OpenstackClient is a command-line client for OpenStack that brings the command set for Compute, Identity, Image, Object Storage and Block Storage APIs together in a single shell with a uniform command structure.
Fedora Linux
Installing on Fedora is simple, using the native package manager:
# dnf install python3-openstackclientRockyLinux or AlmaLinux
Install the CLI tools using dnf:
# dnf install python3-openstackclient # yum install python2-openstackclientDebian or Ubuntu
Install the clients using snapd
Enable snapd
# sudo apt update
# sudo apt install snapdInstall openstackclients
$ sudo snap install openstackclientsFor running OpenStack command-line clients, you must authenticate to Keystone so that you can be authorized to perform an action.
You can submit the required credentials using the command-line arguments for the OpenStack clients, or you can store the credentials as environment variables which can then be used by the OpenStack clients. Using environment variables is often easier.
For Linux
After you receive your password for API access you can use the OpenStack command line interface (OpenStack CLI) to test the access.
To manually set the environment variables:
$ export variable_name=value
Create a keystone_rc.sh file:
$ cat >> keystone_rc.sh << EOF
export OS_USERNAME=<USERNAME>
export OS_PROJECT_NAME=<PROJECT>
export OS_PASSWORD=<PASSWORD>
export OS_AUTH_URL=<AUTH_URL>
export OS_IDENTITY_API_VERSION=3
export OS_USER_DOMAIN_NAME=<DOMAIN>
export OS_PROJECT_DOMAIN_NAME=<DOMAIN>
export OS_IDENTITY_API_VERSION = 3
export OS_IMAGE_API_VERSION = 2
export OS_VOLUME_API_VERSION=2
export OS_CACERT = /etc/pki/CA/certs/ca-chain-cnrs.pem
EOF$ source keystone-rc.shUsing a yaml file
The following is an example "clouds.yaml" file containing the credentials for two projects, admin and dev:
clouds:
admin:
auth:
auth_url: http://10.0.0.20:5000/v3
project_name: admin
tenant_name: admin
username: admin
password: password
project_domain_id: default
project_domain_name: Default
user_domain_id: default
user_domain_name: Default
identity_api_version: 3
volume_api_version: 2
dev:
auth:
auth_url: http://10.0.0.20:5000/v3
project_name: DevProject
username: jdoe
password: password
project_domain_id: default
project_domain_name: Default
user_domain_id: default
identity_api_version: 3
volume_api_version: 2You select the credentials you want to use with the --os-cloud option when you run a command, for example:
$ openstack --os-cloud=dev server listThe openstack CLI client searches for the clouds.yaml file in order in the following locations:
The first file found is used
For MSWindows
Configuring the OpenStack commandline tools on Windows
At CPPM passwords must contain at least 1 letter, 1 digit, and be a minimum length of 7 characters.
Use this command
$openstack user password set [--password <new-password>]
[--original-password <original-password>]After that remind to update OS_PASSWORD in the environnment rc file.
Key pairs work by keeping the public key on the server, and the private key on your local workstation. Once the server has verified that the two keys match, a secure connection can be made
Create new public or private key for server ssh access
$ openstack keypair create KEY_NAME > MY_KEY.pemAfter that :
$ mv MY_KEY.pem ${HOME}/.ssh
$ chmod 400 ${HOME}/.ssh/MY_KEY.pemIf you have already generated a Key Pair on your Linux or Mac computer, the public key is most likely named 'id_rsa.pub' and located in the directory: ~/.ssh/id_rsa.pub.
Run the following command to generate the new Key Pair.
openstack create --public-key <
> < >_
$ openstack keypair create --public-key ~/.ssh/id_rsa.pub my_new_key
+---------------+-------------------------------------------------+
| Field | Value |
+---------------+-------------------------------------------------+
| fingerprint | f2:fc:4f:ca:1c:b7:ba:43:1f:b8:e5:fc:63:84:79:13 |
| name | my_new_key |
| user_id | 29815315c4ce4d48a27e767a63eb8320 |
+---------------+-------------------------------------------------+To check
$ openstack keypair listPreliminary
Select a image
Chose a flavor
Launch the instance
Check
Optionally add a floating ip.
A few things to have in hand before
Check your environment, you must know your project name
$ echo $OS_PROJECT_NAME
demoAsk your for your project "network name"
Ex: "demo-net"
Each project name has a "Network ID", get it
$ net=demo-net
$ openstack network list | awk -v var=$net '{if(var == $4 ){ print $2}}'
9bc75723-312a-4c3b-8e2f-8eb43bb8632a$ export OS_NET=9bc75723-312a-4c3b-8e2f-8eb43bb8632aList available images and chose one of them for name or id.
$ openstack image list
+--------------------------------------+----------------------+--------+
| ID | Name | Status |
+--------------------------------------+----------------------+--------+
| 02148c77-17c3-40c6-ab3c-24929bdd6842 | CentOS-7-x86_64 | active |
| ccdfd2c2-739f-4bbb-9a36-6691cf971562 | Centos-cppm-6-x86_64 | active |
| dd20951e-5d07-4ccb-a861-c46ce20fdc3c | Centos-cppm-67-x86_64| active |
| f52f9134-c50c-4a69-b815-b6cdaf50f857 | Centos-cppm-7-x86_64 | active |
| d60b2543-8de7-46c8-a9b9-b906c0966d5a | Centos-cppm-ui-67 | active |
| e117e121-1ca7-486a-af22-e1484000457e | Fedora-26 | active |
| 122f2f73-aa2f-489d-a77e-ad6d04016e28 | Fedora-27 | active |
| 9691e9be-3e4b-40c5-aa66-21b139ba95b1 | debian-8-amd64 | active |
| 458700c5-f23d-46bb-8ad4-6b5e18733811 | debian-9-amd64 | active |
+--------------------------------------+----------------------+--------+A flavor provides a standardized group of hardware and software settings that can be used repeatedly to create new virtual machines configured with those settings.
$ openstack flavor list
+----+-----------+-------+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+-----------+-------+------+-----------+-------+-----------+
| 0 | m1.nano | 64 | 1 | 0 | 1 | True |
| 1 | m1.tiny | 512 | 1 | 0 | 1 | True |
| 2 | m1.small | 2048 | 20 | 0 | 1 | True |
| 3 | m1.medium | 4096 | 40 | 0 | 2 | True |
| 4 | m1.large | 8192 | 80 | 0 | 4 | True |
| 5 | m1.xlarge | 16384 | 160 | 0 | 8 | True |
+----+-----------+-------+------+-----------+-------+-----------+After you gather required parameters, run the following command to launch an instance. Specify the server name and , flavor et image name or ID.
You can provide a key name for access control and a security group for security. You can also include metadata key and value pairs.
$ openstack server create --flavor m1.tiny \
--image cirros --nic net-id=$OS_NET \
--security-group default --key-name your-key my_test
+-----------------------------+-----------------------------------+
| Field | Value |
+-----------------------------+-----------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | |
| OS-EXT-STS:power_state | NOSTATE |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | None |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | |
| adminPass | 2K8vZ2dAoyef |
| config_drive | |
| created | 2018-04-08T08:14:58Z |
| flavor | m1.tiny (1) |
| hostId | |
| id | 6b3d0ecc-a1b9-4a68-90e8-cff1e6060 |
| image | cirros |
| key_name | jhondoe-key |
| name | my_test |
| progress | 0 |
| project_id | 6f8d2cfd9c8444c386c517568a59093 |
| properties | |
| security_groups | name='default' |
| status | BUILD |
| updated | 2018-04-08T08:14:58Z |
| user_id | 2377073d754e44ae8a130159594fd4 |
| volumes_attached | |
+-----------------------------+-----------------------------------+You can add a description for your server by providing the --property description="My Server" parameter.
You can pass user data in a local file at instance launch by using the --user-data USER-DATA-FILE parameter.
$ openstack server list | grep my_test
| 6b3d0ecc-a1b9-4a68-90e8-cff1e6840606 | my_test | ...
$ openstack server show my_test
+-----------------------------+--------------------------------------+
| Field | Value |
+-----------------------------+--------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | nova |
| OS-EXT-STS:power_state | Running |
| OS-EXT-STS:task_state | None |
| OS-EXT-STS:vm_state | active |
| OS-SRV-USG:launched_at | 2018-04-08T08:15:07.000000 |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | demo-net=192.168.1.18 |
| config_drive | |
| created | 2018-04-08T08:14:58Z |
| flavor | m1.tiny (1) |
| hostId | 4281a84253df8dcbac9d201fe0fa2de2c932 |
| id | 6b3d0ecc-a1b9-4a68-90e8-cff1e6840606 |
| image | cirros |
| key_name | jhondoe-key |
| name | my_test |
| progress | 0 |
| project_id | 6f8d2cfd9c8444c386c517568a590932 |
| properties | |
| security_groups | name='default' |
| status | ACTIVE |
| updated | 2018-04-08T08:15:07Z |
| user_id | 2377073d754e44ae8a130159594fd4a6 |
| volumes_attached | |
+-----------------------------+--------------------------------------+The next step after have a running vm is add a floating IP
$ openstack floating ip list -c 'Floating IP Address' -c 'Fixed IP Address'
+---------------------+------------------+
| Floating IP Address | Fixed IP Address |
+---------------------+------------------+
| 134.158.21.39 | None |
| 134.158.21.51 | None |
| 134.158.21.37 | None |
| 134.158.21.44 | None |
| 134.158.21.38 | 192.168.1.13 |
| 134.158.21.42 | 192.168.1.4 |
| 134.158.21.43 | 192.168.1.33 |
| 134.158.21.45 | 192.168.1.17 |
| 134.158.21.35 | None |
| 134.158.21.40 | 192.168.1.26 |
| 134.158.21.41 | 192.168.1.12 |
| 134.158.21.53 | 192.168.1.21 |
+---------------------+------------------+Once the floating IP address is chosen, we can associate it with an instance.
$ openstack server add floating ip my_test2 134.158.21.35On Linux and Mac OS:
An SSH terminal is installed natively on Linux & Mac OS environments.
After importing and pairing a pair of keys to your instance and add a "floating ip", you have the option of logging into SSH.
shell $ ssh -i MyKey.pem user@10.0.0.2
shell $ openstack server ssh -i MyKey.pem --login user imy_instance
A multiplatform ssh x-forwarding server which allows a single linux server to be accessed graphically by many users simultaneously.
The SSH port of your instance must be accessible, that is, it must be open in a security group associated with the instance.
The username to use to connect to your instance may vary depending on the OS of the instance.
Ex:
* CentOS => centos
* cirros => cirros
* Fedora => fedora
* Debian => debian
....CirrOS is a minimal Linux distribution that was designed for use as a test image on clouds such as OpenStack Compute.
In a CirrOS image, the login account is cirros. The password is cubswin:)
* ACTIVE: The server is active.
* BUILD: The server has not yet finished the original build process.
* DELETED: The server is deleted.
* ERROR: The server is in error.
* HARD_REBOOT: The server is hard rebooting.
* MIGRATING: This is caused by moving a server that is active.
* PASSWORD: The password is being reset on the server.
* PAUSED: The server is paused.
* REBOOT: A reboot command was passed to the operating system.
* REBUILD: The server is currently being rebuilt from an image.
* RESCUE: The server is in rescue mode.
* RESIZE: Server performing the differential copy of data.
* REVERT_RESIZE: The resize or migration failed for some reason.
* SHELVED: The server is in shelved state.
* SHELVED_OFFLOADED: The shelved server is offloaded .
* SHUTOFF: The server was powered down by the user.
* SOFT_DELETED: The server is marked as deleted.
* SUSPENDED: The server is suspended, either by request or necessity.
* UNKNOWN: The state the server unknown. Contact your cloud provider.
* VERIFY_RESIZE: System is awaiting after a move or resize.User data is a blob of data that the user can specify when they launch an instance. The instance can access this data through the metadata service or config drive. Commonly used to pass a shell script that the instance runs on boot.
Take a deeper look reading Contextualization