OpenStack CLI

rldnjsdlsi·2022년 5월 24일
0

OpenStack

목록 보기
6/6
post-thumbnail

- admin으로 로그인

# source keystonerc_admin




- "cli-project" 프로젝트 생성

# openstack project create --domain Default --description "cli-project" cli-project




- 프로젝트 리스트 확인

# openstack project list




- User 생성

# openstack user create --domain Default --project cli-project --password-prompt cli-user




- openstack user list

# openstack user list




- member role에 추가

# openstack role add --project cli-project --user cli-user _member_



- flavor 생성

# openstack flavor create --id 6 --vcpus 1 --ram 1024 --disk 10 m1.micro




- 네트워크 생성, 공급자의 네트워크 타입 = flat, 공급자의 physical-network = extnet

# openstack network create --project admin --provider-network-type flat --provider-physical-network extnet --external External-Network

# openstack network list // 네트워크 리스트 확인



- 서브넷 생성 및 범위 지정

# openstack subnet create --network External-Network --project admin --subnet-range 192.168.0.0/20 --allocation-pool start=192.168.8.129,end=192.168.8.254 --gateway 192.168.0.1 --no-dhcp External-Subnet




- cli-user 토큰 생성

# vi keystonerc_cli-user
unset OS_SERVICE_TOKEN
    export OS_USERNAME=cli-user
    export OS_PASSWORD='#########'
    export OS_REGION_NAME=RegionOne
    export OS_AUTH_URL=http://192.168.0.##:5000/v3
    export PS1='[\u@\h \W(keystone_cli-user)]\$ '

export OS_PROJECT_NAME=cli-project
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_IDENTITY_API_VERSION=3



- policy.yaml 편집

# vi /etc/neutron/policy.yaml
"create_network:provider:network_type": "role:admin or project_id:%(project_id)s"
"create_floatingip:floating_ip_address": "role:admin or project_id:%(project_id)s"



- 테넌트 네트워크 생성

# openstack network create --project $projectID --provider-network-type vxlan Internal-Network




- 테넌트 네트워크 범위 지정

openstack subnet create --network Internal-Network --subnet-range 10.22.0.0/20 --gateway 10.22.0.1 --dhcp --dns-nameserver 8.8.8.8 Internal-Subnet




- 라우터 생성 및 내외부 연결

# openstack router create Router

# openstack router set --external-gateway External-Network Router
# openstack router add subnet Router Internal-Subnet



- Security Group 생성

# openstack security group create SG-WEB
# openstack security group rule create --protocol icmp --ingress SG-WEB
# openstack security group rule create --protocol tcp --dst-port 22:22 SG-WEB
# openstack security group rule create --protocol tcp --dst-port 80:80 SG-WEB




- DB보안 그룹 추가

# openstack security group create SG-DB




- 오픈스택 키페어

# openstack keypair create --public-key ~/.ssh/id_rsa.pub cli-key




- Image 생성

openstack image create --file CentOS-7-x86_64-GenericCloud-2111.qcow2 
--disk-format qcow2 --container-format bare CentOS7
  • CentOS7

  • Ubuntu18



- Floating IP

# openstack floating ip create External-Network
# openstack floating ip list




- 원하는 범위 안에서의 Floating IP 생성

# openstack floating ip create --floating-ip-address 192.168.8.222 External-Network



- 서버 생성

# openstack server create --flavor m1.micro --image CentOS7 --security-group SG-WEB --network Internal-Network --boot-from-volume 10 --key-name cli-key --user-data httpd.file WEBSERVER



- Floating IP 추가

# openstack server add floating ip WEBSERVER 192.168.8.222



- DB Server 생성

# openstack server create --flavor m1.micro --image Ubuntu18 --security-group SG-DB --network Internal-Network --boot-from-volume 10 --key-name cli-key DBSERVER



0개의 댓글