Difference between revisions of "IT-SDK-OpenStack"
Jump to navigation
Jump to search
Samerhijazi (talk | contribs) (→FastNotes) |
Samerhijazi (talk | contribs) (→Source) |
||
| (10 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
</pre> | </pre> | ||
==Source== | ==Source== | ||
| + | * DevStack: https://docs.openstack.org/devstack/latest/ | ||
* Storage: https://docs.openstack.org/arch-design/design-storage/design-storage-concepts.html#table-openstack-storage | * Storage: https://docs.openstack.org/arch-design/design-storage/design-storage-concepts.html#table-openstack-storage | ||
| + | * RDO: https://www.rdoproject.org/ | ||
| + | |||
==FastNotes== | ==FastNotes== | ||
* devstack-node-cc >>> '''Cloud Controller''' <<< (ubuntu@devstack-cc) | * devstack-node-cc >>> '''Cloud Controller''' <<< (ubuntu@devstack-cc) | ||
| Line 87: | Line 90: | ||
$ source keystonerc_admin | $ source keystonerc_admin | ||
$ source keystonerc_finance | $ source keystonerc_finance | ||
| + | |||
| + | $ ./tools/discover_hosts.sh | ||
</pre> | </pre> | ||
| Line 229: | Line 234: | ||
==Swift-CLI (Storage-Objekt)== | ==Swift-CLI (Storage-Objekt)== | ||
| − | The common network based object storage (Swift / Cehp) | + | * '''BUI: Project -> Object Store -> Containers''' |
| + | * The common network based object storage (Swift / Cehp) | ||
<pre class="code"> | <pre class="code"> | ||
| − | + | date +'%s' | |
| + | sleep 30 | ||
df -ha |grep swift | df -ha |grep swift | ||
| − | + | ||
swift list | swift list | ||
| + | swift list containerName | ||
| + | |||
swift stat | swift stat | ||
| − | |||
| − | |||
swift stat -v | swift stat -v | ||
| + | swift stat containerName | ||
| + | |||
| + | swift post orders # Create a new container called orders, perhaps to hold online orders for a website | ||
swift post orders -r ".r:*" # Allowing ready by everyone | swift post orders -r ".r:*" # Allowing ready by everyone | ||
swift post orders -r "SoftwareTesters:*" # Narrow down read permissions to members of the SoftwareTesters group | swift post orders -r "SoftwareTesters:*" # Narrow down read permissions to members of the SoftwareTesters group | ||
swift post orders -w "SoftwareTesters:developer1" # Set a write ACL to be just a single user, developer1 in the SoftwareTesters group | swift post orders -w "SoftwareTesters:developer1" # Set a write ACL to be just a single user, developer1 in the SoftwareTesters group | ||
swift post orders -w "SoftwareTesters:developer2,Admin:*" # only developer2 from SoftwareTesters can write but all members of the Admin group can write | swift post orders -w "SoftwareTesters:developer2,Admin:*" # only developer2 from SoftwareTesters can write but all members of the Admin group can write | ||
| − | swift | + | |
| − | + | swift post orders etc/hosts -H "X-Delete-After:30" # Set an expire time in seconds | |
swift post orders etc/hosts -H "X-Delete-After:600" # Configure the existing object to expire after ten minutes. | swift post orders etc/hosts -H "X-Delete-After:600" # Configure the existing object to expire after ten minutes. | ||
| − | + | swift post orders etc/hosts -H "X-Delete-After:1486074" # Set the object to expire at a particular time in the future | |
| − | |||
| − | swift post orders etc/hosts -H "X-Delete- | ||
| − | |||
swift post orders etc/hosts -H "X-Remove-Delete-At:" # If we decide we don’t want the object to expire | swift post orders etc/hosts -H "X-Remove-Delete-At:" # If we decide we don’t want the object to expire | ||
| − | |||
| − | |||
| − | |||
| + | swift upload orders /etc/hosts # Upload a file to the orders container | ||
swift download orders etc/hosts -o localfile # Download the file via the command line | swift download orders etc/hosts -o localfile # Download the file via the command line | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
swift stat orders etc/hosts | swift stat orders etc/hosts | ||
| − | (openstack) | + | (openstack) object list orders # View the objects in the orders container |
(openstack) object create orders /etc/group # Upload the /etc/group file to the orders container | (openstack) object create orders /etc/group # Upload the /etc/group file to the orders container | ||
| − | |||
(openstack) object show orders /etc/group # View the newly updated object | (openstack) object show orders /etc/group # View the newly updated object | ||
(openstack) object store account show # View the object store information | (openstack) object store account show # View the object store information | ||
(openstack) object delete orders /etc/group # Delete the group file | (openstack) object delete orders /etc/group # Delete the group file | ||
| − | |||
</pre> | </pre> | ||
| + | |||
==Heat-Stack (Orchestration)== | ==Heat-Stack (Orchestration)== | ||
* Heat is the main project in the OpenStack Orchestration program. It implements an orchestration engine to launch multiple composite cloud applications based on templates in the form of text files that can be treated like code. | * Heat is the main project in the OpenStack Orchestration program. It implements an orchestration engine to launch multiple composite cloud applications based on templates in the form of text files that can be treated like code. | ||
| + | * '''Project -> Orchestration -> Resource Types''' | ||
<pre class="code"> | <pre class="code"> | ||
| + | tar xvf heat-templates.tar | ||
| + | |||
| + | openstack stack create -t hello_world-1.yaml stackName | ||
| + | openstack stack update -t hello_world-2.yaml stackName | ||
| + | openstack stack list | ||
| + | openstack stack show stackName | ||
| + | openstack stack delete stackName | ||
| + | openstack stack snapshot list stackName # Lists the status of the snapshot. | ||
| + | openstack stack snapshot create stackName # Create a snapshot. | ||
| + | openstack stack snapshot restore stackName snapshotID # Rollback/Restore the stack to the snapshot status. | ||
</pre> | </pre> | ||
Latest revision as of 02:28, 8 July 2020
Contents
- 1 Source
- 2 FastNotes
- 3 BUI-Notes
- 4 CLI-Notes
- 5 IP-Notes
- 6 PDO-Installation
- 7 Load source functions
- 8 OpenStack-CLI
- 9 Neutron-CLI (Network)
- 10 Nova-CLI (Compute)
- 11 Glance-CLI (Image)
- 12 Ceph-CLI (All-in-One Block & Objekt Storage)
- 13 Cinder-CLI (Storage-Block)
- 14 Swift-CLI (Storage-Objekt)
- 15 Heat-Stack (Orchestration)
Source
- DevStack: https://docs.openstack.org/devstack/latest/
- Storage: https://docs.openstack.org/arch-design/design-storage/design-storage-concepts.html#table-openstack-storage
- RDO: https://www.rdoproject.org/
FastNotes
- devstack-node-cc >>> Cloud Controller <<< (ubuntu@devstack-cc)
- devstack-node-cn >>> Cloud Node <<< (ubuntu@compute-node)
- /opt/host >>> The Horizon URL
BUI-Notes
- Create A Project
- Create A User
- Create A Role
- Create A Network (Network, Subnet, Router, Port, Security)
- Create A Floating IP
- Create A Instance
- Project -> Network -> Network Topology
- Project -> Network -> Routers
- Project -> Network -> Floating IPs
- Project -> Compute -> Instances
- Project -> Compute -> Images
- Admin -> System -> System Information
- Identity -> Projects
CLI-Notes
$ pwd $ id $ hostname -s $ sudo chmod +r $ sudo -i $ su - ubuntu $ useradd -m -d /home/ubuntu -s /bin/bash ubuntu $ passwd ubuntu $ echo "stack ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers $ diff before.out after.out $ grep ADMIN_PASSWORD .localrc.auto $ grep DATABASE_PASSWORD local.conf
IP-Notes
hostname -I # Display IP-Adresse sudo virsh list --all sudo ip addr show sudo ip addr show eth01 sudo ip route sudo ip route add 10.10.0.0/24 via 192.168.5.1 dev eth0 sudo ip netns list sudo ip netns exec qrouter-2bd990fc-6b46-4247-9bdc-94464334207f ip a sudo ip netns exec qrouter-27bcb5f9-8af5-419f-a0ff-9d109314c8b8 ssh cirros@10.10.0.2 sudo ip netns exec qrouter-2bd990fc-6b46-4247-9bdc-94464334207f ssh -i ~/.ssh/finance-key cirros@10.10.0.6
PDO-Installation
$ yum install -y centos-release-openstack-pike $ yum install -y openstack-packstack $ sudo packstack --allinone $ sudo packstack --gen-answer-file=answers.txt
Load source functions
$ cp keystonerc_admin keystonerc_finance $ vi keystonerc_finance ------------------------------------------- <span class="k"> export OS_USERNAME=tester export OS_PROJECT_NAME=finance export PS1=’[\u@\h \W(keystone_tester)]\$ ’ </span> ------------------------------------------- $ source openrc admin (ubuntu@compute-node) $ source openrc admin (ubuntu@devstack-cc) $ source keystonerc_admin $ source keystonerc_finance $ ./tools/discover_hosts.sh
OpenStack-CLI
openstack project list openstack project create finance openstack user list openstack user create --project finance --password openstack --email centos@localhost tester openstack role show f617b324f31d400eb82500a285e6ce8d openstack role add --user tester --project finance _member_ openstack role assignment list --user admin --project demo openstack network list # View neutron networking openstack network create finance-internal openstack subnet create sub-financial-int --subnet-range 10.0.0.0/24 --network finance-internal openstack port list |grep beeccd33 openstack router create finance-router openstack router set --external-gateway public finance-router openstack router add subnet finance-router sub-financial-int openstack router show bk-router |grep id openstack server list openstack server add volume ... openstack volume list openstack volume show volumeName openstack volume type create typeName openstack volume create --size 1 --type typeName volumeName openstack volume snapshot list openstack volume snapshot create --volume volumeName snapName # Create a snapshot of the volume and verify it. openstack security group list openstack security group create --description "Allow http and ssh traffic" groupName openstack security group rule list ruleName openstack security group rule create --protocol tcp --ingress --dst-port 22 groupName openstack security group rule create --protocol tcp --ingress --dst-port 80 groupName Project -> Orchestration -> Resource Types openstack stack create -t hello_world-1.yaml stackName openstack stack update -t hello_world-2.yaml stackName openstack stack list openstack stack show stackName openstack stack delete stackName openstack stack snapshot list stackName # Verify the status of the snapshot openstack stack snapshot restore stackName snapshotID # Using the ID and the stack to rollback undo whatever has changed since the snapshot was taken openstack server list # Get a list of instances. openstack server show stackServerName # To view the newly attached storage device. openstack server stop stackServerName # Shut down the instance openstack hypervisor list # View the running hypervisors. openstack catalog list # View some of the RESTapi addresses openstack endpoint list # openstack uses special IDs called endpoints to communicate between services. openstack host list # As a collection of federated services other hosts will support OpenStack services. openstack image list # View the OS images uploaded to glance openstack flavor list
Neutron-CLI (Network)
neutron net-list
Nova-CLI (Compute)
nova list nova show bc1 nova hypervisor-list nova flavor-list nova flavor-create smallfry 6 512 2 1 nova service-list --binary nova-compute nova keypair-list nova keypair-add --pub-key ~/.ssh/finance-key.pub finance-key nova boot --flavor smallfry --image cirros --security-group web-ssh --key-name finance-key --nic net-id=ffe41f70-962f-4693-9014-2275080cd44a bc1 nova boot --flavor smallfry --image cirros --security-group web-ssh --key-name finance-key --nic net-id=580b9d4e-c3da-4215-b9e7-91f349e581c6 bc2
Glance-CLI (Image)
glance image-list glance image-create --name=wceph --disk-format=raw --container-format=bare --progress < cirros-0.4.0-x86_64-disk.img
Ceph-CLI (All-in-One Block & Objekt Storage)
- Ceph in Abschnitt 11
- You should consider Ceph if you want to manage your object and block storage within a single system, or if you want to support fast boot-from-volume.
- >>> RDO Cloud Controller: rdo-cc
- >>> Ceph OSD nodes: storage1, storage2, storage3
$ yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm $ vim /etc/yum.repos.d/start-ceph.repo --------------------------------------- [ceph-noarch] name=Ceph noarch packages baseurl=https://download.ceph.com/rpm-luminous/el7/noarch enabled=1 gpgcheck=1 type=rpm-md gpgkey=https://download.ceph.com/keys/release.asc --------------------------------------- $ timedatectl $ useradd -d /home/ceph -m ceph $ id ceph $ echo ceph | passwd --stdin ceph $ echo "ceph ALL = (root) NOPASSWD:ALL" > /etc/sudoers.d/ceph $ chmod 0400 /etc/sudoers.d/ceph $ sudo sed -i 's/PasswordAuthentication\ no/PasswordAuthentication\ yes/' /etc/ssh/sshd_config $ sudo grep PasswordAuth /etc/ssh/sshd_config --------------------------------------- #PasswordAuthentication yes PasswordAuthentication yes # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication, then enable this but set PasswordAuthentication --------------------------------------- $ sudo systemctl restart sshd $ ssh-keygen $ hostname -s $ sudo vim /etc/hosts $ ssh-copy-id ceph@storage1 $ ssh-copy-id ceph@storage2 $ ssh-copy-id ceph@storage3 $ ssh-copy-id ceph@rdo-cc $ sudo sed -i 's/requiretty/\!requiretty/' /etc/sudoers $ sudo setenforce 0; sudo yum -y install yum-plugin-priorities ##Disable SELinux $ sudo ls -l /etc/yum.repos.d/ceph* $ sudo rm /etc/yum.repos.d/ceph.repo.rpmnew
Cinder-CLI (Storage-Block)
- As for OS-Harddisk
cinder help encryption-type-create cinder encryption-type-create ... cinder show crypt-vol
Swift-CLI (Storage-Objekt)
- BUI: Project -> Object Store -> Containers
- The common network based object storage (Swift / Cehp)
date +'%s' sleep 30 df -ha |grep swift swift list swift list containerName swift stat swift stat -v swift stat containerName swift post orders # Create a new container called orders, perhaps to hold online orders for a website swift post orders -r ".r:*" # Allowing ready by everyone swift post orders -r "SoftwareTesters:*" # Narrow down read permissions to members of the SoftwareTesters group swift post orders -w "SoftwareTesters:developer1" # Set a write ACL to be just a single user, developer1 in the SoftwareTesters group swift post orders -w "SoftwareTesters:developer2,Admin:*" # only developer2 from SoftwareTesters can write but all members of the Admin group can write swift post orders etc/hosts -H "X-Delete-After:30" # Set an expire time in seconds swift post orders etc/hosts -H "X-Delete-After:600" # Configure the existing object to expire after ten minutes. swift post orders etc/hosts -H "X-Delete-After:1486074" # Set the object to expire at a particular time in the future swift post orders etc/hosts -H "X-Remove-Delete-At:" # If we decide we don’t want the object to expire swift upload orders /etc/hosts # Upload a file to the orders container swift download orders etc/hosts -o localfile # Download the file via the command line swift stat orders etc/hosts (openstack) object list orders # View the objects in the orders container (openstack) object create orders /etc/group # Upload the /etc/group file to the orders container (openstack) object show orders /etc/group # View the newly updated object (openstack) object store account show # View the object store information (openstack) object delete orders /etc/group # Delete the group file
Heat-Stack (Orchestration)
- Heat is the main project in the OpenStack Orchestration program. It implements an orchestration engine to launch multiple composite cloud applications based on templates in the form of text files that can be treated like code.
- Project -> Orchestration -> Resource Types
tar xvf heat-templates.tar openstack stack create -t hello_world-1.yaml stackName openstack stack update -t hello_world-2.yaml stackName openstack stack list openstack stack show stackName openstack stack delete stackName openstack stack snapshot list stackName # Lists the status of the snapshot. openstack stack snapshot create stackName # Create a snapshot. openstack stack snapshot restore stackName snapshotID # Rollback/Restore the stack to the snapshot status.
