Openstack
What does it mean
aodh Alarming service barbican REST API designed for the secure storage, provisioning and management of secrets such as passwords, encryption keys and X.509 cinder OpenStack Block Storage gnocchi Time Series Database as a Service glance OpenStack Image Service heat Deploy instances, volumes and other OpenStack services using YAML based templates. horizon Openstack’s Dashboard, which provides a web based user interface to OpenStack services ironic bootstrap keystone identity service magnum container orchestration engines mistral workflow service neutron networking as a service nfv Network functions virtualization nova cloud computing instance controller, provision compute instances (aka virtual servers). octavia Load balancer. Octavia HAProxy Amphora API swift OpenStack Object Storage tacker NFV Orchestration trove Database as a Service Zaqar multi-tenant cloud messaging service
bash completion
. <(openstack complete 2>/dev/null )
flavor
Which machine types exist.
gp "General purpose" Well rounded combination of amount of CPUs and the amount of RAM. hm "High memory" Optimimzed for applications that need a lot of memory. hp "High performance" High frequenzy cpu.
list volumes
openstack volume list
install openstack
dnf install python3-openstackclient
get ip addresses of all host
openstack server list -c Networks -f json | jq -r '.[].Networks[][]'
output
-f csv,json,table,value,yaml
Get output without headers.
openstack server list -f value
list all
openstack command list -f yaml | grep - | grep list | sed 's/^ - /openstack /g' |grep -v "openstack command list" | while read i ; do echo '*' $i ; $i 2>&1 ; done | tee /tmp/openstack_list_resources.${OS_CLOUD}
How to reach nodes
OPENSTACK=$(openstack server list -c Networks -f json | jq -r '.[].Networks[][]') ; OPENSTACK_JUMP=$(grep 185 <<< "${OPENSTACK}") ; NODES=$(grep -v 185 <<< "${OPENSTACK}") ; for NODE in ${NODES} ; do echo ssh -J core@${OPENSTACK_JUMP} core@${NODE} ; done
create server
openstack server create --flavor gp.1x2 --availability-zone europe-se-1a --image fedora-37-x86_64 --boot-from-volume 100 --network abjorklund-01-5tsbc-openshift --security-group ssh_allow --key-name abjorklund_ed25519 abjorklund_$(date_file)
With setting password.
cat << EOF > user-data #cloud-config password: Password123! chpasswd: {expire: False} ssh_pwauth: True EOF openstack server create --flavor gp.1x2 --availability-zone europe-se-1a --image rocky-8-x86_64 --boot-from-volume 30 --network abjorklund-01-bmc7w-openshift --security-group ssh_allow --key-name abjorklund_ed25519 abjorklund_$(date_file) --user-data user-data
get router ip
List routers
openstack router list
Get external ip.
openstack router show abjorklund-01-5tsbc-external-router -c external_gateway_info -f json | jq '.external_gateway_info.external_fixed_ips[0].ip_address' 185.102.213.238
Download image
Get info about image.
openstack image list | grep -i nord-ic- | 98c03b69-4ba8-4276-8695-b6c3f006cf20 | nord-ic-bc84t-rhcos | active | glance image-download --file nord-ic-bc84t-rhcos --progress 98c03b69-4ba8-4276-8695-b6c3f006cf20
Upload image
openstack image create --disk-format qcow2 --container-format bare --public --file CentOS-7-x86_64-GenericCloud-1503.qcow2 CentOS_7_Cloud_IMG
security
Get security groups.
openstack security group list -c Name -f json | jq -r '.[].Name'
Get all security groups with rules.
openstack security group list -c Name -f value | while read SECURITY ; do openstack security group show "$SECURITY" ; done > /temp/${OS_CLOUD##*/}}_openstack_security_group_list_openstack_security_group_show.$(date_file).log
Get rules from one security group
openstack security group rule list <group>
Add rule to allow traffic from ip.
openstack security group rule create --proto tcp --dst-port 6443 --remote-ip 185.53.164.10/32 --ingress <group>
Allow nfs4 traffic
# List group to add too. openstack security group list | grep rw-core openstack security group rule create --proto tcp --dst-port 2049 --remote-ip 10.2.0.0/16 rw-core-p9dq6-master
create block device
openstack volume create --size 50 --type ssd --description "nfs storage block device 0" nfs_storage_abjorklund-01
Resize block device.
os volume set --size 60 nfs_storage_abjorklund-01 --os-volume-api-version 3.42
set physical ip on host
openstack port list
manage loadbalancer aurora/haproxy
openstack loadbalancer openstack loadbalancer list openstack loadbalancer show test-lb -c listeners -f value
view limits
If you have problems to create something in openstack it could be worth verifying you are within limits.
openstack limits show --absolute -f value | grep -E 'RAM|Cores'
get project id
openstack server show $(openstack server list -f value | head -1 | awk '{print $2}') -c project_id -f value