OpenStack

  • warning: Illegal string offset 'files' in /data/web/1/000/027/003/273448/htdocs/panticz.de/modules/upload/upload.module on line 281.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.
  • warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /data/web/1/000/027/003/273448/htdocs/panticz.de/includes/unicode.inc on line 349.

Create VM
openstack keypair create foo-key \
--public-key ~/.ssh/id_rsa.pub

openstack floating ip create --floating-ip-address 1.2.3.4 public

Releases

Change user / admin password
. /etc/kolla/admin-openrc.sh
openstack user password set --password new-password --original-password current-admin-password

CLI
source /etc/kolla/admin-openrc.sh



Compute node

# list compute service
openstack compute service list --host ${OS_NODE}
# disable compute service
for OS_SERVICE in $(openstack compute service list --host ${OS_NODE} -c Binary -f value); do
openstack compute service set --disable --disable-reason "Maintenance" ${OS_NODE} ${OS_SERVICE}
done

# List your volumes
openstack volume list

# change user password
openstack user set --password pass123 user1

# list user (for domain)
openstack --os-cloud=dev-admin user list --domain my_dom_1

# floating IPs

openstack floating ip list
openstack floating ip create public-net
FLOATING_IP=$(openstack floating ip create public -c floating_ip_address -f value --floating-ip-address 10.11.12.13)

Instance

# openstack image list
# openstack network list
# openstack security group list
# openstack keypair list

Network CLI

# create port without security
openstack port create openstack-net-port1 --network openstack-net --no-security-group --disable-port-security --no-fixed-ip
openstack port set --disable-port-security openstack-net-port1

Ansible

pip install -U openstacksdk python-openstacksdk ansible

Cloud images

Cloud config

#
# old
#
sudo apt-get install git
git clone

cat < local.conf
[[local|localrc]]
ADMIN_PASSWORD=devstack
DATABASE_PASSWORD=$ADMIN_PASSWORD
RABBIT_PASSWORD=$ADMIN_PASSWORD
SERVICE_PASSWORD=$ADMIN_PASSWORD
EOF

sudo devstack/tools/create-stack-user.sh
su stack

cd devstack
./stack.sh

ssh -N -L 8080:localhost:80 root@192.168.254.46

export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=stack
export OS_AUTH_URL=http://localhost:35357/v2.0

nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
nova secgroup-add-rule default tcp 22 22 0.0.0.0/0

nova list
nova floating-ip-create public

Terraform

Network

openstack network create worker_network
openstack subnet create worker_subnet --network worker_network --subnet-range 10.0.1.0/24
openstack router create project_router
openstack router set project_router --external-gateway public
openstack router add subnet project_router worker_subnet

# add floating IP pool
openstack subnet list
openstack subnet set --allocation-pool start=10.40.0.100,end=10.40.0.200 public1
openstack subnet show public1 -c allocation_pools -f value

Command line
sudo apt install -y python-magnumclient
pip install python-magnumclient

CLI quotas


# show default quota
penstack quota show --default

# set quotas
openstack quota set --class --instances 20 default
openstack quota set --class --cores 20 default
openstack quota set --class --ram $((68 * 1024)) default

openstack quota show
openstack quota set --class --gigabytes 10000 default

Magnum
# images

microstack on ubuntu
sudo snap install microstack --classic --candidate

cloud-init images

bash completion
openstack complete | sudo tee /etc/bash_completion.d/osc.bash_completion > /dev/null
. /etc/bash_completion

Project / User
openstack project list --domain example.com
openstack domain create example.com
openstack project create openstack --domain example.com
openstack role add --user foo --project openstack admin

Connect to a (cirros) VM without floating IP
cirros password: gocubsgo
for ROUTER in $(ip netns | grep qrouter | cut -d" " -f1); do
ip netns exec ${ROUTER} ssh cirros@${VM_IP}
done

endpoint
#
openstack endpoint list | grep keystone
openstack service list

openstack endpoint list | grep 5000
openstack endpoint create identity --region RegionOne internal

openstack endpoint list | grep identity
openstack endpoint set --url --interface public ab00147b8bf44319bf14927d74582359

Nested virtualisation

echo "options kvm-intel nested=y" > /etc/modprobe.d/dist.conf
# modprobe kvm-intel
reboot
cat /sys/module/kvm_intel/parameters/nested

# nested networking (disable security on external port)
openstack port set --disable-port-security openstack-net-ext-port1

Object storage
openstack container create bucket1
openstack object create bucket1 /etc/fstab --name fstab

Magnum

Mailinglist

Module
openstack versions show
openstack module list

volume
openstack volume type list --public --long
openstack volume backend pool list

Direct database access
# neutron
DB_PASS=$(grep neutron_database_password /etc/kolla/passwords.yml | cut -d " " -f2)
mysql -h db.service.i.ewcs.ch --password=${DB_PASS} -P 6033 -u neutron -D neutron
mysql -B -h db.service.i.ewcs.ch --password=${DB_PASS} -P 6033 -u neutron -D neutron -e "select * from floatingips"

# octavia
DB_PASS=$(grep octavia_database_password /etc/kolla/passwords.yml | cut -d " " -f2)
mysql -h db.service.i.ewcs.ch --password=${DB_PASS} -P 6033 -u octavia -D octavia
select * from load_balancer;

# service
openstack service list --long

# project
openstack project list --my-projects

user
# show user roles
MGMT_USER_ID=b912ba4325fbb6c18483602245f9b515b
openstack role assignment list --user ${MGMT_USER_ID} --names

Secret
openstack secret get --payload_content_type application/octet-stream --file /tmp/file1.out

Links