Keystone
keystone运维命令
(1)创建用户
创建一个名为wxit的账户,密码为wxit123,邮箱为wxit@edu.com
[root@controller ~]# openstack user create --password wxit123 --email wxit@edu.com --domain demo wxit
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | 0aaa03e7a09e4c5e81db274f210c3d2c |
| email | wxit@edu.com |
| enabled | True |
| id | 1e73e6cd88e048d9b510d9e0dbfa447d |
| name | wxit |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
(2)创建项目
一个Project就是一个项目、团队或组织,当请求Openstack服务时,必须定义一个项目 。
创建一个名为wxit的项目
[root@controller ~]# openstack project create --domain demo wxit
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | |
| domain_id | 0aaa03e7a09e4c5e81db274f210c3d2c |
| enabled | True |
| id | e73fd16556574481a25ca22a78fc03bc |
| is_domain | False |
| name | wxit |
| parent_id | 0aaa03e7a09e4c5e81db274f210c3d2c |
| tags | [] |
+-------------+----------------------------------+
(3)创建角色
角色限定了用户的操作权限
创建一个角色wxit_test
[root@controller ~]# openstack role create wxit_test
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | None |
| id | 51d01d0fe15e4305a3efa4eaa728f0d6 |
| name | wxit_test |
+-----------+----------------------------------+
(4)绑定用户和项目权限
为添加的用户添加分配一定的权限,需要把用户关联绑定到对应的项目和角色。
给用户wxit分配wxit项目下的wxit_test角色
[root@controller ~]# openstack role add --user wxit --project wxit wxit_test
Keystone基础查询命令
(1)用户列表查询
[root@controller ~]# openstack user list
+----------------------------------+-----------+
| ID | Name |
+----------------------------------+-----------+
| 1e73e6cd88e048d9b510d9e0dbfa447d | wxit |
| 24a3622bf84c4ff3824efd33c7f736a9 | glance |
| 50516a04bb7e4a828ab856fcf519bdd5 | demo |
| 54fd8f0eb793414eb896b1b76c7311e9 | nova |
| 57fd78bfc4f2453ba38f8ef7d5384751 | swift |
| 8e257f6777f74a2c80898d70eac81870 | placement |
| b49ea08b077f44ce8c6673082f6f05a1 | admin |
| d14c5db7e9a7439583f13efec99e86b9 | neutron |
| f2f7a318688346ee82d37df960dc2f24 | cinder |
+----------------------------------+-----------+
查询具体用户的详细信息
[root@controller ~]# openstack user show wxit
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | 0aaa03e7a09e4c5e81db274f210c3d2c |
| email | wxit@edu.com |
| enabled | True |
| id | 1e73e6cd88e048d9b510d9e0dbfa447d |
| name | wxit |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
(2)项目列表查询
[root@controller ~]# openstack project list
+----------------------------------+---------+
| ID | Name |
+----------------------------------+---------+
| 2cee9a75c36e4bf78b489a28d6085752 | service |
| 6b95ad3440054017b708fb7e35b2efbc | admin |
| accc4cc7919a49dba64364ca58b8a84e | demo |
| e73fd16556574481a25ca22a78fc03bc | wxit |
+----------------------------------+---------+
可以查询项目的具体信息
[root@controller ~]# openstack project show wxit
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | |
| domain_id | 0aaa03e7a09e4c5e81db274f210c3d2c |
| enabled | True |
| id | e73fd16556574481a25ca22a78fc03bc |
| is_domain | False |
| name | wxit |
| parent_id | 0aaa03e7a09e4c5e81db274f210c3d2c |
| tags | [] |
+-------------+----------------------------------+
(3)角色列表查询
[root@controller ~]# openstack role list
+----------------------------------+-----------+
| ID | Name |
+----------------------------------+-----------+
| 279551b0bb3143f19f1e321f69b2b083 | user |
| 51d01d0fe15e4305a3efa4eaa728f0d6 | wxit_test |
| a4293b848a4a40f4bd62fdd6116a4429 | admin |
+----------------------------------+-----------+
查询具体角色详细信息
[root@controller ~]# openstack role show wxit_test
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | None |
| id | 51d01d0fe15e4305a3efa4eaa728f0d6 |
| name | wxit_test |
+-----------+----------------------------------+
(4)端点地址查询
[root@controller ~]# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------------------------+
| ID | Region | Service Name | Service Type | Enabled | Interface | URL |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------------------------+
| 02853886f232492c8477365dd094493a | RegionOne | neutron | network | True | public | http://controller:9696 |
| 0569ff2452a24e708c29e224525d6d76 | RegionOne | cinderv3 | volumev3 | True | public | http://controller:8776/v3/%(tenant_id)s |
| 08dfabf848ce4910a1aeb272630dadfe | RegionOne | placement | placement | True | internal | http://controller:8778 |
| 1a174f98909846eb96c082d724e14ac4 | RegionOne | cinder | volume | True | public | http://controller:8776/v1/%(tenant_id)s |
| 24b4e571fdcf48fe97c0034eaf23fa03 | RegionOne | cinderv2 | volumev2 | True | public | http://controller:8776/v2/%(tenant_id)s |
| 32259a17ccf349ad991f296b6c6ea7b6 | RegionOne | nova | compute | True | admin | http://controller:8774/v2.1 |
| 381ba1ff2cb94c27bb8a394f283c64f4 | RegionOne | keystone | identity | True | public | http://controller:5000/v3 |
| 3b40060d037345e0b79942aa8a554c20 | RegionOne | glance | image | True | internal | http://controller:9292 |
| 4c2a26f1fa7740eca01ec70f664422b4 | RegionOne | cinder | volume | True | admin | http://controller:8776/v1/%(tenant_id)s |
| 5955a3d8487c44d299a9668ae7490161 | RegionOne | neutron | network | True | admin | http://controller:9696 |
| 64d8850d355d4e9c869fb6bb7e3b8c7e | RegionOne | cinderv3 | volumev3 | True | admin | http://controller:8776/v3/%(tenant_id)s |
| 692bcde7429d4d48b0e2a77f35ef3579 | RegionOne | keystone | identity | True | admin | http://controller:35357/v3 |
| 83edfa34f8494ed7806f83f4d20dff12 | RegionOne | swift | object-store | True | internal | http://controller:8080/v1/AUTH_%(tenant_id)s |
| 880874e92e204fdebe8fe98d285a55a1 | RegionOne | swift | object-store | True | admin | http://controller:8080/v1 |
| ad0d8203379a4b20afe4d25aa0a93ec3 | RegionOne | nova | compute | True | internal | http://controller:8774/v2.1 |
| b1f235000ece4a458bb3f6eee186d481 | RegionOne | nova | compute | True | public | http://controller:8774/v2.1 |
| b47cbd4a680544dc93bc56d0343a498e | RegionOne | placement | placement | True | public | http://controller:8778 |
| b78bd77b234540a28c4702bc24a03663 | RegionOne | placement | placement | True | admin | http://controller:8778 |
| b9fd53cd5c44491bb87a6e5950848778 | RegionOne | glance | image | True | public | http://controller:9292 |
| ba5d087cf737404fa30f0718da53b550 | RegionOne | keystone | identity | True | internal | http://controller:5000/v3 |
| ba903946875a4767af8243ff3bef6e19 | RegionOne | cinderv3 | volumev3 | True | internal | http://controller:8776/v3/%(tenant_id)s |
| bc2535c15c944954940d5cbd10b5e37a | RegionOne | cinder | volume | True | internal | http://controller:8776/v1/%(tenant_id)s |
| c4d04f282b3745a1a56fc1f3ff38dd7c | RegionOne | neutron | network | True | internal | http://controller:9696 |
| ec247b00635d448bb5dd96705c8f9e73 | RegionOne | glance | image | True | admin | http://controller:9292 |
| f72cb9a0ca19488c8350f04f26bd3187 | RegionOne | cinderv2 | volumev2 | True | internal | http://controller:8776/v2/%(tenant_id)s |
| f7bae24e9e7c4e19ab5da02b041b2f6e | RegionOne | swift | object-store | True | public | http://controller:8080/v1/AUTH_%(tenant_id)s |
| fcb85aa4dec74eaaaa45b7094ae1e23e | RegionOne | cinderv2 | volumev2 | True | admin | http://controller:8776/v2/%(tenant_id)s |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------------------------+
Glance
Glance管理镜像
(1)创建镜像
[root@controller images]# glance image-create --name "Centos7.5" --disk-format qcow2 --container-format bare --progress < CentOS_7.5_x86_64_XD.qcow2
[=============================>] 100%
+------------------+--------------------------------------+
| Property | Value |
+------------------+--------------------------------------+
| checksum | 3d3e9c954351a4b6953fd156f0c29f5c |
| container_format | bare |
| created_at | 2015-11-22T23:06:53Z |
| disk_format | qcow2 |
| id | 902614ba-adf0-42ff-8304-fd30566172e1 |
| min_disk | 0 |
| min_ram | 0 |
| name | Centos7.5 |
| owner | 6b95ad3440054017b708fb7e35b2efbc |
| protected | False |
| size | 510459904 |
| status | active |
| tags | [] |
| updated_at | 2015-11-22T23:06:56Z |
| virtual_size | None |
| visibility | shared |
+------------------+--------------------------------------+
(2)查看镜像列表
[root@controller ~]# glance image-list
+--------------------------------------+-----------+
| ID | Name |
+--------------------------------------+-----------+
| 902614ba-adf0-42ff-8304-fd30566172e1 | Centos7.5 |
+--------------------------------------+-----------+
Glance镜像运维
(1)查看镜像详情
[root@controller ~]# glance image-show 902614ba-adf0-42ff-8304-fd30566172e1
+------------------+--------------------------------------+
| Property | Value |
+------------------+--------------------------------------+
| checksum | 3d3e9c954351a4b6953fd156f0c29f5c |
| container_format | bare |
| created_at | 2015-11-22T23:06:53Z |
| disk_format | qcow2 |
| id | 902614ba-adf0-42ff-8304-fd30566172e1 |
| min_disk | 0 |
| min_ram | 0 |
| name | Centos7.5 |
| owner | 6b95ad3440054017b708fb7e35b2efbc |
| protected | False |
| size | 510459904 |
| status | active |
| tags | [] |
| updated_at | 2015-11-22T23:06:56Z |
| virtual_size | None |
| visibility | shared |
+------------------+--------------------------------------+
(2)更改镜像
[root@controller ~]# glance image-update --min-disk=1 902614ba-adf0-42ff-8304-fd30566172e1
+------------------+--------------------------------------+
| Property | Value |
+------------------+--------------------------------------+
| checksum | 3d3e9c954351a4b6953fd156f0c29f5c |
| container_format | bare |
| created_at | 2015-11-22T23:06:53Z |
| disk_format | qcow2 |
| id | 902614ba-adf0-42ff-8304-fd30566172e1 |
| min_disk | 1 |
| min_ram | 0 |
| name | Centos7.5 |
| owner | 6b95ad3440054017b708fb7e35b2efbc |
| protected | False |
| size | 510459904 |
| status | active |
| tags | [] |
| updated_at | 2015-11-22T23:11:56Z |
| virtual_size | None |
| visibility | shared |
+------------------+--------------------------------------+
(3)删除镜像
[root@controller ~]# glance image-delete 902614ba-adf0-42ff-8304-fd30566172e1
Nova运维命令
(1)Nova管理安全组
# nova secgroup-create
创建一个名为test的安全组,描述为’test the nova‘
# nova secgroup-create test 'test the nova'
(2)Nova管理虚拟机类型
# nova flavor-create
创建一个名为test,ID为 9,内存为2048MB,磁盘容量为20GB,vCPU数量为2的云主机类型。
[root@controller ~]# nova flavor-create test 9 2048 20 2
+----+------+-----------+------+-----------+------+-------+-------------+-----------+-------------+
| ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public | Description |
+----+------+-----------+------+-----------+------+-------+-------------+-----------+-------------+
| 9 | test | 2048 | 20 | 0 | | 2 | 1.0 | True | - |
+----+------+-----------+------+-----------+------+-------+-------------+-----------+-------------+
查看test云主机类型的详情信息
[root@controller ~]# nova flavor-show test
+----------------------------+-------+
| Property | Value |
+----------------------------+-------+
| OS-FLV-DISABLED:disabled | False |
| OS-FLV-EXT-DATA:ephemeral | 0 |
| description | - |
| disk | 20 |
| extra_specs | {} |
| id | 9 |
| name | test |
| os-flavor-access:is_public | True |
| ram | 2048 |
| rxtx_factor | 1.0 |
| swap | |
| vcpus | 2 |
+----------------------------+-------+
Nova实例管理
(1)启动实例
[root@controller ~]# nova help boot
usage: nova boot [--flavor <flavor>] [--image <image>]
[--image-with <key=value>] [--boot-volume <volume_id>]
[--snapshot <snapshot_id>] [--min-count <number>]
[--max-count <number>] [--meta <key=value>]
[--key-name <key-name>] [--user-data <user-data>]
[--availability-zone <availability-zone>]
[--security-groups <security-groups>]
[--block-device-mapping <dev-name=mapping>]
[--block-device key1=value1[,key2=value2...]]
[--swap <swap_size>]
[--ephemeral size=<size>[,format=<format>]]
[--hint <key=value>]
[--nic <auto,none,net-id=net-uuid,net-name=network-name,port-id=port-uuid,v4-fixed-ip=ip-addr,v6-fixed-ip=ip-addr,tag=tag>]
[--config-drive <value>] [--poll] [--admin-pass <value>]
[--access-ip-v4 <value>] [--access-ip-v6 <value>]
[--description <description>] [--tags <tags>]
[--return-reservation-id]
<name>
Boot a new server.
(2)实例删除
# nova delete
[root@controller ~]# nova help delete
usage: nova delete [--all-tenants] <server> [<server> ...]
Immediately shut down and delete specified server(s).
Positional arguments:
<server> Name or ID of server(s).
Optional arguments:
--all-tenants Delete server(s) in another tenant by name (Admin only).
Neutron服务运维
(1)Neutron 查询
使用Neutron相关命令查询网路服务列表信息中的“binary”一列
[root@controller ~]# neutron agent-list -c binary
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
+---------------------------+
| binary |
+---------------------------+
| neutron-dhcp-agent |
| neutron-metadata-agent |
| neutron-linuxbridge-agent |
| neutron-l3-agent |
| neutron-linuxbridge-agent |
+---------------------------+
(2)查询网络详情
查询网络详情信息的命令
[root@controller ~]# neutron net-list
+--------------------------------------+--------+----------------------------------+-------------------------------------------------------+
| id | name | tenant_id | subnets |
| 3d277762-a8d4-4385-9a07-a196626ae4cd | ex_net | accc4cc7919a49dba64364ca58b8a84e | 9a476636-2c4d-4c01-9622-ab4051ab0390 192.168.200.0/24 |
+--------------------------------------+--------+----------------------------------+-------------------------------------------
[root@controller ~]# neutron net-show 3d277762-a8d4-4385-9a07-a196626ae4cd
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| availability_zone_hints | |
| availability_zones | nova |
| created_at | 2015-10-09T00:10:09Z |
| description | |
| id | 3d277762-a8d4-4385-9a07-a196626ae4cd |
| ipv4_address_scope | |
| ipv6_address_scope | |
| is_default | False |
| mtu | 1500 |
| name | ex_net |
| port_security_enabled | True |
| project_id | accc4cc7919a49dba64364ca58b8a84e |
| provider:network_type | vlan |
| provider:physical_network | provider |
| provider:segmentation_id | 200 |
| revision_number | 6 |
| router:external | True |
| shared | True |
| status | ACTIVE |
| subnets | 9a476636-2c4d-4c01-9622-ab4051ab0390 |
| tags | |
| tenant_id | accc4cc7919a49dba64364ca58b8a84e |
| updated_at | 2015-10-09T00:10:09Z |
+---------------------------+--------------------------------------+
(3)查询Neutron相关组件服务
[root@controller ~]# neutron agent-list
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
+--------------------------------------+--------------------+------------+-------------------+-------+----------------+---------------------------+
| id | agent_type | host | availability_zone | alive | admin_state_up | binary |
+--------------------------------------+--------------------+------------+-------------------+-------+----------------+---------------------------+
| 3e0ab627-eb0b-4bf6-9866-a6c0f379e0c5 | DHCP agent | controller | nova | :-) | True | neutron-dhcp-agent |
| 4e80b128-c7e5-476a-9bc5-ee6c37f45c02 | Metadata agent | controller | | :-) | True | neutron-metadata-agent |
| 64cdedc6-f1ba-4b3e-a592-dca2d3ab6248 | Linux bridge agent | compute | | :-) | True | neutron-linuxbridge-agent |
| 66c64521-0aad-476e-8811-96bed7e545e5 | L3 agent | controller | nova | :-) | True | neutron-l3-agent |
| bdd4f0ec-6342-4ca7-872f-0b984e075e41 | Linux bridge agent | controller | | :-) | True | neutron-linuxbridge-agent |
+--------------------------------------+--------------------+------------+-------------------+-------+----------------+---------------------------+
[root@controller ~]# neutron agent-show 3e0ab627-eb0b-4bf6-9866-a6c0f379e0c5
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
+---------------------+----------------------------------------------------------+
| Field | Value |
+---------------------+----------------------------------------------------------+
| admin_state_up | True |
| agent_type | DHCP agent |
| alive | True |
| availability_zone | nova |
| binary | neutron-dhcp-agent |
| configurations | { |
| | "subnets": 1, |
| | "dhcp_lease_duration": 86400, |
| | "dhcp_driver": "neutron.agent.linux.dhcp.Dnsmasq", |
| | "ports": 1, |
| | "log_agent_heartbeats": false, |
| | "networks": 1 |
| | } |
| created_at | 2015-10-08 23:24:07 |
| description | |
| heartbeat_timestamp | 2015-11-23 03:07:20 |
| host | controller |
| id | 3e0ab627-eb0b-4bf6-9866-a6c0f379e0c5 |
| started_at | 2015-11-21 02:42:50 |
| topic | dhcp_agent |
+---------------------+----------------------------------------------------------+
Cinder服务运维
(1)创建云硬盘
创建一个2GB的云硬盘cinder-volume-demo
[root@controller ~]# cinder create --name cinder-volume-demo 2
+--------------------------------+--------------------------------------+
| Property | Value |
+--------------------------------+--------------------------------------+
| attachments | [] |
| availability_zone | nova |
| bootable | false |
| consistencygroup_id | None |
| created_at | 2015-11-23T03:13:42.000000 |
| description | None |
| encrypted | False |
| id | f1a2b631-2a49-4f27-bd45-add0da719847 |
| metadata | {} |
| migration_status | None |
| multiattach | False |
| name | cinder-volume-demo |
| os-vol-host-attr:host | None |
| os-vol-mig-status-attr:migstat | None |
| os-vol-mig-status-attr:name_id | None |
| os-vol-tenant-attr:tenant_id | 6b95ad3440054017b708fb7e35b2efbc |
| replication_status | None |
| size | 2 |
| snapshot_id | None |
| source_volid | None |
| status | creating |
| updated_at | None |
| user_id | b49ea08b077f44ce8c6673082f6f05a1 |
| volume_type | None |
+--------------------------------+--------------------------------------+
[root@controller ~]# cinder list
+--------------------------------------+--------+--------------------+------+-------------+----------+-------------+
| ID | Status | Name | Size | Volume Type | Bootable | Attached to |
+--------------------------------------+--------+--------------------+------+-------------+----------+-------------+
| f1a2b631-2a49-4f27-bd45-add0da719847 | error | cinder-volume-demo | 2 | - | false | |
+--------------------------------------+--------+--------------------+------+-------------+----------+-------------+
(2)创建云硬盘类型
通过cinder type-create 命令创建type标识的卷类型
创建一个lvm的卷类型
[root@controller ~]# cinder type-create lvm
+--------------------------------------+------+-------------+-----------+
| ID | Name | Description | Is_Public |
+--------------------------------------+------+-------------+-----------+
| e03801a2-104b-46be-ab4c-e17d217c029b | lvm | - | True |
+--------------------------------------+------+-------------+-----------+
[root@controller ~]# cinder type-list
+--------------------------------------+------+-------------+-----------+
| ID | Name | Description | Is_Public |
+--------------------------------------+------+-------------+-----------+
| e03801a2-104b-46be-ab4c-e17d217c029b | lvm | - | True |
+--------------------------------------+------+-------------+-----------+
(3)创建带标识云硬盘
[root@controller ~]# cinder create --name test_demo --volume-type lvm 1
+--------------------------------+--------------------------------------+
| Property | Value |
+--------------------------------+--------------------------------------+
| attachments | [] |
| availability_zone | nova |
| bootable | false |
| consistencygroup_id | None |
| created_at | 2015-11-23T03:20:21.000000 |
| description | None |
| encrypted | False |
| id | 14e137b9-687d-4f69-8dc8-28d64a477d3d |
| metadata | {} |
| migration_status | None |
| multiattach | False |
| name | test_demo |
| os-vol-host-attr:host | None |
| os-vol-mig-status-attr:migstat | None |
| os-vol-mig-status-attr:name_id | None |
| os-vol-tenant-attr:tenant_id | 6b95ad3440054017b708fb7e35b2efbc |
| replication_status | None |
| size | 1 |
| snapshot_id | None |
| source_volid | None |
| status | creating |
| updated_at | None |
| user_id | b49ea08b077f44ce8c6673082f6f05a1 |
| volume_type | lvm |
+--------------------------------+--------------------------------------+
查看
[root@controller ~]# cinder show test_demo
删除
[root@controller ~]# cinder delete cinder-volume-demo
Request to delete volume cinder-volume-demo has been accepted.
[root@controller ~]# cinder delete test_demo
Request to delete volume test_demo has been accepted.
Swift服务运维
Swift查询命令
(1)创建容器
[root@controller ~]# swift post test
(2)查询容器
[root@controller ~]# swift list
test
(3)Swift的上传和下载
[root@controller ~]# mkdir file
[root@controller ~]# touch 1.txt
[root@controller ~]# touch 2.doc
[root@controller ~]# touch 3.png
上传文件至容器
上传时首先要上传一个空白的file目录
[root@controller ~]# swift upload test file/
file/
将1.txt文件上传到test容器内file目录内
[root@controller ~]# swift upload test/file 1.txt
file/1.txt
[root@controller ~]# mv 2.doc 3.png file/
[root@controller ~]# swift upload test file
file/3.png
file/2.doc
(4)从容器内下载文件
[root@controller ~]# swift download test file/3.png
file/3.png [auth 1.520s, headers 1.797s, total 1.798s, 0.000 MB/s]
(5)从容器中删除文件
[root@controller ~]# swift delete test file/3.png
file/3.png
(6)查看容器服务状态
[root@controller ~]# swift stat
Account: AUTH_6b95ad3440054017b708fb7e35b2efbc
Containers: 1
Objects: 4
Bytes: 0
Containers in policy "policy-0": 1
Objects in policy "policy-0": 4
Bytes in policy "policy-0": 0
X-Account-Project-Domain-Id: 0aaa03e7a09e4c5e81db274f210c3d2c
X-Openstack-Request-Id: txf16b66b1c7624afb9bba7-0056528e12
X-Timestamp: 1448250203.35314
X-Trans-Id: txf16b66b1c7624afb9bba7-0056528e12
Content-Type: application/json; charset=utf-8
Accept-Ranges: bytes
