为了账号安全,请及时绑定邮箱和手机立即绑定

OpenStack使用CentOS7官方通用云镜像创建虚拟机实例

实验环境:

  • OpenStack Queens社区版

  • 1控制节点、1计算节点、1块存储节点

  • 单网卡provider供应商网络模式

操作系统版本

[root@controller ~]# cat /etc/redhat-release CentOS Linux release 7.4.1708 (Core) 
[root@controller ~]# uname -sr               Linux 4.16.3-1.el7.elrepo.x86_64

1.下载CentOS官方通用云镜像

执行环境变量(官网有说明)

[root@controller ~]# . admin-openrc

下载CentOS云镜像:

wget http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud-1802.qcow2c

2.上传镜像到Glance

[root@controller ~]# openstack image create "CentOS7-image" \
  --file CentOS-7-x86_64-GenericCloud-1802.qcow2c \
  --disk-format qcow2 --container-format bare \
  --public
+------------------+------------------------------------------------------+| Field            | Value                                                |+------------------+------------------------------------------------------+| checksum         | c5e362d0fb6e367ab16a5fbbed2ec1ce                     || container_format | bare                                                 || created_at       | 2018-05-16T02:06:12Z                                 || disk_format      | qcow2                                                || file             | /v2/images/de63a620-43da-4325-9ed5-cce8e74451f0/file || id               | de63a620-43da-4325-9ed5-cce8e74451f0                 || min_disk         | 0                                                    || min_ram          | 0                                                    || name             | CentOS7-image                                        || owner            | 2059d5d40c6a4d4ea37e5a80aa46b891                     || protected        | False                                                || schema           | /v2/schemas/image                                    || size             | 394918400                                            || status           | active                                               || tags             |                                                      || updated_at       | 2018-05-16T02:06:26Z                                 || virtual_size     | None                                                 || visibility       | public                                               |+------------------+------------------------------------------------------+

查看上传的镜像

[root@controller ~]# openstack image list+--------------------------------------+---------------+--------+| ID                                   | Name          | Status |
+--------------------------------------+---------------+--------+| de63a620-43da-4325-9ed5-cce8e74451f0 | CentOS7-image | active || d81e109c-acb0-4f65-b739-58b9595282e7 | cirros        | active |
+--------------------------------------+---------------+--------+

3.创建实例前的准备工作

要启动实例,必须至少指定flavor、镜像名称、网络、安全组、密钥和实例名称。
如果已经执行则跳过此项。
照搬官方文档:https://docs.openstack.org/install-guide/launch-instance.html#
创建供应商网络
在控制节点上,获取admin用户凭证以访问仅管理员的CLI命令:

[root@controller ~]# . admin-openrc1
[root@controller ~]# openstack network create  --share --external  --provider-physical-network provider  --provider-network-type flat provider
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+| admin_state_up            | UP                                   || availability_zone_hints   |                                      || availability_zones        |                                      || created_at                | 2018-04-22T09:49:19Z                 || description               |                                      || dns_domain                | None                                 || id                        | 1daecc49-121e-4bb2-b161-3fdb6f104434 || ipv4_address_scope        | None                                 || ipv6_address_scope        | None                                 || is_default                | None                                 || is_vlan_transparent       | None                                 || mtu                       | 1500                                 || name                      | provider                             || port_security_enabled     | True                                 || project_id                | 2059d5d40c6a4d4ea37e5a80aa46b891     |
| provider:network_type     | flat                                 || provider:physical_network | provider                             || provider:segmentation_id  | None                                 || qos_policy_id             | None                                 || revision_number           | 4                                    |
| router:external           | External                             || segments                  | None                                 || shared                    | True                                 || status                    | ACTIVE                               || subnets                   |                                      || tags                      |                                      || updated_at                | 2018-04-22T09:49:19Z                 |
+---------------------------+--------------------------------------+

在网络上创建子网

[root@controller ~]# openstack network create  --share --external  --provider-physical-network provider  --provider-network-type flat provider
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+| admin_state_up            | UP                                   || availability_zone_hints   |                                      || availability_zones        |                                      || created_at                | 2018-04-22T09:49:19Z                 || description               |                                      || dns_domain                | None                                 || id                        | 1daecc49-121e-4bb2-b161-3fdb6f104434 || ipv4_address_scope        | None                                 || ipv6_address_scope        | None                                 || is_default                | None                                 || is_vlan_transparent       | None                                 || mtu                       | 1500                                 || name                      | provider                             || port_security_enabled     | True                                 || project_id                | 2059d5d40c6a4d4ea37e5a80aa46b891     |
| provider:network_type     | flat                                 || provider:physical_network | provider                             || provider:segmentation_id  | None                                 || qos_policy_id             | None                                 || revision_number           | 4                                    |
| router:external           | External                             || segments                  | None                                 || shared                    | True                                 || status                    | ACTIVE                               || subnets                   |                                      || tags                      |                                      || updated_at                | 2018-04-22T09:49:19Z                 |
+---------------------------+--------------------------------------+

创建实例类型

[root@controller ~]# openstack flavor create --id 1 --vcpus 2 --ram 1024 --disk 10 m1.nano+----------------------------+---------+| Field                      | Value   |
+----------------------------+---------+| OS-FLV-DISABLED:disabled   | False   |
| OS-FLV-EXT-DATA:ephemeral  | 0       |
| disk                       | 10      |
| id                         | 1       |
| name                       | m1.nano |
| os-flavor-access:is_public | True    |
| properties                 |         |
| ram                        | 1024    |
| rxtx_factor                | 1.0     |
| swap                       |         || vcpus                      | 2       |
+----------------------------+---------+

生成秘钥对

[root@controller ~]# openstack keypair create --public-key ~/.ssh/id_rsa.pub testkey+-------------+-------------------------------------------------+
| Field       | Value                                           |
+-------------+-------------------------------------------------+
| fingerprint | aa:e7:ee:6b:1d:c8:85:9f:11:d6:23:45:85:f2:aa:4a |
| name        | testkey                                         |
| user_id     | 19ba7d00b87c4132b4fc0c6ee8555fef                |
+-------------+-------------------------------------------------+

添加安全组规则,允许对实例进行ping和ssh登录

[root@controller ~]# openstack security group rule create --proto icmp default
+-------------------+--------------------------------------+
| Field             | Value                                |
+-------------------+--------------------------------------+| created_at        | 2018-04-22T09:58:50Z                 || description       |                                      || direction         | ingress                              || ether_type        | IPv4                                 || id                | 25873007-b5e0-48f8-9e5e-ae9251680bef || name              | None                                 || port_range_max    | None                                 || port_range_min    | None                                 || project_id        | 07f75876b05945e0816b6e219ee6c9f7     || protocol          | icmp                                 || remote_group_id   | None                                 || remote_ip_prefix  | 0.0.0.0/0                            || revision_number   | 0                                    || security_group_id | 5a0ff59e-01a4-4959-bf79-148d9ebff8d6 || updated_at        | 2018-04-22T09:58:50Z                 |
+-------------------+--------------------------------------+
[root@controller ~]# openstack security group rule create --proto tcp --dst-port 22 default
+-------------------+--------------------------------------+
| Field             | Value                                |
+-------------------+--------------------------------------+| created_at        | 2018-04-22T09:59:44Z                 || description       |                                      || direction         | ingress                              || ether_type        | IPv4                                 || id                | 7c187ba7-0436-45e6-8fb6-4028ae23504d || name              | None                                 || port_range_max    | 22                                   || port_range_min    | 22                                   || project_id        | 07f75876b05945e0816b6e219ee6c9f7     || protocol          | tcp                                  || remote_group_id   | None                                 || remote_ip_prefix  | 0.0.0.0/0                            || revision_number   | 0                                    || security_group_id | 5a0ff59e-01a4-4959-bf79-148d9ebff8d6 || updated_at        | 2018-04-22T09:59:44Z                 |
+-------------------+--------------------------------------+

确认相关配置

[root@controller ~]# . demo-openrc
flavor实例类型
[root@controller ~]# openstack flavor list+----+---------+-----+------+-----------+-------+-----------+| ID | Name    | RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+---------+-----+------+-----------+-------+-----------+| 1  | m2.nano | 128 |    1 |         0 |     4 | True      |
+----+---------+-----+------+-----------+-------+-----------+查看镜像
[root@controller ~]# openstack image list+--------------------------------------+-----------------+--------+| ID                                   | Name            | Status |
+--------------------------------------+-----------------+--------+| d81e109c-acb0-4f65-b739-58b9595282e7 | cirros            | active |
+--------------------------------------+-----------------+--------+查看网络
[root@controller ~]# openstack network list+--------------------------------------+----------+----------------------------------| ID                                   | Name     | Subnets                              |
+--------------------------------------+----------+----------------------------------| 1daecc49-121e-4bb2-b161-3fdb6f104434 | provider | 0d276553-2cce-47a5-a57a-7f8997c7530c |
+--------------------------------------+----------+---------------------------------查看子网
[root@controller ~]# neutron subnet-listneutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
+--------------------------------------+----------+----------------------------------+-----------------+------------------------------------------------------+| id                                   | name     | tenant_id                        | cidr            | allocation_pools                                     |
+--------------------------------------+----------+----------------------------------+-----------------+------------------------------------------------------+| 0d276553-2cce-47a5-a57a-7f8997c7530c | provider | 2059d5d40c6a4d4ea37e5a80aa46b891 | 192.168.92.0/24 | {"start": "192.168.92.100", "end": "192.168.92.110"} |
+--------------------------------------+----------+----------------------------------+-----------------+------------------------------------------------------+查看安全组
[root@controller ~]# openstack security group list+--------------------------------------+---------+------------------------+----------| ID                                   | Name    | Description            | Project                          |
+--------------------------------------+---------+------------------------+----------| 0b8e6943-af2e-4b16-9f06-da3ceb17e105 | default | Default security group | 07f75876b05945e0816b6e219ee6c9f7 |
+--------------------------------------+---------+------------------------+----------查看安全组规则
[root@controller ~]# openstack security group rule list+--------------------------------------+-------------+-----------+------------+------| ID                                   | IP Protocol | IP Range  | Port Range | Remote Security Group                | Security Group                       |
+--------------------------------------+-------------+-----------+------------+------| 001beda6-dc2f-4407-a76d-06bf8f883fd5 | None        | None      |            | 0b8e6943-af2e-4b16-9f06-da3ceb17e105 | 0b8e6943-af2e-4b16-9f06-da3ceb17e105 |
| 216c5d37-651d-43db-b887-0f21907ce43b | None        | None      |            | None                                 | 0b8e6943-af2e-4b16-9f06-da3ceb17e105 |
| 3e4b2165-0cc9-40ab-9eb1-8a8cb6898e46 | None        | None      |            | None                                 | 0b8e6943-af2e-4b16-9f06-da3ceb17e105 |
| 9f42fee7-fe56-4700-8bc0-d25f19c9eca3 | None        | None      |            | 0b8e6943-af2e-4b16-9f06-da3ceb17e105 | 0b8e6943-af2e-4b16-9f06-da3ceb17e105 |
| b5727d6d-f7ac-46ed-963b-32d42787cca9 | tcp         | 0.0.0.0/0 | 22:22      | None                                 | 0b8e6943-af2e-4b16-9f06-da3ceb17e105 |
| ce4f6edf-a59d-445c-ab8f-d396cb3178b6 | icmp        | 0.0.0.0/0 |            | None                                 | 0b8e6943-af2e-4b16-9f06-da3ceb17e105 |+------------------------------+-------------+-----------+------------+------------+    查看秘钥对
[root@controller ~]# openstack keypair list+---------+-------------------------------------------------+| Name    | Fingerprint                                     |
+---------+-------------------------------------------------+| testkey | aa:e7:ee:6b:1d:c8:85:9f:11:d6:23:45:85:f2:aa:4a |
+---------+-------------------------------------------------+

4.使用上传的镜像创建实例

[root@controller ~]# . demo-openrc
[root@controller ~]# openstack server create --flavor m1.nano --image CentOS7-image \  --nic net-id=1daecc49-121e-4bb2-b161-3fdb6f104434 --security-group default \  --key-name testkey centos7-cloudvm1
+-----------------------------+------------------------------------------------------+| Field                       | Value                                                |
+-----------------------------+------------------------------------------------------+| OS-DCF:diskConfig           | MANUAL                                               |
| OS-EXT-AZ:availability_zone |                                                      |
| OS-EXT-STS:power_state      | NOSTATE                                              |
| OS-EXT-STS:task_state       | scheduling                                           |
| OS-EXT-STS:vm_state         | building                                             |
| OS-SRV-USG:launched_at      | None                                                 |
| OS-SRV-USG:terminated_at    | None                                                 |
| accessIPv4                  |                                                      |
| accessIPv6                  |                                                      |
| addresses                   |                                                      |
| adminPass                   | k9Bm4rZokooG                                         |
| config_drive                |                                                      |
| created                     | 2018-05-16T02:10:10Z                                 |
| flavor                      | m1.nano (1)                                          |
| hostId                      |                                                      |
| id                          | 236d03f7-fa1b-4dde-818c-c37eb59a84cd                 |
| image                       | CentOS7-image (de63a620-43da-4325-9ed5-cce8e74451f0) |
| key_name                    | testkey                                              |
| name                        | centos7-cloudvm1                                     |
| progress                    | 0                                                    |
| project_id                  | 07f75876b05945e0816b6e219ee6c9f7                     |
| properties                  |                                                      |
| security_groups             | name='0b8e6943-af2e-4b16-9f06-da3ceb17e105'          |
| status                      | BUILD                                                |
| updated                     | 2018-05-16T02:10:15Z                                 |
| user_id                     | 19ba7d00b87c4132b4fc0c6ee8555fef                     |
| volumes_attached            |                                                      |+-----------------------------+------------------------------------------------------
查看实例状态,active说明正常:
[root@controller ~]# openstack server list+--------------------------------------+-------------------+---------+---------------| ID                                   | Name              | Status  | Networks                | Image         | Flavor  |
+--------------------------------------+-------------------+---------+-------------------------+---------------+---------+| 236d03f7-fa1b-4dde-818c-c37eb59a84cd | centos7-cloudvm1  | ACTIVE  | provider=192.168.92.103 | CentOS7-image | m1.nano || 2eed1b91-6f01-4808-acce-c1ec9cbe13e3 | provider-cirrosvm | SHUTOFF | provider=192.168.92.101 | cirros        | m1.nano |
+--------------------------------------+-------------------+---------+---------------

5. 使用SSH访问实例

在控制节点和远程主机ping实例IP地址,正常ping通:

[root@controller ~]# ping -c 4 192.168.92.103PING 192.168.92.103 (192.168.92.103) 56(84) bytes of data.  
64 bytes from 192.168.92.103: icmp_seq=1 ttl=64 time=0.775 ms64 bytes from 192.168.92.103: icmp_seq=2 ttl=64 time=0.614 ms
C:\Users\zwpos>ping 192.168.92.103正在 Ping 192.168.92.103 具有 32 字节的数据:
来自 192.168.92.103 的回复: 字节=32 时间<1ms TTL=64来自 192.168.92.103 的回复: 字节=32 时间<1ms TTL=64

从控制节点ssh登录访问实例,centos官方通用云镜像默认用户名为centos:

[root@controller ~]# ssh centos@192.168.92.103修改root密码:
[centos@centos7-cloudvm1 ~]$ sudo su root
[root@centos7-cloudvm1 centos]# passwd rootChanging password for user root.
New password: 
BAD PASSWORD: The password is shorter than 8 characters
Retype new password: 
passwd: all authentication tokens updated successfully.

开启ssh远程密码登录:
[root@centos7-cloudvm1 ~]# vi /etc/ssh/sshd_config63 PasswordAuthentication yes   #去掉注释64 #PermitEmptyPasswords no65 #PasswordAuthentication no    #增加注释

使用SSH远程登录虚拟机实例并测试网络连通性

Verify access to the provider physical network gateway:
验证对提供者物理网络网关的访问:
[root@centos7-cloudvm1 ~]# ping -c 4 192.168.92.2PING 192.168.92.2 (192.168.92.2) 56(84) bytes of data.64 bytes from 192.168.92.2: icmp_seq=1 ttl=128 time=5.82 ms64 bytes from 192.168.92.2: icmp_seq=2 ttl=128 time=0.476 ms

Verify access to the internet:
验证访问Internet:
[root@centos7-cloudvm1 ~]# ping -c 4 openstack.orgPING openstack.org (162.242.140.107) 56(84) bytes of data.64 bytes from 162.242.140.107 (162.242.140.107): icmp_seq=1 ttl=128 time=292 ms64 bytes from 162.242.140.107 (162.242.140.107): icmp_seq=2 ttl=128 time=540 ms

建议看官方文档,大部分内容完全照搬官方文档。

原文出处

点击查看更多内容
TA 点赞

若觉得本文不错,就分享一下吧!

评论

作者其他优质文章

正在加载中
  • 推荐
  • 评论
  • 收藏
  • 共同学习,写下你的评论
感谢您的支持,我会继续努力的~
扫码打赏,你说多少就多少
赞赏金额会直接到老师账户
支付方式
打开微信扫一扫,即可进行扫码打赏哦
今天注册有机会得

100积分直接送

付费专栏免费学

大额优惠券免费领

立即参与 放弃机会
意见反馈 帮助中心 APP下载
官方微信

举报

0/150
提交
取消