OpenStack

openstack command list | egrep "(agent|service) list"

openstack keypair create foo-key --public-key ~/.ssh/id_rsa.pub

. /etc/kolla/admin-openrc.sh
openstack user password set --password new-password --original-password current-admin-password

# connect to specific cloud
openstack server list --os-cloud=dev-foo
 
source /etc/kolla/admin-openrc.sh

openstack image list
openstack network list
openstack keypair list

pip install -U openstacksdk python-openstacksdk ansible

openstack network create worker_network
openstack subnet create worker_subnet --network worker_network --subnet-range 10.0.1.0/24
openstack router create project_router
openstack router set project_router --external-gateway public
openstack router add subnet project_router worker_subnet

openstack subnet list
openstack subnet set --allocation-pool start=10.40.0.100,end=10.40.0.200 public1
openstack subnet show public1 -c allocation_pools -f value

sudo apt install -y python-magnumclient
pip install python-magnumclient

sudo snap install microstack --classic --candidate

openstack complete | sudo tee /etc/bash_completion.d/osc.bash_completion > /dev/null
. /etc/bash_completion

openstack project list --domain example.com
openstack domain create example.com
openstack project create openstack --domain example.com
openstack role add --user foo --project openstack admin

cirros password: gocubsgo
for ROUTER in $(ip netns | grep qrouter | cut -d" " -f1); do
    ip netns exec ${ROUTER} ssh cirros@${VM_IP}
done

openstack endpoint list | grep keystone
openstack service list
 
openstack endpoint list | grep 5000
openstack endpoint create identity --region RegionOne internal http://10.0.2.111:5000
 
openstack endpoint list | grep identity
openstack endpoint set --url http://10.0.2.10:5000 --interface public ab00147b8bf44319bf14927d74582359

cat <<EOF>> /etc/modprobe.d/kvm.conf
options kvm_intel nested=1
options kvm_amd nested=1
EOF
 
# modprobe kvm-intel
reboot
cat /sys/module/kvm_intel/parameters/nested
 
# nested networking (disable security on external port)
openstack port set --disable-port-security openstack-net-ext-port1

openstack versions show
openstack module list

# neutron
DB_PASS=$(grep neutron_database_password /etc/kolla/passwords.yml | cut -d " " -f2)
mysql -h db.service.i.example.com --password=${DB_PASS} -P 6033 -u neutron -D neutron
mysql -B -h db.service.i.example.com --password=${DB_PASS} -P 6033 -u neutron -D neutron -e "select * from floatingips"
 
# octavia
DB_PASS=$(grep octavia_database_password /etc/kolla/passwords.yml | cut -d " " -f2)
mysql -h db.service.i.example.com --password=${DB_PASS} -P 6033 -u octavia -D octavia
select * from load_balancer;
 
# service
openstack service list --long
 
# project
openstack project list --my-projects

PROJECT_ID=$(openstack project list -c ID -f value)
echo ${PROJECT_ID}

openstack project set --domain foo --name bar-dev bar

# grep member /etc/kolla -r 
horizon/local_settings:OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_"
 
# docker exec -i neutron_server oslopolicy-policy-generator --namespace neutron | egrep 'create_floatingip|^"(admin_only|context_is_admin)'
"context_is_admin": "role:admin"
"create_floatingip:floating_ip_address": "rule:admin_only"
"admin_only": "rule:context_is_admin"
"create_floatingip": "rule:regular_user"
"create_floatingip_port_forwarding": "rule:admin_or_ext_parent_owner"

openstack catalog list

source /etc/kolla/admin-openrc.sh
NODES="$(openstack compute service list -c Host -f value | sort -uV)"
 
for PRESSUE in $(ls /proc/pressure/*); do
    echo "${PRESSUE}"
    for NODE in ${NODES}; do
        echo "${NODE}    $(ssh ${NODE} cat ${PRESSUE} | paste - -)"                                                                                                                                
    done
 
    echo
done

openstack metric measures show -r 4f7ed00f-08cc-406c-8470-f4e83fd88096 dynamic_pollster.compute.services.instance.status --start 2020-01-21 --stop 202'-12-31

ip -o -4 a | grep 10.33 | grep brd
NODE_IP=10.33.x.x
 
# Get bronken etcd node id
docker exec -ti etcd etcdctl -C http://${NODE_IP}:2379 cluster-health
docker exec -ti etcd etcdctl -C http://${NODE_IP}:2379 member list
 
# Rmove broken node
docker exec -ti etcd etcdctl -C http://${NODE_IP}:2379 member remove c591b0673f6f1111
 
# Fix etcd env variables on broken node
docker exec -ti -u root etcd sed -i -e 's/^exec/exec env ETCD_INITIAL_CLUSTER_STATE="existing"/' /usr/local/bin/kolla_start
 
# Stop broken nodes container
docker stop etcd
 
# Delete old etcd data on broken node
rm -rf /var/lib/docker/volumes/kolla_etcd/_data/member/*
 
# Add member to the cluster
docker exec -ti etcd etcdctl -C http://10.33.11.12:2379 member add ctl2-prod http://10.33.11.10:2379
 
# Start etcd container on broken node (on ctl2-prod):
docker start etcd
 
# Check cluster status
docker exec -ti etcd etcdctl -C http://10.33.11.12:2379 cluster-health
 
# debug
# docker exec -ti -u root etcd etcdctl --endpoints=http://10.33.44.55:2379 member list

openstack extension list --network -c Alias -c Name