OpenStack: Preparing and launching an instance
Jump to navigation
Jump to search
- Source the admin details:
[root@server2-a ~]# source /root/keystonerc_admin
[root@server2-a ~(keystone_admin)]#- Create a user of user1 with a password of redhat:
[root@server2-a ~(keystone_admin)]# keystone user-create --name user1 --pass redhat
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | |
| enabled | True |
| id | 8d2eb9dc413444c58b1a71c80df63e86 |
| name | user1 |
| username | user1 |
+----------+----------------------------------+- Create a tenant named myproject:
[root@server2-a ~(keystone_admin)]# keystone tenant-create --name myproject
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | |
| enabled | True |
| id | 203b2ddb42ed4e8f9fd6a730a78641dc |
| name | myproject |
+-------------+----------------------------------+- Create a role named _member_ (already exits):
[root@server2-a ~(keystone_admin)]# keystone role-create --name _member_
Conflict occurred attempting to store role. (IntegrityError) (1062, "Duplicate entry '_member_' for key 'name'") 'INSERT INTO role (id, name, extra) VALUES (%s, %s, %s)' ('04948b865cdc4a3490edc0ed646ce306', '_member_', '{}') (HTTP 409)- Add user1 to the _member_ role in myproject:
[root@server2-a ~(keystone_admin)]# keystone user-role-add --user user1 --role _member_ --tenant myproject- Create a
/root/keystonerc_user1file:
[root@server2-a ~(keystone_admin)]# cat /root/keystonerc_user1
unset SERVICE_TOKEN SERVICE_ENDPOINT
export OS_USERNAME=user1
export OS_TENANT_NAME=myproject
export OS_PASSWORD=redhat
export OS_AUTH_URL=http://server2-a.example.com:5000/v2.0/
export PS1='[\u@\h \W(keystone_user1)]\$ '- Source the user1 keystonerc file:
[root@server2-a ~(keystone_admin)]# source /root/keystonerc_user1
[root@server2-a ~(keystone_user1)]#- Upload the web image into the image service:
[root@server2-a ~(keystone_user1)]# glance image-create --name web --is-public True --disk-format qcow2 --container-format bare --copy-from http://classroom.example.com/materials/web.img
+------------------+--------------------------------------+
| Property | Value |
+------------------+--------------------------------------+
| checksum | None |
| container_format | bare |
| created_at | 2015-04-29T13:53:44 |
| deleted | False |
| deleted_at | None |
| disk_format | qcow2 |
| id | 6d1f269d-5df7-46d6-9ed7-f200bfa8ce6f |
| is_public | True |
| min_disk | 0 |
| min_ram | 0 |
| name | web |
| owner | 203b2ddb42ed4e8f9fd6a730a78641dc |
| protected | False |
| size | 262041600 |
| status | queued |
| updated_at | 2015-04-29T13:53:44 |
| virtual_size | None |
+------------------+--------------------------------------+- Create a network named net1:
[root@server2-a ~(keystone_user1)]# neutron net-create net1
Created a new network:
+----------------+--------------------------------------+
| Field | Value |
+----------------+--------------------------------------+
| admin_state_up | True |
| id | 1b6304d1-0e8b-4838-9157-8f54f5c53452 |
| name | net1 |
| shared | False |
| status | ACTIVE |
| subnets | |
| tenant_id | 203b2ddb42ed4e8f9fd6a730a78641dc |
+----------------+--------------------------------------+- Create a subnet in net1 called subnet1:
[root@server2-a ~(keystone_user1)]# neutron subnet-create --name subnet1 net1 172.25.102.0/24 --gateway 172.25.102.25
Created a new subnet:
+------------------+-----------------------------------------------------+
| Field | Value |
+------------------+-----------------------------------------------------+
| allocation_pools | {"start": "172.25.102.1", "end": "172.25.102.24"} |
| | {"start": "172.25.102.26", "end": "172.25.102.254"} |
| cidr | 172.25.102.0/24 |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 172.25.102.25 |
| host_routes | |
| id | 37484f49-d8a9-4128-9016-d24ce934fcc9 |
| ip_version | 4 |
| name | subnet1 |
| network_id | 1b6304d1-0e8b-4838-9157-8f54f5c53452 |
| tenant_id | 203b2ddb42ed4e8f9fd6a730a78641dc |
+------------------+-----------------------------------------------------+- Create a router named router1
[root@server2-a ~(keystone_user1)]# neutron router-create router1
Created a new router:
+-----------------------+--------------------------------------+
| Field | Value |
+-----------------------+--------------------------------------+
| admin_state_up | True |
| external_gateway_info | |
| id | 449e8378-59cb-4511-8c34-fa22b36354bd |
| name | router1 |
| status | ACTIVE |
| tenant_id | 203b2ddb42ed4e8f9fd6a730a78641dc |
+-----------------------+--------------------------------------+- Add an interface for subnet1 to router1
[root@server2-a ~(keystone_admin)]# neutron router-interface-add router1 subnet1
Added interface aced20ad-09a3-44a6-8d60-4d85f89b90e2 to router router1.- Using admin credentials, create a network called net2 with an external router in the services tenant:
[root@server2-a ~(keystone_admin)]# neutron net-create --tenant-id services net2 --router:external=True
Created a new network:
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| id | aa9e1e23-221c-46dc-8cbb-de4a8b564ff1 |
| name | net2 |
| provider:network_type | vlan |
| provider:physical_network | physnet1 |
| provider:segmentation_id | 1001 |
| router:external | True |
| shared | False |
| status | ACTIVE |
| subnets | |
| tenant_id | services |
+---------------------------+--------------------------------------+- Create a subnet called subnet2 within net2. Include this subnet in the services tenant. Disable DHCP.
[root@server2-a ~(keystone_admin)]# neutron subnet-create --tenant-id services --allocation-pool start=172.25.2.25,end=172.25.2.99 --gateway 172.25.2.254 --disable-dhcp --name subnet2 net2 172.25.2.0/24
Created a new subnet:
+------------------+------------------------------------------------+
| Field | Value |
+------------------+------------------------------------------------+
| allocation_pools | {"start": "172.25.2.25", "end": "172.25.2.99"} |
| cidr | 172.25.2.0/24 |
| dns_nameservers | |
| enable_dhcp | False |
| gateway_ip | 172.25.2.254 |
| host_routes | |
| id | 3f38824b-1bd4-4d9c-89cb-66a5376f9832 |
| ip_version | 4 |
| name | subnet2 |
| network_id | aa9e1e23-221c-46dc-8cbb-de4a8b564ff1 |
| tenant_id | services |
+------------------+------------------------------------------------+- Set the gateway for router1 to the net2 network. This will add an interface for the net2 network:
[root@server2-a ~(keystone_admin)]# neutron router-gateway-set router1 net2
Set gateway for router router1- Source user1 keystonerc file
[root@server2-a ~(keystone_admin)]# source /root/keystonerc_user1
[root@server2-a ~(keystone_user1)]#- Create a keypair and save the private key to
/root/key1.pem. Change permissions to 0600:
[root@server2-a ~(keystone_user1)]# nova keypair-add key1 > /root/key1.pem
[root@server2-a ~(keystone_user1)]# chmod 0600 /root/key1.pem- Create a new security group named sec1. Allow TCP/22, TCP/443 and ICMP from 0.0.0.0/0 and allow TCP/80 from the security group:
[root@server2-a ~(keystone_user1)]# nova secgroup-create sec1 "SSH and Web"
+--------------------------------------+------+-------------+
| Id | Name | Description |
+--------------------------------------+------+-------------+
| b8a4ab01-a707-4216-b19c-7b55310edd46 | sec1 | SSH and Web |
+--------------------------------------+------+-------------+
[root@server2-a ~(keystone_user1)]# nova secgroup-add-rule sec1 tcp 22 22 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| tcp | 22 | 22 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
[root@server2-a ~(keystone_user1)]# nova secgroup-add-rule sec1 tcp 443 443 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| tcp | 443 | 443 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
[root@server2-a ~(keystone_user1)]# nova secgroup-add-rule sec1 icmp -1 -1 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| icmp | -1 | -1 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
[root@server2-a ~(keystone_user1)]# nova secgroup-add-group-rule sec1 sec1 tcp 80 80
+-------------+-----------+---------+----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+----------+--------------+
| tcp | 80 | 80 | | sec1 |
+-------------+-----------+---------+----------+--------------+
[root@server2-a ~(keystone_user1)]# nova secgroup-list-rules sec1
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| tcp | 80 | 80 | | sec1 |
| tcp | 443 | 443 | 0.0.0.0/0 | |
| icmp | -1 | -1 | 0.0.0.0/0 | |
| tcp | 22 | 22 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+- Create a script
/root/userdatato be executed on the instance. It should contain the following:
[root@server2-a ~(keystone_user1)]# cat /root/userdata
#!/bin/bash
echo Hello >> /home/cloud-user/test- Launch an instance named testweb using the m1.tiny flavour, the web image, the key1 key pair and the sec1 security group. Also, pass the
/root/userdatafile as user data:
[root@server2-a ~(keystone_user1)]# nova boot --flavor m1.small --image web --key-name key1 --security-groups sec1 --user-data /root/userdata --poll testweb
+--------------------------------------+--------------------------------------------+
| Property | Value |
+--------------------------------------+--------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | nova |
| OS-EXT-STS:power_state | 0 |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | - |
| OS-SRV-USG:terminated_at | - |
| accessIPv4 | |
| accessIPv6 | |
| adminPass | 8kaEZZAmXV38 |
| config_drive | |
| created | 2015-04-29T14:22:16Z |
| flavor | m1.small (2) |
| hostId | |
| id | b730c727-c83a-4380-9416-bb3d84c8d8b1 |
| image | web (6d1f269d-5df7-46d6-9ed7-f200bfa8ce6f) |
| key_name | key1 |
| metadata | {} |
| name | testweb |
| os-extended-volumes:volumes_attached | [] |
| progress | 0 |
| security_groups | sec1 |
| status | BUILD |
| tenant_id | 203b2ddb42ed4e8f9fd6a730a78641dc |
| updated | 2015-04-29T14:22:17Z |
| user_id | 8d2eb9dc413444c58b1a71c80df63e86 |
+--------------------------------------+--------------------------------------------+- Allocate and associate a floating IP address to the instance:
[root@server2-a ~(keystone_user1)]# nova floating-ip-create net2
+-------------+-----------+----------+------+
| Ip | Server Id | Fixed Ip | Pool |
+-------------+-----------+----------+------+
| 172.25.2.26 | | - | net2 |
+-------------+-----------+----------+------+
[root@server2-a ~(keystone_user1)]# nova add-floating-ip testweb 172.25.2.26
[root@server2-a ~(keystone_user1)]# nova floating-ip-list
+-------------+-----------+---------------+------+
| Ip | Server Id | Fixed Ip | Pool |
+-------------+-----------+---------------+------+
| 172.25.2.26 | | 172.25.102.26 | net2 |
+-------------+-----------+---------------+------+- Connect to the instance using the private key generated earlier and make sure the script file has been properly injected:
[root@server2-a ~(keystone_user1)]# ssh -i /root/key1.pem cloud-user@172.25.2.26
The authenticity of host '172.25.2.26 (172.25.2.26)' can't be established.
RSA key fingerprint is d0:be:26:0f:45:d9:5d:c0:0d:0d:48:da:65:55:c4:90.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.25.2.26' (RSA) to the list of known hosts.
[cloud-user@testweb ~]$ su
Password:
[root@testweb cloud-user]# cat test
Hello
[root@testweb cloud-user]# exit
exit
[cloud-user@testweb ~]$ exit
logout
Connection to 172.25.2.26 closed.
[root@server2-a ~(keystone_user1)]#- Retrieve content from the web server in HTTP and HTTPS:
[root@server2-a ~(keystone_user1)]# curl http://172.25.2.26
My web page
[root@server2-a ~(keystone_user1)]# curl -k https://172.25.2.26
My web page- Terminate the instance:
[root@server2-a ~(keystone_user1)]# nova delete testweb