openstack
/
openstack-manuals
Code Issues Proposed changes

Install: Launch an instance updates for Mitaka 

Update launch an instance content for Mitaka.

1) Use OpenStack client if possible.
2) Change 'public' to 'provider' and 'private' to
   'self-service' to improve distinction between these
   networks using neutronish terms.
3) Generally improve wording.

Implements: bp installguide-mitaka
Change-Id: I4833e03b3406823223ecb31e1a90c5d0d0357fe9
This commit is contained in:
Matthew Kassawara 2016-02-25 15:22:51 -07:00
parent d37bb3cd91
commit affbb90c3b
17 changed files with 300 additions and 285 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
doc/install-guide/source/figures/network1-connectivity.graffle
View File

Binary file not shown.

BIN
doc/install-guide/source/figures/network1-connectivity.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 79 KiB

After

Width:  |  Height:  |  Size: 40 KiB

4
doc/install-guide/source/figures/network1-connectivity.svg
View File

File diff suppressed because one or more lines are too long
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 24 KiB

After

Width:  |  Height:  |  Size: 25 KiB

BIN
doc/install-guide/source/figures/network1-overview.graffle
View File

Binary file not shown.

BIN
doc/install-guide/source/figures/network1-overview.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 89 KiB

After

Width:  |  Height:  |  Size: 47 KiB

4
doc/install-guide/source/figures/network1-overview.svg
View File

File diff suppressed because one or more lines are too long
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 26 KiB

After

Width:  |  Height:  |  Size: 27 KiB

BIN
doc/install-guide/source/figures/network2-connectivity.graffle
View File

Binary file not shown.

BIN
doc/install-guide/source/figures/network2-connectivity.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 170 KiB

After

Width:  |  Height:  |  Size: 86 KiB

4
doc/install-guide/source/figures/network2-connectivity.svg
View File

File diff suppressed because one or more lines are too long
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 51 KiB

After

Width:  |  Height:  |  Size: 52 KiB

BIN
doc/install-guide/source/figures/network2-overview.graffle
View File

Binary file not shown.

BIN
doc/install-guide/source/figures/network2-overview.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 136 KiB

After

Width:  |  Height:  |  Size: 70 KiB

4
doc/install-guide/source/figures/network2-overview.svg
View File

File diff suppressed because one or more lines are too long
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 38 KiB

After

Width:  |  Height:  |  Size: 39 KiB

66
doc/install-guide/source/launch-instance-networks-public.rst → doc/install-guide/source/launch-instance-networks-provider.rst
View File

@ -1,12 +1,12 @@
.. _launch-instance-networks-public:
.. _launch-instance-networks-provider:
Public provider network
~~~~~~~~~~~~~~~~~~~~~~~
Provider network
~~~~~~~~~~~~~~~~
Before launching an instance, you must create the necessary virtual network
infrastructure. For networking option 1, an instance uses a public provider
virtual network that connects to the physical network infrastructure
via layer-2 (bridging/switching). This network includes a DHCP server that
infrastructure. For networking option 1, an instance uses a provider
(external) network that connects to the physical network infrastructure via
layer-2 (bridging/switching). This network includes a DHCP server that
provides IP addresses to instances.
The ``admin`` or other privileged user must create this network because it
@ -27,8 +27,8 @@ connects directly to the physical network infrastructure.
**Networking Option 1: Provider networks - Connectivity**
Create the public network
-------------------------
Create the provider network
---------------------------
#. On the controller node, source the ``admin`` credentials to gain access to
admin-only CLI commands:
@ -41,19 +41,19 @@ Create the public network
.. code-block:: console
$ neutron net-create public --shared --provider:physical_network public \
--provider:network_type flat
$ neutron net-create --shared --provider:physical_network provider \
--provider:network_type flat provider
Created a new network:
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| id | 0e62efcd-8cee-46c7-b163-d8df05c3c5ad |
| mtu | 0 |
| name | public |
| mtu | 1500 |
| name | provider |
| port_security_enabled | True |
| provider:network_type | flat |
| provider:physical_network | public |
| provider:physical_network | provider |
| provider:segmentation_id | |
| router:external | False |
| shared | True |
@ -64,35 +64,36 @@ Create the public network
The ``--shared`` option allows all projects to use the virtual network.
The ``--provider:physical_network public`` and
The ``--provider:physical_network provider`` and
``--provider:network_type flat`` options connect the flat virtual network
to the flat (native/untagged) public physical network on the ``eth1``
interface on the host using information from the following files:
to the flat (native/untagged) physical network on the ``eth1`` interface
on the host using information from the following files:
``ml2_conf.ini``:
.. code-block:: ini
[ml2_type_flat]
flat_networks = public
flat_networks = provider
``linuxbridge_agent.ini``:
.. code-block:: ini
[linux_bridge]
physical_interface_mappings = public:eth1
physical_interface_mappings = provider:eth1
#. Create a subnet on the network:
.. code-block:: console
$ neutron subnet-create public PUBLIC_NETWORK_CIDR --name public \
--allocation-pool start=START_IP_ADDRESS,end=END_IP_ADDRESS\
--dns-nameserver DNS_RESOLVER --gateway PUBLIC_NETWORK_GATEWAY
$ neutron subnet-create --name provider \
--allocation-pool start=START_IP_ADDRESS,end=END_IP_ADDRESS \
--dns-nameserver DNS_RESOLVER --gateway PROVIDER_NETWORK_GATEWAY \
provider PROVIDER_NETWORK_CIDR
Replace ``PUBLIC_NETWORK_CIDR`` with the subnet on the public physical
network in CIDR notation.
Replace ``PROVIDER_NETWORK_CIDR`` with the subnet on the provider
physical network in CIDR notation.
Replace ``START_IP_ADDRESS`` and ``END_IP_ADDRESS`` with the first and
last IP address of the range within the subnet that you want to allocate
@ -103,25 +104,26 @@ Create the public network
most cases, you can use one from the ``/etc/resolv.conf`` file on
the host.
Replace ``PUBLIC_NETWORK_GATEWAY`` with the gateway IP address on the
public physical network, typically the ".1" IP address.
Replace ``PROVIDER_NETWORK_GATEWAY`` with the gateway IP address on the
provider provider network, typically the ".1" IP address.
**Example**
The public network uses 203.0.113.0/24 with a gateway on 203.0.113.1.
The provider network uses 203.0.113.0/24 with a gateway on 203.0.113.1.
A DHCP server assigns each instance an IP address from 203.0.113.101
to 203.0.113.200. All instances use 8.8.4.4 as a DNS resolver.
to 203.0.113.250. All instances use 8.8.4.4 as a DNS resolver.
.. code-block:: console
$ neutron subnet-create public 203.0.113.0/24 --name public \
--allocation-pool start=203.0.113.101,end=203.0.113.200 \
--dns-nameserver 8.8.4.4 --gateway 203.0.113.1
$ neutron subnet-create --name provider \
--allocation-pool start=203.0.113.101,end=203.0.113.250 \
--dns-nameserver 8.8.4.4 --gateway 203.0.113.1 \
provider 203.0.113.0/24
Created a new subnet:
+-------------------+----------------------------------------------------+
| Field | Value |
+-------------------+----------------------------------------------------+
| allocation_pools | {"start": "203.0.113.101", "end": "203.0.113.200"} |
| allocation_pools | {"start": "203.0.113.101", "end": "203.0.113.250"} |
| cidr | 203.0.113.0/24 |
| dns_nameservers | 8.8.4.4 |
| enable_dhcp | True |
@ -131,7 +133,7 @@ Create the public network
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | public |
| name | provider |
| network_id | 0e62efcd-8cee-46c7-b163-d8df05c3c5ad |
| subnetpool_id | |
| tenant_id | d84313397390425c8ed50b2f6e18d092 |

91
doc/install-guide/source/launch-instance-networks-private.rst → doc/install-guide/source/launch-instance-networks-selfservice.rst
View File

@ -1,23 +1,22 @@
.. _launch-instance-networks-private:
.. _launch-instance-networks-selfservice:
Private project network
~~~~~~~~~~~~~~~~~~~~~~~
Self-service network
~~~~~~~~~~~~~~~~~~~~
If you chose networking option 2, you can also create a private project
virtual network that connects to the physical network infrastructure
via layer-3 (routing) and NAT. This network includes a DHCP server that
provides IP addresses to instances. An instance on this network can
automatically access external networks such as the Internet. However, access
to an instance on this network from external networks such as the Internet
requires a :term:`floating IP address`.
If you chose networking option 2, you can also create a self-service (private)
network that connects to the physical network infrastructure via NAT.
This network includes a DHCP server that provides IP addresses to instances.
An instance on this network can automatically access external networks such
as the Internet. However, access to an instance on this network from external
networks such as the Internet requires a :term:`floating IP address`.
The ``demo`` or other unprivileged user can create this network because it
provides connectivity to instances within the ``demo`` project only.
.. warning::
You must :ref:`create the public provider network
<launch-instance-networks-public>` before the private project network.
You must :ref:`create the provider network
<launch-instance-networks-provider>` before the self-service network.
.. note::
@ -34,8 +33,8 @@ provides connectivity to instances within the ``demo`` project only.
**Networking Option 2: Self-service networks - Connectivity**
Create the private project network
----------------------------------
Create the self-service network
-------------------------------
#. On the controller node, source the ``demo`` credentials to gain access to
user-only CLI commands:
@ -48,7 +47,7 @@ Create the private project network
.. code-block:: console
$ neutron net-create private
$ neutron net-create selfservice
Created a new network:
+-----------------------+--------------------------------------+
| Field | Value |
@ -56,7 +55,7 @@ Create the private project network
| admin_state_up | True |
| id | 7c6f9b37-76b4-463e-98d8-27e5686ed083 |
| mtu | 0 |
| name | private |
| name | selfservice |
| port_security_enabled | True |
| router:external | False |
| shared | False |
@ -83,30 +82,32 @@ Create the private project network
.. code-block:: console
$ neutron subnet-create private PRIVATE_NETWORK_CIDR --name private \
--dns-nameserver DNS_RESOLVER --gateway PRIVATE_NETWORK_GATEWAY
Replace ``PRIVATE_NETWORK_CIDR`` with the subnet you want to use on the
private network. You can use any arbitrary value, although we recommend
a network from `RFC 1918 <https://tools.ietf.org/html/rfc1918>`_.
$ neutron subnet-create --name selfservice \
--dns-nameserver DNS_RESOLVER --gateway SELFSERVICE_NETWORK_GATEWAY \
selfservice SELFSERVICE_NETWORK_CIDR
Replace ``DNS_RESOLVER`` with the IP address of a DNS resolver. In
most cases, you can use one from the ``/etc/resolv.conf`` file on
the host.
Replace ``PRIVATE_NETWORK_GATEWAY`` with the gateway you want to use on
the private network, typically the ".1" IP address.
Replace ``SELFSERVICE_NETWORK_GATEWAY`` with the gateway you want to use on
the self-service network, typically the ".1" IP address.
Replace ``SELFSERVICE_NETWORK_CIDR`` with the subnet you want to use on the
self-service network. You can use any arbitrary value, although we recommend
a network from `RFC 1918 <https://tools.ietf.org/html/rfc1918>`_.
**Example**
The private network uses 172.16.1.0/24 with a gateway on 172.16.1.1.
The self-service network uses 172.16.1.0/24 with a gateway on 172.16.1.1.
A DHCP server assigns each instance an IP address from 172.16.1.2
to 172.16.1.254. All instances use 8.8.4.4 as a DNS resolver.
.. code-block:: console
$ neutron subnet-create private 172.16.1.0/24 --name private
--dns-nameserver 8.8.4.4 --gateway 172.16.1.1
$ neutron subnet-create --name selfservice \
--dns-nameserver 8.8.4.4 --gateway 172.16.1.1 \
selfservice 172.16.1.0/24
Created a new subnet:
+-------------------+------------------------------------------------+
| Field | Value |
@ -121,7 +122,7 @@ Create the private project network
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | private |
| name | selfservice |
| network_id | 7c6f9b37-76b4-463e-98d8-27e5686ed083 |
| subnetpool_id | |
| tenant_id | f5b2ccaa75ac413591f12fcaa096aa5c |
@ -130,15 +131,15 @@ Create the private project network
Create a router
---------------
Private project networks connect to public provider networks using a virtual
router. Each router contains an interface to at least one private project
network and a gateway on a public provider network.
Self-service networks connect to provider networks using a virtual router
that typically performs bidirectional NAT. Each router contains an interface
on at least one self-service network and a gateway on a provider network.
The public provider network must include the ``router: external`` option to
enable project routers to use it for connectivity to external networks such
as the Internet. The ``admin`` or other privileged user must include this
The provider network must include the ``router:external`` option to
enable self-service routers to use it for connectivity to external networks
such as the Internet. The ``admin`` or other privileged user must include this
option during network creation or add it later. In this case, we can add it
to the existing ``public`` provider network.
to the existing ``provider`` provider network.
#. On the controller node, source the ``admin`` credentials to gain access to
admin-only CLI commands:
@ -147,12 +148,12 @@ to the existing ``public`` provider network.
$ source admin-openrc.sh
#. Add the ``router: external`` option to the ``public`` provider network:
#. Add the ``router: external`` option to the ``provider`` network:
.. code-block:: console
$ neutron net-update public --router:external
Updated network: public
$ neutron net-update provider --router:external
Updated network: provider
#. Source the ``demo`` credentials to gain access to user-only CLI commands:
@ -178,18 +179,18 @@ to the existing ``public`` provider network.
| tenant_id | f5b2ccaa75ac413591f12fcaa096aa5c |
+-----------------------+--------------------------------------+
#. Add the private network subnet as an interface on the router:
#. Add the self-service network subnet as an interface on the router:
.. code-block:: console
$ neutron router-interface-add router private
$ neutron router-interface-add router selfservice
Added interface bff6605d-824c-41f9-b744-21d128fc86e1 to router router.
#. Set a gateway on the public network on the router:
#. Set a gateway on the provider network on the router:
.. code-block:: console
$ neutron router-gateway-set router public
$ neutron router-gateway-set router provider
Set gateway for router router
Verify operation
@ -216,7 +217,7 @@ creation examples.
qdhcp-7c6f9b37-76b4-463e-98d8-27e5686ed083
qdhcp-0e62efcd-8cee-46c7-b163-d8df05c3c5ad
#. List ports on the router to determine the gateway IP address on the public
#. List ports on the router to determine the gateway IP address on the
provider network:
.. code-block:: console
@ -233,8 +234,8 @@ creation examples.
| | | | "ip_address": "203.0.113.102"} |
+--------------------------------------+------+-------------------+------------------------------------------+
#. Ping this IP address from the controller node or any host on the public
physical network:
#. Ping this IP address from the controller node or any host on the physical
provider network:
.. code-block:: console

116
doc/install-guide/source/launch-instance-public.rst → doc/install-guide/source/launch-instance-provider.rst
View File

@ -1,7 +1,7 @@
.. _launch-instance-public:
.. _launch-instance-provider:
Launch an instance on the public network
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Launch an instance on the provider network
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Determine instance options
--------------------------
@ -23,16 +23,16 @@ name, network, security group, key, and instance name.
.. code-block:: console
$ nova flavor-list
+-----+-----------+-----------+------+-----------+------+-------+-------------+-----------+
| ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |
+-----+-----------+-----------+------+-----------+------+-------+-------------+-----------+
| 1 | m1.tiny | 512 | 1 | 0 | | 1 | 1.0 | True |
| 2 | m1.small | 2048 | 20 | 0 | | 1 | 1.0 | True |
| 3 | m1.medium | 4096 | 40 | 0 | | 2 | 1.0 | True |
| 4 | m1.large | 8192 | 80 | 0 | | 4 | 1.0 | True |
| 5 | m1.xlarge | 16384 | 160 | 0 | | 8 | 1.0 | True |
+-----+-----------+-----------+------+-----------+------+-------+-------------+-----------+
$ openstack flavor list
+----+-----------+-------+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+-----------+-------+------+-----------+-------+-----------+
| 1 | m1.tiny | 512 | 1 | 0 | 1 | True |
| 2 | m1.small | 2048 | 20 | 0 | 1 | True |
| 3 | m1.medium | 4096 | 40 | 0 | 2 | True |
| 4 | m1.large | 8192 | 80 | 0 | 4 | True |
| 5 | m1.xlarge | 16384 | 160 | 0 | 8 | True |
+----+-----------+-------+------+-----------+-------+-----------+
This instance uses the ``m1.tiny`` flavor.
@ -44,12 +44,12 @@ name, network, security group, key, and instance name.
.. code-block:: console
$ nova image-list
+--------------------------------------+--------+--------+--------+
| ID | Name | Status | Server |
+--------------------------------------+--------+--------+--------+
| 38047887-61a7-41ea-9b49-27987d5e8bb9 | cirros | ACTIVE | |
+--------------------------------------+--------+--------+--------+
$ openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| 390eb5f7-8d49-41ec-95b7-68c0d5d54b34 | cirros | active |
+--------------------------------------+--------+--------+
This instance uses the ``cirros`` image.
@ -57,30 +57,32 @@ name, network, security group, key, and instance name.
.. code-block:: console
$ neutron net-list
+--------------------------------------+---------+-----------------------------------------------------+
| id | name | subnets |
+--------------------------------------+---------+-----------------------------------------------------+
| 7e25a106-e978-4adb-a4ef-d46c6170254a | public | 0e62efcd-8cee-46c7-b163-d8df05c3c5ad 203.0.113.0/24 |
+--------------------------------------+---------+-----------------------------------------------------+
$ openstack network list
+--------------------------------------+--------------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+--------------+--------------------------------------+
| 4716ddfe-6e60-40e7-b2a8-42e57bf3c31c | selfservice | 2112d5eb-f9d6-45fd-906e-7cabd38b7c7c |
| b5b6993c-ddf9-40e7-91d0-86806a42edb8 | provider | 310911f6-acf0-4a47-824e-3032916582ff |
+--------------------------------------+--------------+--------------------------------------+
This instance uses the ``public`` provider network. However, you must
This instance uses the ``provider`` provider network. However, you must
reference this network using the ID instead of the name.
.. note::
If you chose option 2, the output should also contain the private network.
If you chose option 2, the output should also contain the
``selfservice`` self-service network.
#. List available security groups:
.. code-block:: console
$ nova secgroup-list
+--------------------------------------+---------+-------------+
| Id | Name | Description |
+--------------------------------------+---------+-------------+
| ad8d4ea5-3cad-4f7d-b164-ada67ec59473 | default | default |
+--------------------------------------+---------+-------------+
$ openstack security group list
+--------------------------------------+---------+------------------------+
| ID | Name | Description |
+--------------------------------------+---------+------------------------+
| dd2b614c-3dad-48ed-958b-b155a3b38515 | default | Default security group |
+--------------------------------------+---------+------------------------+
This instance uses the ``default`` security group.
@ -89,7 +91,8 @@ Launch the instance
#. Launch the instance:
Replace ``PUBLIC_NET_ID`` with the ID of the ``public`` provider network.
Replace ``PROVIDER_NET_ID`` with the ID of the ``provider`` provider
network.
.. note::
@ -99,8 +102,10 @@ Launch the instance
.. code-block:: console
$ nova boot --flavor m1.tiny --image cirros --nic net-id=PUBLIC_NET_ID \
--security-group default --key-name mykey public-instance
$ openstack server create --flavor m1.tiny --image cirros \
--nic net-id=PROVIDER_NET_ID --security-group default \
--key-name mykey provider-instance
+--------------------------------------+-----------------------------------------------+
| Property | Value |
+--------------------------------------+-----------------------------------------------+
@ -122,7 +127,7 @@ Launch the instance
| image | cirros (38047887-61a7-41ea-9b49-27987d5e8bb9) |
| key_name | mykey |
| metadata | {} |
| name | public-instance |
| name | provider-instance |
| os-extended-volumes:volumes_attached | [] |
| progress | 0 |
| security_groups | default |
@ -136,12 +141,12 @@ Launch the instance
.. code-block:: console
$ nova list
+--------------------------------------+-----------------+--------+------------+-------------+----------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+-----------------+--------+------------+-------------+----------------------+
| 181c52ba-aebc-4c32-a97d-2e8e82e4eaaf | public-instance | ACTIVE | - | Running | public=203.0.113.103 |
+--------------------------------------+-----------------+--------+------------+-------------+----------------------+
$ openstack server list
+--------------------------------------+-------------------+--------+---------------------------------+
| ID | Name | Status | Networks |
+--------------------------------------+-------------------+--------+---------------------------------+
| 181c52ba-aebc-4c32-a97d-2e8e82e4eaaf | provider-instance | ACTIVE | provider=203.0.113.103 |
+--------------------------------------+-------------------+--------+---------------------------------+
The status changes from ``BUILD`` to ``ACTIVE`` when the build process
successfully completes.
@ -154,12 +159,13 @@ Access the instance using the virtual console
.. code-block:: console
$ nova get-vnc-console public-instance novnc
+-------+------------------------------------------------------------------------------------+
| Type | Url |
+-------+------------------------------------------------------------------------------------+
| novnc | http://controller:6080/vnc_auto.html?token=2f6dd985-f906-4bfc-b566-e87ce656375b |
+-------+------------------------------------------------------------------------------------+
$ openstack console url show provider-instance
+-------+---------------------------------------------------------------------------------+
| Field | Value |
+-------+---------------------------------------------------------------------------------+
| type | novnc |
| url | http://controller:6080/vnc_auto.html?token=5eeccb47-525c-4918-ac2a-3ad1e9f1f493 |
+-------+---------------------------------------------------------------------------------+
.. note::
@ -172,7 +178,7 @@ Access the instance using the virtual console
After logging into CirrOS, we recommend that you verify network
connectivity using ``ping``.
#. Verify access to the public provider network gateway:
#. Verify access to the provider physical network gateway:
.. code-block:: console
@ -206,7 +212,7 @@ Access the instance remotely
----------------------------
#. Verify connectivity to the instance from the controller node or any host
on the public physical network:
on the provider physical network:
.. code-block:: console
@ -222,7 +228,7 @@ Access the instance remotely
rtt min/avg/max/mdev = 0.929/1.539/3.183/0.951 ms
#. Access your instance using SSH from the controller node or any
host on the public physical network:
host on the provider physical network:
.. code-block:: console
@ -233,12 +239,6 @@ Access the instance remotely
Warning: Permanently added '203.0.113.102' (RSA) to the list of known hosts.
$
.. note::
If your host does not contain the public/private key pair created
in an earlier step, SSH prompts for the default password associated
with the ``cirros`` user, ``cubswin:)``.
If your instance does not launch or seem to work as you expect, see the
`OpenStack Operations Guide <http://docs.openstack.org/ops>`__ for more
information or use one of the :doc:`many other options <common/app_support>`

218
doc/install-guide/source/launch-instance-private.rst → doc/install-guide/source/launch-instance-selfservice.rst
View File

@ -1,7 +1,7 @@
.. _launch-instance-private:
.. _launch-instance-selfservice:
Launch an instance on the private network
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Launch an instance on the self-service network
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Determine instance options
--------------------------
@ -23,16 +23,16 @@ name, network, security group, key, and instance name.
.. code-block:: console
$ nova flavor-list
+-----+-----------+-----------+------+-----------+------+-------+-------------+-----------+
| ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |
+-----+-----------+-----------+------+-----------+------+-------+-------------+-----------+
| 1 | m1.tiny | 512 | 1 | 0 | | 1 | 1.0 | True |
| 2 | m1.small | 2048 | 20 | 0 | | 1 | 1.0 | True |
| 3 | m1.medium | 4096 | 40 | 0 | | 2 | 1.0 | True |
| 4 | m1.large | 8192 | 80 | 0 | | 4 | 1.0 | True |
| 5 | m1.xlarge | 16384 | 160 | 0 | | 8 | 1.0 | True |
+-----+-----------+-----------+------+-----------+------+-------+-------------+-----------+
$ openstack flavor list
+----+-----------+-------+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+-----------+-------+------+-----------+-------+-----------+
| 1 | m1.tiny | 512 | 1 | 0 | 1 | True |
| 2 | m1.small | 2048 | 20 | 0 | 1 | True |
| 3 | m1.medium | 4096 | 40 | 0 | 2 | True |
| 4 | m1.large | 8192 | 80 | 0 | 4 | True |
| 5 | m1.xlarge | 16384 | 160 | 0 | 8 | True |
+----+-----------+-------+------+-----------+-------+-----------+
This instance uses the ``m1.tiny`` flavor.
@ -44,12 +44,12 @@ name, network, security group, key, and instance name.
.. code-block:: console
$ nova image-list
+--------------------------------------+--------+--------+--------+
| ID | Name | Status | Server |
+--------------------------------------+--------+--------+--------+
| 38047887-61a7-41ea-9b49-27987d5e8bb9 | cirros | ACTIVE | |
+--------------------------------------+--------+--------+--------+
$ openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| 390eb5f7-8d49-41ec-95b7-68c0d5d54b34 | cirros | active |
+--------------------------------------+--------+--------+
This instance uses the ``cirros`` image.
@ -57,80 +57,83 @@ name, network, security group, key, and instance name.
.. code-block:: console
$ neutron net-list
+--------------------------------------+---------+----------------------------------------------------+
| id | name | subnets |
+--------------------------------------+---------+----------------------------------------------------+
| 0e62efcd-8cee-46c7-b163-d8df05c3c5ad | public | 5cc70da8-4ee7-4565-be53-b9c011fca011 10.3.31.0/24 |
| 7c6f9b37-76b4-463e-98d8-27e5686ed083 | private | 3482f524-8bff-4871-80d4-5774c2730728 172.16.1.0/24 |
+--------------------------------------+---------+----------------------------------------------------+
$ openstack network list
+--------------------------------------+-------------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+-------------+--------------------------------------+
| 4716ddfe-6e60-40e7-b2a8-42e57bf3c31c | selfservice | 2112d5eb-f9d6-45fd-906e-7cabd38b7c7c |
| b5b6993c-ddf9-40e7-91d0-86806a42edb8 | provider | 310911f6-acf0-4a47-824e-3032916582ff |
+--------------------------------------+-------------+--------------------------------------+
This instance uses the ``private`` project network. However, you must
reference this network using the ID instead of the name.
This instance uses the ``selfservice`` self-service network. However, you
must reference this network using the ID instead of the name.
#. List available security groups:
.. code-block:: console
$ nova secgroup-list
+--------------------------------------+---------+-------------+
| Id | Name | Description |
+--------------------------------------+---------+-------------+
| ad8d4ea5-3cad-4f7d-b164-ada67ec59473 | default | default |
+--------------------------------------+---------+-------------+
$ openstack security group list
+--------------------------------------+---------+------------------------+
| ID | Name | Description |
+--------------------------------------+---------+------------------------+
| dd2b614c-3dad-48ed-958b-b155a3b38515 | default | Default security group |
+--------------------------------------+---------+------------------------+
This instance uses the ``default`` security group.
#. Launch the instance:
Replace ``PRIVATE_NET_ID`` with the ID of the ``private`` project network.
Replace ``SELFSERVICE_NET_ID`` with the ID of the ``selfservice`` network.
.. code-block:: console
$ nova boot --flavor m1.tiny --image cirros --nic net-id=PRIVATE_NET_ID \
--security-group default --key-name mykey private-instance
+--------------------------------------+-----------------------------------------------+
| Property | Value |
+--------------------------------------+-----------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | nova |
| OS-EXT-STS:power_state | 0 |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | - |
| OS-SRV-USG:terminated_at | - |
| accessIPv4 | |
| accessIPv6 | |
| adminPass | oMeLMk9zVGpk |
| config_drive | |
| created | 2015-09-17T22:36:05Z |
| flavor | m1.tiny (1) |
| hostId | |
| id | 113c5892-e58e-4093-88c7-e33f502eaaa4 |
| image | cirros (38047887-61a7-41ea-9b49-27987d5e8bb9) |
| key_name | mykey |
| metadata | {} |
| name | private-instance |
| os-extended-volumes:volumes_attached | [] |
| progress | 0 |
| security_groups | default |
| status | BUILD |
| tenant_id | f5b2ccaa75ac413591f12fcaa096aa5c |
| updated | 2015-09-17T22:36:05Z |
| user_id | 684286a9079845359882afc3aa5011fb |
+--------------------------------------+-----------------------------------------------+
$ openstack server create --flavor m1.tiny --image cirros \
--nic net-id=SELFSERVICE_NET_ID --security-group default \
--key-name mykey selfservice-instance
+--------------------------------------+---------------------------------------+
| Field | Value |
+--------------------------------------+---------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | |
| OS-EXT-STS:power_state | 0 |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | None |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | |
| adminPass | 7KTBYHSjEz7E |
| config_drive | |
| created | 2016-02-26T14:52:37Z |
| flavor | m1.tiny (1) |
| hostId | |
| id | 113c5892-e58e-4093-88c7-e33f502eaaa4 |
| image | cirros (390eb5f7-8d49-41ec-95b7-68c0d |
| | 5d54b34) |
| key_name | mykey |
| name | selfservice-instance |
| os-extended-volumes:volumes_attached | [] |
| progress | 0 |
| project_id | ed0b60bf607743088218b0a533d5943f |
| properties | |
| security_groups | [{u'name': u'default'}] |
| status | BUILD |
| updated | 2016-02-26T14:52:38Z |
| user_id | 58126687cbcc4888bfa9ab73a2256f27 |
+--------------------------------------+---------------------------------------+
#. Check the status of your instance:
.. code-block:: console
$ nova list
+--------------------------------------+------------------+--------+------------+-------------+----------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+------------------+--------+------------+-------------+----------------------+
| 113c5892-e58e-4093-88c7-e33f502eaaa4 | private-instance | ACTIVE | - | Running | private=172.16.1.3 |
| 181c52ba-aebc-4c32-a97d-2e8e82e4eaaf | public-instance | ACTIVE | - | Running | public=203.0.113.103 |
+--------------------------------------+------------------+--------+------------+-------------+----------------------+
$ openstack server list
+--------------------------------------+----------------------+--------+---------------------------------+
| ID | Name | Status | Networks |
+--------------------------------------+----------------------+--------+---------------------------------+
| 113c5892-e58e-4093-88c7-e33f502eaaa4 | selfservice-instance | ACTIVE | selfservice=172.16.1.3 |
| 181c52ba-aebc-4c32-a97d-2e8e82e4eaaf | provider-instance | ACTIVE | provider=203.0.113.103 |
+--------------------------------------+----------------------+--------+---------------------------------+
The status changes from ``BUILD`` to ``ACTIVE`` when the build process
successfully completes.
@ -143,12 +146,13 @@ Access the instance using a virtual console
.. code-block:: console
$ nova get-vnc-console private-instance novnc
+-------+------------------------------------------------------------------------------------+
| Type | Url |
+-------+------------------------------------------------------------------------------------+
| novnc | http://controller:6080/vnc_auto.html?token=2f6dd985-f906-4bfc-b566-e87ce656375b |
+-------+------------------------------------------------------------------------------------+
$ openstack console url show selfservice-instance
+-------+---------------------------------------------------------------------------------+
| Field | Value |
+-------+---------------------------------------------------------------------------------+
| type | novnc |
| url | http://controller:6080/vnc_auto.html?token=5eeccb47-525c-4918-ac2a-3ad1e9f1f493 |
+-------+---------------------------------------------------------------------------------+
.. note::
@ -161,7 +165,7 @@ Access the instance using a virtual console
After logging into CirrOS, we recommend that you verify network
connectivity using ``ping``.
#. Verify access to the ``private`` project network gateway:
#. Verify access to the self-service network gateway:
.. code-block:: console
@ -194,30 +198,26 @@ Access the instance using a virtual console
Access the instance remotely
----------------------------
#. Create a :term:`floating IP address` on the ``public`` provider network:
#. Create a :term:`floating IP address` on the provider virtual network:
.. code-block:: console
$ neutron floatingip-create public
Created a new floatingip:
+---------------------+--------------------------------------+
| Field | Value |
+---------------------+--------------------------------------+
| fixed_ip_address | |
| floating_ip_address | 203.0.113.104 |
| floating_network_id | 9bce64a3-a963-4c05-bfcd-161f708042d1 |
| id | 05e36754-e7f3-46bb-9eaa-3521623b3722 |
| port_id | |
| router_id | |
| status | DOWN |
| tenant_id | 7cf50047f8df4824bc76c2fdf66d11ec |
+---------------------+--------------------------------------+
$ openstack ip floating create provider
+-------------+--------------------------------------+
| Field | Value |
+-------------+--------------------------------------+
| fixed_ip | None |
| id | 3d05a9b1-b1af-4884-be1c-833a69744449 |
| instance_id | None |
| ip | 203.0.113.104 |
| pool | provider |
+-------------+--------------------------------------+
#. Associate the floating IP address with the instance:
.. code-block:: console
$ nova floating-ip-associate private-instance 203.0.113.104
$ openstack ip floating add 203.0.113.104 selfservice-instance
.. note::
@ -227,16 +227,16 @@ Access the instance remotely
.. code-block:: console
$ nova list
+--------------------------------------+------------------+--------+------------+-------------+-----------------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+------------------+--------+------------+-------------+-----------------------------------+
| 113c5892-e58e-4093-88c7-e33f502eaaa4 | private-instance | ACTIVE | - | Running | private=172.16.1.3, 203.0.113.104 |
| 181c52ba-aebc-4c32-a97d-2e8e82e4eaaf | public-instance | ACTIVE | - | Running | public=203.0.113.103 |
+--------------------------------------+------------------+--------+------------+-------------+-----------------------------------+
$ openstack server list
+--------------------------------------+----------------------+--------+---------------------------------------+
| ID | Name | Status | Networks |
+--------------------------------------+----------------------+--------+---------------------------------------+
| 113c5892-e58e-4093-88c7-e33f502eaaa4 | selfservice-instance | ACTIVE | selfservice=172.16.1.3, 203.0.113.104 |
| 181c52ba-aebc-4c32-a97d-2e8e82e4eaaf | provider-instance | ACTIVE | provider=203.0.113.103 |
+--------------------------------------+----------------------+--------+---------------------------------------+
#. Verify connectivity to the instance via floating IP address from
the controller node or any host on the public physical network:
the controller node or any host on the provider physical network:
.. code-block:: console
@ -252,7 +252,7 @@ Access the instance remotely
rtt min/avg/max/mdev = 0.929/1.539/3.183/0.951 ms
#. Access your instance using SSH from the controller node or any
host on the public physical network:
host on the provider physical network:
.. code-block:: console
@ -263,12 +263,6 @@ Access the instance remotely
Warning: Permanently added '203.0.113.104' (RSA) to the list of known hosts.
$
.. note::
If your host does not contain the public/private key pair created
in an earlier step, SSH prompts for the default password associated
with the ``cirros`` user, ``cubswin:)``.
If your instance does not launch or seem to work as you expect, see the
`OpenStack Operations Guide <http://docs.openstack.org/ops>`__ for more
information or use one of the :doc:`many other options <common/app_support>`

78
doc/install-guide/source/launch-instance.rst
View File

@ -5,12 +5,13 @@ Launch an instance
==================
This section creates the necessary virtual networks to support launching
one more instances. Networking option 1 includes one public virtual
network and one instance that uses it. Networking option 2 includes one
public virtual network, one private virtual network, and one instance
that uses each network. The instructions in this section use command-line
interface (CLI) tools on the controller node. For more information on the
CLI tools, see the `OpenStack User Guide
instances. Networking option 1 includes one provider (external) network
with one instance that uses it. Networking option 2 includes one provider
network with one instance that uses it and one self-service (private)
network with one instance that uses it. The instructions in this
section use command-line interface (CLI) tools on the controller
node. For more information on the CLI tools, see the
`OpenStack User Guide
<http://docs.openstack.org/user-guide/cli_launch_instances.html>`__.
To use the dashboard, see the
`OpenStack User Guide
@ -22,15 +23,15 @@ Create virtual networks
-----------------------
Create virtual networks for the networking option that you chose
in :ref:`networking`. If you chose option 1, create only the public
virtual network. If you chose option 2, create the public and private
virtual networks.
in :ref:`networking`. If you chose option 1, create only the provider
network. If you chose option 2, create the provider and self-service
networks.
.. toctree::
:maxdepth: 1
launch-instance-networks-public.rst
launch-instance-networks-private.rst
launch-instance-networks-provider.rst
launch-instance-networks-selfservice.rst
After creating the appropriate networks for your environment, you can
continue preparing the environment to launch an instance.
@ -53,7 +54,14 @@ must add a public key to the Compute service.
.. code-block:: console
$ ssh-keygen -q -N ""
$ nova keypair-add --pub-key ~/.ssh/id_rsa.pub mykey
$ openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey
+-------------+-------------------------------------------------+
| Field | Value |
+-------------+-------------------------------------------------+
| fingerprint | ee:3d:2e:97:d4:e2:6a:54:6d:0d:ce:43:39:2c:ba:4d |
| name | mykey |
| user_id | 58126687cbcc4888bfa9ab73a2256f27 |
+-------------+-------------------------------------------------+
.. note::
@ -64,11 +72,11 @@ must add a public key to the Compute service.
.. code-block:: console
$ nova keypair-list
$ openstack keypair list
+-------+-------------------------------------------------+
| Name | Fingerprint |
+-------+-------------------------------------------------+
| mykey | 6c:74:ec:3a:08:05:4e:9e:21:22:a6:dd:b2:62:b8:28 |
| mykey | ee:3d:2e:97:d4:e2:6a:54:6d:0d:ce:43:39:2c:ba:4d |
+-------+-------------------------------------------------+
Add security group rules
@ -85,36 +93,46 @@ secure shell (SSH).
.. code-block:: console
$ nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| icmp | -1 | -1 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
$ openstack security group rule create --proto icmp default
+-----------------------+--------------------------------------+
| Field | Value |
+-----------------------+--------------------------------------+
| id | a1876c06-7f30-4a67-a324-b6b5d1309546 |
| ip_protocol | icmp |
| ip_range | 0.0.0.0/0 |
| parent_group_id | b0d53786-5ebb-4729-9e4a-4b675016a958 |
| port_range | |
| remote_security_group | |
+-----------------------+--------------------------------------+
* Permit secure shell (SSH) access:
.. code-block:: console
$ nova secgroup-add-rule default tcp 22 22 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| tcp | 22 | 22 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
$ openstack security group rule create --proto tcp --dst-port 22 default
+-----------------------+--------------------------------------+
| Field | Value |
+-----------------------+--------------------------------------+
| id | 3d95e59c-e98d-45f1-af04-c750af914f14 |
| ip_protocol | tcp |
| ip_range | 0.0.0.0/0 |
| parent_group_id | b0d53786-5ebb-4729-9e4a-4b675016a958 |
| port_range | 22:22 |
| remote_security_group | |
+-----------------------+--------------------------------------+
Launch an instance
------------------
If you chose networking option 1, you can only launch an instance on the
public network. If you chose networking option 2, you can launch an instance
on the public network and the private network.
provider network. If you chose networking option 2, you can launch an instance
on the provider network and the self-service network.
.. toctree::
:maxdepth: 1
launch-instance-public.rst
launch-instance-private.rst
launch-instance-provider.rst
launch-instance-selfservice.rst
.. _launch-instance-complete: