In my previous video, I showed how to use the OpenStack GUI to create an instance (or a server to you and I). The components included creating a Network, a Subnet, a Router, an Interface, an SSH keypair, as well as a floating IP to use with the created Instance.
In this article, I’m going to detail how you can get started with the OpenStack set of CLIs to create all the necessary components required for launching an Instance in an OpenStack environment.
Installing The Tools
First things first, you need to install the command line tools. You can do ths pretty easily using pip:
$ pip install python-openstackclient
$ pip install python-novaclient
$ pip install python-neutronclient
If you’re unfamiliar with the different tools (i.e. nova, neutron, cinder), keep your eye out as I’ll be covering that topic soon.
Setting Environment Variables
The OS CLI tools require that you have some environment variables set. Make sure you grab the right settings from your control panel:
I recommend placing these in either your .bashrc or .zshrc file to ensure they’re set everytime you open your terminal.
Creating An Instance
If you’ve seen the OpenStack GUI Video, you’ll be aware that it’s not possible to create an instance straight out of the box. First we have to create other services that the instance will make use of.
Creating An SSH key-pair.
It’s imperitive to place your public key on the instance you create, otherwise you’ll never have access to it, making our efforts rather fruitless.
To create a key-pair within OpenStack, and keep the private key on your own machine:
$ nova keypair-add exampleKey > ~/.ssh/exampleKey.pem
$ chmod 0600 ~/.ssh/exampleKey.pem
$ ssh-add ~/.ssh/exampleKey.pem
Create A Network.
You’ll need a network so that you can create a gateway, subnet & allocate IP addresses to your instances.
$ neutron net-create exampleNetwork
Create A Subnet
When creating a subnet, you can use whatever class address you like, but it’s important to specify the full CIDR address
$ neutron subnet-create exampleNetwork 10.10.0.0/24 --name exampleSubnet
Take note of the ID that is shown once it’s created, as we’ll need that in our next step.
Create A Router
Routers allow you to connect different networks. We want to connect our new subnet to the router, whilst at the same time allowing the router to be connected to our default, ‘internet’ network. This is our basic gateway to the internet with the subnet being added as an interface.
We can find the ‘internet’ network by asking neutron to list the networks:
$ neutron net-list
From this we can grab our internet network id. In our case, it’s:
So, let’s create the router:
$ neutron router-create exampleRouter
Take note of the RouterID:
Now, we give the router a gateway to the internet:
$ neutron router-gateway-set 37a2afe1-a49f-4560-bac3-84a36bace670 893a5b59-081a-4e3a-ac50-1e54e262c3fa
..and attach our subnet to the router too:
$ neutron router-interface-add 37a2afe1-a49f-4560-bac3-84a36bace670 aa8ad9ba-0a58-4f80-9f4d-9aaa0cd9307a
If you’ve got this far, well done! We not have the pre-requisites in place to launch our instance!
Launching The Instance
Instances come in a list of pre-defined ‘flavors’; these are the sizes, ranging from ‘nano’ to large. You can see these here:
$ openstack flavor list
Once you’ve decided which flavour you’d like, you’ll also need to choose a pre-baked image. To keep in line with the previous video, I’m going to use the CentOS7 image from the below:
$ openstack image list
Finally, we need to refresh ourselves with the ID of the network, our key-pair name, as well as the security group ID. For the purposes of this article, we’re actually sticking with the default security group; we’ll modify the settings of that later.
$ openstack security group list
$ openstack keypair list
$ neutron net-list
Using the above commands, you wil be able to grab the necessary ID’s to pass into the important command, the one that will launch our instance:
$ nova boot --nic net-id=b4bd41aa-25b3-4f65-9120-df5891880a95 \
--flavor c46be6d1-979d-4489-8ffe-e421a3c83fdd \
--image 0f1785b3-33c3-451e-92ce-13a35d991d60 \
--key-name bobbynew3 \
--security-groups 88d0994e-cbee-4bb2-a5f3-73503f545af9 \
You’ll be mightly impressed with how quickly the server is up and running. You can get the status of it with this simple command:
$ nova list
Accessing From The Outside World
It’s all very well having a running server with outbound Internet connectivity, but right now it doesn’t have any way of being accessed from the Internet externally. The way we do this, is to create an IP address for use on the world wide web, and map that IP address to the port of our new instance. We’ll then open up the port on the firewall to allow us to SSH into it.
A floating IP is a way for us to have a ‘static’ IP address in our architecture, but at the same time be very flexible in where we send the traffic. We can map this floating IP to various instances & ports but for now we are going to map it against our new instance.
From the previous command (nova list), you’ll have the ID of the instance, which can be passed as a parameter into the following command:
$ neutron port-list --device_id=6371c025-86c4-42b2-a5a8-485e56e3f138
The ID that is returned, is the port that belongs to the instance and is also the same port that needs mapping against our new IP address. The following command will create a floating IP within the ‘internet’ network, and map it to the port of our new instance:
$ neutron floatingip-create \
--port-id 0413a947-4d9d-4475-bf7b-72e44f922707 internet
The security groups are the firewalls that you can use, and the default one has zero inbound rules. Initially, we just want to open up port 22 to allow us to SSH:
$ openstack security group rule create default \
--protocol tcp --dst-port 22:22 --remote-ip 0.0.0.0/0
If you’ve followed all the above steps, you now have a CentOS7 server running on a fixed IP address that you can SSH to:
ssh -i ~/.ssh/exampleKey.pem firstname.lastname@example.org
That concludes the guide to setting up a new server. What you will have noticed is that despite having a brilliant set of command-line tools, it’s still not very automated, and could take a while until you’ve memorised the process.
Keep your eyes posted, as next we’ll be looking at how to automated these steps with Terraform!
If you have any questions, please comment or email email@example.com