Difference between revisions of "IT-SDK-OpenStack"

Source

• Storage: https://docs.openstack.org/arch-design/design-storage/design-storage-concepts.html#table-openstack-storage
• RDO: https://www.rdoproject.org/

FastNotes

• devstack-node-cc >>> Cloud Controller <<< (ubuntu@devstack-cc)
• devstack-node-cn >>> Cloud Node <<< (ubuntu@compute-node)

• /opt/host >>> The Horizon URL

BUI-Notes

• Create A Project
• Create A User
• Create A Role
• Create A Network (Network, Subnet, Router, Port, Security)
• Create A Floating IP
• Create A Instance

• Project -> Network -> Network Topology
• Project -> Network -> Routers
• Project -> Network -> Floating IPs

• Project -> Compute -> Instances
• Project -> Compute -> Images

• Admin -> System -> System Information
• Identity -> Projects

CLI-Notes

$ pwd
$ id
$ hostname -s
$ sudo chmod +r

$ sudo -i
$ su - ubuntu

$ useradd -m -d /home/ubuntu -s /bin/bash ubuntu
$ passwd ubuntu

$ echo "stack ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
$ diff before.out after.out

$ grep ADMIN_PASSWORD .localrc.auto
$ grep DATABASE_PASSWORD local.conf

IP-Notes

hostname -I                     # Display IP-Adresse

sudo virsh list --all

sudo ip addr show
sudo ip addr show eth01

sudo ip route
sudo ip route add 10.10.0.0/24 via 192.168.5.1 dev eth0

sudo ip netns list
sudo ip netns exec qrouter-2bd990fc-6b46-4247-9bdc-94464334207f ip a
sudo ip netns exec qrouter-27bcb5f9-8af5-419f-a0ff-9d109314c8b8 ssh cirros@10.10.0.2
sudo ip netns exec qrouter-2bd990fc-6b46-4247-9bdc-94464334207f ssh -i ~/.ssh/finance-key cirros@10.10.0.6

PDO-Installation

$ yum install -y centos-release-openstack-pike
$ yum install -y openstack-packstack
$ sudo packstack --allinone
$ sudo packstack --gen-answer-file=answers.txt

Load source functions

$ cp keystonerc_admin keystonerc_finance
$ vi keystonerc_finance
-------------------------------------------
<span class="k">
export OS_USERNAME=tester
export OS_PROJECT_NAME=finance
export PS1=’[\u@\h \W(keystone_tester)]\$ ’
</span>
-------------------------------------------
$ source openrc admin (ubuntu@compute-node)
$ source openrc admin (ubuntu@devstack-cc)
$ source keystonerc_admin
$ source keystonerc_finance

$ ./tools/discover_hosts.sh

OpenStack-CLI

openstack project list
openstack project create finance

openstack user list
openstack user create --project finance --password openstack --email centos@localhost tester

openstack role show f617b324f31d400eb82500a285e6ce8d
openstack role add --user tester --project finance _member_
openstack role assignment list --user admin --project demo

openstack network list                             # View neutron networking
openstack network create finance-internal

openstack subnet create sub-financial-int --subnet-range 10.0.0.0/24 --network finance-internal

openstack port list |grep beeccd33

openstack router create finance-router
openstack router set --external-gateway public finance-router
openstack router add subnet finance-router sub-financial-int
openstack router show bk-router |grep id

openstack server list
openstack server add volume ...

openstack volume list
openstack volume show volumeName
openstack volume type create typeName
openstack volume create --size 1 --type typeName volumeName 
openstack volume snapshot list
openstack volume snapshot create --volume volumeName snapName          # Create a snapshot of the volume and verify it.

openstack security group list
openstack security group create --description "Allow http and ssh traffic" groupName
openstack security group rule list ruleName
openstack security group rule create --protocol tcp --ingress --dst-port 22 groupName
openstack security group rule create --protocol tcp --ingress --dst-port 80 groupName

Project -> Orchestration -> Resource Types
openstack stack create -t hello_world-1.yaml stackName
openstack stack update -t hello_world-2.yaml stackName
openstack stack list
openstack stack show stackName
openstack stack delete stackName
openstack stack snapshot list stackName   # Verify the status of the snapshot
openstack stack snapshot restore stackName snapshotID  # Using the ID and the stack to rollback undo whatever has changed since the snapshot was taken

openstack server list                     # Get a list of instances.
openstack server show stackServerName     # To view the newly attached storage device.
openstack server stop stackServerName     # Shut down the instance

openstack hypervisor list                 # View the running hypervisors.
openstack catalog list                    # View some of the RESTapi addresses
openstack endpoint list                   # openstack uses special IDs called endpoints to communicate between services.
openstack host list                       # As a collection of federated services other hosts will support OpenStack services.
openstack image list                      # View the OS images uploaded to glance
openstack flavor list

Neutron-CLI (Network)

neutron net-list

Nova-CLI (Compute)

nova list
nova show bc1
nova hypervisor-list
nova flavor-list
nova flavor-create smallfry 6 512 2 1
nova service-list --binary nova-compute
nova keypair-list
nova keypair-add --pub-key ~/.ssh/finance-key.pub finance-key
nova boot --flavor smallfry --image cirros --security-group web-ssh --key-name finance-key --nic net-id=ffe41f70-962f-4693-9014-2275080cd44a bc1
nova boot --flavor smallfry --image cirros --security-group web-ssh --key-name finance-key --nic net-id=580b9d4e-c3da-4215-b9e7-91f349e581c6 bc2

Glance-CLI (Image)

glance image-list
glance image-create --name=wceph --disk-format=raw --container-format=bare --progress < cirros-0.4.0-x86_64-disk.img

Ceph-CLI (All-in-One Block & Objekt Storage)

• Ceph in Abschnitt 11
• You should consider Ceph if you want to manage your object and block storage within a single system, or if you want to support fast boot-from-volume.
• >>> RDO Cloud Controller: rdo-cc
• >>> Ceph OSD nodes: storage1, storage2, storage3

$ yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
$ vim /etc/yum.repos.d/start-ceph.repo
---------------------------------------
[ceph-noarch]
name=Ceph noarch packages
baseurl=https://download.ceph.com/rpm-luminous/el7/noarch
enabled=1
gpgcheck=1
type=rpm-md
gpgkey=https://download.ceph.com/keys/release.asc
---------------------------------------
$ timedatectl
$ useradd -d /home/ceph -m ceph
$ id ceph
$ echo ceph | passwd --stdin ceph
$ echo "ceph ALL = (root) NOPASSWD:ALL" > /etc/sudoers.d/ceph
$ chmod 0400 /etc/sudoers.d/ceph
$ sudo sed -i 's/PasswordAuthentication\ no/PasswordAuthentication\ yes/' /etc/ssh/sshd_config
$ sudo grep PasswordAuth /etc/ssh/sshd_config
---------------------------------------
#PasswordAuthentication yes
PasswordAuthentication yes
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication, then enable this but set PasswordAuthentication
---------------------------------------
$ sudo systemctl restart sshd
$ ssh-keygen
$ hostname -s
$ sudo vim /etc/hosts
$ ssh-copy-id ceph@storage1
$ ssh-copy-id ceph@storage2
$ ssh-copy-id ceph@storage3
$ ssh-copy-id ceph@rdo-cc
$ sudo sed -i 's/requiretty/\!requiretty/' /etc/sudoers
$ sudo setenforce 0; sudo yum -y install yum-plugin-priorities ##Disable SELinux
$ sudo ls -l /etc/yum.repos.d/ceph*
$ sudo rm /etc/yum.repos.d/ceph.repo.rpmnew

Cinder-CLI (Storage-Block)

• As for OS-Harddisk

cinder help encryption-type-create
cinder encryption-type-create ...
cinder show crypt-vol

Swift-CLI (Storage-Objekt)

• BUI: Project -> Object Store -> Containers
• The common network based object storage (Swift / Cehp)

date +'%s'
sleep 30
df -ha |grep swift

swift list
swift list containerName

swift stat
swift stat -v
swift stat containerName

swift post orders                                         # Create a new container called orders, perhaps to hold online orders for a website
swift post orders -r ".r:*"                               # Allowing ready by everyone
swift post orders -r "SoftwareTesters:*"                  # Narrow down read permissions to members of the SoftwareTesters group
swift post orders -w "SoftwareTesters:developer1"         # Set a write ACL to be just a single user, developer1 in the SoftwareTesters group
swift post orders -w "SoftwareTesters:developer2,Admin:*" # only developer2 from SoftwareTesters can write but all members of the Admin group can write

swift post orders etc/hosts -H "X-Delete-After:30"        # Set an expire time in seconds
swift post orders etc/hosts -H "X-Delete-After:600"       # Configure the existing object to expire after ten minutes.
swift post orders etc/hosts -H "X-Delete-After:1486074"   # Set the object to expire at a particular time in the future
swift post orders etc/hosts -H "X-Remove-Delete-At:"      # If we decide we don’t want the object to expire

swift upload orders /etc/hosts                            # Upload a file to the orders container
swift download orders etc/hosts -o localfile              # Download the file via the command line
swift stat orders etc/hosts

(openstack) object list orders                           # View the objects in the orders container
(openstack) object create orders /etc/group              # Upload the /etc/group file to the orders container
(openstack) object show orders /etc/group                # View the newly updated object
(openstack) object store account show                    # View the object store information
(openstack) object delete orders /etc/group              # Delete the group file

Heat-Stack (Orchestration)

• Heat is the main project in the OpenStack Orchestration program. It implements an orchestration engine to launch multiple composite cloud applications based on templates in the form of text files that can be treated like code.
• Project -> Orchestration -> Resource Types

tar xvf heat-templates.tar

openstack stack create -t hello_world-1.yaml stackName
openstack stack update -t hello_world-2.yaml stackName
openstack stack list
openstack stack show stackName
openstack stack delete stackName
openstack stack snapshot list stackName                # Lists the status of the snapshot.
openstack stack snapshot create stackName              # Create a snapshot.
openstack stack snapshot restore stackName snapshotID  # Rollback/Restore the stack to the snapshot status.