Navigation
OpenStack
Releases
https://releases.openstack.org/
https://releases.openstack.org/rocky/index.html
Change user / admin password
. /etc/kolla/admin-openrc.sh
openstack user password set --password new-password --original-password current-admin-password
CLI
source /etc/kolla/admin-openrc.sh
openstack compute service list
https://docs.openstack.org/ocata/user-guide/cli-cheat-sheet.html
https://docs.openstack.org/queens/user/
https://docs.openstack.org/keystone/latest/admin/cli-manage-projects-users-and-roles.html
https://docs.openstack.org/python-openstackclient/latest/cli/command-list.html
Server (VMs)
# List instances / VMs
openstack server list
openstack server list -c ID -c Name -c Status -c Networks -c Host --long
# delete instance
openstack server delete "vm-u1804"
# list all servers from all projects
openstack server list --all-projects --os-cloud=stage-admin
# get IDs only from server
openstack server list --os-cloud=dev-foo -c ID -f value
# get all servers using windows images
for IMAGE in $(openstack image list --long --os-cloud=prod-admin -c ID -c Name -f value | grep -i "Windows" | cut -d" " -f 1); do
openstack server list --long --all-projects --os-cloud=prod-admin --image ${IMAGE}
done
# snapshot and restore
openstack server image create --name vm1-snap1 vm1 --os-cloud=dev
openstack image list --os-cloud=dev
openstack server rebuild --image vm1-snap1 vm1 --os-cloud=dev
openstack server show vm1 -c name -c status --os-cloud=dev
# get VM count by hypervisor
openstack server list --all --long -c Host -f value --os-cloud=stage-admin | sort | uniq -c
# List your volumes
openstack volume list
# change user password
openstack user set --password pass123 user1
# list user (for domain)
openstack --os-cloud=dev-admin user list --domain my_dom_1
# list instances / server
openstack server list
openstack console log show foo-vm1
openstack console url show foo-vm1 --xvpvnc
# floating IPs
https://docs.openstack.org/ocata/user-guide/cli-manage-ip-addresses.html
openstack floating ip list
openstack floating ip create public-net
Instance
https://docs.openstack.org/mitaka/install-guide-ubuntu/launch-instance.html
# openstack flavor list
# openstack image list
# openstack network list
# openstack security group list
# openstack keypair list
openstack server create --flavor m1.small --image "Ubuntu 18.04" --nic net-id=foo-network --security-group default --key-name foo-key foo-vm1
Network CLI
https://developer.openstack.org/firstapp-libcloud/networking.html
# attach port to VM
openstack server add port VM1 NET1-PORT1
# create port without security
openstack port create openstack-net-port1 --network openstack-net --no-security-group --disable-port-security --no-fixed-ip
openstack port set --disable-port-security openstack-net-port1
Ansible
https://github.com/panticz/ansible/tree/master/roles/devstack
pip install -U openstacksdk python-openstacksdk ansible
Cloud images
http://panticz.de/cloud-images
Cloud config
https://docs.openstack.org/nova/rocky/user/config-drive.html
#
# old
#
sudo apt-get install git
git clone https://git.openstack.org/openstack-dev/devstack
cat < local.conf
[[local|localrc]]
ADMIN_PASSWORD=devstack
DATABASE_PASSWORD=$ADMIN_PASSWORD
RABBIT_PASSWORD=$ADMIN_PASSWORD
SERVICE_PASSWORD=$ADMIN_PASSWORD
EOF
sudo devstack/tools/create-stack-user.sh
su stack
cd devstack
./stack.sh
ssh -N -L 8080:localhost:80 root@192.168.254.46
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=stack
export OS_AUTH_URL=http://localhost:35357/v2.0
nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
nova secgroup-add-rule default tcp 22 22 0.0.0.0/0
nova list
nova floating-ip-create public
Network
https://developer.openstack.org/firstapp-libcloud/networking.html
openstack network create worker_network
openstack subnet create worker_subnet --network worker_network --subnet-range 10.0.1.0/24
openstack router create project_router
openstack router set project_router --external-gateway public
openstack router add subnet project_router worker_subnet
Command line
sudo apt install -y python-magnumclient
pip install python-magnumclient
CLI quotas
https://docs.openstack.org/ocata/user-guide/cli-cheat-sheet.html
https://docs.openstack.org/nova/latest/admin/quotas.html
# show default quota
penstack quota show --default
# set quotas
openstack quota set --class --instances 20 default
openstack quota set --class --cores 20 default
openstack quota set --class --ram $((68 * 1024)) default
Magnum
# images
https://fedorapeople.org/groups/magnum/
microstack on ubuntu
sudo snap install microstack --classic --candidate
Formatec output
for FLAVOR in $(openstack flavor list -c Name -f value); do
echo ${FLAVOR}
openstack flavor show ${FLAVOR}
echo
done
cloud-init images
https://docs.openstack.org/image-guide/ubuntu-image.html
bash completion
openstack complete | sudo tee /etc/bash_completion.d/osc.bash_completion > /dev/null
. /etc/bash_completion
Project / User
openstack project list --domain example.com
openstack domain create example.com
openstack project create openstack --domain example.com
openstack role add --user foo --project openstack admin
Connect to a (cirros) VM without floating IP
cirros password: gocubsgo
for ROUTER in $(ip netns | grep qrouter | cut -d" " -f1); do
ip netns exec ${ROUTER} ssh cirros@${VM_IP}
done
# endpoint
openstack endpoint list | grep keystone
openstack service list
Nested virtualisation
https://docs.openstack.org/devstack/latest/guides/devstack-with-nested-kvm.html
echo "options kvm-intel nested=y" > /etc/modprobe.d/dist.conf
# modprobe kvm-intel
reboot
cat /sys/module/kvm_intel/parameters/nested
# nested networking (disable security on external port)
openstack port set --disable-port-security openstack-net-ext-port1
Object storage
openstack container create bucket1
openstack object create bucket1 /etc/fstab --name fstab
Links
https://www.openstack.org/software/
http://docs.openstack.org/developer/devstack/guides/single-vm.html
http://docs.openstack.org/liberty/install-guide-ubuntu/
http://docs.openstack.org/developer/devstack/
https://www.ubuntu.com/cloud
https://trickycloud.wordpress.com/