项目要求:
1、生效管理员环境变量并创建镜像,要求名为Centos7.4(配置所需文件已存在root用户家目录下)
2、创建租户并设置租户配额,具体要求如下:
(1)项目名称:cloud
(2)管理用户:user1 用户密码:123456
(3)配额:虚拟内核10个、内存10G、实例10个,其他配置默认。
(4)编写user1环境变量
3、创建云主机类型,要求如下:
(1)名称:my_flavor、vcpu:1个、ram:512M、磁盘:20G
4、创建共享网络和私有网络,要求如下:
(1)共享网络名:publict,由admin用户创建,并设置共享
(2)创建共享网络子网:sub_public,网段为本地eth0
(3)私有网络名:private,由user1用户创建
(4)创建私有网络子网:sub_private,网段为192.168.10网段
5、创建路由,并关联内外网,要求为:
(1)名称:my_router
(2)设置外部网关
(3)设置内部接口
6、创建安全组,要求为:
(1)名称:my_sec
(2)开放22号端口
(3)开放80号端口
7、生成密钥对,要求为:
(1)名称:my_key
(2)密钥需保存在本地:/root/key1.pem
(3)设置密钥文件为仅可读
8、发放云主机,并分配浮动IP,要求如下:
(1)使用镜像:Centos7.4、使用云主机类型:my_flavor、使用网络:private、使用安全组:my_sec、使用密钥对:my_key
(2)生成浮动IP
(3)给云主机绑定浮动IP
9、远程连接云主机,并查看网络信息
一、虚拟机信息
主机名 | IP地址 | 网卡 | 网关 | DNS | 虚拟网卡 | 操作系统 |
---|---|---|---|---|---|---|
openstack | 10.0.15.100 | VM net8 | 10.0.15.2 | 114.114.114.114 | br-ex | centos7.4 |
二、项目环境介绍
1、Openstack的版本为: Stein
2、Openstack为all in one安装
3、Openstack原有的网络和路由已删除
4、Openstack原有的镜像已删除
三、项目实施
1、生效管理员环境变量并创建镜像,要求名为Centos7.4(配置所需文件已存在控制节点root用户家目录下)
[root@openstack ~]# ls
admin.openrc anaconda-ks.cfg centos7.qcow2 packstack-answers-20220307-042836.txt
[root@openstack ~]# source admin.openrc
[root@openstack ~]# openstack image create --file ~/centos7.qcow2 --disk-format qcow2 --public centos7.4
[root@openstack ~]# openstack image list
+--------------------------------------+-----------+--------+
| ID | Name | Status |
+--------------------------------------+-----------+--------+
| 635d5cf2-76ec-400f-b08f-82bd548bd0e3 | centos7.4 | active |
+--------------------------------------+-----------+--------+
2、创建租户并设置租户配额
(1)项目名称:cloud
[root@openstack ~]# openstack project create --enable cloud
[root@openstack ~]# openstack project list
+----------------------------------+----------+
| ID | Name |
+----------------------------------+----------+
| 105839a13a764e7ea6780217616db0fc | demo |
| 3939352a876345b78e41272c092ad694 | cloud |
| dc7c1b93e8ac443c9896b57bbe1df29a | services |
| ee0645b846e1478092efec1eae850174 | admin |
+----------------------------------+----------+
(2)管理用户:user1 用户密码:123456
[root@openstack ~]# openstack user create --project cloud --password 123456 --enable user01
[root@openstack ~]# openstack user list | grep user01
| 58832fa80d5b4154accadd2e26fcf569 | user01 |
[root@openstack ~]# openstack role add --project cloud --user user01 admin
(3)配额:虚拟内核10个、内存10G、实例10个,其他配置默认。
[root@openstack ~]# openstack quota set --ram 10240 --instances 10 --cores 10 cloud
[root@openstack ~]# openstack quota show cloud | grep -E "ram|instances|cores"
| cores | 10 |
| instances | 10 |
| ram | 10240 |
(4)编写user1环境变量
[root@openstack ~]# cp admin.openrc user01.openrc
[root@openstack ~]# vim user01.openrc
unset OS_SERVICE_TOKEN
export OS_USERNAME=user01
export OS_PASSWORD=123456
export OS_REGION_NAME=RegionOne
export OS_AUTH_URL=http://10.0.15.100:5000/v3
export OS_PROJECT_NAME=cloud
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_IDENTITY_API_VERSION=3
3、创建云主机类型
(1)名称:my_flavor、vcpu:1个、ram:512M、磁盘:20G
[root@openstack ~]# openstack flavor create --ram 2048 --vcpus 1 --disk 10 --public my_flavor
[root@openstack ~]# openstack flavor list
+--------------------------------------+-----------+-------+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+--------------------------------------+-----------+-------+------+-----------+-------+-----------+
| 1 | m1.tiny | 512 | 1 | 0 | 1 | True |
| 2 | m1.small | 2048 | 20 | 0 | 1 | True |
| 3 | m1.medium | 4096 | 40 | 0 | 2 | True |
| 4 | m1.large | 8192 | 80 | 0 | 4 | True |
| 5 | m1.xlarge | 16384 | 160 | 0 | 8 | True |
| e183b92e-e16d-4eeb-9f5d-3a3f6635e4f8 | my_flavor | 2048 | 10 | 0 | 1 | True |
+--------------------------------------+-----------+-------+------+-----------+-------+-----------+
4、创建共享网络和私有网络
(1)共享网络名:publict,由admin用户创建,并设置共享
#查看物理网络类型
[root@openstack ~]# grep type_drivers /etc/neutron/plugin.ini
type_drivers=geneve,flat
#显示网络类型为flat
#查看物理网络名称
#all in one需查看家目录下的自动应答文件
[root@openstack ~]# cat packstack-answers-20220307-042836.txt | grep br-ex | grep -v '#'
CONFIG_NEUTRON_L3_EXT_BRIDGE=br-ex
CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=extnet:br-ex
CONFIG_NEUTRON_OVN_BRIDGE_MAPPINGS=extnet:br-ex
#显示网络名称为extnet
#非all in one查看
[root@openstack ~]# grep ^flat /etc/neutron/plugin.ini
flat_networks=*
#在*的地方会显示物理网络名称
[root@openstack ~]# openstack --os-username admin network create --external --enable --share --provider-network-type flat --provider-physical-network extnet public
[root@openstack ~]# openstack network list
+--------------------------------------+--------+---------+
| ID | Name | Subnets |
+--------------------------------------+--------+---------+
| aa7035f7-9ac3-453d-acd9-e6c31516bf3a | public | |
+--------------------------------------+--------+---------+
(2)创建共享网络子网:sub_public,网段为本地eth0
[root@openstack ~]# hostname -I
10.0.15.100
[root@openstack ~]# openstack subnet create --subnet-range 10.0.15.0/24 --gateway 10.0.0.2 --network public --dns-nameserver 114.114.114.114 --allocation-pool start=10.0.15.151,end=10.0.15.200 --dhcp sub_public
[root@openstack ~]# openstack subnet list
+--------------------------------------+------------+--------------------------------------+--------------+
| ID | Name | Network | Subnet |
+--------------------------------------+------------+--------------------------------------+--------------+
| 6cd9918a-3f20-40de-b224-3e871fccdd69 | sub_public | aa7035f7-9ac3-453d-acd9-e6c31516bf3a | 10.0.15.0/24 |
+--------------------------------------+------------+--------------------------------------+--------------+
(3)私有网络名:private,由user1用户创建
[root@openstack ~]# source user01.openrc
[root@openstack ~]# openstack --os-username user01 network create --enable private
[root@openstack ~]# openstack network list
+--------------------------------------+---------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+---------+--------------------------------------+
| 21f72db1-71bd-46ac-9095-39bb283f5c30 | private | |
| aa7035f7-9ac3-453d-acd9-e6c31516bf3a | public | 6cd9918a-3f20-40de-b224-3e871fccdd69 |
+--------------------------------------+---------+--------------------------------------+
(4)创建私有网络子网:sub_private,网段为192.168.10网段
[root@openstack ~]# openstack subnet create --subnet-range 192.168.10.0/24 --gateway 192.168.10.254 --network private --dns-nameserver 8.8.8.8 --allocation-pool start=192.168.10.151,end=192.168.10.200 --dhcp sub_private
[root@openstack ~]# openstack subnet list
+--------------------------------------+-------------+--------------------------------------+-----------------+
| ID | Name | Network | Subnet |
+--------------------------------------+-------------+--------------------------------------+-----------------+
| 6cd9918a-3f20-40de-b224-3e871fccdd69 | sub_public | aa7035f7-9ac3-453d-acd9-e6c31516bf3a | 10.0.15.0/24 |
| aa7a3c3d-13f1-478d-93f2-637edcf81da3 | sub_private | 21f72db1-71bd-46ac-9095-39bb283f5c30 | 192.168.10.0/24 |
+--------------------------------------+-------------+--------------------------------------+-----------------+
5、创建路由,并关联内外网
(1)名称:my_router
[root@openstack ~]# source admin.openrc
[root@openstack ~]# openstack router create --enable my_router
[root@openstack ~]# openstack router list
+--------------------------------------+-----------+--------+-------+----------------------------------+
| ID | Name | Status | State | Project |
+--------------------------------------+-----------+--------+-------+----------------------------------+
| 63893cfd-9ced-4c57-9e9e-d63feb302a7e | my_router | ACTIVE | UP | ee0645b846e1478092efec1eae850174 |
+--------------------------------------+-----------+--------+-------+----------------------------------+
(2)设置外部网关
[root@openstack ~]# openstack router set --external-gateway public my_router
[root@openstack ~]# openstack router show my_router | grep external_gateway
| external_gateway_info | {"network_id": "aa7035f7-9ac3-453d-acd9-e6c31516bf3a", "enable_snat": true, "external_fixed_ips": [{"subnet_id": "6cd9918a-3f20-40de-b224-3e871fccdd69", "ip_address": "10.0.15.172"}]} |
(3)设置内部接口
[root@openstack ~]# openstack router add subnet my_router sub_private
[root@openstack ~]# openstack router show my_router | grep interfaces_info
| interfaces_info | [{"subnet_id": "aa7a3c3d-13f1-478d-93f2-637edcf81da3", "ip_address": "192.168.10.254", "port_id": "b485de35-834b-4b2b-b94e-f7c3c91ca1fe"}]
6、创建安全组
(1)名称:my_sec
[root@openstack ~]# openstack security group create my_sec
[root@openstack ~]# openstack security group list
+--------------------------------------+---------+------------------------+----------------------------------+------+
| ID | Name | Description | Project | Tags |
+--------------------------------------+---------+------------------------+----------------------------------+------+
| a6577879-9956-4181-8f31-ccff959c1413 | my_sec | my_sec | ee0645b846e1478092efec1eae850174 | [] |
| eba0c99b-06ea-4b06-9e44-2e9125054faf | default | Default security group | ee0645b846e1478092efec1eae850174 | [] |
+--------------------------------------+---------+------------------------+----------------------------------+------+
(2)开放22号端口
[root@openstack ~]# openstack security group rule create --protocol tcp --dst-port 22 --ethertype IPv4 --ingress my_sec
[root@openstack ~]# openstack security group rule list my_sec
+--------------------------------------+-------------+-----------+------------+-----------------------+
| ID | IP Protocol | IP Range | Port Range | Remote Security Group |
+--------------------------------------+-------------+-----------+------------+-----------------------+
| 5552d1e6-f88c-4c60-a5cc-2ddbe733580f | tcp | 0.0.0.0/0 | 22:22 | None |
| 77247a69-76bf-4573-9f4b-56ad51278d2f | None | None | | None |
| a2c1ae71-4154-4b2d-b13d-f5d5723eb152 | None | None | | None |
+--------------------------------------+-------------+-----------+------------+-----------------------+
(3)开放80号端口
[root@openstack ~]# openstack security group rule create --protocol tcp --dst-port 80 --ethertype IPv4 --ingress my_sec
[root@openstack ~]# openstack security group rule list my_sec
+--------------------------------------+-------------+-----------+------------+-----------------------+
| ID | IP Protocol | IP Range | Port Range | Remote Security Group |
+--------------------------------------+-------------+-----------+------------+-----------------------+
| 07f8fda9-59f7-44a9-9b18-231dac431aff | tcp | 0.0.0.0/0 | 80:80 | None |
| 5552d1e6-f88c-4c60-a5cc-2ddbe733580f | tcp | 0.0.0.0/0 | 22:22 | None |
| 77247a69-76bf-4573-9f4b-56ad51278d2f | None | None | | None |
| a2c1ae71-4154-4b2d-b13d-f5d5723eb152 | None | None | | None |
+--------------------------------------+-------------+-----------+------------+-----------------------+
7、生成密钥对
(1)名称:my_key
[root@openstack ~]# openstack keypair create my_key > ~/key1.pem
(2)密钥需保存在本地:/root/key1.pem
[root@openstack ~]# ll
total 644804
-rw------- 1 root root 309 Apr 11 01:58 admin.openrc
-rw-------. 1 root root 1304 Dec 4 17:36 anaconda-ks.cfg
-rw-rw-rw- 1 root root 660209664 Apr 11 02:07 centos7.qcow2
-rw-r--r-- 1 root root 1676 Apr 11 05:08 key1.pem
-rw------- 1 root root 51753 Mar 7 04:35 packstack-answers-20220307-042836.txt
-rw------- 1 root root 266 Apr 11 04:50 user01.openrc
(3)设置密钥文件为仅可读
[root@openstack ~]# chmod 400 key1.pem
[root@openstack ~]# ll
total 644804
-rw------- 1 root root 309 Apr 11 01:58 admin.openrc
-rw-------. 1 root root 1304 Dec 4 17:36 anaconda-ks.cfg
-rw-rw-rw- 1 root root 660209664 Apr 11 02:07 centos7.qcow2
-r-------- 1 root root 1676 Apr 11 05:08 key1.pem
-rw------- 1 root root 51753 Mar 7 04:35 packstack-answers-20220307-042836.txt
-rw------- 1 root root 266 Apr 11 04:50 user01.openrc
8、发放云主机,并分配浮动IP
(1)使用镜像:Centos7.4、使用云主机类型:my_flavor、使用网络:private、使用安全组:my_sec、使用密钥对:my_key,名称:my_cloud
[root@openstack ~]# openstack server create --image centos7.4 --key-name my_key --security-group my_sec --flavor my_flavor --network private my_cloud
[root@openstack ~]# openstack server list
+--------------------------------------+----------+--------+----------+-----------+-----------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+----------+--------+----------+-----------+-----------+
| bb8e096e-36cf-4d3e-98cb-ebfb939e86ce | my_cloud | BUILD | | centos7.4 | my_flavor |
+--------------------------------------+----------+--------+----------+-----------+-----------+
(2)生成浮动IP文章来源:https://www.toymoban.com/news/detail-524012.html
[root@openstack ~]# openstack floating ip create public
[root@openstack ~]# openstack floating ip list
+--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+
| ID | Floating IP Address | Fixed IP Address | Port | Floating Network | Project |
+--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+
| 5d464fbf-4a78-4137-ad03-369bbd923587 | 10.0.15.194 | None | None | aa7035f7-9ac3-453d-acd9-e6c31516bf3a | ee0645b846e1478092efec1eae850174 |
+--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+
(3)给云主机绑定浮动IP文章来源地址https://www.toymoban.com/news/detail-524012.html
[root@openstack ~]# openstack server add floating ip my_cloud 10.0.15.194
[root@openstack ~]# openstack server list
+--------------------------------------+----------+--------+-------------------------------------+-----------+-----------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+----------+--------+-------------------------------------+-----------+-----------+
| 1785b04b-48e7-4357-8f61-62608d5a265b | my_cloud | ACTIVE | private=192.168.10.196, 10.0.15.194 | centos7.4 | my_flavor |
+--------------------------------------+----------+--------+-------------------------------------+-----------+-----------+
9、远程连接云主机,并查看网络信息
[root@openstack ~]# ssh -i key1.pem root@10.0.15.194
The authenticity of host '10.0.15.194 (10.0.15.194)' can't be established.
ECDSA key fingerprint is SHA256:K5V6gPGJUsE7aEqkSBSkMiANTmn7CM4SUXmgAarOsx0.
ECDSA key fingerprint is MD5:72:c8:27:3e:87:23:d2:2f:cf:e9:90:a3:18:14:5e:ba.
Are you sure you want to continue connecting (yes/no)? yes
Last login: Mon Apr 11 05:19:07 2022 from 10.0.15.100
[root@localhost ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1442
inet 192.168.10.176 netmask 255.255.255.0 broadcast 192.168.10.255
inet6 fe80::223e:8b13:21b6:ebbe prefixlen 64 scopeid 0x20<link>
ether fa:16:3e:69:46:9d txqueuelen 1000 (Ethernet)
RX packets 554 bytes 124065 (121.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 582 bytes 110921 (108.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
到了这里,关于Openstack项目实训的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!