Openstack: Difference between revisions

From Halfface
Jump to navigation Jump to search
Line 58: Line 58:
Add rule to allow traffic from ip.
Add rule to allow traffic from ip.
  openstack security group rule create --proto tcp --dst-port 6443  --remote-ip 185.53.164.10/32 --ingress <group>
  openstack security group rule create --proto tcp --dst-port 6443  --remote-ip 185.53.164.10/32 --ingress <group>
=create block device=
openstack volume create --size 50 --type ssd --description "nfs storage block device 0" nfs_storage_abjorklund-01

Revision as of 12:24, 8 May 2023

What does it mean

aodh                  Alarming service
barbican              REST API designed for the secure storage, provisioning and management of secrets such as passwords, encryption keys and X.509
cinder                OpenStack Block Storage
gnocchi               Time Series Database as a Service
glance                OpenStack Image Service
heat                  Deploy instances, volumes and other OpenStack services using YAML based templates.
horizon               Openstack’s Dashboard, which provides a web based user interface to OpenStack services
ironic                bootstrap
magnum                container orchestration engines
Mistral               workflow service
keystone              identity service 
neutron               networking as a service
octavia               Load balancer
swift                 OpenStack Object Storage

bash completion

. <(openstack complete 2>/dev/null )

list volumes

openstack volume list

install openstack

dnf install python3-openstackclient

get ip addresses of all host

openstack server  list -c Networks -f json | jq -r '.[].Networks[][]'

output

-f csv,json,table,value,yaml

Get output without headers.

openstack server list -f value

list all

openstack command list -f yaml | grep - | grep list | sed 's/^  - /openstack /g' |grep -v "openstack command list" | while read i ; do echo '*' $i ; $i 2>&1 ; done | tee /tmp/openstack_list_resources.${OS_CLOUD}

How to reach nodes

OPENSTACK=$(openstack server  list -c Networks -f json | jq -r '.[].Networks[][]') ; OPENSTACK_JUMP=$(grep 185 <<< "${OPENSTACK}") ; NODES=$(grep -v 185 <<< "${OPENSTACK}") ; for NODE in ${NODES} ; do echo ssh -J core@${OPENSTACK_JUMP} core@${NODE} ; done

create server

openstack server create --flavor gp.1x2 --availability-zone europe-se-1a --image fedora-37-x86_64 --boot-from-volume 100 --network abjorklund-01-5tsbc-openshift --security-group ssh_allow --key-name abjorklund_ed25519 abjorklund_$(date_file)

get router ip

List routers

openstack router list

Get external ip.

openstack router show abjorklund-01-5tsbc-external-router -c external_gateway_info -f json | jq '.external_gateway_info.external_fixed_ips[0].ip_address'
185.102.213.238

Download image

Get info about image.

openstack image list | grep -i nord-ic-
| 98c03b69-4ba8-4276-8695-b6c3f006cf20 | nord-ic-bc84t-rhcos            | active |
glance image-download --file nord-ic-bc84t-rhcos --progress 98c03b69-4ba8-4276-8695-b6c3f006cf20

Upload image

openstack image create --disk-format qcow2 --container-format bare --public --file CentOS-7-x86_64-GenericCloud-1503.qcow2  CentOS_7_Cloud_IMG

security

Get security groups.

openstack security group list -c Name -f json | jq -r '.[].Name'

Get all security groups with rules.

openstack security group list -c Name -f value | while read SECURITY ; do openstack security group show "$SECURITY" ; done > /temp/${OS_CLOUD##*/}}_openstack_security_group_list_openstack_security_group_show.$(date_file).log

Get rules from one security group

openstack security group rule list <group>

Add rule to allow traffic from ip.

openstack security group rule create --proto tcp --dst-port 6443  --remote-ip 185.53.164.10/32 --ingress <group>

create block device

openstack volume create --size 50 --type ssd --description "nfs storage block device 0" nfs_storage_abjorklund-01