OpenStack

Releases
https://releases.openstack.org/
https://releases.openstack.org/stein/index.html

CLI
# Command Structure
https://docs.openstack.org/python-openstackclient/latest/cli/commands.html
https://docs.openstack.org/ocata/user-guide/cli-cheat-sheet.html
https://docs.openstack.org/keystone/latest/admin/cli-manage-projects-users-and-roles.html
https://docs.openstack.org/python-openstackclient/latest/cli/command-list.html

Services
https://www.openstack.org/software/project-navigator/openstack-components/#openstack-services

openstack command list | egrep "(agent|service) list"

Create VM

openstack keypair create foo-key --public-key ~/.ssh/id_rsa.pub

Change user / admin password

. /etc/kolla/admin-openrc.sh
openstack user password set --password new-password --original-password current-admin-password

Credentials

# connect to specific cloud
openstack server list --os-cloud=dev-foo
 
source /etc/kolla/admin-openrc.sh

Instance
https://docs.openstack.org/mitaka/install-guide-ubuntu/launch-instance.html

openstack image list
openstack network list
openstack keypair list

Ansible
https://docs.ansible.com/ansible/latest/collections/openstack/cloud/index.html
https://github.com/panticz/ansible/tree/master/roles/devstack

pip install -U openstacksdk python-openstacksdk ansible

Cloud images
http://panticz.de/cloud-images

Cloud config
https://docs.openstack.org/nova/rocky/user/config-drive.html

Nova
# Virtualization Guest Drivers
https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.1/html/virtual_machine_management_guide/sect-installing_guest_agents_and_drivers1

Terraform
https://github.com/terraform-providers/terraform-provider-openstack/tree/master/examples/app-with-networking

Network
https://developer.openstack.org/firstapp-libcloud/networking.html

openstack network create worker_network
openstack subnet create worker_subnet --network worker_network --subnet-range 10.0.1.0/24
openstack router create project_router
openstack router set project_router --external-gateway public
openstack router add subnet project_router worker_subnet

add floating IP pool

openstack subnet list
openstack subnet set --allocation-pool start=10.40.0.100,end=10.40.0.200 public1
openstack subnet show public1 -c allocation_pools -f value

Command line

sudo apt install -y python-magnumclient
pip install python-magnumclient

Microstack on Ubuntu

sudo snap install microstack --classic --candidate

cloud-init images
https://docs.openstack.org/image-guide/ubuntu-image.html

bash completion

openstack complete | sudo tee /etc/bash_completion.d/osc.bash_completion > /dev/null
. /etc/bash_completion

Project / User

openstack project list --domain example.com
openstack domain create example.com
openstack project create openstack --domain example.com
openstack role add --user foo --project openstack admin

Connect to a (cirros) VM without floating IP

cirros password: gocubsgo
for ROUTER in $(ip netns | grep qrouter | cut -d" " -f1); do
    ip netns exec ${ROUTER} ssh cirros@${VM_IP}
done

endpoint
https://docs.openstack.org/security-guide/api-endpoints/api-endpoint-configuration-recommendations.html

openstack endpoint list | grep keystone
openstack service list
 
openstack endpoint list | grep 5000
openstack endpoint create identity --region RegionOne internal http://10.0.2.111:5000
 
openstack endpoint list | grep identity
openstack endpoint set --url http://10.0.2.10:5000 --interface public ab00147b8bf44319bf14927d74582359

Nested virtualisation
https://docs.openstack.org/devstack/latest/guides/devstack-with-nested-kvm.html

cat <<EOF>> /etc/modprobe.d/kvm.conf
options kvm_intel nested=1
options kvm_amd nested=1
EOF
 
# modprobe kvm-intel
reboot
cat /sys/module/kvm_intel/parameters/nested
 
# nested networking (disable security on external port)
openstack port set --disable-port-security openstack-net-ext-port1

Mailinglist
http://paste.openstack.org/

Module

openstack versions show
openstack module list

Direct database access

# neutron
DB_PASS=$(grep neutron_database_password /etc/kolla/passwords.yml | cut -d " " -f2)
mysql -h db.service.i.example.com --password=${DB_PASS} -P 6033 -u neutron -D neutron
mysql -B -h db.service.i.example.com --password=${DB_PASS} -P 6033 -u neutron -D neutron -e "select * from floatingips"
 
# octavia
DB_PASS=$(grep octavia_database_password /etc/kolla/passwords.yml | cut -d " " -f2)
mysql -h db.service.i.example.com --password=${DB_PASS} -P 6033 -u octavia -D octavia
select * from load_balancer;
 
# service
openstack service list --long
 
# project
openstack project list --my-projects

Project

PROJECT_ID=$(openstack project list -c ID -f value)
echo ${PROJECT_ID}

Releases
https://releases.openstack.org/teams/octavia.html#rocky

Parameter / configuration
https://github.com/openstack/kolla-ansible/blob/master/ansible/group_vars/all.yml

Project

openstack project set --domain foo --name bar-dev bar

Policy

# grep member /etc/kolla -r 
horizon/local_settings:OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_"
 
# docker exec -i neutron_server oslopolicy-policy-generator --namespace neutron | egrep 'create_floatingip|^"(admin_only|context_is_admin)'
"context_is_admin": "role:admin"
"create_floatingip:floating_ip_address": "rule:admin_only"
"admin_only": "rule:context_is_admin"
"create_floatingip": "rule:regular_user"
"create_floatingip_port_forwarding": "rule:admin_or_ext_parent_owner"

CNCF Cloud Native Interactive Landscape
https://landscape.cncf.io/

Remove obsolete port
http://www.panticz.de/OpenVswitch-cleanup-interfaces

Catalog

openstack catalog list

Check PSI on nodes

source /etc/kolla/admin-openrc.sh
NODES="$(openstack compute service list -c Host -f value | sort -uV)"
 
for PRESSUE in $(ls /proc/pressure/*); do
    echo "${PRESSUE}"
    for NODE in ${NODES}; do
        echo "${NODE}    $(ssh ${NODE} cat ${PRESSUE} | paste - -)"                                                                                                                                
    done
 
    echo
done

All-In-One Single LXC Container
https://docs.openstack.org/devstack/latest/guides/lxc.html

dynamic pollster

openstack metric measures show -r 4f7ed00f-08cc-406c-8470-f4e83fd88096 dynamic_pollster.compute.services.instance.status --start 2020-01-21 --stop 202'-12-31

Deployment statistics
https://www.stackalytics.com/

etcd
https://etcd.io/docs/v3.3/op-guide/runtime-configuration/
https://www.ibm.com/docs/en/mafe&u/2.5.0?topic=installation-adding-new-node-existing-etcd-calicol-network

# Get bronken etcd node id
docker exec -ti etcd etcdctl -C http://10.33.11.12:2379 member list
 
# Rmove broken node
docker exec -ti etcd etcdctl -C http://10.33.11.12:2379 member remove c591b0673f6f1111
 
# Fix etcd env variables on broken node
docker exec -ti -u root etcd sed -i -e 's/^exec/exec env ETCD_INITIAL_CLUSTER_STATE="existing"/' /usr/local/bin/kolla_start
 
# Stop broken nodes container
docker stop etcd
 
# Delete old etcd data on broken node
rm -rf /var/lib/docker/volumes/kolla_etcd/_data/member/*
 
# Add member to the cluster
docker exec -ti etcd etcdctl -C http://10.33.11.12:2379 member add ewos2-ctl2-prod http://10.33.11.10:2379
 
# Start etcd container on broken node (on ewos2-ctl2-prod):
docker start etcd
 
# Check cluster status
docker exec -ti etcd etcdctl -C http://10.33.11.12:2379 cluster-health
 
# debug
# docker exec -ti -u root etcd etcdctl --endpoints=http://10.33.44.55:2379 member list

OpenStack at serverfault
https://serverfault.com/tags/openstack/info

Rally test framework
https://github.com/openstack/rally

COA
https://coa.edu.mirantis.com/tool

Links
https://www.openstack.org/software/
http://docs.openstack.org/developer/devstack/guides/single-vm.html
http://docs.openstack.org/liberty/install-guide-ubuntu/
http://docs.openstack.org/developer/devstack/
https://www.ubuntu.com/cloud
https://trickycloud.wordpress.com/
https://clouddocs.web.cern.ch/ - CERN OpenStack Private Cloud Guide