Create VM
openstack keypair create foo-key \
--public-key ~/.ssh/

openstack server create foo-vm1 \
--image "Ubuntu 18.04" \
--flavor m1.small \
--key-name foo-key \
--network foo-net

openstack floating ip create --floating-ip-address public


Change user / admin password
. /etc/kolla/
openstack user password set --password new-password --original-password current-admin-password

source /etc/kolla/
openstack compute service list

Server (VMs)
# List instances / VMs
openstack server list
openstack server list -c ID -c Name -c Status -c Networks -c Host --long
# delete instance
openstack server delete "vm-u1804"
# list all servers from all projects
openstack server list --all-projects --os-cloud=stage-admin
# get IDs only from server
openstack server list --os-cloud=dev-foo -c ID -f value
# get all servers using windows images
for IMAGE in $(openstack image list --long --os-cloud=prod-admin -c ID -c Name -f value | grep -i "Windows" | cut -d" " -f 1); do
openstack server list --long --all-projects --os-cloud=prod-admin --image ${IMAGE}

# snapshot and restore
openstack server image create --name vm1-snap1 vm1 --os-cloud=dev
openstack image list --os-cloud=dev
openstack server rebuild --image vm1-snap1 vm1 --os-cloud=dev
openstack server show vm1 -c name -c status --os-cloud=dev

# get VM count by hypervisor
openstack server list --all --long -c Host -f value --os-cloud=stage-admin | sort | uniq -c

# resize
openstack server resize ...
openstack server resize --confirm SERVER_ID

# List your volumes
openstack volume list

# change user password
openstack user set --password pass123 user1

# list user (for domain)
openstack --os-cloud=dev-admin user list --domain my_dom_1

# list instances / server
openstack server list
openstack console log show foo-vm1
openstack console url show foo-vm1 --xvpvnc

# floating IPs
openstack floating ip list
openstack floating ip create public-net

# openstack image list
# openstack network list
# openstack security group list
# openstack keypair list

Network CLI

# attach port to VM
openstack server add port VM1 NET1-PORT1

# create port without security
openstack port create openstack-net-port1 --network openstack-net --no-security-group --disable-port-security --no-fixed-ip
openstack port set --disable-port-security openstack-net-port1

pip install -U openstacksdk python-openstacksdk ansible

Cloud images

Cloud config

# old
sudo apt-get install git
git clone

cat < local.conf

sudo devstack/tools/
su stack

cd devstack

ssh -N -L 8080:localhost:80 root@

export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=stack
export OS_AUTH_URL=http://localhost:35357/v2.0

nova secgroup-add-rule default icmp -1 -1
nova secgroup-add-rule default tcp 22 22

nova list
nova floating-ip-create public


openstack network create worker_network
openstack subnet create worker_subnet --network worker_network --subnet-range
openstack router create project_router
openstack router set project_router --external-gateway public
openstack router add subnet project_router worker_subnet

# add floating IP pool
openstack subnet list
openstack subnet set --allocation-pool start=,end= public1
openstack subnet show public1 -c allocation_pools -f value

Command line
sudo apt install -y python-magnumclient
pip install python-magnumclient

CLI quotas
# show default quota
penstack quota show --default

# set quotas
openstack quota set --class --instances 20 default
openstack quota set --class --cores 20 default
openstack quota set --class --ram $((68 * 1024)) default

openstack quota show
openstack quota set --class --gigabytes 10000 default

# images

microstack on ubuntu
sudo snap install microstack --classic --candidate

cloud-init images

bash completion
openstack complete | sudo tee /etc/bash_completion.d/osc.bash_completion > /dev/null
. /etc/bash_completion

Project / User
openstack project list --domain
openstack domain create
openstack project create openstack --domain
openstack role add --user foo --project openstack admin

Connect to a (cirros) VM without floating IP
cirros password: gocubsgo
for ROUTER in $(ip netns | grep qrouter | cut -d" " -f1); do
ip netns exec ${ROUTER} ssh cirros@${VM_IP}

openstack endpoint list | grep keystone
openstack service list

openstack endpoint list | grep 5000
openstack endpoint create identity --region RegionOne internal

openstack endpoint list | grep identity
openstack endpoint set --url --interface public ab00147b8bf44319bf14927d74582359

Nested virtualisation
echo "options kvm-intel nested=y" > /etc/modprobe.d/dist.conf
# modprobe kvm-intel
cat /sys/module/kvm_intel/parameters/nested

# nested networking (disable security on external port)
openstack port set --disable-port-security openstack-net-ext-port1

Object storage
openstack container create bucket1
openstack object create bucket1 /etc/fstab --name fstab



openstack versions show
openstack module list

openstack volume type list --public --long
openstack volume backend pool list