Access OpenStack
-
From the bastion server access the Control Plane:
ssh root@192.168.123.100 oc rsh -n openstack openstackclient
-
On Control Plane verify OpenStack Services:
cd /home/cloud-admin openstack compute service list
Sample Output+--------------------------------------+----------------+--------------------------------+----------+---------+-------+----------------------------+ | ID | Binary | Host | Zone | Status | State | Updated At | +--------------------------------------+----------------+--------------------------------+----------+---------+-------+----------------------------+ | 8c787286-4ef0-486d-90bc-a99b423fedb4 | nova-scheduler | nova-scheduler-0 | internal | enabled | up | 2024-05-24T08:56:03.000000 | | 70cd6e5c-5fae-4641-8693-f0616c1a287b | nova-conductor | nova-cell0-conductor-0 | internal | enabled | up | 2024-05-24T08:56:09.000000 | | 8c708776-539a-4fd8-8e67-61711e07e800 | nova-conductor | nova-cell1-conductor-0 | internal | enabled | up | 2024-05-24T08:56:02.000000 | | a43ed3dc-a274-49e3-8956-2e80c8269bba | nova-compute | edpm-compute-0.aio.example.com | nova | enabled | up | 2024-05-24T08:56:07.000000 | +--------------------------------------+----------------+--------------------------------+----------+---------+-------+----------------------------+
-
Verify OpenStack networks:
openstack network agent list exit
Sample Output+--------------------------------------+------------------------------+--------------------------------+-------------------+-------+-------+----------------------------+ | ID | Agent Type | Host | Availability Zone | Alive | State | Binary | +--------------------------------------+------------------------------+--------------------------------+-------------------+-------+-------+----------------------------+ | 4d89ad82-485c-41a2-9427-2420ee0129ec | OVN Controller Gateway agent | ocp4-worker1.aio.example.com | | :-) | UP | ovn-controller | | bfbc013b-5e2d-4454-8b11-63cb63ebef16 | OVN Controller Gateway agent | ocp4-worker2.aio.example.com | | :-) | UP | ovn-controller | | 6b17396e-1129-4b39-953c-b3735e401743 | OVN Controller Gateway agent | ocp4-worker3.aio.example.com | | :-) | UP | ovn-controller | | c9d07b3c-5889-4fdf-bc27-19dd197d6a32 | OVN Controller agent | edpm-compute-0.aio.example.com | | :-) | UP | ovn-controller | | d2bf2749-5744-5e96-b3fc-fb2708e8fb30 | OVN Metadata agent | edpm-compute-0.aio.example.com | | :-) | UP | neutron-ovn-metadata-agent | +--------------------------------------+------------------------------+--------------------------------+-------------------+-------+-------+----------------------------+
-
Map the Compute nodes to the Compute cell that they are connected to:
oc rsh nova-cell0-conductor-0 nova-manage cell_v2 discover_hosts --verbose
Sample OutputModules with known eventlet monkey patching issues were imported prior to eventlet monkey patching: urllib3. This warning can usually be ignored if the caller is only importing and not executing nova code. 2024-05-24 18:06:57.493 4576 WARNING oslo_policy.policy [None req-69d81d0b-1e8a-4cdb-9f08-19767ca33c21 - - - - - -] JSON formatted policy_file support is deprecated since Victoria release. You need to use YAML format which will be default in future. You can use ``oslopolicy-convert-json-to-yaml`` tool to convert existing JSON-formatted policy file to YAML-formatted in backward compatible way: https://docs.openstack.org/oslo.policy/latest/cli/oslopolicy-convert-json-to-yaml.html. 2024-05-24 18:06:57.493 4576 WARNING oslo_policy.policy [None req-69d81d0b-1e8a-4cdb-9f08-19767ca33c21 - - - - - -] JSON formatted policy_file support is deprecated since Victoria release. You need to use YAML format which will be default in future. You can use ``oslopolicy-convert-json-to-yaml`` tool to convert existing JSON-formatted policy file to YAML-formatted in backward compatible way: https://docs.openstack.org/oslo.policy/latest/cli/oslopolicy-convert-json-to-yaml.html. Found 2 cell mappings. Skipping cell0 since it does not contain hosts. Getting computes from cell 'cell1': e35f1b96-fc8d-4b4d-8d47-24f3a0d38bbc Checking host mapping for compute host 'edpm-compute-0.aio.example.com': ffc784cb-f1e2-4a9f-850f-c865214d3edd Creating host mapping for compute host 'edpm-compute-0.aio.example.com': ffc784cb-f1e2-4a9f-850f-c865214d3edd Found 1 unmapped computes in cell: e35f1b96-fc8d-4b4d-8d47-24f3a0d38bbc
-
Create a VM
oc rsh -n openstack openstackclient export GATEWAY=192.168.123.1 export PUBLIC_NETWORK_CIDR=192.168.123.1/24 export PRIVATE_NETWORK_CIDR=192.168.100.0/24 export PUBLIC_NET_START=192.168.123.91 export PUBLIC_NET_END=192.168.123.99 export DNS_SERVER=8.8.8.8 openstack flavor create --ram 512 --disk 1 --vcpu 1 --public tiny curl -O -L https://github.com/cirros-dev/cirros/releases/download/0.6.2/cirros-0.6.2-x86_64-disk.img openstack image create cirros --container-format bare --disk-format qcow2 --public --file cirros-0.6.2-x86_64-disk.img
-
Create Network and Security for the VM
ssh-keygen -m PEM -t rsa -b 2048 -f ~/.ssh/id_rsa_pem openstack keypair create --public-key ~/.ssh/id_rsa_pem.pub default openstack security group create basic openstack security group rule create basic --protocol tcp --dst-port 22:22 --remote-ip 0.0.0.0/0 openstack security group rule create --protocol icmp basic openstack security group rule create --protocol udp --dst-port 53:53 basic openstack network create --external --provider-physical-network datacentre --provider-network-type flat public openstack network create --internal private openstack subnet create public-net \ --subnet-range $PUBLIC_NETWORK_CIDR \ --no-dhcp \ --gateway $GATEWAY \ --allocation-pool start=$PUBLIC_NET_START,end=$PUBLIC_NET_END \ --network public openstack subnet create private-net \ --subnet-range $PRIVATE_NETWORK_CIDR \ --network private openstack router create vrouter openstack router set vrouter --external-gateway public openstack router add subnet vrouter private-net
-
Create the Server and a Floating IP
openstack server create \ --flavor tiny --key-name default --network private --security-group basic \ --image cirros test-server openstack floating ip create public
-
Add the floating IP above to the new VM in the next step.
openstack server add floating ip test-server <FLOATING_IP> exit
-
From the bastion access to the VM.
ssh cirros@<FLOATING_IP> (password is gocubsgo)
exit
-
Optional: To enable Horizon, execute below from the Bastion:
oc patch openstackcontrolplanes/openstack-galera-network-isolation -p='[{"op": "replace", "path": "/spec/horizon/enabled", "value": true}]' --type json
-
Get the Route
ROUTE=$(oc get routes horizon -o go-template='https://{{range .status.ingress}}{{.host}}{{end}}') echo $ROUTE
Sample Outputhttps://horizon-openstack.apps.86dgb.dynamic.redhatworkshops.io
-
Click the url and log in as username
admin
passwordopenstack