邯城往事
CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \
IDENTIFIED BY 'neutron';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \
IDENTIFIED BY 'neutron';
[root@linux-node1 ~]# . admin-openrc
[root@linux-node1 ~]# openstack user create --domain default --password-prompt neutron
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | c0ce9b3d5a134ad08ce402c7528b1e91 |
| name | neutron |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
openstack role add --project service --user neutron admin
[root@linux-node1 ~]# openstack service create --name neutron \
> --description "OpenStack Networking" network
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Networking |
| enabled | True |
| id | bf1996ceb1d846deb8af3b208f2ff4e1 |
| name | neutron |
| type | network |
+-------------+----------------------------------+
[root@linux-node1 ~]# openstack endpoint create --region RegionOne \
> network public http://10.200.51.100:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 5ef730844dab4c4c9c348a003b1cb8f7 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | bf1996ceb1d846deb8af3b208f2ff4e1 |
| service_name | neutron |
| service_type | network |
| url | http://10.200.51.100:9696 |
+--------------+----------------------------------+
[root@linux-node1 ~]# openstack endpoint create --region RegionOne \
> network internal http://10.200.51.100:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 89e583655b7c4446892cb58dcc40152a |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | bf1996ceb1d846deb8af3b208f2ff4e1 |
| service_name | neutron |
| service_type | network |
| url | http://10.200.51.100:9696 |
+--------------+----------------------------------+
[root@linux-node1 ~]#
[root@linux-node1 ~]# openstack endpoint create --region RegionOne \
> network admin http://10.200.51.100:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 9abfbfb1288f40c7a92845ffcb6c3d8e |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | bf1996ceb1d846deb8af3b208f2ff4e1 |
| service_name | neutron |
| service_type | network |
| url | http://10.200.51.100:9696 |
+--------------+----------------------------------+
Choose one of the following networking options to configure services specific to it. Afterwards, return here and proceed to Configure the metadata agent.
选项 1 部署了最简单的架构,该架构仅支持将实例附加到提供商(外部)网络。没有自助(私有)网络,路由器或浮动 IP 地址。只有该 admin 特权用户或其他特权用户才能管理提供商网络。
yum install openstack-neutron openstack-neutron-ml2 \
openstack-neutron-linuxbridge ebtables -y
/etc/neutron/neutron.conf 文件[database]
connection = mysql+pymysql://neutron:neutron@10.200.51.100/neutron
[DEFAULT]
#启用模块化层2(ml2)插件并禁用其他插件
core_plugin = ml2
service_plugins =
#配置rabbitmq消息队列访问
transport_url = rabbit://openstack:openstack@10.200.51.100
auth_strategy = keystone
[keystone_authtoken]
www_authenticate_uri = http://10.200.51.100:5000
auth_url = http://10.200.51.100:5000
memcached_servers = 10.200.51.100:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = 598941324
[DEFAULT]
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true
[nova]
auth_url = http://10.200.51.100:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = 598941324
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
####配置 /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
type_drivers = flat,vlan
[ml2]
tenant_network_types =
[ml2]
mechanism_drivers = linuxbridge
After you configure the ML2 plug-in, removing values in the
type_driversoption can lead to database inconsistency.
[ml2]
extension_drivers = port_security
[ml2_type_flat]
# ...
flat_networks = provider
[securitygroup]
# ...
enable_ipset = true
编辑/etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider:ens33
[vxlan]
enable_vxlan = false
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
vim /etc/sysctl.conf
#...
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
[root@linux-node1 ~]# sysctl -p
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
要启用网桥支持,通常需要加载 bru netfilter 内核模块.
[root@linux-node1 ~]# modprobe br_netfilter
[root@linux-node1 ~]# ls /proc/sys/net/bridge
bridge-nf-call-arptables bridge-nf-call-ip6tables bridge-nf-call-iptables bridge-nf-filter-pppoe-tagged bridge-nf-filter-vlan-tagged bridge-nf-pass-vlan-input-dev
编辑 /etc/neutron/dhcp_agent.ini 文件
[DEFAULT]
# ...
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true
网络配置选项 2:
[DEFAULT]
nova_metadata_host = 10.200.51.100
metadata_proxy_shared_secret = 598941324
[neutron]
url = http://10.200.51.100:9696
auth_url = http://10.200.51.100:5000
auth_type = 598941324
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = 598941324
service_metadata_proxy = true
metadata_proxy_shared_secret = 598941324
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
systemctl restart openstack-nova-api.service
# systemctl enable neutron-server.service \
neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
neutron-metadata-agent.service
# systemctl start neutron-server.service \
neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
neutron-metadata-agent.service
对于网络选项 2,还启用并启动第 3 层服务
# systemctl enable neutron-l3-agent.service
# systemctl start neutron-l3-agent.service
这里我是第一种
yum install openstack-neutron-linuxbridge ebtables ipset
[DEFAULT]
transport_url = rabbit://openstack:openstack@10.200.51.100
[DEFAULT]
# ...
auth_strategy = keystone
[keystone_authtoken]
www_authenticate_uri = http://10.200.51.100:5000
auth_url = http://10.200.51.100:5000
memcached_servers = 10.200.51.100:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = 598941324
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
Choose the same networking option that you chose for the controller node to configure services specific to it. Afterwards, return here and proceed to Configure the Compute service to use the Networking service.
编辑 /etc/neutron/plugins/ml2/linuxbridge_agent.ini 文件
[linux_bridge]
physical_interface_mappings = provider:ens33
[vxlan]
enable_vxlan = false
[securitygroup]
# ...
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
[root@linux-node2 ~]# modprobe br_netfilter
[root@linux-node2 ~]# ls /proc/sys/net/bridge
bridge-nf-call-arptables bridge-nf-call-iptables bridge-nf-filter-vlan-tagged
bridge-nf-call-ip6tables bridge-nf-filter-pppoe-tagged bridge-nf-pass-vlan-input-dev
vim /etc/sysctl.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
使其生效
[root@linux-node2 ~]# sysctl -p
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
[neutron]
url = http://10.200.51.100:9696
auth_url = http://10.200.51.100:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = 598941324
暂不使用
systemctl restart openstack-nova-compute.service
systemctl enable neutron-linuxbridge-agent.service
systemctl start neutron-linuxbridge-agent.service
[root@linux-node1 ~]# openstack network agent list
+--------------------------------------+--------------------+-------------+-------------------+-------+-------+---------------------------+
| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
+--------------------------------------+--------------------+-------------+-------------------+-------+-------+---------------------------+
| 3a300c2c-73dd-4ddd-b8af-2e39b54846b5 | Metadata agent | linux-node1 | None | :-) | UP | neutron-metadata-agent |
| 5ad73cc8-8a6d-4fcb-a630-7fb52722f2a8 | Linux bridge agent | linux-node1 | None | :-) | UP | neutron-linuxbridge-agent |
| aa8498be-1f4e-4151-b9ed-50b474e49e28 | Linux bridge agent | linux-node2 | None | :-) | UP | neutron-linuxbridge-agent |
| dfcc05c5-2a57-49ee-9013-8097d8ecb854 | DHCP agent | linux-node1 | nova | :-) | UP | neutron-dhcp-agent |
+--------------------------------------+--------------------+-------------+-------------------+-------+-------+---------------------------+
首先需要创建一个虚拟网络,根据配置 Neutron 时选择的网络选项进行虚拟网络的配置。
[root@linux-node1 ~]# . admin-openrc
[root@linux-node1 ~]# openstack network create --share --external \
> --provider-physical-network provider \
> --provider-network-type flat provider
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2019-10-19T03:02:06Z |
| description | |
| dns_domain | None |
| id | e5179b09-cf50-46d5-b0e8-e02909b94ffe |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| is_default | None |
| is_vlan_transparent | None |
| mtu | 1500 |
| name | provider |
| port_security_enabled | True |
| project_id | 6385e862e7874f0f91d4a46772a0d4e7 |
| provider:network_type | flat |
| provider:physical_network | provider |
| provider:segmentation_id | None |
| qos_policy_id | None |
| revision_number | 0 |
| router:external | External |
| segments | None |
| shared | True |
| status | ACTIVE |
| subnets | |
| tags | |
| updated_at | 2019-10-19T03:02:06Z |
+---------------------------+--------------------------------------+
--share 选项允许所有项目使用虚拟网络。
--external 选项将虚拟网络定义为外部网络。如果希望创建内部网络,可以使用--internal 代替。默认值为内部。
--provider physical network provider 为在/etc/neutron/plugins/ml2/ml2_conf.ini 中配置的 flat_networks。
[ml2_type_flat]
flat_networks = provider
--provider network type flat 选项使用来自以下文件的信息将扁平虚拟网络连接到主机上 ens0 接口上的扁平(本机/未标记)物理网络:在 /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider:enp61s0f0
[root@linux-node1 ~]# openstack subnet create --network provider --allocation-pool start=192.168.51.10,end=192.168.51.150 --dns-nameserver 223.5.5.5 --gateway 192.168.51.1 --subnet-range 192.168.51.0/24 public
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| allocation_pools | 192.168.51.10-192.168.51.150 |
| cidr | 192.168.51.0/24 |
| created_at | 2019-10-19T03:39:46Z |
| description | |
| dns_nameservers | 223.5.5.5 |
| enable_dhcp | True |
| gateway_ip | 192.168.51.1 |
| host_routes | |
| id | 0f6331e7-8f1d-4231-a2a4-f4bcd895ad83 |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| name | public |
| network_id | e5179b09-cf50-46d5-b0e8-e02909b94ffe |
| project_id | 6385e862e7874f0f91d4a46772a0d4e7 |
| revision_number | 0 |
| segment_id | None |
| service_types | |
| subnetpool_id | None |
| tags | |
| updated_at | 2019-10-19T03:39:46Z |
+-------------------+--------------------------------------+
PROVIDER_NETWORK_CIDR 采用物理网络上的 CIDR 子网表示。
START_IP_ADDRESSandEND_IP_ADDRESS:子网中要为实例分配的范围的第一个和最后一个 IP 地址。此范围不得包含任何现有的活动 IP 地址。
DNS_RESOLVER 使用 DNS 解析程序的 IP 地址。在大多数情况下,可以使用主机上/etc/resolv.conf 文件中的一个。
PROVIDER_NETWORK_GATEWAY提供程序网络上的网关 IP 地址,通常是“.1”IP 地址。
验证:
[root@linux-node1 ~]# ip netns
qdhcp-e5179b09-cf50-46d5-b0e8-e02909b94ffe (id: 0)
创建虚拟机:
[root@linux-node1 ~]# openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano
+----------------------------+---------+
| Field | Value |
+----------------------------+---------+
| OS-FLV-DISABLED:disabled | False |
| OS-FLV-EXT-DATA:ephemeral | 0 |
| disk | 1 |
| id | 0 |
| name | m1.nano |
| os-flavor-access:is_public | True |
| properties | |
| ram | 64 |
| rxtx_factor | 1.0 |
| swap | |
| vcpus | 1 |
+----------------------------+---------+
[root@linux-node1 ~]# ssh-keygen -q -N ""
Enter file in which to save the key (/root/.ssh/id_rsa):
[root@linux-node1 ~]# openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey
+-------------+-------------------------------------------------+
| Field | Value |
+-------------+-------------------------------------------------+
| fingerprint | ca:96:b1:22:4e:dd:7b:ed:26:9d:24:07:83:05:25:66 |
| name | mykey |
| user_id | 93fe6925e0fb476f9ee66d8598f189cf |
+-------------+-------------------------------------------------+
验证密钥对的添加:
[root@linux-node1 ~]# openstack keypair list
+-------+-------------------------------------------------+
| Name | Fingerprint |
+-------+-------------------------------------------------+
| mykey | ca:96:b1:22:4e:dd:7b:ed:26:9d:24:07:83:05:25:66 |
+-------+-------------------------------------------------+
默认情况下,默认安全组应用于所有实例,并包含拒绝远程访问实例的防火墙规则。对于 cirros 等 Linux 映像,我们建议至少允许 icmp(ping)和 secure shell(SSH)。
[root@linux-node1 ~]# openstack security group rule create --proto icmp default
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| created_at | 2019-10-19T06:31:41Z |
| description | |
| direction | ingress |
| ether_type | IPv4 |
| id | 07a5686f-bac8-4b36-b036-1c67ca55f02e |
| name | None |
| port_range_max | None |
| port_range_min | None |
| project_id | d13cc91dc74347628cb460d6f497ee47 |
| protocol | icmp |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 0 |
| security_group_id | 346b8ee6-7b94-4cff-a902-fdeadb812892 |
| updated_at | 2019-10-19T06:31:41Z |
+-------------------+--------------------------------------+
允许安全(SSH)访问:
[root@linux-node1 ~]# openstack security group rule create --proto tcp --dst-port 22 default
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| created_at | 2019-10-19T06:32:24Z |
| description | |
| direction | ingress |
| ether_type | IPv4 |
| id | 4aabf58b-1d99-47ca-bef0-a423f2fb2e3a |
| name | None |
| port_range_max | 22 |
| port_range_min | 22 |
| project_id | d13cc91dc74347628cb460d6f497ee47 |
| protocol | tcp |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 0 |
| security_group_id | 346b8ee6-7b94-4cff-a902-fdeadb812892 |
| updated_at | 2019-10-19T06:32:24Z |
+-------------------+--------------------------------------+
[root@linux-node1 ~]# . myuser-openrc
[root@linux-node1 ~]# openstack flavor list
+----+---------+-----+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+---------+-----+------+-----------+-------+-----------+
| 0 | m1.nano | 64 | 1 | 0 | 1 | True |
+----+---------+-----+------+-----------+-------+-----------+
[root@linux-node1 ~]# openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| 44dbc6cf-cf2a-4d0a-af1f-39489c454f39 | cirros | active |
+--------------------------------------+--------+--------+
[root@linux-node1 ~]# openstack network list
+--------------------------------------+----------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+----------+--------------------------------------+
| e5179b09-cf50-46d5-b0e8-e02909b94ffe | provider | 0f6331e7-8f1d-4231-a2a4-f4bcd895ad83 |
+--------------------------------------+----------+--------------------------------------+
[root@linux-node1 ~]# openstack security group list
+--------------------------------------+---------+------------------------+----------------------------------+------+
| ID | Name | Description | Project | Tags |
+--------------------------------------+---------+------------------------+----------------------------------+------+
| 346b8ee6-7b94-4cff-a902-fdeadb812892 | default | Default security group | d13cc91dc74347628cb460d6f497ee47 | [] |
+--------------------------------------+---------+------------------------+----------------------------------+------+
[root@linux-node1 ~]# openstack server create --flavor m1.nano --image cirros --security-group default --key-name mykey provider-instance
+-----------------------------+-----------------------------------------------+
| Field | Value |
+-----------------------------+-----------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | |
| OS-EXT-STS:power_state | NOSTATE |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | None |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | |
| adminPass | xEbweLr2Yz74 |
| config_drive | |
| created | 2019-10-19T06:38:44Z |
| flavor | m1.nano (0) |
| hostId | |
| id | 1e497f41-aa2a-458a-9970-261d6fdc06dc |
| image | cirros (44dbc6cf-cf2a-4d0a-af1f-39489c454f39) |
| key_name | mykey |
| name | provider-instance |
| progress | 0 |
| project_id | d13cc91dc74347628cb460d6f497ee47 |
| properties | |
| security_groups | name='346b8ee6-7b94-4cff-a902-fdeadb812892' |
| status | BUILD |
| updated | 2019-10-19T06:38:44Z |
| user_id | 93fe6925e0fb476f9ee66d8598f189cf |
| volumes_attached | |
+-----------------------------+-----------------------------------------------+
[root@linux-node1 ~]# openstack server list
+--------------------------------------+-------------------+--------+----------+--------+---------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+-------------------+--------+----------+--------+---------+
| 1e497f41-aa2a-458a-9970-261d6fdc06dc | provider-instance | ERROR | | cirros | m1.nano |
+--------------------------------------+-------------------+--------+----------+--------+---------+
[root@controller ~]# openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano
+----------------------------+---------+
| Field | Value |
+----------------------------+---------+
| OS-FLV-DISABLED:disabled | False |
| OS-FLV-EXT-DATA:ephemeral | 0 |
| disk | 1 |
| id | 0 |
| name | m1.nano |
| os-flavor-access:is_public | True |
| properties | |
| ram | 64 |
| rxtx_factor | 1.0 |
| swap | |
| vcpus | 1 |
+----------------------------+---------+
[root@controller ~]# ssh-keygen -q -N ""
Enter file in which to save the key (/root/.ssh/id_rsa):
[root@controller ~]# openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey
+-------------+-------------------------------------------------+
| Field | Value |
+-------------+-------------------------------------------------+
| fingerprint | ea:57:21:d5🇨🇫1b🇧🇪f4:27:c3:11:4d🇨🇦63:ce:1f |
| name | mykey |
| user_id | 3642a0239ea24f98a8eb39b5685e1fff |
+-------------+-------------------------------------------------+
[root@controller ~]# openstack keypair list
+-------+-------------------------------------------------+
| Name | Fingerprint |
+-------+-------------------------------------------------+
| mykey | ea:57:21:d5🇨🇫1b🇧🇪f4:27:c3:11:4d🇨🇦63:ce:1f |
+-------+-------------------------------------------------+
[root@controller ~]# openstack security group rule create --proto icmp default
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| created_at | 2019-10-23T02:04:22Z |
| description | |
| direction | ingress |
| ether_type | IPv4 |
| id | 01e7d03e-ac6b-40e8-99ac-751ae6435be7 |
| name | None |
| port_range_max | None |
| port_range_min | None |
| project_id | 0eeb62090a094959ae36ce627f10cc1b |
| protocol | icmp |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 0 |
| security_group_id | ae62b441-4ec0-46b0-aed8-51f0bef56610 |
| updated_at | 2019-10-23T02:04:22Z |
+-------------------+--------------------------------------+
[root@controller ~]# openstack security group rule create --proto tcp --dst-port 22 default
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| created_at | 2019-10-23T02:05:33Z |
| description | |
| direction | ingress |
| ether_type | IPv4 |
| id | a81df169-6582-4f72-901d-503e05ad33a8 |
| name | None |
| port_range_max | 22 |
| port_range_min | 22 |
| project_id | 0eeb62090a094959ae36ce627f10cc1b |
| protocol | tcp |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 0 |
| security_group_id | ae62b441-4ec0-46b0-aed8-51f0bef56610 |
| updated_at | 2019-10-23T02:05:33Z |
+-------------------+--------------------------------------+
查看相关信息:
[root@controller ~]# openstack flavor list
+----+---------+-----+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+---------+-----+------+-----------+-------+-----------+
| 0 | m1.nano | 64 | 1 | 0 | 1 | True |
+----+---------+-----+------+-----------+-------+-----------+
[root@controller ~]# openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| f5f2008a-a230-4692-8fec-2634b4eaaac9 | cirros | active |
+--------------------------------------+--------+--------+
[root@controller ~]# openstack network list
+--------------------------------------+-------------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+-------------+--------------------------------------+
| cd7dd9bc-c2fd-40a9-9a77-a8573091e272 | selfservice | 4d190708-3579-4040-a578-d54143339515 |
+--------------------------------------+-------------+--------------------------------------+
[root@controller ~]#
[root@controller ~]# openstack security group list
+--------------------------------------+---------+------------------------+----------------------------------+------+
| ID | Name | Description | Project | Tags |
+--------------------------------------+---------+------------------------+----------------------------------+------+
| ae62b441-4ec0-46b0-aed8-51f0bef56610 | default | Default security group | 0eeb62090a094959ae36ce627f10cc1b | [] |
+--------------------------------------+---------+------------------------+----------------------------------+------+
[root@controller ~]# openstack server create --flavor m1.nano --image cirros \
> --nic net-id=cd7dd9bc-c2fd-40a9-9a77-a8573091e272 --security-group default \
> --key-name mykey selfservice-instance
+-------------------------------------+-----------------------------------------------+
| Field | Value |
+-------------------------------------+-----------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | |
| OS-EXT-SRV-ATTR:host | None |
| OS-EXT-SRV-ATTR:hypervisor_hostname | None |
| OS-EXT-SRV-ATTR:instance_name | |
| OS-EXT-STS:power_state | NOSTATE |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | None |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | |
| adminPass | 48QHgJn8fsL4 |
| config_drive | |
| created | 2019-10-23T02:19:11Z |
| flavor | m1.nano (0) |
| hostId | |
| id | 5ef50bf1-90f6-42be-ad4c-97e76b921ab4 |
| image | cirros (f5f2008a-a230-4692-8fec-2634b4eaaac9) |
| key_name | mykey |
| name | selfservice-instance |
| progress | 0 |
| project_id | 0eeb62090a094959ae36ce627f10cc1b |
| properties | |
| security_groups | name='ae62b441-4ec0-46b0-aed8-51f0bef56610' |
| status | BUILD |
| updated | 2019-10-23T02:19:11Z |
| user_id | 3642a0239ea24f98a8eb39b5685e1fff |
| volumes_attached | |
+-------------------------------------+-----------------------------------------------+
[root@controller ~]# openstack server list
+--------------------------------------+----------------------+--------+----------+--------+---------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+----------------------+--------+----------+--------+---------+
| 5ef50bf1-90f6-42be-ad4c-97e76b921ab4 | selfservice-instance | ERROR | | cirros | m1.nano |
+--------------------------------------+----------------------+--------+----------+--------+---------+