API
透過GUI、CLI下的指令,都會轉換成API來執行,所以任何指令也都能透過API來完成
Debug CLI
CLI加上–debug,便能expose API的行為
Set environmental variables
#bash的completion $ source /opt/stack/python-novaclient/tools/nova.bash_completion #從某個demo in demo執行指令 $ source openrc demo demo
Keystone – creating tenants, users and roles
#建立General tenant $ keystone tenant-create --name General #建立XXX user $ keystone user-create \ --name=XXX \ --pass=openstack \ --tenant-id [tenant_id] \ --email=XXX@mail.com #查看user list, role list $ keystone user-list $ keystone role-list #增加一個role $ keystone user-role-add \ --tenant-id [tenant_id] \ --user-id [user_id] \ --role-id [role_id]
Neutron – tenant network
inside tenant要建立一個private network、subnet、virtual router再與public(external) network連接
#建立一個internal network $ neutron net-create \ --tenant-id [tenant_id] \ [NETWORK_NAME] #在network中建立一個subnet $ neutron subnet-create \ --tenant-id [tenant_id] \ [NETWORK_NAME] \ [SUBNET_RANGE CIDR ex:172.24.220/24] #建立一個virtual router $ neutron router-create \ --tenant-id [tenant_id] \ [ROUTER_NAME] #把router加入到internal subnet $ neutron router-interface-add \ [ROUTER_ID] \ [SUBNET_ID] #秀出external network list $ neutron net-external-list #[已經有external network]指定外部的external network作為internal router的gateway $ neutron router-gateway-set \ [ROUTER_ID] \ [EXT_NETWORK_ID] #[尚未有external network]若外部沒有external network,則必須建立一個,預設是由admin tenant來建立 $ neutron net-create \ [EXT_NETWORK_NAME] \ --router:external=True #[尚未有external network]在external network中建立一個subnet $ neutron subnet-create \ --gateway [GATEWAY_IP ex:192.168.2.1] \ --allocation-pool start=[IP_START ex:192.168.2.2] ,end=[IP_END ex:192.168.2.254] \ [NETWORK_NAME ex:new_public] \ [SUBNET_RANGE CIDR ex:192.168.2.0/24] \ --enable_dhcp=False #秀出router list $ neutron router-list #切換router gateway,從已有的external network切換到新建立的external network $ neutron router-gateway-clear \ [ROUTER_ID] $ neutron router-gateway-set \ [ROUTER_ID] \ [NEW_EXT_NETWORK_ID] #秀出特定router的info $ neutron router-show
Keystone、Nova、Cinder Quotas management
每個tenant建立時就會帶入預設的quota,每個tenant中的user也會配置tenant的預設quota,但是每個user的quota都可以被調整,當增加quotas超過tenant的quota時,tenant quota也會被調升。
#秀出tenant id $ keystone tenant-list #秀出目前tenant內的nova(Compute) quotas information $ nova quota-show \ --tenant [TENANT_ID] #秀出目前tenant預設quotas (不加TENANT_ID) $ nova quota-show #修改某個tenant的quota限制 $ nova quota-update \ --[QUOTA_KEY ex:cores] [QUOTA_VALUE ex:20] \ [TENANT_ID] #查詢某個tenant內的user quotas information (預設user quota會等同預設的tenant quota,不受修改的tenant quota影響) $ nova quota-show \ --user [USER_ID] \ --tenant [TENANT_ID] #修改某個tenant的user quota限制 $ nova quota-update \ --user [USER_ID] \ --[QUOTA_KEY ex:instance] [QUOTA_VALUE ex:1] \ [TENANT_ID] #秀出目前tenant內的cinder(Storage) quotas information $ cinder quota-show \ --tenant [TENANT_ID] #秀出目前tenant內的neutron(Networking) quotas information $ neutron quota-show \ --tenant [TENANT_ID]
文章參考資料
- OpenStack IN ACTION (ISBN:9781617292163)
小蝦的Tech學習日誌 