arnaud
/
trainings
1
0
Fork 0
Code

Add openstack training 

Signed-off-by: Arnaud Morin <arnaud.morin@ovhcloud.com>
This commit is contained in:
Arnaud Morin 2022-01-10 23:56:50 +01:00
parent 2bd8c79421
commit 896a0e8fb4
1 changed files with 275 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

275
cloud/training/101.md Normal file
View File

@ -0,0 +1,275 @@
* [OpenStack training](#openstack-training)
* [Introduction](#introduction)
* [Install openstack cli](#install-openstack-cli)
* [Instance](#instance)
* [Boot](#boot)
* [Ping](#ping)
* [Security rules](#security-rules)
* [Connect with ssh](#connect-with-ssh)
* [Delete the instance](#delete-the-instance)
* [Private networks](#private-networks)
* [Create a private network and subnet](#create-a-private-network-and-subnet)
* [Create a router](#create-a-router)
* [Boot](#boot-1)
* [Floating IP](#floating-ip)
* [Connect with ssh](#connect-with-ssh-1)
# OpenStack training
## Introduction
The goal of this workshop is to manipulate and manage OpenStack API from CLI.
## Install `openstack` cli
First, install `openstack` cli from pip:
```
apt-get install python3-pip libffi-dev python3-venv
python3 -m venv /opt/oscli
source /opt/oscli/bin/activate
pip install --upgrade pip
pip install python-openstackclient
```
## Instance
This part will help you manage some compute resources of the cloud.
You will be dealing with different components:
- **keypair** (ssh-key private and public keys) will be used to connect to your server
- **image** is the base OS your server will be booted from
- **flavor** is the _size_ of your server. i.e. how many CPU, RAM, disk you want
- **network** is the network your instance will be connected to
- **security group** and **security rules** are firewall rules applied to your server
#### keypair
Generate your own SSH key:
```
ssh-keygen -t rsa -f ~/.ssh/id_rsa -N ""
# This will generate both private and public keys in ~/.ssh/ folder
```
Upload the public key to the cloud
```
openstack keypair create --public-key ~/.ssh/id_rsa.pub zob
```
You can list the available keys and see the detail of a key with the following commands:
```
openstack keypair list
# Display the detail of a keypair:
openstack keypair show mykey
```
#### image
Let's list the available images using the following command:
```
openstack image list
```
This will output a long table with the names and IDs of the available images:
```
+--------------------------------------+-----------+--------+
| ID | Name | Status |
+--------------------------------------+-----------+--------+
| 3a2089f1-9b9d-4dc1-970a-9dcb785c01c9 | Debian 10 | active |
| a24ca64a-ee45-48fa-8ec7-d2cd032e31b2 | cirros | active |
+--------------------------------------+-----------+--------+
```
You can see the details of the image with the following command:
```
openstack image show 'Debian 10'
# Or using its ID
openstack image show 3a2089f1-9b9d-4dc1-970a-9dcb785c01c9
```
#### flavor
We need to determine the specifications of the VM we want to run. For this we need to choose a flavor in the list displayed by the following command:
```
openstack flavor list
```
```
+--------------------------------------+--------+------+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+--------------------------------------+--------+------+------+-----------+-------+-----------+
| 34362947-2a7b-468f-928a-0932b7a9bd3f | nano | 256 | 10 | 0 | 1 | True |
| 867b3e07-532e-4616-9ea4-542f4d370129 | large | 4086 | 50 | 0 | 4 | True |
| 8ff0a6c9-75bc-4754-99be-7ba62620257b | medium | 2048 | 20 | 0 | 2 | True |
| 93f96757-ea92-44bf-8204-da2eaf5f2aae | small | 1024 | 10 | 0 | 1 | True |
+--------------------------------------+--------+------+------+-----------+-------+-----------+
```
#### network
List the networks
```
openstack network list
```
```
+--------------------------------------+---------+----------------------------------------------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+---------+----------------------------------------------------------------------------+
| 2813f459-a20d-4e50-8193-fe3c639e1ab6 | public | 37e12856-8f92-4a69-8042-da7281c3b99c, 93a6f693-bd68-4a25-899f-19d34c2a4d57 |
+--------------------------------------+---------+----------------------------------------------------------------------------+
```
### Boot
Now that you gathered all necessary information, it's time to boot your first instance using:
```
openstack server create ... # command to be completed
# help
openstack help server create
```
Q: what command did you use to boot a `small` `Debian 10` instance using your `keypair` on `public` network?
When done, you will have an output like:
```
+-----------------------------+-----------------------------------------------------+
| Field | Value |
+-----------------------------+-----------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | |
| OS-EXT-STS:power_state | NOSTATE |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | None |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | |
| adminPass | ... |
| config_drive | |
| created | 2018-12-21T14:01:07Z |
| flavor | small (3c83dfbd-abdb-43d0-b041-3ac44009c2f7) |
| hostId | |
| id | 369ad246-8c48-40f9-ada1-269c0844b34c |
| image | Debian 10 (d60f629d-7f22-4db8-9f4a-cf480a26856f) |
| key_name | mykey |
| name | myvm01 |
| progress | 0 |
| project_id | 88c8667... |
| properties | |
| security_groups | name='default' |
| status | BUILD |
| updated | 2018-12-21T14:01:07Z |
| user_id | 12843a2... |
| volumes_attached | |
+-----------------------------+-----------------------------------------------------+
```
Notice that the `status` is `BUILD` and the `OS-EXT-STS:vm_state` field is `building`. Also the field `addresses` is empty which means no IP address has been assigned to it yet.
You can run this command to check the progress of the VM:
```
openstack server show myvm01
# Or with its id:
openstack server show 369ad246-8c48-40f9-ada1-269c0844b34c
```
As soon as your instance will be ready, the `status` will be `ACTIVE` and an IPv4 should have been assigned to the instance.
### Ping
Try to ping the IP of your server
Q: is it working?
### Security rules
By default, the `security rules` applied to your server are closing all connections:
```
openstack security group rule list
```
Add a `rule` to allow ICMP (ping):
```
openstack security group rule create --protocol icmp --ingress default
```
Q: is ping working now?
### Connect with ssh
Now, add a `rule`to allow `ssh` (tcp/22) and try connecting to your instance with SSH:
```
ssh debian@xxx.yyy.zzz.aaa
```
### Delete the instance
Q: which command can you use to delete the instance?
## Private networks
This part will help you manage some network resources of the cloud.
You will be dealing with different components:
- **networks** (approximatively) represent the [layer 2](https://en.wikipedia.org/wiki/Data_link_layer) in the OSI model
- **subnets** are encapsulated in the networks and carry the [layer 3](https://en.wikipedia.org/wiki/Network_layer) information
- **routers** are used to interconnect networks
- **floating ips** can be attached to a server connected to private networks in order to be reached from internet
### Create a private network and subnet
By default only a `public` network is provided but some use case require the instances to be connected on a dedicated `private` network.
OpenStack provides the functionality to create `private` networks in your project (and only for you), while the `public` one is available for all users.
Let's start by simply creating a network:
```
openstack network create private
```
Then create the subnet:
```
openstack subnet create \
--network private \
--subnet-range "192.168.42.0/24" \
--gateway 192.168.42.1 \
--dns-nameserver 1.1.1.1 \
"192.168.42.0/24"
```
### Create a router
```
openstack router create router1
```
Then attach this router to your private network:
```
openstack router add subnet router1 192.168.42.0/24
```
Q: which IP address the router is having in your private network?
Finally add an external gateway to your router
```
openstack router set --external-gateway public router1
```
Q: which IP addres the router is having as external gateway?
### Boot
Like in first part, boot an instance, but connected to your `private` network this time
Q: can you access to your instance in SSH?
### Floating IP
Create a `floating ip` from `public` network
```
openstack floating ip create public
```
Attach your `floating ip` to your instance:
```
openstack server add floating ip myprivateserver xxx.yyy.www.bbb
```
### Connect with ssh
```
ssh debian@xxx.yyy.zzz.aaa # floating ip
```
Q: what IP can you see on eth0 interface of the instance?