Exercises
Exercise 1 :
Lets try our first exercise with CLI.
The objective
- Create a new project named "red"
- Create a new user named "red" and associate with "red" Project as a MEMBER(Role).
- Associate the admin user as admin Role for RED Project.
- Create a private network named RED-PRIVATE1 with Subnet RED-SUBNET1 192.168.101.0/24
- create a security group "red-sec-group" to allow TCP,ICMP Traffic on both sides
- Create a instance redinstance1 with cirros image,64Mb Ram, RED-PRIVATE1 network, red-sec-group security group
- Create a floating IP and associate with the redinstance1
- SSH to the redinstance1 and ping google.com
Before starting the
Note : To upgrade the openstack client sudo pip install --upgrade python-openstackclient
cloud@devstack1:~/devstack$ source openrc admin admin
WARNING: setting legacy OS_TENANT_NAME to support cli tools.
cloud@devstack1:~/devstack$ openstack project create --description "Red Tenant" red
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Red Tenant |
| enabled | True |
| id | a18314bc67c64d7a904622da3436ae89 |
| name | red |
+-------------+----------------------------------+
cloud@devstack1:~/devstack$ openstack project list
+----------------------------------+--------------------+
| ID | Name |
+----------------------------------+--------------------+
| 3314475b00c54ecab56cedf094d98502 | alt_demo |
| 62b948dd49004bc48964262685631632 | admin |
| 84f868958c7941ad9f661f46a0150a45 | service |
| a01b133bfbd04cf8b4b189857d723aaf | demo |
| a18314bc67c64d7a904622da3436ae89 | red |
| fb2f50c7ecec4338acb4614253fae61d | invisible_to_admin |
+----------------------------------+--------------------+
cloud@devstack1:~/devstack$
cloud@devstack1:~/devstack$ openstack user create --password red123 red
+----------+----------------------------------+
| Field | Value |
+----------+----------------------------------+
| email | None |
| enabled | True |
| id | 9216fdbb2fdf424c8215bd8d6b668105 |
| name | red |
| username | red |
+----------+----------------------------------+
cloud@devstack1:~/devstack$ openstack user list
+----------------------------------+----------+
| ID | Name |
+----------------------------------+----------+
| 9d84fb2c650c4f8b9e24d069f5068fc3 | admin |
| 78fdfa16ec21402ca757c8f9eed32af1 | demo |
| 4ead3faa8f3d4ea8b10a17896fe2b078 | alt_demo |
| d3585b3a6f144a2e9bb9f6fda737e750 | nova |
| f00c1a8e0ddd4a9ab3526aada79260b9 | glance |
| c01b8b8c816f4b90b31e3ba2497e4e32 | cinder |
| 262528a5706c480eac2047887b9ad923 | neutron |
| 9216fdbb2fdf424c8215bd8d6b668105 | red |
+----------------------------------+----------+
cloud@devstack1:~/devstack$ openstack role add --project red --user red Member
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | None |
| id | 523dc876b6da436ba87dd390d1e44faf |
| name | Member |
+-----------+----------------------------------+
cloud@devstack1:~/devstack$
cloud@devstack1:~/devstack$ openstack role add --project red --user admin admin
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | None |
| id | e64dbb4bea08458aabaa186c977429a7 |
| name | admin |
+-----------+----------------------------------+
cloud@devstack1:~/devstack$
cloud@devstack1:~/devstack$ source openrc red red
WARNING: setting legacy OS_TENANT_NAME to support cli tools.
cloud@devstack1:~/devstack$ export OS_PASSWORD=red123
cloud@devstack1:~/devstack$ echo $OS_PASSWORD
red123
cloud@devstack1:~/devstack$ openstack network create RED-PRIVATE1
+-------------------------+--------------------------------------+
| Field | Value |
+-------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2016-07-31T06:17:36 |
| description | |
| headers | |
| id | d1fedac3-5916-47bc-9dec-3c7211bc5168 |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| mtu | 1450 |
| name | RED-PRIVATE1 |
| port_security_enabled | True |
| project_id | a18314bc67c64d7a904622da3436ae89 |
| router_external | Internal |
| shared | False |
| status | ACTIVE |
| subnets | |
| tags | [] |
| updated_at | 2016-07-31T06:17:36 |
+-------------------------+--------------------------------------+
cloud@devstack1:~/devstack$
cloud@devstack1:~/devstack$ openstack network list
+--------------------------------------+--------------+----------------------------------------------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+--------------+----------------------------------------------------------------------------+
| 92f6d3cb-fa04-47b4-916d-5ccea2d91642 | public | 0d6f7d8d-3482-45d2-a8b6-e3e1ff85799b, d0609613-802a-4f48-9de3-435735badfd3 |
| d1fedac3-5916-47bc-9dec-3c7211bc5168 | RED-PRIVATE1 | |
+--------------------------------------+--------------+----------------------------------------------------------------------------+
cloud@devstack1:~/devstack$
cloud@devstack1:~/devstack$ openstack subnet create --subnet-range 192.168.101.0/24 --dhcp --gateway 192.168.101.1 --network RED-PRIVATE1 RED-SUBNET1
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| allocation_pools | 192.168.101.2-192.168.101.254 |
| cidr | 192.168.101.0/24 |
| created_at | 2016-07-31T06:21:43 |
| description | |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 192.168.101.1 |
| headers | |
| host_routes | |
| id | 1fa576c7-13f4-463e-99e2-38c5610dccd4 |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| name | RED-SUBNET1 |
| network_id | d1fedac3-5916-47bc-9dec-3c7211bc5168 |
| project_id | a18314bc67c64d7a904622da3436ae89 |
| subnetpool_id | None |
| updated_at | 2016-07-31T06:21:43 |
+-------------------+--------------------------------------+
cloud@devstack1:~/devstack$
cloud@devstack1:~/devstack$ openstack network list
+--------------------------------------+--------------+----------------------------------------------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+--------------+----------------------------------------------------------------------------+
| 92f6d3cb-fa04-47b4-916d-5ccea2d91642 | public | 0d6f7d8d-3482-45d2-a8b6-e3e1ff85799b, d0609613-802a-4f48-9de3-435735badfd3 |
| d1fedac3-5916-47bc-9dec-3c7211bc5168 | RED-PRIVATE1 | 1fa576c7-13f4-463e-99e2-38c5610dccd4 |
+--------------------------------------+--------------+----------------------------------------------------------------------------+
cloud@devstack1:~/devstack$ openstack subnet list
+--------------------------------------+-------------+--------------------------------------+------------------+
| ID | Name | Network | Subnet |
+--------------------------------------+-------------+--------------------------------------+------------------+
| 1fa576c7-13f4-463e-99e2-38c5610dccd4 | RED-SUBNET1 | d1fedac3-5916-47bc-9dec-3c7211bc5168 | 192.168.101.0/24 |
+--------------------------------------+-------------+--------------------------------------+------------------+
cloud@devstack1:~/devstack$ openstack security group create --description "red security group" red-sec-group
+-------------+---------------------------------------------------------------------------------+
| Field | Value |
+-------------+---------------------------------------------------------------------------------+
| description | red security group |
| headers | |
| id | 7d614891-ffbb-4711-bf9c-eedf4262e9af |
| name | red-sec-group |
| project_id | a18314bc67c64d7a904622da3436ae89 |
| rules | direction='egress', ethertype='IPv4', id='db7e35d9-2ace-429a-861e-97181cba1d8b' |
| | direction='egress', ethertype='IPv6', id='2f9618bd-e63a-4995-990f-34d225716a63' |
+-------------+---------------------------------------------------------------------------------+
cloud@devstack1:~/devstack$
cloud@devstack1:~/devstack$ openstack security group rule delete db7e35d9-2ace-429a-861e-97181cba1d8b
cloud@devstack1:~/devstack$ openstack security group rule delete 2f9618bd-e63a-4995-990f-34d225716a63
cloud@devstack1:~/devstack$
cloud@devstack1:~/devstack$ openstack security group rule create --protocol icmp --egress red-sec-group
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| description | |
| direction | egress |
| ethertype | IPv4 |
| headers | |
| id | 72d638c3-ca2f-475b-9cc2-cfc24c6c06f0 |
| port_range_max | None |
| port_range_min | None |
| project_id | a18314bc67c64d7a904622da3436ae89 |
| protocol | icmp |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| security_group_id | 7d614891-ffbb-4711-bf9c-eedf4262e9af |
+-------------------+--------------------------------------+
cloud@devstack1:~/devstack$ openstack security group rule create --protocol tcp --ingress red-sec-group
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| description | |
| direction | ingress |
| ethertype | IPv4 |
| headers | |
| id | 9b2c9ba4-6463-4c3c-8b72-871125999fb2 |
| port_range_max | None |
| port_range_min | None |
| project_id | a18314bc67c64d7a904622da3436ae89 |
| protocol | tcp |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| security_group_id | 7d614891-ffbb-4711-bf9c-eedf4262e9af |
+-------------------+--------------------------------------+
cloud@devstack1:~/devstack$ openstack security group rule create --protocol tcp --egress red-sec-group
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| description | |
| direction | egress |
| ethertype | IPv4 |
| headers | |
| id | c861cfc6-0776-4b91-a4e4-1f6988175f88 |
| port_range_max | None |
| port_range_min | None |
| project_id | a18314bc67c64d7a904622da3436ae89 |
| protocol | tcp |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| security_group_id | 7d614891-ffbb-4711-bf9c-eedf4262e9af |
+-------------------+--------------------------------------+
cloud@devstack1:~/devstack$
cloud@devstack1:~/devstack$ openstack security group rule create --protocol icmp --ingress red-sec-group
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| description | |
| direction | ingress |
| ethertype | IPv4 |
| headers | |
| id | bdaf151b-56d7-4d84-853b-154bcf87a9d8 |
| port_range_max | None |
| port_range_min | None |
| project_id | a18314bc67c64d7a904622da3436ae89 |
| protocol | icmp |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| security_group_id | 7d614891-ffbb-4711-bf9c-eedf4262e9af |
+-------------------+--------------------------------------+
cloud@devstack1:~/devstack$
cloud@devstack1:~/devstack$ openstack security group show red-sec-group
+-------------+---------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-------------+---------------------------------------------------------------------------------------------------------------------------------+
| description | red security group |
| id | 7d614891-ffbb-4711-bf9c-eedf4262e9af |
| name | red-sec-group |
| project_id | a18314bc67c64d7a904622da3436ae89 |
| rules | direction='egress', ethertype='IPv4', id='72d638c3-ca2f-475b-9cc2-cfc24c6c06f0', protocol='icmp', remote_ip_prefix='0.0.0.0/0' |
| | direction='ingress', ethertype='IPv4', id='9b2c9ba4-6463-4c3c-8b72-871125999fb2', protocol='tcp', remote_ip_prefix='0.0.0.0/0' |
| | direction='ingress', ethertype='IPv4', id='bdaf151b-56d7-4d84-853b-154bcf87a9d8', protocol='icmp', remote_ip_prefix='0.0.0.0/0' |
| | direction='egress', ethertype='IPv4', id='c861cfc6-0776-4b91-a4e4-1f6988175f88', protocol='tcp', remote_ip_prefix='0.0.0.0/0' |
+-------------+---------------------------------------------------------------------------------------------------------------------------------+
cloud@devstack1:~/devstack$
cloud@devstack1:~/devstack$ openstack server create
usage: openstack server create [-h] [-f {json,shell,table,value,yaml}]
[-c COLUMN] [--max-width <integer>]
[--noindent] [--prefix PREFIX]
(--image <image> | --volume <volume>) --flavor
<flavor>
[--security-group <security-group-name>]
[--key-name <key-name>]
[--property <key=value>]
[--file <dest-filename=source-filename>]
[--user-data <user-data>]
[--availability-zone <zone-name>]
[--block-device-mapping <dev-name=mapping>]
[--nic <net-id=net-uuid,v4-fixed-ip=ip-addr,v6-fixed-ip=ip-addr,port-id=port-uuid>]
[--hint <key=value>]
[--config-drive <config-drive-volume>|True]
[--min <count>] [--max <count>] [--wait]
<server-name>
openstack server create: error: too few arguments
cloud@devstack1:~/devstack$ openstack image list
+--------------------------------------+---------------------------------+--------+
| ID | Name | Status |
+--------------------------------------+---------------------------------+--------+
| 32d7cb58-aadc-4853-a888-2b56556c914e | cirros-0.3.4-x86_64-uec | active |
| 7ca2ec87-ad98-4149-92d5-4c7bf02ea2b0 | cirros-0.3.4-x86_64-uec-ramdisk | active |
| c8595f74-2318-454e-a012-99322bb5589d | cirros-0.3.4-x86_64-uec-kernel | active |
+--------------------------------------+---------------------------------+--------+
cloud@devstack1:~/devstack$ openstack flavor list
+----+-----------+-------+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+-----------+-------+------+-----------+-------+-----------+
| 1 | m1.tiny | 512 | 1 | 0 | 1 | True |
| 2 | m1.small | 2048 | 20 | 0 | 1 | True |
| 3 | m1.medium | 4096 | 40 | 0 | 2 | True |
| 4 | m1.large | 8192 | 80 | 0 | 4 | True |
| 42 | m1.nano | 64 | 0 | 0 | 1 | True |
| 5 | m1.xlarge | 16384 | 160 | 0 | 8 | True |
| 84 | m1.micro | 128 | 0 | 0 | 1 | True |
+----+-----------+-------+------+-----------+-------+-----------+
cloud@devstack1:~/devstack$
cloud@devstack1:~/devstack$ openstack network list
+--------------------------------------+--------------+----------------------------------------------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+--------------+----------------------------------------------------------------------------+
| 92f6d3cb-fa04-47b4-916d-5ccea2d91642 | public | 0d6f7d8d-3482-45d2-a8b6-e3e1ff85799b, d0609613-802a-4f48-9de3-435735badfd3 |
| d1fedac3-5916-47bc-9dec-3c7211bc5168 | RED-PRIVATE1 | 1fa576c7-13f4-463e-99e2-38c5610dccd4 |
+--------------------------------------+--------------+----------------------------------------------------------------------------+
cloud@devstack1:~/devstack$
cloud@devstack1:~/devstack$ openstack server create --image cirros-0.3.4-x86_64-uec --flavor m1.nano --security-group red-sec-group --nic net-id=d1fedac3-5916-47bc-9dec-3c7211bc5168 redinstance1
+--------------------------------------+----------------------------------------------------------------+
| Field | Value |
+--------------------------------------+----------------------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | |
| OS-EXT-STS:power_state | NOSTATE |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | None |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | |
| adminPass | 3u5eVjCj9MBA |
| config_drive | |
| created | 2016-07-31T06:36:23Z |
| flavor | m1.nano (42) |
| hostId | |
| id | dae3ce19-7f67-474b-956b-2265d31d09ae |
| image | cirros-0.3.4-x86_64-uec (32d7cb58-aadc-4853-a888-2b56556c914e) |
| key_name | None |
| name | redinstance1 |
| os-extended-volumes:volumes_attached | [] |
| progress | 0 |
| project_id | a18314bc67c64d7a904622da3436ae89 |
| properties | |
| security_groups | [{u'name': u'red-sec-group'}] |
| status | BUILD |
| updated | 2016-07-31T06:36:24Z |
| user_id | 9216fdbb2fdf424c8215bd8d6b668105 |
+--------------------------------------+----------------------------------------------------------------+
cloud@devstack1:~/devstack$