Difference between revisions of "IT-SDK-OpenStack"
Jump to navigation
Jump to search
Samerhijazi (talk | contribs) (→Glance-CLI (Image)) |
Samerhijazi (talk | contribs) (→Swift-CLI (Storage-Objekt)) |
||
| Line 215: | Line 215: | ||
source keystonerc_admin | source keystonerc_admin | ||
df -ha |grep swift | df -ha |grep swift | ||
| − | swift post orders | + | swift post orders # Create a new container called orders, perhaps to hold online orders for a website |
swift list | swift list | ||
swift stat | swift stat | ||
| Line 221: | Line 221: | ||
swift stat orders | swift stat orders | ||
swift stat -v | swift stat -v | ||
| − | swift post orders -r ".r:*" | + | swift post orders -r ".r:*" # Allowing ready by everyone |
| − | swift post orders -r "SoftwareTesters:*" | + | swift post orders -r "SoftwareTesters:*" # Narrow down read permissions to members of the SoftwareTesters group |
| − | swift post orders -w "SoftwareTesters:developer1" | + | swift post orders -w "SoftwareTesters:developer1" # Set a write ACL to be just a single user, developer1 in the SoftwareTesters group |
| − | swift post orders -w "SoftwareTesters:developer2,Admin:*" | + | swift post orders -w "SoftwareTesters:developer2,Admin:*" # only developer2 from SoftwareTesters can write but all members of the Admin group can write |
| − | swift upload orders /etc/hosts | + | swift upload orders /etc/hosts # Upload a file to the orders container |
swift stat orders etc/hosts | swift stat orders etc/hosts | ||
| − | swift post orders etc/hosts -H "X-Delete-After:600" | + | swift post orders etc/hosts -H "X-Delete-After:600" # Configure the existing object to expire after ten minutes. |
swift stat orders etc/hosts | swift stat orders etc/hosts | ||
date +'%s' | date +'%s' | ||
| − | swift post orders etc/hosts -H "X-Delete-At:1486071948" | + | swift post orders etc/hosts -H "X-Delete-At:1486071948" # Set the object to expire at a particular time in the future |
swift stat orders etc/hosts | swift stat orders etc/hosts | ||
| − | swift post orders etc/hosts -H "X-Remove-Delete-At:" | + | swift post orders etc/hosts -H "X-Remove-Delete-At:" # If we decide we don’t want the object to expire |
swift stat orders etc/hosts | swift stat orders etc/hosts | ||
| − | swift download orders etc/hosts -o localfile | + | swift download orders etc/hosts -o localfile # Download the file via the command line |
cat localfile | cat localfile | ||
| − | swift post -m 'web-listings: true orders' | + | swift post -m 'web-listings: true orders' # Configure the container to allow web access and set the type to listing.css |
swift post -m 'web-listings-css:listing.css' orders | swift post -m 'web-listings-css:listing.css' orders | ||
| − | swift post orders etc/hosts -H "X-Delete-After:30" | + | swift post orders etc/hosts -H "X-Delete-After:30" # Set an expire time |
sleep 30 | sleep 30 | ||
swift stat orders etc/hosts | swift stat orders etc/hosts | ||
| − | + | ||
| − | |||
(openstack) help object store account set | (openstack) help object store account set | ||
(openstack) object create orders /etc/group | (openstack) object create orders /etc/group | ||
(openstack) object list orders | (openstack) object list orders | ||
(openstack) object show orders /etc/group | (openstack) object show orders /etc/group | ||
| − | (openstack) object store account show | + | (openstack) object store account show # View the object store information |
| − | (openstack) object delete orders /etc/group | + | (openstack) object delete orders /etc/group # Delete the group file |
(openstack) object store account show | (openstack) object store account show | ||
</pre> | </pre> | ||
Revision as of 16:12, 12 September 2019
Contents
Source
FastNotes
- devstack-node-cc >>> DevStack node Cloud Controller (ubuntu@devstack-cc)
- devstack-node-cw >>> DevStack node Cloud Worker (ubuntu@compute-node)
- /opt/host >>> The Horizon URL
BUI-Notes
- Create A Project
- Create A User
- Create A Role
- Create A Network (Network, Subnet, Router, Port, Security)
- Create A Floating IP
- Create A Instance
- Project -> Network -> Network Topology
- Project -> Network -> Routers
- Project -> Network -> Floating IPs
- Project -> Compute -> Instances
- Project -> Compute -> Images
- Admin -> System -> System Information
- Identity -> Projects
CLI-Notes
$ pwd $ id $ hostname -s $ sudo chmod +r $ sudo -i $ su - ubuntu $ useradd -m -d /home/ubuntu -s /bin/bash ubuntu $ passwd ubuntu $ echo "stack ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers $ diff before.out after.out $ grep ADMIN_PASSWORD .localrc.auto $ grep DATABASE_PASSWORD local.conf
IP-Notes
sudo ip addr show ens3 sudo ip route sudo ip route add 10.10.0.0/24 via 192.168.5.1 dev eth0 sudo ip netns list sudo ip netns exec qrouter-2bd990fc-6b46-4247-9bdc-94464334207f ip a sudo ip netns exec qrouter-27bcb5f9-8af5-419f-a0ff-9d109314c8b8 ssh cirros@10.10.0.2 sudo ip netns exec qrouter-2bd990fc-6b46-4247-9bdc-94464334207f ssh -i ~/.ssh/finance-key cirros@10.10.0.6
PDO-Installation
$ yum install -y centos-release-openstack-pike $ yum install -y openstack-packstack $ sudo packstack --allinone $ sudo packstack --gen-answer-file=answers.txt
Load source functions
$ cp keystonerc_admin keystonerc_finance $ vi keystonerc_finance ------------------------------------------- <span class="k"> export OS_USERNAME=tester export OS_PROJECT_NAME=finance export PS1=’[\u@\h \W(keystone_tester)]\$ ’ </span> ------------------------------------------- $ source openrc admin (ubuntu@compute-node) $ source openrc admin (ubuntu@devstack-cc) $ source keystonerc_admin $ source keystonerc_finance
OpenStack-CLI
openstack project list openstack project create finance openstack user list openstack user create --project finance --password openstack --email centos@localhost tester openstack role show f617b324f31d400eb82500a285e6ce8d openstack role add --user tester --project finance _member_ openstack role assignment list --user admin --project demo openstack network list openstack network create finance-internal openstack subnet create sub-financial-int --subnet-range 10.0.0.0/24 --network finance-internal openstack port list |grep beeccd33 openstack router create finance-router openstack router set --external-gateway public finance-router openstack router add subnet finance-router sub-financial-int openstack router show bk-router |grep id openstack server list openstack server add volume ... openstack volume list openstack volume show volumeName openstack volume type create typeName openstack volume create --size 1 --type typeName volumeName openstack volume snapshot list openstack volume snapshot create --volume volumeName snapName openstack security group list openstack security group create --description "Allow http and ssh traffic" groupName openstack security group rule list ruleName openstack security group rule create --protocol tcp --ingress --dst-port 22 groupName openstack security group rule create --protocol tcp --ingress --dst-port 80 groupName openstack hypervisor list openstack catalog list openstack endpoint list openstack server list openstack host list openstack image list openstack flavor list
Neutron-CLI (Network)
neutron net-list
Nova-CLI (Compute)
nova list nova show bc1 nova hypervisor-list nova flavor-list nova flavor-create smallfry 6 512 2 1 nova service-list --binary nova-compute nova keypair-list nova keypair-add --pub-key ~/.ssh/finance-key.pub finance-key nova boot --flavor smallfry --image cirros --security-group web-ssh --key-name finance-key --nic net-id=ffe41f70-962f-4693-9014-2275080cd44a bc1 nova boot --flavor smallfry --image cirros --security-group web-ssh --key-name finance-key --nic net-id=580b9d4e-c3da-4215-b9e7-91f349e581c6 bc2
Glance-CLI (Image)
glance image-list glance image-create --name=wceph --disk-format=raw --container-format=bare --progress < cirros-0.4.0-x86_64-disk.img
Ceph-CLI (All-in-One Block & Objekt Storage)
- Ceph in Abschnitt 11
- You should consider Ceph if you want to manage your object and block storage within a single system, or if you want to support fast boot-from-volume.
- >>> RDO Cloud Controller: rdo-cc
- >>> Ceph OSD nodes: storage1, storage2, storage3
$ yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm $ vim /etc/yum.repos.d/start-ceph.repo --------------------------------------- [ceph-noarch] name=Ceph noarch packages baseurl=https://download.ceph.com/rpm-luminous/el7/noarch enabled=1 gpgcheck=1 type=rpm-md gpgkey=https://download.ceph.com/keys/release.asc --------------------------------------- $ timedatectl $ useradd -d /home/ceph -m ceph $ id ceph $ echo ceph | passwd --stdin ceph $ echo "ceph ALL = (root) NOPASSWD:ALL" > /etc/sudoers.d/ceph $ chmod 0400 /etc/sudoers.d/ceph $ sudo sed -i 's/PasswordAuthentication\ no/PasswordAuthentication\ yes/' /etc/ssh/sshd_config $ sudo grep PasswordAuth /etc/ssh/sshd_config --------------------------------------- #PasswordAuthentication yes PasswordAuthentication yes # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication, then enable this but set PasswordAuthentication --------------------------------------- $ sudo systemctl restart sshd $ ssh-keygen $ hostname -s $ sudo vim /etc/hosts $ ssh-copy-id ceph@storage1 $ ssh-copy-id ceph@storage2 $ ssh-copy-id ceph@storage3 $ ssh-copy-id ceph@rdo-cc $ sudo sed -i 's/requiretty/\!requiretty/' /etc/sudoers $ sudo setenforce 0; sudo yum -y install yum-plugin-priorities ##Disable SELinux $ sudo ls -l /etc/yum.repos.d/ceph* $ sudo rm /etc/yum.repos.d/ceph.repo.rpmnew
Cinder-CLI (Storage-Block)
- As for OS-Harddisk
cinder help encryption-type-create cinder encryption-type-create ... cinder show crypt-vol
Swift-CLI (Storage-Objekt)
The common network based object storage (Swift / Cehp)
source keystonerc_admin df -ha |grep swift swift post orders # Create a new container called orders, perhaps to hold online orders for a website swift list swift stat swift list orders swift stat orders swift stat -v swift post orders -r ".r:*" # Allowing ready by everyone swift post orders -r "SoftwareTesters:*" # Narrow down read permissions to members of the SoftwareTesters group swift post orders -w "SoftwareTesters:developer1" # Set a write ACL to be just a single user, developer1 in the SoftwareTesters group swift post orders -w "SoftwareTesters:developer2,Admin:*" # only developer2 from SoftwareTesters can write but all members of the Admin group can write swift upload orders /etc/hosts # Upload a file to the orders container swift stat orders etc/hosts swift post orders etc/hosts -H "X-Delete-After:600" # Configure the existing object to expire after ten minutes. swift stat orders etc/hosts date +'%s' swift post orders etc/hosts -H "X-Delete-At:1486071948" # Set the object to expire at a particular time in the future swift stat orders etc/hosts swift post orders etc/hosts -H "X-Remove-Delete-At:" # If we decide we don’t want the object to expire swift stat orders etc/hosts swift download orders etc/hosts -o localfile # Download the file via the command line cat localfile swift post -m 'web-listings: true orders' # Configure the container to allow web access and set the type to listing.css swift post -m 'web-listings-css:listing.css' orders swift post orders etc/hosts -H "X-Delete-After:30" # Set an expire time sleep 30 swift stat orders etc/hosts (openstack) help object store account set (openstack) object create orders /etc/group (openstack) object list orders (openstack) object show orders /etc/group (openstack) object store account show # View the object store information (openstack) object delete orders /etc/group # Delete the group file (openstack) object store account show
