | False |
| is_vlan_transparent | None |
| mtu | 1500 |
| name | public |
| port_security_enabled | True |
| project_id | 8b20c86cf35943af8a17cb1805ea52d1 |
| provider:network_type | flat |
| provider:physical_network | extnet |
| provider:segmentation_id | None |
| qos_policy_id | None |
| revision_number | 1 |
| router:external | External |
| segments | None |
| shared | False |
| status | ACTIVE |
| subnets | |
| tags | |
| updated_at | 2022-09-06T12:05:27Z |
+---------------------------+--------------------------------------+定义公共网络的子网。它可能是一个实际的公共 IP 网络。
$ openstack subnet create --network public --allocation-pool
start=192.168.200.10,end=192.168.200.200 --no-dhcp
--subnet-range 192.168.200.0/24 public_subnet
+----------------------+--------------------------------------+
| Field | Value |
+----------------------+--------------------------------------+
| allocation_pools | 192.168.200.10-192.168.200.200 |
| cidr | 192.168.200.0/24 |
| created_at | 2022-09-06T12:07:51Z |
| description | |
| dns_nameservers | |
| dns_publish_fixed_ip | None |
| enable_dhcp | False |
| gateway_ip | 192.168.200.1 |
| host_routes | |
| id | 7ee4595b-50cf-4074-9fa8-339376c4a71a |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| name | public_subnet |
| network_id | 81ef07c8-9925-46e4-a1b8-25d860ef32bc |
| project_id | 8b20c86cf35943af8a17cb1805ea52d1 |
| revision_number | 0 |
| segment_id | None |
| service_types | |
| subnetpool_id | None |
| tags | |
| updated_at | 2022-09-06T12:07:51Z |
+----------------------+--------------------------------------+创建一个连接公共子网和私有子网的路由器。
$ openstack router create private_router
+-------------------------+--------------------------------------+
| Field | Value |
+-------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2022-09-06T12:08:21Z |
| description | |
| external_gateway_info | null |
| flavor_id | None |
| id | dfc365da-ab4e-484a-91bb-c2727627d448 |
| name | private_router |
| project_id | 8b20c86cf35943af8a17cb1805ea52d1 |
| revision_number | 0 |
| routes | |
| status | ACTIVE |
| tags | |
| updated_at | 2022-09-06T12:08:21Z |
+-------------------------+--------------------------------------+在路由器上将外部网关设置为公网。
openstack router set --external-gateway public private_router将专用网络连接到路由器。
openstack router add subnet private_router private_subnet检查以确保网络连接正常工作。
$ openstack router list
+--------------------------------------+----------------+--------+-------+----------------------------------+
| ID | Name | Status | State | Project |
+--------------------------------------+----------------+--------+-------+----------------------------------+
| dfc365da-ab4e-484a-91bb-c2727627d448 | private_router | ACTIVE | UP | 8b20c86cf35943af8a17cb1805ea52d1 |
+--------------------------------------+----------------+--------+-------+----------------------------------+
$ openstack router show private_router | grep external_gateway_info
| external_gateway_info | {"network_id": "81ef07c8-9925-46e4-a1b8-25d860ef32bc", "external_fixed_ips": [{"subnet_id": "7ee4595b-50cf-4074-9fa8-339376c4a71a", "ip_address": "192.168.200.169"}], "enable_snat": true} |
$ ping -c 2 192.168.200.169
PING 192.168.200.169 (192.168.200.169) 56(84) bytes of data.
64 bytes from 192.168.200.169: icmp_seq=1 ttl=254 time=0.260 ms
64 bytes from 192.168.200.169: icmp_seq=2 ttl=254 time=0.302 ms
--- 192.168.200.169 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1004ms
rtt min/avg/max/mdev = 0.260/0.281/0.302/0.021 ms第 7 步:旋转测试实例
我们的 OpenStack 云平台应该可以使用了。我们将下载 Cirros 云镜像。
mkdir ~/images && cd ~/images
sudo yum -y install curl wget
VERSION=$(curl -s http://download.cirros-cloud.net/version/released)
wget http://download.cirros-cloud.net/$VERSION/cirros-$VERSION-x86_64-disk.img将 Cirros 图像上传到 Glance 商店。
openstack image create --disk-format qcow2
--container-format bare --public
--file ./cirros-$VERSION-x86_64-disk.img "Cirros"确认图片已上传
$ openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| 98d260ec-1ccc-46d6-bfb7-f52ca478dd0e | Cirros | active |
+--------------------------------------+--------+--------+为所有访问创建安全组。
openstack security group create permit_all --description "Allow all ports"
openstack security group rule create --protocol TCP --dst-port 1:65535 --remote-ip 0.0.0.0/0 permit_all
openstack security group rule create --protocol ICMP --remote-ip 0.0.0.0/0 permit_all创建另一个安全组以限制访问 – 标准访问端口ICMP、22、80、443
openstack security group create limited_access --description "Allow base ports"
openstack security group rule create --protocol ICMP --remote-ip 0.0.0.0/0 limited_access
openstack security group rule create --protocol TCP --dst-port 22 --remote-ip 0.0.0.0/0 limited_access
openstack security group rule create --protocol TCP --dst-port 80 --remote-ip 0.0.0.0/0 limited_access
openstack security group rule create --protocol TCP --dst-port 443 --remote-ip 0.0.0.0/0 limited_access列出所有安全组:
openstack security group list确认。安全组中的规则。
openstack security group show permit_all
openstack security group show limited_access创建私钥
$ ssh-keygen # if you don't have ssh keys already将密钥添加到 Openstack:
$ openstack keypair create --public-key ~/.ssh/id_rsa.pub admin
+-------------+-------------------------------------------------+
| Field | Value |
+-------------+-------------------------------------------------+
| created_at | None |
| fingerprint | 63:c9:01:ae:57:89:f8:ff:4b:e9:0e:68:7d:49:be:eb |
| id | admin |
| is_deleted | None |
| name | admin |
| type | ssh |
| user_id | 720b4dce6c2946c9bc71ae3c3032e256 |
+-------------+-------------------------------------------------+确认密钥对在 OpenStack 上可用:
$ openstack keypair list
+-------+-------------------------------------------------+
| Name | Fingerprint |
+-------+-------------------------------------------------+
| admin | 19:7b:5c:14:a2:21:7a:a3:dd:56:c6:e4:3a:22:e8:3f |
+-------+-------------------------------------------------+列出可用网络:
$ openstack network list
+--------------------------------------+---------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+---------+--------------------------------------+
| 6b311b90-3ee3-4ad8-a746-853d3952fabe | private | b5983809-f905-4419-b995-91ec3e22b401 |
| 81ef07c8-9925-46e4-a1b8-25d860ef32bc | public | 7ee4595b-50cf-4074-9fa8-339376c4a71a |
+--------------------------------------+---------+--------------------------------------+检查可用的实例风格:
$ openstack flavor list
+----+-----------+-------+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+-----------+-------+------+-----------+-------+-----------+
| 1 | m1.tiny | 512 | 1 | 0 | 1 | True |
| 2 | m1.small | 2048 | 20 | 0 | 1 | True |
| 3 | m1.medium | 4096 | 40 | 0 | 2 | True |
| 4 | m1.large | 8192 | 80 | 0 | 4 | True |
| 5 | m1.xlarge | 16384 | 160 | 0 | 8 | True |
+----+-----------+-------+------+-----------+-------+-----------+让我们在私有网络上创建一个实例
openstack server create
--flavor m1.tiny
--image "Cirros"
--network private
--key-name admin
--security-group permit_all
mycirros检查实例是否创建成功。
$ openstack server list
+--------------------------------------+----------+--------+----------------------+--------+---------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+----------+--------+----------------------+--------+---------+
| a261586f-bfff-46fa-9eb8-6f002e548429 | mycirros | ACTIVE | private=172.20.20.67 | Cirros | m1.tiny |
+--------------------------------------+----------+--------+----------------------+--------+---------+要关联公共子网中的浮动 IP,请使用以下指南:
- 为 OpenStack 中的实例分配浮动 IP 地址
为简单起见,我们将在此处包含命令:
$ openstack floating ip create --project admin --subnet public_subnet public
+---------------------+--------------------------------------+
| Field | Value |
+---------------------+--------------------------------------+
| created_at | 2022-09-06T12:30:29Z |
| description | |
| dns_domain | |
| dns_name | |
| fixed_ip_address | None |
| floating_ip_address | 192.168.200.110 |
| floating_network_id | 81ef07c8-9925-46e4-a1b8-25d860ef32bc |
| id | 8f7b287c-b3a0-4fa3-b496-1940f3d86466 |
| name | 192.168.200.110 |
| port_details | None |
| port_id | None |
| project_id | 8b20c86cf35943af8a17cb1805ea52d1 |
| qos_policy_id | None |
| revision_number | 0 |
| router_id | None |
| status | DOWN |
| subnet_id | 7ee4595b-50cf-4074-9fa8-339376c4a71a |
| tags | [] |
| updated_at | 2022-09-06T12:30:29Z |
+---------------------+--------------------------------------+
$ openstack server add floating ip mycirros 192.168.200.110
$ openstack server list
+--------------------------------------+----------+--------+---------------------------------------+--------+---------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+----------+--------+---------------------------------------+--------+---------+
| a261586f-bfff-46fa-9eb8-6f002e548429 | mycirros | ACTIVE | private=172.20.20.67, 192.168.200.110 | Cirros | m1.tiny |
+--------------------------------------+----------+--------+---------------------------------------+--------+---------+
#Ping Server
$ ping -c 2 192.168.200.110
PING 192.168.200.110 (192.168.200.110) 56(84) bytes of data.
64 bytes from 192.168.200.110: icmp_seq=1 ttl=63 time=0.926 ms
64 bytes from 192.168.200.110: icmp_seq=2 ttl=63 time=0.883 ms
--- 192.168.200.110 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1065ms
rtt min/avg/max/mdev = 0.883/0.904/0.926/0.036 ms分配浮动 IP 后,您可以使用私钥 ssh 到实例。
$ ssh cirros@192.168.200.110
The authenticity of host '192.168.200.110 (192.168.200.110)' can't be established.
ECDSA key fingerprint is SHA256:EDeKOm4TYWzqtH/2AJrIY1ss7OsM+KZ6/JHg/1fr2ec.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.200.110' (ECDSA) to the list of known hosts.
$ cat /etc/os-release
NAME=Buildroot
VERSION=2019.02.1-00002-g77a944c-dirty
ID=buildroot
VERSION_ID=2019.02.1
PRETTY_NAME="Buildroot 2019.02.1"
$ ping computingforgeeks.com -c 2
PING computingforgeeks.com (104.26.5.192): 56 data bytes
64 bytes from 104.26.5.192: seq=0 ttl=56 time=22.220 ms
64 bytes from 104.26.5.192: seq=1 ttl=56 time=22.190 ms
--- computingforgeeks.com ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 22.190/22.205/22.220 ms例如使用 Terraform 检查进行部署:
- 使用 Terraform 在 OpenStack 上部署 VM 实例
我希望这篇文章对在 Rocky Linux/AlmaLinux 服务器上安装 OpenStack 的过程有所帮助。此部署方法不适用于 OpenStack 的高度生产部署。查看适合生产设置的其他 OpenStack 部署方法。
更多关于 OpenStack 的文章:
在 KVM/OpenStack 上安装/运行 Fedora CoreOS (FCOS)
如何在 OpenStack 中调整/扩展 Cinder 卷大小
如何在 OpenStack 中重命名实例/服务器
原创文章,作者:奋斗,如若转载,请注明出处:https://blog.ytso.com/308843.html