OpenStack-命令指南-Nova.md 21 KB
OpenStack_Nova
Nova运维
安全组运维
常用安全组命令
[root@controller ~]# openstack security group --help
Command "security" matches:
security group create # 创建安全组
security group delete # 删除安全组
security group list # 安全组列表
security group rule create # 创建规则
security group rule delete # 删除规则
security group rule list # 安全组规则列表
security group rule show # 查看安全组规则
security group set # 设置安全组
security group show # 查看安全组
创建安全组
仓用参数补充:
| 参数 | 功能 | 用法 |
|---|---|---|
| description | 描述信息 |
创建安全组需要提供安全组名,描述信息等。
[root@controller ~]# openstack security group create test # --description 添加描述信息
+-----------------+-------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-----------------+-------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at | 2021-03-19T14:20:14Z |
| description | test |
| id | 61d04167-b5ad-4037-b10d-51d162cab596 |
| name | test |
| project_id | 57e7eb094ace4170ab2c4792c23ee6e7 |
| revision_number | 2 |
| rules | created_at='2021-03-19T14:20:15Z', direction='egress', ethertype='IPv4', id='0fab269e-b013-42b4-b1bb-e337128fdacf', updated_at='2021-03-19T14:20:15Z' |
| | created_at='2021-03-19T14:20:15Z', direction='egress', ethertype='IPv6', id='4f0dbc20-a41c-4bc8-a8e8-2e6c9d773bbe', updated_at='2021-03-19T14:20:15Z' |
| updated_at | 2021-03-19T14:20:15Z |
+-----------------+-------------------------------------------------------------------------------------------------------------------------------------------------------+
查看安全组列表
[root@controller ~]# openstack security group list
+--------------------------------------+---------+------------------------+----------------------------------+
| ID | Name | Description | Project |
+--------------------------------------+---------+------------------------+----------------------------------+
| 3c016803-bf4c-4783-add6-c0e5027deade | default | Default security group | 57e7eb094ace4170ab2c4792c23ee6e7 |
| 61d04167-b5ad-4037-b10d-51d162cab596 | test | test | 57e7eb094ace4170ab2c4792c23ee6e7 |
+--------------------------------------+---------+------------------------+----------------------------------+
查看安全组
[root@controller ~]# openstack security group show test
+-----------------+-------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-----------------+-------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at | 2021-03-19T14:20:14Z |
| description | test |
| id | 61d04167-b5ad-4037-b10d-51d162cab596 |
| name | test |
| project_id | 57e7eb094ace4170ab2c4792c23ee6e7 |
| revision_number | 2 |
| rules | created_at='2021-03-19T14:20:15Z', direction='egress', ethertype='IPv4', id='0fab269e-b013-42b4-b1bb-e337128fdacf', updated_at='2021-03-19T14:20:15Z' |
| | created_at='2021-03-19T14:20:15Z', direction='egress', ethertype='IPv6', id='4f0dbc20-a41c-4bc8-a8e8-2e6c9d773bbe', updated_at='2021-03-19T14:20:15Z' |
| updated_at | 2021-03-19T14:20:15Z |
+-----------------+-------------------------------------------------------------------------------------------------------------------------------------------------------+
创建安全组规则
指令参数补充:
| 参数 | 功能 | 用法 |
|---|---|---|
| protocol | 协议类型 | --protocol TCP|UDP|ICMP |
| ingress | 入口 | |
| egress | 出口 | |
| dst-port | 端口 | --dst-port 本机端口:远程端口 |
| remote-group | 远程端口组,允许来自其他安全组的IP访问 | --remote-group 远程安全组名 |
| romote-ip | 远程IP地址 | 0.0.0.0/0 全部通过 --romote-ip IP地址(CIDR写法) |
# 允许所有ICMP通行
[root@controller ~]# openstack security group rule create --protocol icmp test
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| created_at | 2021-03-19T14:57:02Z |
| description | |
| direction | ingress |
| ether_type | IPv4 |
| id | 965b8a19-2ca4-4011-9e4e-93303ddf1a49 |
| name | None |
| port_range_max | None |
| port_range_min | None |
| project_id | 57e7eb094ace4170ab2c4792c23ee6e7 |
| protocol | icmp |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 0 |
| security_group_id | 61d04167-b5ad-4037-b10d-51d162cab596 |
| updated_at | 2021-03-19T14:57:02Z |
+-------------------+--------------------------------------+
查看安全组规则列表
[root@controller ~]# openstack security group rule list test
+--------------------------------------+-------------+-----------+------------+-----------------------+
| ID | IP Protocol | IP Range | Port Range | Remote Security Group |
+--------------------------------------+-------------+-----------+------------+-----------------------+
| 0fab269e-b013-42b4-b1bb-e337128fdacf | None | None | | None |
| 4f0dbc20-a41c-4bc8-a8e8-2e6c9d773bbe | None | None | | None |
| 965b8a19-2ca4-4011-9e4e-93303ddf1a49 | icmp | 0.0.0.0/0 | | None |
+--------------------------------------+-------------+-----------+------------+-----------------------+
查看安全组规则
[root@controller ~]# openstack security group rule show 965b8a19-2ca4-4011-9e4e-93303ddf1a49
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| created_at | 2021-03-19T14:57:02Z |
| description | |
| direction | ingress |
| ether_type | IPv4 |
| id | 965b8a19-2ca4-4011-9e4e-93303ddf1a49 |
| name | None |
| port_range_max | None |
| port_range_min | None |
| project_id | 57e7eb094ace4170ab2c4792c23ee6e7 |
| protocol | icmp |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 0 |
| security_group_id | 61d04167-b5ad-4037-b10d-51d162cab596 |
| updated_at | 2021-03-19T14:57:02Z |
+-------------------+--------------------------------------+
实例类型运维
实例类型常用命令
[root@controller ~]# openstack flavor --help
Command "flavor" matches:
flavor create # 实例类型创建
flavor delete # 实例类型删除
flavor list # 实例类型列表
flavor set # 实例类型设置
flavor show # 查看实例类型
flavor unset
创建实例类型
常用参数补充:
| 参数 | 功能 | 用法 |
|---|---|---|
| id | 实例类型ID | |
| ram | 内存大小(单位mb) | |
| vcpus | 虚拟CPU数量 | |
| disk | 硬盘大小 | |
| swap | 交换空间大小(单位mb) | |
| ephemeral | 临时空间 |
# VCPU:2 RAM:2GB 硬盘大小:20GB ID:6
[root@controller ~]# openstack flavor create --vcpu 1 --ram 2048 --disk 20 --id 6 2C2G20GB
+----------------------------+----------+
| Field | Value |
+----------------------------+----------+
| OS-FLV-DISABLED:disabled | False |
| OS-FLV-EXT-DATA:ephemeral | 0 |
| disk | 20 |
| id | 6 |
| name | 2C2G20GB |
| os-flavor-access:is_public | True |
| properties | |
| ram | 2048 |
| rxtx_factor | 1.0 |
| swap | |
| vcpus | 1 |
+----------------------------+----------+
查看实例类型列表
[root@controller ~]# openstack flavor list
+----+----------+------+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+----------+------+------+-----------+-------+-----------+
| 6 | 2C2G20GB | 2048 | 20 | 0 | 1 | True |
+----+----------+------+------+-----------+-------+-----------+
查看实例类型
[root@controller ~]# openstack flavor show 6
+----------------------------+----------+
| Field | Value |
+----------------------------+----------+
| OS-FLV-DISABLED:disabled | False |
| OS-FLV-EXT-DATA:ephemeral | 0 |
| access_project_ids | None |
| disk | 20 |
| id | 6 |
| name | 2C2G20GB |
| os-flavor-access:is_public | True |
| properties | |
| ram | 2048 |
| rxtx_factor | 1.0 |
| swap | |
| vcpus | 1 |
+----------------------------+----------+
实例运维
实例管理常用命令
[root@controller ~]# openstack server --help
Command "server" matches:
server add fixed ip # 添加固定IP
server add floating ip # 添加浮动IP
server add network # 添加网络
server add port # 添加端口
server add security group # 添加安全组
server add volume # 添加卷
server create # 创建实例
server delete # 删除实例
server image create # 使用镜像创建实例
server list # 查看实例列表
server lock # 锁定实例
server migrate
server pause # 暂停实例
server reboot # 重启实例
server rebuild # 重建实例
server remove fixed ip # 删除固定IP
server remove floating ip # 删除浮动IP
server remove network # 删除网络
server remove port # 删除端口
server remove security group # 删除安全组
server remove volume # 删除卷
server set # 实例设置
server show # 查看实例
server start # 开启实例
server stop # 停止实例
server unlock # 实例解锁
server unpause # 实例继续
创建实例
创建实例参数补充:
| 参数 | 功能 | 用法 |
|---|---|---|
| flavor | 实例类型 | |
| image | 镜像 | |
| volume | 卷 | |
| network | 网络 |
[root@controller ~]# openstack server create --flavor 6 --image cirros cirros
+-------------------------------------+-----------------------------------------------+
| Field | Value |
+-------------------------------------+-----------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | |
| OS-EXT-SRV-ATTR:host | None |
| OS-EXT-SRV-ATTR:hypervisor_hostname | None |
| OS-EXT-SRV-ATTR:instance_name | |
| OS-EXT-STS:power_state | NOSTATE |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | None |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | |
| adminPass | vfYEVAWo7toc |
| config_drive | |
| created | 2021-03-19T16:55:51Z |
| flavor | 2C2G20GB (6) |
| hostId | |
| id | 5751f3e8-41cc-44dc-9c0f-80a433cf72e1 |
| image | cirros (9fdae471-668e-4341-b85c-5aa3a8e2db0d) |
| key_name | None |
| name | cirros |
| progress | 0 |
| project_id | 57e7eb094ace4170ab2c4792c23ee6e7 |
| properties | |
| security_groups | name='default' |
| status | BUILD |
| updated | 2021-03-19T16:55:51Z |
| user_id | 7fd343b6c0c94407a8812dfc1185adac |
| volumes_attached | |
+-------------------------------------+-----------------------------------------------+
查看实例列表
[root@controller ~]# openstack server list
+--------------------------------------+--------+--------+----------+--------+----------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+--------+--------+----------+--------+----------+
| 5751f3e8-41cc-44dc-9c0f-80a433cf72e1 | cirros | ACTIVE | | cirros | 2C2G20GB |
+--------------------------------------+--------+--------+----------+--------+----------+
查看实例
[root@controller ~]# openstack server show cirros
+-------------------------------------+----------------------------------------------------------+
| Field | Value |
+-------------------------------------+----------------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | nova |
| OS-EXT-SRV-ATTR:host | compute |
| OS-EXT-SRV-ATTR:hypervisor_hostname | compute |
| OS-EXT-SRV-ATTR:instance_name | instance-00000001 |
| OS-EXT-STS:power_state | Running |
| OS-EXT-STS:task_state | None |
| OS-EXT-STS:vm_state | active |
| OS-SRV-USG:launched_at | 2021-03-19T16:55:58.000000 |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | |
| config_drive | |
| created | 2021-03-19T16:55:51Z |
| flavor | 2C2G20GB (6) |
| hostId | ed7a5fa7c2b4136afa2ee109e92fd8704fecf39df16f2b6c4d46f11e |
| id | 5751f3e8-41cc-44dc-9c0f-80a433cf72e1 |
| image | cirros (9fdae471-668e-4341-b85c-5aa3a8e2db0d) |
| key_name | None |
| name | cirros |
| progress | 0 |
| project_id | 57e7eb094ace4170ab2c4792c23ee6e7 |
| properties | |
| status | ACTIVE |
| updated | 2021-03-19T16:55:58Z |
| user_id | 7fd343b6c0c94407a8812dfc1185adac |
| volumes_attached | |
+-------------------------------------+----------------------------------------------------------+