新版OpenStack认证以及CLI探索

上次试了一下新版本OpenStack的Keystone认证服务,但CLI方面keystone已经被遗弃了,直接通过openstackclient来调用,与H版大有不同,今天又重新试了试,结合horizon来探索一番,对于常规基本操作进行一些熟悉,至于正确的RC File写法,可以思考一些方法,而不要去网上盲目得随意搜索

首先是测试环境,由于目前依旧以熟悉新版为主,还是直接虚拟机里搭建单节点devstack

虚拟机:Mac上的VMware Fusion
资源:2 Core,3.9G Memory
网络:Bridge模式

这里内存最好接近4G,所有服务启动后占用的内存资源差不多这么多,网络我这里选择了Bridge,而不是NAT模式

然后虚拟机安装Linux操作系统,我这里还是用的CentOS 7.2,内核版本3.10.0-229.el7.x86_64,在创建安装好CentOS虚拟机之后,未安装OpenStack之前建议开放80端口,因为我这里是在Mac上访问WEB,不要直接iptables命令修改,那样重启服务又去掉了,更不要在OpenStack启动之后再开放,那样重启iptables服务后会将openstack里的一些临时防火墙规则给去掉了,因此一开始永久修改Linux操作系统防火墙规则一劳永逸

CentOS修改防火墙添加一行即可:

[lihui@openstack ~]$ sudo cat /etc/sysconfig/iptables | grep 80
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT

然后restart一下服务即可,可在Mac上通过telnet验证一下

[lihui@openstack ~]$ sudo service iptables restart
 lihui@MacBook  ~  telnet 192.168.100.13 80
Trying 192.168.100.13...
Connected to 192.168.100.13.
Escape character is '^]'.
^]
telnet>

这样就OK了,可以看下防火墙规则

[lihui@openstack ~]$ sudo iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited

接着就是安装devstack了,这部分没啥好说的,装就是了,中间有问题可自行解决,安装完成后大概有这些信息

This is your host IP address: 192.168.100.13
This is your host IPv6 address: ::1
Horizon is now available at http://192.168.100.13/dashboard
Keystone is serving at http://192.168.100.13/identity/
The default users are: admin and demo
The password: lihui
2017-04-03 04:53:24.400 | WARNING:
2017-04-03 04:53:24.400 | Using lib/neutron-legacy is deprecated, and it will be removed in the future
2017-04-03 04:53:24.400 | stack.sh completed in 1187 seconds.

可以看到这里输出了一些host信息,由于这里是单节点不是分布式,所有所有IP地址都是一个,假如要调用API,这里的IP就是各个服务的host,两个默认的用户,密码都是lihui,有一个警告,日后neutron CLI会废弃,这个前面已经知道了

再来对比下iptables规则,多了一大波

[lihui@openstack ~]$ sudo iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N neutron-filter-top
-N neutron-openvswi-FORWARD
-N neutron-openvswi-INPUT
-N neutron-openvswi-OUTPUT
-N neutron-openvswi-local
-N neutron-openvswi-sg-chain
-N neutron-openvswi-sg-fallback
-N nova-api-FORWARD
-N nova-api-INPUT
-N nova-api-OUTPUT
-N nova-api-local
-N nova-filter-top
-A INPUT -j neutron-openvswi-INPUT
-A INPUT -j nova-api-INPUT
-A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT
-A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j neutron-filter-top
-A FORWARD -j neutron-openvswi-FORWARD
-A FORWARD -j nova-filter-top
-A FORWARD -j nova-api-FORWARD
-A FORWARD -d 192.168.122.0/24 -o virbr0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s 192.168.122.0/24 -i virbr0 -j ACCEPT
-A FORWARD -i virbr0 -o virbr0 -j ACCEPT
-A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A OUTPUT -j neutron-filter-top
-A OUTPUT -j neutron-openvswi-OUTPUT
-A OUTPUT -j nova-filter-top
-A OUTPUT -j nova-api-OUTPUT
-A OUTPUT -o virbr0 -p udp -m udp --dport 68 -j ACCEPT
-A neutron-filter-top -j neutron-openvswi-local
-A neutron-openvswi-sg-chain -j ACCEPT
-A neutron-openvswi-sg-fallback -m comment --comment "Default drop rule for unmatched traffic." -j DROP
-A nova-api-INPUT -d 192.168.100.13/32 -p tcp -m tcp --dport 8775 -j ACCEPT
-A nova-filter-top -j nova-api-local

搭建好之后,Mac上直接输入192.168.100.13,会自动跳转到dashboard,但是结果却反悔了一个ERROR

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at root@localhost to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.

这里就要小思考一下,80端口已开,telnet包已经能进来,说明和防火墙无关,那么只有可能是WEB server的问题了,因为是用apache,看下httpd进程

[lihui@openstack devstack]$ ps aux | grep httpd
root      40230  0.0  0.0 109688   996 pts/6    S+   12:38   0:00 sudo tail -f /var/log/httpd/keystone.log
root      40240  0.0  0.0   4352   368 pts/6    S+   12:38   0:00 tail -f /var/log/httpd/keystone.log
root      40461  0.0  0.0 109688   996 pts/7    S+   12:38   0:00 sudo tail -f /var/log/httpd/keystone_access.log
root      40469  0.0  0.0   4352   412 pts/7    S+   12:38   0:00 tail -f /var/log/httpd/keystone_access.log
root      68623  0.0  0.1 255668  5528 ?        Ss   12:50   0:00 /usr/sbin/httpd -DFOREGROUND
apache    68646  0.0  0.1 260044  6592 ?        S    12:50   0:00 /usr/sbin/httpd -DFOREGROUND
apache    68647  0.0  0.1 260044  7056 ?        S    12:50   0:00 /usr/sbin/httpd -DFOREGROUND
apache    68650  0.0  0.1 260044  7128 ?        S    12:50   0:00 /usr/sbin/httpd -DFOREGROUND
apache    68651  0.0  0.1 260044  7152 ?        S    12:50   0:00 /usr/sbin/httpd -DFOREGROUND
root      69019  0.0  0.0 109688  1808 pts/24   S+   12:50   0:00 sudo tail -f /var/log/httpd/horizon_error.log
root      69024  0.0  0.0   4352   540 pts/24   S+   12:50   0:00 tail -f /var/log/httpd/horizon_error.log
apache    69310  0.0  0.1 260044  7088 ?        S    12:50   0:00 /usr/sbin/httpd -DFOREGROUND
apache    71329  0.0  0.1 260044  7076 ?        S    12:51   0:00 /usr/sbin/httpd -DFOREGROUND
apache    76979  0.0  0.1 260060  7040 ?        S    12:53   0:00 /usr/sbin/httpd -DFOREGROUND
apache    76982  0.0  0.1 260028  6596 ?        S    12:53   0:00 /usr/sbin/httpd -DFOREGROUND
apache    76983  0.0  0.1 260060  6608 ?        S    12:53   0:00 /usr/sbin/httpd -DFOREGROUND
apache    76987  0.0  0.1 260044  6428 ?        S    12:53   0:00 /usr/sbin/httpd -DFOREGROUND
lihui     80618  0.0  0.0 112660   972 pts/3    R+   13:13   0:00 grep --color=auto httpd

进程的确都起来了,但是horizon_error.log一直tailf引起了我的注意,看下详情

[lihui@openstack devstack]$ sudo tail -f /var/log/httpd/horizon_error.log
2017-04-03 05:11:49.412629     obj = self.var.resolve(context)
2017-04-03 05:11:49.412633   File "/usr/lib/python2.7/site-packages/django/template/base.py", line 789, in resolve
2017-04-03 05:11:49.412640     value = self._resolve_lookup(context)
2017-04-03 05:11:49.412645   File "/usr/lib/python2.7/site-packages/django/template/base.py", line 849, in _resolve_lookup
2017-04-03 05:11:49.412652     current = current()
2017-04-03 05:11:49.412657   File "/usr/lib/python2.7/site-packages/django/http/request.py", line 152, in build_absolute_uri
2017-04-03 05:11:49.412666     host=self.get_host(),
2017-04-03 05:11:49.412671   File "/usr/lib/python2.7/site-packages/django/http/request.py", line 102, in get_host
2017-04-03 05:11:49.412707     raise DisallowedHost(msg)
2017-04-03 05:11:49.412732 DisallowedHost: Invalid HTTP_HOST header: '192.168.100.13'. You may need to add u'192.168.100.13' to ALLOWED_HOSTS.

看到这里大概心中有数了,看来是django里类似白名单限制了

我这里就直接修改系统配置

[lihui@openstack ~]$ cat /usr/lib/python2.7/site-packages/django/conf/global_settings.py | grep ALLOWED_HOSTS
ALLOWED_HOSTS = ['192.168.100.13']

重启一下WEB服务让它生效

[lihui@openstack ~]$ sudo service httpd restart
Redirecting to /bin/systemctl restart  httpd.service

做了这一堆实际上为了先打开horizon,看看有哪些未知的东东,经过上面操作前端OK了

根据安装最后提供的user信息,直接admin登陆一下

其它的没啥关心的,直接看API Access

这时候可以看到所有服务,除此之外最上方还有RC File的下载,毫不犹豫download

这个才是我想要的,对比下差异,其它没用的信息不用看了,直接看环境变量

V2的:

[lihui@openstack ~]$ cat v2.openrc | grep export
export OS_AUTH_URL=http://192.168.100.13/identity
export OS_TENANT_ID=351726551dae40b1a6d7f4fd6cba168a
export OS_TENANT_NAME="admin"
export OS_USERNAME="admin"
export OS_PASSWORD=$OS_PASSWORD_INPUT
export OS_REGION_NAME="RegionOne"
export OS_ENDPOINT_TYPE=publicURL
export OS_IDENTITY_API_VERSION=2

V3的:

[lihui@openstack ~]$ cat v3.openrc | grep export
export OS_AUTH_URL=http://192.168.100.13/identity/v3
export OS_PROJECT_ID=351726551dae40b1a6d7f4fd6cba168a
export OS_PROJECT_NAME="admin"
export OS_USER_DOMAIN_NAME="Default"
export OS_USERNAME="admin"
export OS_PASSWORD=$OS_PASSWORD_INPUT
export OS_REGION_NAME="RegionOne"
export OS_INTERFACE=public
export OS_IDENTITY_API_VERSION=3

可见v2是熟悉的tenant和user,但v3除了版本号差异,tenant不见了,而多出了project,感觉就是tenant,但是还有一个OS_USER_DOMAIN_NAME设置的是default,这就不知道是什么了,需要研究

这里安装的已经是v3版本,keystone执行程序都没有了,因此直接修改v3的RC文件,将密码设置进去,终极版

export OS_AUTH_URL=http://192.168.100.13/identity/v3
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_USERNAME=admin
export OS_PASSWORD=lihui
export OS_REGION_NAME=RegionOne
export OS_INTERFACE=public
export OS_IDENTITY_API_VERSION=3

获取token这下OK了

[lihui@openstack ~]$ openstack token issue
+------------+----------------------------------+
| Field      | Value                            |
+------------+----------------------------------+
| expires    | 2017-04-03T07:29:01+0000         |
| id         | 1dd4379c7c51459085a09a29f3b43292 |
| project_id | 351726551dae40b1a6d7f4fd6cba168a |
| user_id    | 5a02a2f293434f9bb097e44ac62978e7 |
+------------+----------------------------------+

这下就该干啥干啥了,比如想创建一个虚拟机玩玩,先看看他要哪些参数,至于说以前的nova,neutron都改成了openstack如何操作,自行help查找

此时没有虚拟机

[lihui@openstack ~]$ openstack server list

[lihui@openstack ~]$

创建虚拟机

参数只要带flavor和镜像就行了

flavor list

[lihui@openstack ~]$ openstack flavor list
+----+-----------+-------+------+-----------+-------+-----------+
| ID | Name      |   RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+-----------+-------+------+-----------+-------+-----------+
| 1  | m1.tiny   |   512 |    1 |         0 |     1 | True      |
| 2  | m1.small  |  2048 |   20 |         0 |     1 | True      |
| 3  | m1.medium |  4096 |   40 |         0 |     2 | True      |
| 4  | m1.large  |  8192 |   80 |         0 |     4 | True      |
| 42 | m1.nano   |    64 |    0 |         0 |     1 | True      |
| 5  | m1.xlarge | 16384 |  160 |         0 |     8 | True      |
| 84 | m1.micro  |   128 |    0 |         0 |     1 | True      |
| c1 | cirros256 |   256 |    0 |         0 |     1 | True      |
| d1 | ds512M    |   512 |    5 |         0 |     1 | True      |
| d2 | ds1G      |  1024 |   10 |         0 |     1 | True      |
| d3 | ds2G      |  2048 |   10 |         0 |     2 | True      |
| d4 | ds4G      |  4096 |   20 |         0 |     4 | True      |
+----+-----------+-------+------+-----------+-------+-----------+

镜像

[lihui@openstack ~]$ openstack image list
+--------------------------------------+---------------------------------+--------+
| ID                                   | Name                            | Status |
+--------------------------------------+---------------------------------+--------+
| 8586d7d8-c0ef-4c1b-a5eb-f3be792786af | cirros-0.3.4-x86_64-uec         | active |
| a3df6416-3670-46e0-bf19-0ea03150b599 | cirros-0.3.4-x86_64-uec-kernel  | active |
| 59b67f0e-3d60-416e-87ee-6c3a90963f6e | cirros-0.3.4-x86_64-uec-ramdisk | active |
+--------------------------------------+---------------------------------+--------+

创建虚拟机

[lihui@openstack ~]$ openstack server create --flavor 1 --image 8586d7d8-c0ef-4c1b-a5eb-f3be792786af new-vm
+-------------------------------------+----------------------------------------------------------------+
| Field                               | Value                                                          |
+-------------------------------------+----------------------------------------------------------------+
| OS-DCF:diskConfig                   | MANUAL                                                         |
| OS-EXT-AZ:availability_zone         |                                                                |
| OS-EXT-SRV-ATTR:host                | None                                                           |
| OS-EXT-SRV-ATTR:hypervisor_hostname | None                                                           |
| OS-EXT-SRV-ATTR:instance_name       |                                                                |
| OS-EXT-STS:power_state              | NOSTATE                                                        |
| OS-EXT-STS:task_state               | scheduling                                                     |
| OS-EXT-STS:vm_state                 | building                                                       |
| OS-SRV-USG:launched_at              | None                                                           |
| OS-SRV-USG:terminated_at            | None                                                           |
| accessIPv4                          |                                                                |
| accessIPv6                          |                                                                |
| addresses                           |                                                                |
| adminPass                           | aPCXoX97xYZX                                                   |
| config_drive                        |                                                                |
| created                             | 2017-04-03T06:50:08Z                                           |
| flavor                              | m1.tiny (1)                                                    |
| hostId                              |                                                                |
| id                                  | 7c5365a6-afb3-46bd-b155-df4d7328c926                           |
| image                               | cirros-0.3.4-x86_64-uec (8586d7d8-c0ef-4c1b-a5eb-f3be792786af) |
| key_name                            | None                                                           |
| name                                | new-vm                                                         |
| progress                            | 0                                                              |
| project_id                          | 351726551dae40b1a6d7f4fd6cba168a                               |
| properties                          |                                                                |
| security_groups                     | name='default'                                                 |
| status                              | BUILD                                                          |
| updated                             | 2017-04-03T06:50:10Z                                           |
| user_id                             | 5a02a2f293434f9bb097e44ac62978e7                               |
| volumes_attached                    |                                                                |
+-------------------------------------+----------------------------------------------------------------+

可以看到创建成功

[lihui@openstack ~]$ openstack server list
+--------------------------------------+--------+--------+----------+-------------------------+
| ID                                   | Name   | Status | Networks | Image Name              |
+--------------------------------------+--------+--------+----------+-------------------------+
| 7c5365a6-afb3-46bd-b155-df4d7328c926 | new-vm | BUILD  |          | cirros-0.3.4-x86_64-uec |
+--------------------------------------+--------+--------+----------+-------------------------+
[lihui@openstack ~]$ openstack server list
+--------------------------------------+--------+--------+--------------------------------+-------------------------+
| ID                                   | Name   | Status | Networks                       | Image Name              |
+--------------------------------------+--------+--------+--------------------------------+-------------------------+
| 7c5365a6-afb3-46bd-b155-df4d7328c926 | new-vm | ACTIVE | public=2001:db8::8, 172.24.4.3 | cirros-0.3.4-x86_64-uec |
+--------------------------------------+--------+--------+--------------------------------+-------------------------+

SHOW的结果

[lihui@openstack ~]$ openstack server show 7c5365a6-afb3-46bd-b155-df4d7328c926
+-------------------------------------+----------------------------------------------------------------+
| Field                               | Value                                                          |
+-------------------------------------+----------------------------------------------------------------+
| OS-DCF:diskConfig                   | MANUAL                                                         |
| OS-EXT-AZ:availability_zone         | nova                                                           |
| OS-EXT-SRV-ATTR:host                | openstack                                                      |
| OS-EXT-SRV-ATTR:hypervisor_hostname | openstack                                                      |
| OS-EXT-SRV-ATTR:instance_name       | instance-00000001                                              |
| OS-EXT-STS:power_state              | Running                                                        |
| OS-EXT-STS:task_state               | None                                                           |
| OS-EXT-STS:vm_state                 | active                                                         |
| OS-SRV-USG:launched_at              | 2017-04-03T06:51:21.000000                                     |
| OS-SRV-USG:terminated_at            | None                                                           |
| accessIPv4                          |                                                                |
| accessIPv6                          |                                                                |
| addresses                           | public=2001:db8::8, 172.24.4.3                                 |
| config_drive                        |                                                                |
| created                             | 2017-04-03T06:50:08Z                                           |
| flavor                              | m1.tiny (1)                                                    |
| hostId                              | 653fbf0dee1be4ec302663cbb289ce3fce37cf28b36f353276a89072       |
| id                                  | 7c5365a6-afb3-46bd-b155-df4d7328c926                           |
| image                               | cirros-0.3.4-x86_64-uec (8586d7d8-c0ef-4c1b-a5eb-f3be792786af) |
| key_name                            | None                                                           |
| name                                | new-vm                                                         |
| progress                            | 0                                                              |
| project_id                          | 351726551dae40b1a6d7f4fd6cba168a                               |
| properties                          |                                                                |
| security_groups                     | name='default'                                                 |
| status                              | ACTIVE                                                         |
| updated                             | 2017-04-03T06:51:22Z                                           |
| user_id                             | 5a02a2f293434f9bb097e44ac62978e7                               |
| volumes_attached                    |                                                                |
+-------------------------------------+----------------------------------------------------------------+

看下相关port情况

[lihui@openstack ~]$ openstack port list
+--------------------------------------+------+-------------------+-----------------------------------------------------------+--------+
| ID                                   | Name | MAC Address       | Fixed IP Addresses                                        | Status |
+--------------------------------------+------+-------------------+-----------------------------------------------------------+--------+
| 43cde396-7ca6-4c3a-a7c0-ee3efa923b9e |      | fa:16:3e:ea:a4:da | ip_address='172.24.4.10', subnet_id='b2060a49-c8c1-437c-  | ACTIVE |
|                                      |      |                   | bc29-74d596ba9228'                                        |        |
|                                      |      |                   | ip_address='2001:db8::1', subnet_id='48fc2747-01de-4b12   |        |
|                                      |      |                   | -9aef-bb041ca30081'                                       |        |
| 85fc242c-c210-479c-af47-af0e899efbe2 |      | fa:16:3e:76:ec:be | ip_address='fd4f:6b37:826e:0:f816:3eff:fe76:ecbe',        | ACTIVE |
|                                      |      |                   | subnet_id='c2fbd298-e466-4f54-8290-9a3d2ec57d0d'          |        |
|                                      |      |                   | ip_address='10.0.0.2', subnet_id='5c3c4802-5100-4d2a-     |        |
|                                      |      |                   | 916a-afcfa816745d'                                        |        |
| 9084ae62-4407-4531-b5dd-7020119521c3 |      | fa:16:3e:81:33:92 | ip_address='fd4f:6b37:826e::1',                           | ACTIVE |
|                                      |      |                   | subnet_id='c2fbd298-e466-4f54-8290-9a3d2ec57d0d'          |        |
| a1c1fafa-b126-4181-aee2-d848069e21f0 |      | fa:16:3e:45:ea:e4 | ip_address='10.0.0.1', subnet_id='5c3c4802-5100-4d2a-     | ACTIVE |
|                                      |      |                   | 916a-afcfa816745d'                                        |        |
| c3bad13e-9c41-4632-a170-15c8e4ee48d7 |      | fa:16:3e:b4:d8:28 | ip_address='172.24.4.3', subnet_id='b2060a49-c8c1-437c-   | ACTIVE |
|                                      |      |                   | bc29-74d596ba9228'                                        |        |
|                                      |      |                   | ip_address='2001:db8::8', subnet_id='48fc2747-01de-4b12   |        |
|                                      |      |                   | -9aef-bb041ca30081'                                       |        |
+--------------------------------------+------+-------------------+-----------------------------------------------------------+--------+

还有IPV6,看下虚拟机分配的PORT

[lihui@openstack ~]$ openstack port show c3bad13e-9c41-4632-a170-15c8e4ee48d7
+-----------------------+----------------------------------------------------------------------------+
| Field                 | Value                                                                      |
+-----------------------+----------------------------------------------------------------------------+
| admin_state_up        | UP                                                                         |
| allowed_address_pairs |                                                                            |
| binding_host_id       | openstack                                                                  |
| binding_profile       |                                                                            |
| binding_vif_details   | ovs_hybrid_plug='True', port_filter='True'                                 |
| binding_vif_type      | ovs                                                                        |
| binding_vnic_type     | normal                                                                     |
| created_at            | 2017-04-03T06:50:30Z                                                       |
| description           |                                                                            |
| device_id             | 7c5365a6-afb3-46bd-b155-df4d7328c926                                       |
| device_owner          | compute:None                                                               |
| dns_assignment        | None                                                                       |
| dns_name              | None                                                                       |
| extra_dhcp_opts       |                                                                            |
| fixed_ips             | ip_address='172.24.4.3', subnet_id='b2060a49-c8c1-437c-bc29-74d596ba9228'  |
|                       | ip_address='2001:db8::8', subnet_id='48fc2747-01de-4b12-9aef-bb041ca30081' |
| id                    | c3bad13e-9c41-4632-a170-15c8e4ee48d7                                       |
| ip_address            | None                                                                       |
| mac_address           | fa:16:3e:b4:d8:28                                                          |
| name                  |                                                                            |
| network_id            | 00a3be6c-635a-450e-b6fd-9b7dce921be9                                       |
| option_name           | None                                                                       |
| option_value          | None                                                                       |
| port_security_enabled | True                                                                       |
| project_id            | 351726551dae40b1a6d7f4fd6cba168a                                           |
| qos_policy_id         | None                                                                       |
| revision_number       | 10                                                                         |
| security_groups       | 77140086-d435-40cc-a313-e028499b3686                                       |
| status                | ACTIVE                                                                     |
| subnet_id             | None                                                                       |
| updated_at            | 2017-04-03T06:51:11Z                                                       |
+-----------------------+----------------------------------------------------------------------------+

可以看到同一段network这里绑了两个subnet,通过network list确认

[lihui@openstack ~]$ openstack network list
+--------------------------------------+---------+----------------------------------------------------------------------------+
| ID                                   | Name    | Subnets                                                                    |
+--------------------------------------+---------+----------------------------------------------------------------------------+
| 00a3be6c-635a-450e-b6fd-9b7dce921be9 | public  | 48fc2747-01de-4b12-9aef-bb041ca30081, b2060a49-c8c1-437c-bc29-74d596ba9228 |
| f54d722e-6ab9-45d3-82f6-ef8c50330f8a | private | 5c3c4802-5100-4d2a-916a-afcfa816745d, c2fbd298-e466-4f54-8290-9a3d2ec57d0d |
+--------------------------------------+---------+----------------------------------------------------------------------------+

OK,玩耍结束,这里主要的做法是通过已经创建的用户,在前端进行登录之后,获取正确的RC文件,进而验证CLI相关命令

新版OpenStack都是基于V3的Keystone,新增了很多东西,比如domain,而且CLI方面以后基本都要通过调用openstack,而不去区分各个模块了

发表评论