OpenStack el7: IAAS

By Tyumen(fengjie.zhou)

OpenStack介绍

OpenStack 是什么

Rackspace(贡献swift)和NASA(贡献nova)共同发起的开源项目,是一系列软件开源项目的组合

OpenStack三大核心组件(网络,计算,存储)

详细介绍如:https://www.cnblogs.com/jingtyu/p/6379490.html

官网:http://openstack.redhat.com/

OpenStack基本管理

官方手册

官方地址,推荐观看英文原版文档:

创建项目和用户

逻辑关系:domain下有服务、项目、用户,用户绑定到项目上

客户端安装

这里以在CentOS7下管理为例

创建管理脚本(openrc)

cat << EOF > fengjie.zhou.openrc
export OS_USERNAME=fengjie.zhou
export OS_PASSWORD=password
export OS_PROJECT_NAME=tyumen
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://control.openstack.sinocache.net:35357/v3
export OS_IDENTITY_API_VERSION=3
export PS1="[\u@\h \$OS_USERNAME@OpenStack \W] #>"
EOF

OpenStack的使用

OpenStack使用

source fengjie.zhou.openrc
0.固定host:
   10.1.4.2 control control.openstack.sinocache.net
1.上传image镜像:[10.1.0.5:/root/下,如果使用public名称不要冲突,建议使用private]
   openstack image create --file centos7.5.qcow2 --disk-format qcow2 --public/--private CentOS7.5
2.创建主机筐:略[管理员才有权限]
   openstack flavor create --ram 2048 --disk 0 --ephemeral 0 --swap 0 --vcpus 1 vm.server.class1
3.创建ssh私钥:
openstack keypair create sshkey > my-ssh.keypem
4.创建安全组:
openstack security group create ssh 
openstack security group create web
openstack security group rule create --protocol tcp --dst-port 22 ssh
openstack security group rule create --protocol tcp --dst-port 80 web

OpenStack使用


5.创建网络:略[不要执行]
openstack network create --project myproject private
openstack subnet create --project myproject --subnet-range 192.168.112.0/24 --network private int
openstack network create --external --provider-physical-network datacentre --provider-segment 500 public
openstack subnet create --no-dhcp --subnet-range 172.25.250.0/24 --gateway 172.25.250.254 --dns-nameserver \
172.25.250.254 --allocation-pool start=172.25.250.101,end=172.25.250.189 --network public ext
6.创建路由:略[不要执行]
openstack router create --project myproject 210-router
neutron router-gateway-set 210-router public
openstack router add subnet 210-router int
7.创建实例:
openstack network list
openstack server create --flavor vm.server.class1 --image CentOS7.5 --nic net-id=**** --security-group web \ 
--security-group ssh --key-name sshkey vm-server-1
like:openstack server create --key-name sshkey --flavor vm.server.class1 --security-group web --security-group \
ssh --image CentOS7.5 --nic net-id=86142fdb-5127-4c99-91b7-befc907f036a vm-server-1
or:openstack server create --flavor vm.server.class1 --image CentOS7.5 --network private --security-group web \
--security-group ssh --key-name sshkey vm-server-1

OpenStack使用


8.创建Cinder卷[vm使用的磁盘]:在tyumen项目下创建,名字叫storage,大小10G
openstack volume create --project tyumen --size 10 storage
9.分配磁盘到虚拟机:
openstack server add volume --device /dev/vdb vm-server-1 storage
10.创建swift存储[类似百度云盘]:
openstack container create warehouse
openstack object create warehouse 文件名 #上传一个文件上去 
11.创建申请公网ip:
openstack floating ip create public 
或者:
#openstack floating ip create --floating-ip-address 10.1.4.180 public #如果想申请特定的ip地址的话
12.使用公网ip:
#openstack floating ip list #查看float ip
openstack server add floating ip vm-server-1 10.1.4.180

系统镜像的修改


教程:https://docs.openstack.org/image-guide/modify-images.html
方法一:
yum install libguestfs-tools-c
guestfish -i --network -a CentOS7.5-Change.qcow2
<fs>command "yum install httpd -y"
<fs>command "systemctl enable httpd"
<fs>command "useradd httpd"
<fs>command "touch /var/www/html/index.html"
<fs>edit /var/www/html/index.html
<fs>selinux-relabel /etc/selinux/targeted/contexts/files/file_contexts /
<fs>exit

openstack image create --file CentOS7.5-Change.qcow2 --disk-format qcow2 --public finance 
openstack network list
openstack server create --flavor vm.server.class1 --image finance --nic net-id=**** \
--security-group ssh --key-name sshkey financevm

结后语

劝告

OpenStack 支持web操作,但是云平台的价值在api,通过api进行管理和服务,因此需要重点好好掌握api方法