2e735e0b6a
* ch_launch-instance.xml * section_launch-instance-neutron.xml * section_launch-instance-nova.xml Change-Id: I2df6d62cf8d87a81d34c2402d0c026ecb531fd6b Implements: blueprint installguide-liberty
18 KiB
Launch an instance with OpenStack Networking (neutron)
To generate a key pair
Most cloud images support public key authentication rather than conventional
user name/password authentication. Before launching an instance, you
must generate a public/private key pair.
Source the
demotenant credentials:$ source demo-openrc.shGenerate and add a key pair:
$ nova keypair-add demo-keyVerify addition of the key pair:
$ nova keypair-list +----------+-------------------------------------------------+ | Name | Fingerprint | +----------+-------------------------------------------------+ | demo-key | 6c:74:ec:3a:08:05:4e:9e:21:22:a6:dd:b2:62:b8:28 | +----------+-------------------------------------------------+
To launch an instance
To launch an instance, you must at least specify the flavor, image name, network, security group, key, and instance name.
A flavor specifies a virtual resource allocation profile which includes processor, memory, and storage.
List available flavors:
$ nova flavor-list +-----+-----------+-----------+------+-----------+------+-------+-------------+-----------+ | ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public | +-----+-----------+-----------+------+-----------+------+-------+-------------+-----------+ | 1 | m1.tiny | 512 | 1 | 0 | | 1 | 1.0 | True | | 2 | m1.small | 2048 | 20 | 0 | | 1 | 1.0 | True | | 3 | m1.medium | 4096 | 40 | 0 | | 2 | 1.0 | True | | 4 | m1.large | 8192 | 80 | 0 | | 4 | 1.0 | True | | 5 | m1.xlarge | 16384 | 160 | 0 | | 8 | 1.0 | True | +-----+-----------+-----------+------+-----------+------+-------+-------------+-----------+Your first instance uses the
m1.tinyflavor.Note
You can also reference a flavor by ID.
List available images:
$ nova image-list +--------------------------------------+---------------------+--------+--------+ | ID | Name | Status | Server | +--------------------------------------+---------------------+--------+--------+ | acafc7c0-40aa-4026-9673-b879898e1fc2 | cirros-0.3.4-x86_64 | ACTIVE | | +--------------------------------------+---------------------+--------+--------+Your first instance uses the
cirros-0.3.4-x86_64image.List available networks:
$ neutron net-list +------------------------+----------+-----------------------------------------+ | id | name | subnets | +------------------------+----------+-----------------------------------------+ | 3c612b5a-d1db-498a-... | demo-net | 20bcd3fd-5785-41fe-... 192.168.1.0/24 | | 9bce64a3-a963-4c05-... | ext-net | b54a8d85-b434-4e85-... 203.0.113.0/24 | +------------------------+----------+-----------------------------------------+Your first instance uses the
demo-nettenant network. However, you must reference this network using the ID instead of the name.List available security groups:
$ nova secgroup-list +--------------------------------------+---------+-------------+ | Id | Name | Description | +--------------------------------------+---------+-------------+ | ad8d4ea5-3cad-4f7d-b164-ada67ec59473 | default | default | +--------------------------------------+---------+-------------+Your first instance uses the
defaultsecurity group. By default, this security group implements a firewall that blocks remote access to instances. If you would like to permit remote access to your instance, launch it and thenconfigure remote access <launch-instance-neutron-remoteaccess>.Launch the instance:
Replace
DEMO_NET_IDwith the ID of thedemo-nettenant network.$ nova boot --flavor m1.tiny --image cirros-0.3.4-x86_64 --nic net-id=DEMO_NET_ID \ --security-group default --key-name demo-key demo-instance1 +--------------------------------------+------------------------------------+ | Property | Value | +--------------------------------------+------------------------------------+ | OS-DCF:diskConfig | MANUAL | | OS-EXT-AZ:availability_zone | nova | | OS-EXT-STS:power_state | 0 | | OS-EXT-STS:task_state | scheduling | | OS-EXT-STS:vm_state | building | | OS-SRV-USG:launched_at | - | | OS-SRV-USG:terminated_at | - | | accessIPv4 | | | accessIPv6 | | | adminPass | vFW7Bp8PQGNo | | config_drive | | | created | 2014-04-09T19:24:27Z | | flavor | m1.tiny (1) | | hostId | | | id | 05682b91-81a1-464c-8f40-8b3da7e... | | image | cirros-0.3.4-x86_64 (acafc7c0-...) | | key_name | demo-key | | metadata | {} | | name | demo-instance1 | | os-extended-volumes:volumes_attached | [] | | progress | 0 | | security_groups | default | | status | BUILD | | tenant_id | 7cf50047f8df4824bc76c2fdf66d11ec | | updated | 2014-04-09T19:24:27Z | | user_id | 0e47686e72114d7182f7569d70c519c9 | +--------------------------------------+------------------------------------+Check the status of your instance:
$ nova list +--------------+----------------+--------+------------+-------------+-------------------------+ | ID | Name | Status | Task State | Power State | Networks | +--------------+----------------+--------+------------+-------------+-------------------------+ | 05682b91-... | demo-instance1 | ACTIVE | - | Running | demo-net=192.168.1.3 | +--------------+----------------+--------+------------+-------------+-------------------------+The status changes from
BUILDtoACTIVEwhen your instance finishes the build process.
To access your instance using a virtual console
Obtain a
Virtual Network Computing (VNC)session URL for your instance and access it from a web browser:$ nova get-vnc-console demo-instance1 novnc +-------+------------------------------------------------------------------------------------+ | Type | Url | +-------+------------------------------------------------------------------------------------+ | novnc | http://controller:6080/vnc_auto.html?token=2f6dd985-f906-4bfc-b566-e87ce656375b | +-------+------------------------------------------------------------------------------------+Note
If your web browser runs on a host that cannot resolve the
controllerhost name, you can replacecontrollerwith the IP address of the management interface on your controller node.The CirrOS image includes conventional user name/password authentication and provides these credentials at the login prompt. After logging into CirrOS, we recommend that you verify network connectivity using
ping.Verify the
demo-nettenant network gateway:$ ping -c 4 192.168.1.1 PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data. 64 bytes from 192.168.1.1: icmp_req=1 ttl=64 time=0.357 ms 64 bytes from 192.168.1.1: icmp_req=2 ttl=64 time=0.473 ms 64 bytes from 192.168.1.1: icmp_req=3 ttl=64 time=0.504 ms 64 bytes from 192.168.1.1: icmp_req=4 ttl=64 time=0.470 ms --- 192.168.1.1 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 2998ms rtt min/avg/max/mdev = 0.357/0.451/0.504/0.055 msVerify the
ext-netexternal network:$ ping -c 4 openstack.org PING openstack.org (174.143.194.225) 56(84) bytes of data. 64 bytes from 174.143.194.225: icmp_req=1 ttl=53 time=17.4 ms 64 bytes from 174.143.194.225: icmp_req=2 ttl=53 time=17.5 ms 64 bytes from 174.143.194.225: icmp_req=3 ttl=53 time=17.7 ms 64 bytes from 174.143.194.225: icmp_req=4 ttl=53 time=17.5 ms --- openstack.org ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3003ms rtt min/avg/max/mdev = 17.431/17.575/17.734/0.143 ms
To access your instance remotely
Add rules to the
defaultsecurity group:Permit
ICMP(ping):$ nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0 +-------------+-----------+---------+-----------+--------------+ | IP Protocol | From Port | To Port | IP Range | Source Group | +-------------+-----------+---------+-----------+--------------+ | icmp | -1 | -1 | 0.0.0.0/0 | | +-------------+-----------+---------+-----------+--------------+Permit secure shell (SSH) access:
$ nova secgroup-add-rule default tcp 22 22 0.0.0.0/0 +-------------+-----------+---------+-----------+--------------+ | IP Protocol | From Port | To Port | IP Range | Source Group | +-------------+-----------+---------+-----------+--------------+ | tcp | 22 | 22 | 0.0.0.0/0 | | +-------------+-----------+---------+-----------+--------------+
Create a
floating IP addresson theext-netexternal network:$ neutron floatingip-create ext-net Created a new floatingip: +---------------------+--------------------------------------+ | Field | Value | +---------------------+--------------------------------------+ | fixed_ip_address | | | floating_ip_address | 203.0.113.102 | | floating_network_id | 9bce64a3-a963-4c05-bfcd-161f708042d1 | | id | 05e36754-e7f3-46bb-9eaa-3521623b3722 | | port_id | | | router_id | | | status | DOWN | | tenant_id | 7cf50047f8df4824bc76c2fdf66d11ec | +---------------------+--------------------------------------+Associate the floating IP address with your instance:
$ nova floating-ip-associate demo-instance1 203.0.113.102Note
This command provides no output.
Check the status of your floating IP address:
$ nova list +--------------+----------------+--------+------------+-------------+-----------------------------------------+ | ID | Name | Status | Task State | Power State | Networks | +--------------+----------------+--------+------------+-------------+-----------------------------------------+ | 05682b91-... | demo-instance1 | ACTIVE | - | Running | demo-net=192.168.1.3, 203.0.113.102 | +--------------+----------------+--------+------------+-------------+-----------------------------------------+Verify network connectivity using
pingfrom the controller node or any host on the external network:$ ping -c 4 203.0.113.102 PING 203.0.113.102 (203.0.113.112) 56(84) bytes of data. 64 bytes from 203.0.113.102: icmp_req=1 ttl=63 time=3.18 ms 64 bytes from 203.0.113.102: icmp_req=2 ttl=63 time=0.981 ms 64 bytes from 203.0.113.102: icmp_req=3 ttl=63 time=1.06 ms 64 bytes from 203.0.113.102: icmp_req=4 ttl=63 time=0.929 ms --- 203.0.113.102 ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3002ms rtt min/avg/max/mdev = 0.929/1.539/3.183/0.951 msAccess your instance using SSH from the controller node or any host on the external network:
$ ssh cirros@203.0.113.102 The authenticity of host '203.0.113.102 (203.0.113.102)' can't be established. RSA key fingerprint is ed:05:e9:e7:52:a0:ff:83:68:94:c7:d1:f2:f8:e2:e9. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '203.0.113.102' (RSA) to the list of known hosts. $Note
If your host does not contain the public/private key pair created in an earlier step, SSH prompts for the default password associated with the
cirrosuser.
To attach a Block Storage volume to your instance
If your environment includes the Block Storage service, you can attach a volume to the instance.
Source the
democredentials:$ source demo-openrc.shList volumes:
$ nova volume-list +--------------+-----------+--------------+------+-------------+-------------+ | ID | Status | Display Name | Size | Volume Type | Attached to | +--------------+-----------+--------------+------+-------------+-------------+ | 158bea89-... | available | | 1 | - | | +--------------+-----------+--------------+------+-------------+-------------+Attach the
demo-volume1volume to thedemo-instance1instance:$ nova volume-attach demo-instance1 158bea89-07db-4ac2-8115-66c0d6a4bb48 +----------+--------------------------------------+ | Property | Value | +----------+--------------------------------------+ | device | /dev/vdb | | id | 158bea89-07db-4ac2-8115-66c0d6a4bb48 | | serverId | 05682b91-81a1-464c-8f40-8b3da7ee92c5 | | volumeId | 158bea89-07db-4ac2-8115-66c0d6a4bb48 | +----------+--------------------------------------+Note
You must reference volumes using the IDs instead of names.
List volumes:
$ nova volume-list +--------------+-----------+--------------+------+-------------+--------------+ | ID | Status | Display Name | Size | Volume Type | Attached to | +--------------+-----------+--------------+------+-------------+--------------+ | 158bea89-... | in-use | | 1 | - | 05682b91-... | +--------------+-----------+--------------+------+-------------+--------------+The ID of the
demo-volume1volume should indicatein-usestatus by the ID of thedemo-instance1instance.Access your instance using SSH from the controller node or any host on the external network and use the
fdiskcommand to verify presence of the volume as the/dev/vdbblock storage device:$ ssh cirros@203.0.113.102 $ sudo fdisk -l Disk /dev/vda: 1073 MB, 1073741824 bytes 255 heads, 63 sectors/track, 130 cylinders, total 2097152 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00000000 Device Boot Start End Blocks Id System /dev/vda1 * 16065 2088449 1036192+ 83 Linux Disk /dev/vdb: 1073 MB, 1073741824 bytes 16 heads, 63 sectors/track, 2080 cylinders, total 2097152 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00000000 Disk /dev/vdb doesn't contain a valid partition tableNote
You must create a partition table and file system to use the volume.
If your instance does not launch or seem to work as you expect, see
the OpenStack Operations
Guide for more information or use one of the many other options <common/app_support> to seek
assistance. We want your environment to work!