Openstack: Difference between revisions
Jump to navigation
Jump to search
| Line 44: | Line 44: | ||
=list all= | =list all= | ||
openstack command list -f yaml | grep - | grep list | sed 's/^ - /openstack /g' |grep -v "openstack command list" | while read i ; do echo '*' $i ; $i 2>&1 ; done | tee /tmp/openstack_list_resources.${OS_CLOUD} | openstack command list -f yaml | grep - | grep list | sed 's/^ - /openstack /g' |grep -v "openstack command list" | while read i ; do echo '*' $i ; $i 2>&1 ; done | tee /tmp/openstack_list_resources.${OS_CLOUD}.$(date +%F_%H-%M-%S) | ||
openstack command list -f json | jq -r '.[].Commands[]|select (match("list$"))' | while read i ; do echo '*' openstack $i ; openstack $i 2>&1 ; done | tee /tmp/openstack_list_resources.${OS_CLOUD} | openstack command list -f json | jq -r '.[].Commands[]|select (match("list$"))' | while read i ; do echo '*' openstack $i ; openstack $i 2>&1 ; done | tee /tmp/openstack_list_resources.${OS_CLOUD}.$(date +%F_%H-%M-%S) | ||
=How to reach nodes= | =How to reach nodes= | ||
Revision as of 08:55, 22 December 2023
What does it mean
aodh Alarming service barbican REST API designed for the secure storage, provisioning and management of secrets such as passwords, encryption keys and X.509 cinder OpenStack Block Storage gnocchi Time Series Database as a Service glance OpenStack Image Service heat Deploy instances, volumes and other OpenStack services using YAML based templates. horizon Openstack’s Dashboard, which provides a web based user interface to OpenStack services ironic bootstrap keystone identity service magnum container orchestration engines mistral workflow service neutron networking as a service nfv Network functions virtualization nova cloud computing instance controller, provision compute instances (aka virtual servers). octavia Load balancer. Octavia HAProxy Amphora API swift OpenStack Object Storage tacker NFV Orchestration trove Database as a Service Zaqar multi-tenant cloud messaging service
bash completion
. <(openstack complete 2>/dev/null )
flavor
Which machine types exist.
gp "General purpose" Well rounded combination of amount of CPUs and the amount of RAM. hm "High memory" Optimimzed for applications that need a lot of memory. hp "High performance" High frequenzy cpu.
list volumes
openstack volume list
install openstack
dnf install python3-openstackclient
dnf -y install $(dnf -q search python3- client |grep -i OpenStack | grep -v -- -tests| awk '{print $1}')
get ip addresses of all host
openstack server list -c Networks -f json | jq -r '.[].Networks[][]'
output
-f csv,json,table,value,yaml
Get output without headers.
openstack server list -f value
list all
openstack command list -f yaml | grep - | grep list | sed 's/^ - /openstack /g' |grep -v "openstack command list" | while read i ; do echo '*' $i ; $i 2>&1 ; done | tee /tmp/openstack_list_resources.${OS_CLOUD}.$(date +%F_%H-%M-%S)
openstack command list -f json | jq -r '.[].Commands[]|select (match("list$"))' | while read i ; do echo '*' openstack $i ; openstack $i 2>&1 ; done | tee /tmp/openstack_list_resources.${OS_CLOUD}.$(date +%F_%H-%M-%S)
How to reach nodes
OPENSTACK=$(openstack server list -c Networks -f json | jq -r '.[].Networks[][]') ; OPENSTACK_JUMP=$(grep 185 <<< "${OPENSTACK}") ; NODES=$(grep -v 185 <<< "${OPENSTACK}") ; for NODE in ${NODES} ; do echo ssh -J core@${OPENSTACK_JUMP} core@${NODE} ; done
create server
openstack server create --flavor gp.1x2 --availability-zone europe-se-1a --image fedora-37-x86_64 --boot-from-volume 100 --network abjorklund-01-5tsbc-openshift --security-group ssh_allow --key-name abjorklund_ed25519 abjorklund_$(date_file)
With setting password.
cat << EOF > user-data
#cloud-config
password: Password123!
chpasswd: {expire: False}
ssh_pwauth: True
EOF
openstack server create --flavor gp.1x2 --availability-zone europe-se-1a --image rocky-8-x86_64 --boot-from-volume 30 --network abjorklund-01-bmc7w-openshift --security-group ssh_allow --key-name abjorklund_ed25519 abjorklund_$(date_file) --user-data user-data
get router ip
List routers
openstack router list
Get external ip.
openstack router show abjorklund-01-5tsbc-external-router -c external_gateway_info -f json | jq '.external_gateway_info.external_fixed_ips[0].ip_address' 185.102.213.238
Remove subnet from router
openstack router remove subnet <router> <subnet>
list available images
openstack image list
Download image
Get info about image.
openstack image list | grep -i nord-ic- | 98c03b69-4ba8-4276-8695-b6c3f006cf20 | nord-ic-bc84t-rhcos | active | glance image-download --file nord-ic-bc84t-rhcos --progress 98c03b69-4ba8-4276-8695-b6c3f006cf20
Upload image
openstack image create --disk-format qcow2 --container-format bare --public --file CentOS-7-x86_64-GenericCloud-1503.qcow2 CentOS_7_Cloud_IMG
security
Get security groups.
openstack security group list -c Name -f json | jq -r '.[].Name'
Get all security groups with rules.
openstack security group list -c Name -f value | while read SECURITY ; do openstack security group show "$SECURITY" ; done > /temp/${OS_CLOUD##*/}}_openstack_security_group_list_openstack_security_group_show.$(date_file).log
Get rules from one security group
openstack security group rule list <group>
Add rule to allow traffic from ip.
openstack security group rule create --proto tcp --dst-port 6443 --remote-ip 185.53.164.10/32 --ingress <group>
Allow nfs4 traffic
# List group to add too. openstack security group list | grep rw-core openstack security group rule create --proto tcp --dst-port 2049 --remote-ip 10.2.0.0/16 rw-core-p9dq6-master
create block device
openstack volume create --size 50 --type ssd --description "nfs storage block device 0" nfs_storage_abjorklund-01
Resize block device.
os volume set --size 60 nfs_storage_abjorklund-01 --os-volume-api-version 3.42
set physical ip on host
openstack port list
Change security group on port
Remove if existing port does not exist.
openstack port set --no-security-group a7434863-fc4d-46ad-b93e-b0f2f717023f openstack port set --security-group 3723f737-280f-453e-af0b-50aca4ce1b0d a7434863-fc4d-46ad-b93e-b0f2f717023f
create port
openstack port create --network abjorklund-01-h4sxm-openshift --fixed-ip subnet=4bb2ab0c-f8f9-4346-b238-5f992f0bcf56,ip-address=10.1.0.5 abjorklund-01-h4sxm-api-port
manage loadbalancer aurora/haproxy
openstack loadbalancer openstack loadbalancer list openstack loadbalancer show test-lb -c listeners -f value
view limits
If you have problems to create something in openstack it could be worth verifying you are within limits.
openstack limits show --absolute -f value | grep -E 'RAM|Cores'
get project id
openstack server show $(openstack server list -f value | head -1 | awk '{print $2}') -c project_id -f value
Create s3 bucket
openstack ec2 credentials create openstack ec2 credentials list export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID ; export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY ; export AWS_DEFAULT_REGION=us-west-2 ; aws --endpoint=https://object-eu-se-1a.binero.cloud s3api create-bucket --bucket abjorklund-test-bucket --region us-west-2
list s3 storage
swift list blabla/blabla swift --os-storage-url https://object-eu-se-1a.binero.cloud/swift/v1/AUTH_${OS_PROJECT_ID}/sender list export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID ; export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY ; export AWS_DEFAULT_REGION=us-west-2 ; s3fs -f -d openshift-region /mnt/openshift-region/ -o endpoint=europe-se-1 -o "host=https://object-eu-se-1a.binero.cloud" -o use_path_request_style
whoami
openstack configuration show -f json | jq -r '."auth.username"'
sort
Sort on column name.
openstack network list --sort-column Name
selected columns
Select column name only
openstack server list -c Name -c Status -f table
create ssh public key(keypair)
openstack keypair create --public-key /home/abjorklund/.ssh/id_ed25519.pub binero_abjorklund_id_ed25519
create floating ip
openstack floating ip create europe-se-1-1a-net0
assign floating ip to port
openstack floating ip set --port abjorklund-01-h4sxm-ingress-port 193.93.251.233
assign ip to server
openstack server add floating ip binero_abjorklund_dns-lookup 193.93.248.34