在控制节点上建hzb-openrc.sh
export OS_PROJECT_DOMAIN_ID=defaultexport OS_USER_DOMAIN_ID=defaultexport OS_PROJECT_NAME=hzb_tenantexport OS_TENANT_NAME=hzb_tenantexport OS_USERNAME=huzhengboexport OS_PASSWORD=huzhengboexport OS_AUTH_URL=http://172.16.12.7:35357/v3export OS_IDENTITY_API_VERSION=3
source hzb-openrc.sh
以上主要是认证,使得后面创建的资源落在hzb_tenant租户上
1、创建虚拟机
1)查看一下规格
[root@cc07 ~]# nova flavor-list|grep vcpus_1| vcpus_16_cpu_cores_8_cpu_sockets_2_ram_16384_disk_50_eph_0 | vcpus_16_cpu_cores_8_cpu_sockets_2_ram_16384_disk_50_eph_0 | 16384 | 50 | 0 | | 16 | 1.0 | True || vcpus_16_cpu_cores_8_cpu_sockets_2_ram_32768_disk_50_eph_0 | vcpus_16_cpu_cores_8_cpu_sockets_2_ram_32768_disk_50_eph_0 | 32768 | 50 | 0 | | 16 | 1.0 | True || vcpus_1_cpu_cores_1_cpu_sockets_1_ram_1024_disk_10_eph_0 | vcpus_1_cpu_cores_1_cpu_sockets_1_ram_1024_disk_10_eph_0 | 1024 | 10 | 0 | | 1 | 1.0 | True || vcpus_1_cpu_cores_1_cpu_sockets_1_ram_1024_disk_1_eph_0 | vcpus_1_cpu_cores_1_cpu_sockets_1_ram_1024_disk_1_eph_0 | 1024 | 1 | 0 | | 1 | 1.0 | True |
2)查看一下镜像
[root@cc07 ~]# glance image-list|grep test-boshen| 7dbda9ff-b13f-410b-8152-2c27c6bba4b6 | test-boshen1g |
3)查看一下网络
[root@cc07 ~]# neutron net-list --tenant-id=26a8e1feb372493d831c19d4d9e28d73+--------------------------------------+--------------+---------------------------------------------------+| id | name | subnets |+--------------------------------------+--------------+---------------------------------------------------+| 0575cad8-38b0-4d0a-833c-86779f4f43bb | hzb-pub1 | || 2193270e-c4c9-469c-99ae-87ebdb4ba535 | hzb-privnet1 | 0ba19972-c2f6-4cbb-80f6-a642a2f698a8 10.30.0.0/24 |+--------------------------------------+--------------+---------------------------------------------------+
4)查看一下安全组
(nova-compute)[root@nc12 ~]# nova secgroup-list --all-tenant|grep hzb | 970a4d5f-cd19-4e1e-ab22-6355044bf79b | hzb-sg-1 | | 17b117b7731e46d6bc0f9f34d767a61b || fdbffd7a-5f5e-413a-8d78-5f26bdc23c4e | hzb-sg | | 26a8e1feb372493d831c19d4d9e28d73 |
5)创建秘钥
(neutron-server)[root@cc07 /]# openstack keypair create hzb-keypaire-priv-----BEGIN RSA PRIVATE KEY-----MIIEqAIBAAKCAQEA02eI9yEc8EvEDLBiXqPGFZtuQ/wa4dMH44mPLvadOW7xrkt25kQh1STcCYX6aJT9vX8IIrQlkx9rc2Y5mdWO/L39nvmLdWgsOUSCx/AgMj5kZj6L+en3UYULXSFKnA8uw4jspf0DgzAjT69YXVaAPzVmZSwriNtye7Jz3byZ5/pddQQh/C3KC7t1hay3lYkgpqURaQT31UqIkN+VTYehKIHMAsyY2IVxEtUVsQegbMDIZrrZmDRTewCLZDfVwFQf7cmDdDQsrsb+xEo6PinH8CJWwT3xO5HC3MbJahUK+nFcgDRHsbHuFfMBpzuGrtFPYmbW7IjiqvcYt37NFubi0QIDAQABAoIBAQCPXuIWp9BWbyvQZzbvdCZ8tOK9HJamnFX3TG1crkfGkaU6TVefpolDYjIQC1rd3l2PTD2aO45YDrDynFtoJttIMRl13UtlHncPh5UiP4m2SXYRmU2Y+cGO+anRSSiuWeWfGpdToxnkuJraCdLlyipDs9Vzu9byg9FKbqYBtUyzc26pAb910F0dfraz6Qiy/Nm8iQGugCdDfvq4p2Xf8ySQGKRqe5pvQY9AfN6oyGuSyqJoRqCyK624E5wxrHCCcZC07eiLXmGDNJKin0PwvqemtTB+Mnfz95V/PI53VXt5pUrHekI1niXxx6dQN+xwNg7CzAiJT2fOfpJQ25UFRM8ZAoIAgQDlzG9mJHQ5lzfpQtyCRNiXMjrR+vKrhCamiKTTpOjtbnaiEeUW1VkvDOKB9grGZvKKS8Ug67OR73ATP5E4cHO8WUnYsk1vu/lYzPOvwcit3uccLz7b7pCG1eKi8AD/+T6k27yRNVBXKOva4nQyan916wBmT3ho7OmyYBkKQOJt0wKCAIEA64IyAhSGvAXnV01DWsnPKdKVXUezXdE2sXTEN38TDApUCKp8I9K+mZVatSaY+YWUbivdWhH//ZkmWWbH/Ff2fQwLp/xBF7ydWPlMBTQ9ex+jNZMHE7Jy9YK/5lwDL2Zti6UJoiSZjeUa0hPLwqt/diO3nF5l6PQCCWqFR4Z8sksCggCAedx5zs7SG6BHdBmS2josKbHnY2cSvUXtQS8BSYMQSqjjnHqk5ADrtHm+vHB/skrxn8kilpyns2IoKuzw098+YMlw0ctsKS6jwiWdrLy08Q9du6KKURMn7XkLIKDpxtSkFcS5ML/3BOGcgYzJVdsIEL44jgjir7HDFGbFoJxb9yUCggCAHJCdGi19Lh8VMTyY19E0hGEbZsYElnOCy8Fa71RFbidui+KJzhqIrb4001YMJe+y0i4V2g/m2c6SnTNfPFc6+W3VmBl7l7Jz70/FjbgJYP60YBImQJhbYzXpqrosVLp6vP5Wjckcqt5IA4UNKN5+RkkMwzWb7MZz3MqDweopA8MCggCAfEeYBQ90WWOleGduw+jYl2WT8+5MZt+HmkdPIrd3sSt0r9nJNT+TN3cwZDUqpnweo3hZzzvZDv+aIlItT4TueifX5EnsBmrVZ7el0KvIM9MoDOWl+wlGPcs9Np1Dkr2mxMX6BWrGCo0KW5hxlz663/pbC6FxE5XRua4IkbW8ghE=-----END RSA PRIVATE KEY-----
6)查看主机
[root@cc07 ~]# nova service-list+----+------------------+-----------------------------+-----------+---------+-------+----------------------------+-----------------+| Id | Binary | Host | Zone | Status | State | Updated_at | Disabled Reason |+----+------------------+-----------------------------+-----------+---------+-------+----------------------------+-----------------+| 17 | nova-consoleauth | cc07.chinacloud.com | internal | enabled | up | 2018-10-26T07:25:24.000000 | - || 18 | nova-scheduler | cc07.chinacloud.com | internal | enabled | up | 2018-10-26T07:25:24.000000 | - || 20 | nova-conductor | cc07.chinacloud.com | internal | enabled | up | 2018-10-26T07:25:28.000000 | - || 28 | nova-compute | nc12.chinacloud.com | region-1 | enabled | up | 2018-10-26T07:25:28.000000 | - || 29 | nova-compute | nc09.chinacloud.com | nova | enabled | up | 2018-10-26T07:25:26.000000 | - || 30 | nova-compute | nc11.chinacloud.com | AZ_kvm | enabled | up | 2018-10-26T07:25:24.000000 | - || 31 | nova-compute | nc10.chinacloud.com | nova | enabled | up | 2018-10-26T07:25:30.000000 | - || 34 | nova-compute | cc07.chinacloud.com | bare_az | enabled | up | 2018-10-26T07:25:27.000000 | - || 35 | nova-conductor | nc09.chinacloud.com | internal | enabled | up | 2018-10-26T07:25:28.000000 | - || 40 | nova-compute | CLS1_172.16.0.9_dummydriver | nova | enabled | up | 2018-10-26T07:25:26.000000 | - || 41 | nova-compute | CLS1_172.16.0.9_driver | vmvare-09 | enabled | up | 2018-10-26T07:25:24.000000 | - || 43 | nova-compute | compute.chinacloud.com | nova | enabled | down | 2018-10-25T07:34:11.000000 | - |+----+------------------+-----------------------------+-----------+---------+-------+----------------------------+-----------------+
准备建在AZ_kvm这个可用域里面的 nc11.chinacloud.com 节点上
7)、创建虚拟机
[root@cc07 ~]# nova boot --flavor vcpus_1_cpu_cores_1_cpu_sockets_1_ram_1024_disk_1_eph_0 --image 7dbda9ff-b13f-410b-8152-2c27c6bba4b6 --nic net-id=2193270e-c4c9-469c-99ae-87ebdb4ba535 --security-groups fdbffd7a-5f5e-413a-8d78-5f26bdc23c4e --key-name hzb-keypaire-priv --availability-zone AZ_kvm:nc11.chinacloud.com hzb-boot-test+--------------------------------------+-------------------------------------------------------------------------------------------------------------------+| Property | Value |+--------------------------------------+-------------------------------------------------------------------------------------------------------------------+| OS-DCF:diskConfig | MANUAL || OS-EXT-AZ:availability_zone | AZ_kvm || OS-EXT-SRV-ATTR:host | - || OS-EXT-SRV-ATTR:hypervisor_hostname | - || OS-EXT-SRV-ATTR:instance_name | instance-000001ed || OS-EXT-STS:power_state | 0 || OS-EXT-STS:task_state | scheduling || OS-EXT-STS:vm_state | building || OS-SRV-USG:launched_at | - || OS-SRV-USG:terminated_at | - || accessIPv4 | || accessIPv6 | || adminPass | || config_drive | || created | 2018-10-26T08:01:38Z || flavor | vcpus_1_cpu_cores_1_cpu_sockets_1_ram_1024_disk_1_eph_0 (vcpus_1_cpu_cores_1_cpu_sockets_1_ram_1024_disk_1_eph_0) || hostId | || id | 046eade8-4f8f-4d4b-a1cf-1f7d7739e2d7 || image | test-xulang1g (7dbda9ff-b13f-410b-8152-2c27c6bba4b6) || key_name | hzb-keypaire-priv || metadata | { "hypervisor_type": "qemu", "isvm": "1"} || name | hzb-boot-test || os-extended-volumes:volumes_attached | [] || progress | 0 || security_groups | fdbffd7a-5f5e-413a-8d78-5f26bdc23c4e || status | BUILD || tenant_id | 26a8e1feb372493d831c19d4d9e28d73 || updated | 2018-10-26T08:01:41Z || user_id | b735c8ddd7b54e228e8c068533a0de69 |+--------------------------------------+-------------------------------------------------------------------------------------------------------------------+ 2、停止虚拟机
[root@cc07 ~]# nova stop hzb-testRequest to stop server hzb-test has been accepted.[root@cc07 ~]# nova list+--------------------------------------+----------+---------+------------+-------------+-------------------------+| ID | Name | Status | Task State | Power State | Networks |+--------------------------------------+----------+---------+------------+-------------+-------------------------+| bf681562-161c-4d3c-8844-fed602903c6e | hzb-test | SHUTOFF | - | Shutdown | hzb-privnet1=10.30.0.65 |+--------------------------------------+----------+---------+------------+-------------+-------------------------+
3、启动虚拟机
[root@cc07 ~]# nova start hzb-testRequest to start server hzb-test has been accepted.[root@cc07 ~]# nova list+--------------------------------------+----------+--------+------------+-------------+-------------------------+| ID | Name | Status | Task State | Power State | Networks |+--------------------------------------+----------+--------+------------+-------------+-------------------------+| bf681562-161c-4d3c-8844-fed602903c6e | hzb-test | ACTIVE | - | Running | hzb-privnet1=10.30.0.65 |+--------------------------------------+----------+--------+------------+-------------+-------------------------+
4、挂起虚拟机
[root@cc07 ~]# nova suspend hzb-test[root@cc07 ~]# nova list+--------------------------------------+----------+-----------+------------+-------------+-------------------------+| ID | Name | Status | Task State | Power State | Networks |+--------------------------------------+----------+-----------+------------+-------------+-------------------------+| bf681562-161c-4d3c-8844-fed602903c6e | hzb-test | SUSPENDED | - | Shutdown | hzb-privnet1=10.30.0.65 |+--------------------------------------+----------+-----------+------------+-------------+-------------------------+
5、恢复挂起虚拟机
[root@cc07 ~]# nova resume hzb-test[root@cc07 ~]# nova list+--------------------------------------+----------+--------+------------+-------------+-------------------------+| ID | Name | Status | Task State | Power State | Networks |+--------------------------------------+----------+--------+------------+-------------+-------------------------+| bf681562-161c-4d3c-8844-fed602903c6e | hzb-test | ACTIVE | - | Running | hzb-privnet1=10.30.0.65 |+--------------------------------------+----------+--------+------------+-------------+-------------------------+
6、暂停虚拟机
[root@cc07 ~]# nova pause hzb-test [root@cc07 ~]# nova list+--------------------------------------+----------+--------+------------+-------------+-------------------------+| ID | Name | Status | Task State | Power State | Networks |+--------------------------------------+----------+--------+------------+-------------+-------------------------+| bf681562-161c-4d3c-8844-fed602903c6e | hzb-test | PAUSED | - | Paused | hzb-privnet1=10.30.0.65 |+--------------------------------------+----------+--------+------------+-------------+-------------------------+
7、恢复暂停
[root@cc07 ~]# nova unpause hzb-test [root@cc07 ~]# nova list+--------------------------------------+----------+--------+------------+-------------+-------------------------+| ID | Name | Status | Task State | Power State | Networks |+--------------------------------------+----------+--------+------------+-------------+-------------------------+| bf681562-161c-4d3c-8844-fed602903c6e | hzb-test | ACTIVE | - | Running | hzb-privnet1=10.30.0.65 |+--------------------------------------+----------+--------+------------+-------------+-------------------------+
8、重启虚拟机
[root@cc07 ~]# nova reboot hzb-testRequest to reboot server hzb-test (bf681562-161c-4d3c-8844-fed602903c6e) has been accepted.[root@cc07 ~]# nova list+--------------------------------------+----------+--------+------------+-------------+-------------------------+| ID | Name | Status | Task State | Power State | Networks |+--------------------------------------+----------+--------+------------+-------------+-------------------------+| bf681562-161c-4d3c-8844-fed602903c6e | hzb-test | ACTIVE | - | Running | hzb-privnet1=10.30.0.65 |+--------------------------------------+----------+--------+------------+-------------+-------------------------+
9、挂载数据卷
usage: nova volume-attach
[root@cc07 ~]# nova volume-attach hzb-test 48e23242-6ce6-486f-8841-417693b5f37c+----------+--------------------------------------+| Property | Value |+----------+--------------------------------------+| device | /dev/vdb || id | 48e23242-6ce6-486f-8841-417693b5f37c || serverId | bf681562-161c-4d3c-8844-fed602903c6e || volumeId | 48e23242-6ce6-486f-8841-417693b5f37c |+----------+--------------------------------------+
10、查看虚拟机挂载的所有数据卷
nova volume-attachments
[root@cc07 ~]# nova volume-attachments hzb-test+--------------------------------------+----------+--------------------------------------+--------------------------------------+| ID | DEVICE | SERVER ID | VOLUME ID |+--------------------------------------+----------+--------------------------------------+--------------------------------------+| 48e23242-6ce6-486f-8841-417693b5f37c | /dev/vdb | bf681562-161c-4d3c-8844-fed602903c6e | 48e23242-6ce6-486f-8841-417693b5f37c |+--------------------------------------+----------+--------------------------------------+--------------------------------------+
11、虚拟机卸载数据卷
nova volume-detach hzb-test 48e23242-6ce6-486f-8841-417693b5f37c
12、虚拟机挂载网卡
usage: nova interface-attach [--port-id] [--net-id ] [--fixed-ip ]
[root@cc07 ~]# neutron net-list|grep hzb| 0575cad8-38b0-4d0a-833c-86779f4f43bb | hzb-pub1 | || 7856011d-32e7-42a7-887d-2f9dc3c730e7 | hzb-net | d0ef28a3-68fe-4b66-bb66-e723825fab82 10.23.2.0/24 || 2193270e-c4c9-469c-99ae-87ebdb4ba535 | hzb-privnet1 | 0ba19972-c2f6-4cbb-80f6-a642a2f698a8 10.30.0.0/24 |
[root@cc07 ~]# nova interface-attach --net-id 7856011d-32e7-42a7-887d-2f9dc3c730e7 hzb-test[root@cc07 ~]# nova list+--------------------------------------+----------+--------+------------+-------------+--------------------------------------------+| ID | Name | Status | Task State | Power State | Networks |+--------------------------------------+----------+--------+------------+-------------+--------------------------------------------+| bf681562-161c-4d3c-8844-fed602903c6e | hzb-test | ACTIVE | - | Running | hzb-privnet1=10.30.0.65; hzb-net=10.23.2.4 |+--------------------------------------+----------+--------+------------+-------------+--------------------------------------------+
可以绑多个网卡
13、查看虚拟机的网卡信息
[root@cc07 ~]# nova interface-list hzb-test+------------+--------------------------------------+--------------------------------------+--------------+-------------------+| Port State | Port ID | Net ID | IP addresses | MAC Addr |+------------+--------------------------------------+--------------------------------------+--------------+-------------------+| ACTIVE | 18d5e605-d058-4f27-95db-723836d66eb5 | 7856011d-32e7-42a7-887d-2f9dc3c730e7 | 10.33.0.66 | fa:16:3e:db:33:57 || ACTIVE | 441965ed-bbc0-4ec8-8498-d292c5649881 | 7856011d-32e7-42a7-887d-2f9dc3c730e7 | 10.23.2.4 | fa:16:3e:7b:6c:6a || ACTIVE | 5f51e282-a65d-4277-8d18-e4ed3618cbef | 2193270e-c4c9-469c-99ae-87ebdb4ba535 | 10.30.0.65 | fa:16:3e:06:40:ff || ACTIVE | a0152728-08b5-4c95-9206-a4439ca19453 | 7856011d-32e7-42a7-887d-2f9dc3c730e7 | 10.23.2.6 | fa:16:3e:7d:03:5b || ACTIVE | f615713a-1551-48e1-9d0e-f250fb082607 | 7856011d-32e7-42a7-887d-2f9dc3c730e7 | 10.23.2.5 | fa:16:3e:94:b0:4c |+------------+--------------------------------------+--------------------------------------+--------------+-------------------+
14、卸载虚拟机的网卡
usage: nova interface-detach
卸载网卡,必须指定port-id,因为同一个虚拟机的可能绑定了同一个子网的多个ip,每个ip和port是一一对应的。
[root@cc07 ~]# nova interface-detach hzb-test 441965ed-bbc0-4ec8-8498-d292c5649881[root@cc07 ~]# nova interface-list hzb-test+------------+--------------------------------------+--------------------------------------+--------------+-------------------+| Port State | Port ID | Net ID | IP addresses | MAC Addr |+------------+--------------------------------------+--------------------------------------+--------------+-------------------+| ACTIVE | 18d5e605-d058-4f27-95db-723836d66eb5 | 7856011d-32e7-42a7-887d-2f9dc3c730e7 | 10.33.0.66 | fa:16:3e:db:33:57 || ACTIVE | 5f51e282-a65d-4277-8d18-e4ed3618cbef | 2193270e-c4c9-469c-99ae-87ebdb4ba535 | 10.30.0.65 | fa:16:3e:06:40:ff || ACTIVE | a0152728-08b5-4c95-9206-a4439ca19453 | 7856011d-32e7-42a7-887d-2f9dc3c730e7 | 10.23.2.6 | fa:16:3e:7d:03:5b || ACTIVE | f615713a-1551-48e1-9d0e-f250fb082607 | 7856011d-32e7-42a7-887d-2f9dc3c730e7 | 10.23.2.5 | fa:16:3e:94:b0:4c |+------------+--------------------------------------+--------------------------------------+--------------+-------------------+
15、绑定浮动ip
usage: nova floating-ip-associate [--fixed-address]
1)看有哪些可用的浮动IP
(nova-api)[root@cc07 nova]# nova floating-ip-list+--------------------------------------+---------------+-----------+----------+-----------+| Id | IP | Server Id | Fixed IP | Pool |+--------------------------------------+---------------+-----------+----------+-----------+| 7bb93e28-bf36-4791-aebf-94fafa27d5fa | 172.16.12.219 | - | - | vlan_1612 || bc258041-139e-4151-98c1-a6ba7960ad59 | 172.16.12.218 | - | - | vlan_1612 |+--------------------------------------+---------------+-----------+----------+-----------+
2)将虚拟机hzb-test的10.33.0.66这个固定ip绑定到浮动IP172.16.12.218
(nova-api)[root@cc07 nova]# nova floating-ip-associate --fixed-address=10.33.0.66 hzb-test 172.16.12.218ERROR (BadRequest): Unable to associate floating IP 172.16.12.218 to fixed IP 10.33.0.66 for instance bf681562-161c-4d3c-8844-fed602903c6e. Error: External network 519386bf-542a-4769-ac87-1b15ab96550c is not reachable from subnet d0ef28a3-68fe-4b66-bb66-e723825fab82. Therefore, cannot associate Port f615713a-1551-48e1-9d0e-f250fb082607 with a Floating IP.Neutron server returns request_ids: ['req-c59a64e0-9477-4bcc-a34b-bc5cd90fc94a'] (HTTP 400) (Request-ID: req-f28973b4-a31b-48ee-b137-806a7d6420a0)
上面报错是由于两个网段不能直接访问,可以用一个路由把他们绑定起来。
创建一个路由
(nova-api)[root@cc07 nova]# neutron router-create hzb-route-testCreated a new router:+-------------------------+--------------------------------------+| Field | Value |+-------------------------+--------------------------------------+| admin_state_up | True || availability_zone_hints | || availability_zones | || description | || distributed | False || external_gateway_info | || ha | False || id | f1a45281-68a1-481a-b62a-ab735c8c2e8e || name | hzb-route-test || routes | || rx | -1 || status | ACTIVE || tenant_id | 26a8e1feb372493d831c19d4d9e28d73 || tx | -1 |+-------------------------+--------------------------------------+
将路由绑定到外部网络也就是刚才的浮动ip所在的网络
(nova-api)[root@cc07 nova]# neutron router-gateway-set f1a45281-68a1-481a-b62a-ab735c8c2e8e vlan_1612Set gateway for router f1a45281-68a1-481a-b62a-ab735c8c2e8e(nova-api)[root@cc07 nova]# neutron router-show hzb-route-test+-------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| Field | Value |+-------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| admin_state_up | True || availability_zone_hints | || availability_zones | nova || description | || distributed | False || external_gateway_info | { "network_id": "519386bf-542a-4769-ac87-1b15ab96550c", "enable_snat": true, "external_fixed_ips": [{ "subnet_id": "732a6431-e412-4db6-a5ec-bd9913699bab", "ip_address": "172.16.12.235"}]} || ha | False || id | f1a45281-68a1-481a-b62a-ab735c8c2e8e || name | hzb-route-test || routes | || rx | -1 || status | ACTIVE || tenant_id | 26a8e1feb372493d831c19d4d9e28d73 || tx | -1 |+-------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ 将路由绑定子网(hzb-sub-net2)也就是10.33.0.66所在的子网
(nova-api)[root@cc07 nova]# neutron router-interface-add f1a45281-68a1-481a-b62a-ab735c8c2e8e hzb-sub-net2Added interface 3ad406ae-4c83-45d9-9d92-d1ac6d711594 to router f1a45281-68a1-481a-b62a-ab735c8c2e8e.
现在开始再次:虚拟机hzb-test的10.33.0.66这个固定ip绑定到浮动IP172.16.12.218
(nova-api)[root@cc07 nova]# nova floating-ip-associate --fixed-address=10.33.0.66 hzb-test 172.16.12.218
(nova-api)[root@cc07 nova]# nova floating-ip-list+--------------------------------------+---------------+--------------------------------------+------------+-----------+| Id | IP | Server Id | Fixed IP | Pool |+--------------------------------------+---------------+--------------------------------------+------------+-----------+| 7bb93e28-bf36-4791-aebf-94fafa27d5fa | 172.16.12.219 | - | - | vlan_1612 || bc258041-139e-4151-98c1-a6ba7960ad59 | 172.16.12.218 | bf681562-161c-4d3c-8844-fed602903c6e | 10.33.0.66 | vlan_1612 |+--------------------------------------+---------------+--------------------------------------+------------+-----------+
16、解绑浮动IP
usage: nova floating-ip-disassociate
(nova-api)[root@cc07 nova]# nova floating-ip-disassociate hzb-test 172.16.12.218(nova-api)[root@cc07 nova]# nova floating-ip-list+--------------------------------------+---------------+-----------+----------+-----------+| Id | IP | Server Id | Fixed IP | Pool |+--------------------------------------+---------------+-----------+----------+-----------+| 7bb93e28-bf36-4791-aebf-94fafa27d5fa | 172.16.12.219 | - | - | vlan_1612 || bc258041-139e-4151-98c1-a6ba7960ad59 | 172.16.12.218 | - | - | vlan_1612 |+--------------------------------------+---------------+-----------+----------+-----------+
17、列出虚拟机的安全组
usage: nova list-secgroup
(nova-api)[root@cc07 nova]# nova list-secgroup hzb-test+--------------------------------------+---------+------------------------+| Id | Name | Description |+--------------------------------------+---------+------------------------+| 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group || 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group || 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group || 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group |+--------------------------------------+---------+------------------------+
上面有4个安全组,是因为虚拟机hzb-test绑定了4个ip,每个ip默认绑定了一个default安全组
18、绑定安全组
(nova-api)[root@cc07 nova]# nova add-secgroup hzb-test boshen-sg2(nova-api)[root@cc07 nova]# nova list-secgroup hzb-test+--------------------------------------+------------+------------------------+| Id | Name | Description |+--------------------------------------+------------+------------------------+| db7599e0-be38-4955-93d9-ed20f2a8a298 | boshen-sg2 | xxxxxxxxx || db7599e0-be38-4955-93d9-ed20f2a8a298 | boshen-sg2 | xxxxxxxxx || db7599e0-be38-4955-93d9-ed20f2a8a298 | boshen-sg2 | xxxxxxxxx || db7599e0-be38-4955-93d9-ed20f2a8a298 | boshen-sg2 | xxxxxxxxx || 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group || 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group || 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group || 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group |+--------------------------------------+------------+------------------------+
上面的方法会给所有的ip都应用了安全组,boshen-sg2
如果我们只是想给具体的某一个ip应用安全组,那么只能更新具体的port
(nova-api)[root@cc07 nova]# nova list-secgroup hzb-test+--------------------------------------+---------+------------------------+| Id | Name | Description |+--------------------------------------+---------+------------------------+| 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group || 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group || 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group || 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group |+--------------------------------------+---------+------------------------+(nova-api)[root@cc07 nova]# nova interface-list hzb-test+------------+--------------------------------------+--------------------------------------+--------------+-------------------+| Port State | Port ID | Net ID | IP addresses | MAC Addr |+------------+--------------------------------------+--------------------------------------+--------------+-------------------+| ACTIVE | 18d5e605-d058-4f27-95db-723836d66eb5 | 7856011d-32e7-42a7-887d-2f9dc3c730e7 | 10.33.0.66 | fa:16:3e:db:33:57 || ACTIVE | 5f51e282-a65d-4277-8d18-e4ed3618cbef | 2193270e-c4c9-469c-99ae-87ebdb4ba535 | 10.30.0.65 | fa:16:3e:06:40:ff || ACTIVE | a0152728-08b5-4c95-9206-a4439ca19453 | 7856011d-32e7-42a7-887d-2f9dc3c730e7 | 10.23.2.6 | fa:16:3e:7d:03:5b || ACTIVE | f615713a-1551-48e1-9d0e-f250fb082607 | 7856011d-32e7-42a7-887d-2f9dc3c730e7 | 10.23.2.5 | fa:16:3e:94:b0:4c |+------------+--------------------------------------+--------------------------------------+--------------+-------------------+
现在我们将安全组boshen-sg2应用到10.23.2.5这个port上
(nova-api)[root@cc07 nova]# neutron port-update --security-group=boshen-sg2 f615713a-1551-48e1-9d0e-f250fb082607Updated port: f615713a-1551-48e1-9d0e-f250fb082607(nova-api)[root@cc07 nova]# nova list-secgroup hzb-test+--------------------------------------+------------+------------------------+| Id | Name | Description |+--------------------------------------+------------+------------------------+| db7599e0-be38-4955-93d9-ed20f2a8a298 | boshen-sg2 | xxxxxxxxx || 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group || 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group || 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group |+--------------------------------------+------------+------------------------+
19、卸载安全组
(nova-api)[root@cc07 nova]# nova remove-secgroup hzb-test boshen-sg2(nova-api)[root@cc07 nova]# nova list-secgroup hzb-test+--------------------------------------+---------+------------------------+| Id | Name | Description |+--------------------------------------+---------+------------------------+| 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group || 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group || 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group || 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group |+--------------------------------------+---------+------------------------+
上面的方法会给所有的ip都卸载了安全组,boshen-sg2
20、查看vnc
(nova-api)[root@cc07 nova]# nova get-vnc-console hzb-test novnc+-------+----------------------------------------------------------------------------------+| Type | Url |+-------+----------------------------------------------------------------------------------+| novnc | http://172.16.12.7:6080/vnc_auto.html?token=cf81ba3f-3103-4f49-9b9c-85a910f74848 |+-------+----------------------------------------------------------------------------------+
21、resize(通过设置不同的flavor实现的)
nova resize hzb-test vcpus_1_cpu_cores_1_cpu_sockets_1_ram_2048_disk_60_eph_0
22、lock/unlock
lock后,可以防止对其进行其他误操作
nova lock hzb-testnova unlock hzb-test
23、创建快照
其工作原理是对 instance的镜像文件(系统盘)进行全量备份,生成一个类型为 snapshot的 image,然后将其保存到 Glance上。快照之前,最好先pause虚拟机
nova create-image hzb-test hzb-test-snapshot
24、重建
nova rebuild hzb-test-snapshot
25、shelve/unshelve
1)、shelve 将 instance 保存到 Glance 上,之后可通过 Unshelve 重新部署。 Shelve 操作成功后,instance 会从原来的计算节点上删除。
[root@cc07 ~]# nova shelve h001[root@cc07 ~]# nova list+--------------------------------------+------+--------+-------------------------------+-------------+-------------------------+| ID | Name | Status | Task State | Power State | Networks |+--------------------------------------+------+--------+-------------------------------+-------------+-------------------------+| 4c46b8fd-dfff-4971-83c7-6ac8e46b99e9 | h001 | ACTIVE | shelving_image_pending_upload | Running | hzb-privnet1=10.30.0.66 |+--------------------------------------+------+--------+-------------------------------+-------------+-------------------------+
[root@cc07 ~]# glance image-list|grep h001| 32e9c33f-ae53-4ff2-9885-1f3909a7b094 | h001-shelved |
会自动生成镜像h001-shelved
2)unshelve, 会重新选择节点部署,可能不是原节点。
usage: nova unshelve
26,migrate/live-migration
1)、migrate,将 instance 迁移到其他计算节点。 迁移之前,instance 会被 Shut Off,支持共享存储和非共享存储。不支持指定迁移到哪个计算节点
usage: nova migrate [--poll]Migrate a server. The new host will be selected by the scheduler.Positional arguments: Name or ID of server.Optional arguments: --poll Report the server migration progress until it completes.
nova migrate cc64cd70-a4d2-4850-aec9-dd9147866956
2)live-migration,能不停机在线地迁移 instance,保证了业务的连续性。也支持共享存储和非共享存储(Block Migration)
usage: nova live-migration [--block-migrate] [--force][ ]Migrate running server to a new machine.Positional arguments: Name or ID of server. Destination host name. If no host is specified, the scheduler will choose one.Optional arguments: --block-migrate True in case of block_migration. (Default=auto:live_migration) (Supported by API versions '2.25' - '2.latest') --force Force a live-migration by not verifying the provided destination host by the scheduler. WARNING: This could result in failures to actually live migrate the server to the specified host. It is recommended to either not specify a host so that the scheduler will pick one, or specify a host without --force. (Supported by API versions '2.30' - '2.latest')
nova live-migration cc64cd70-a4d2-4850-aec9-dd9147866956 compute.chinacloud.com