Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Corso Cloud@Cnaf - Hands on
- # PARTE 1 - BASIC
- # questa parte e' gia' stata fatta attraverso la dashboard
- # Source credentials file
- source userXX-openrc.sh
- # Change user password
- keystone password-update
- # Create private network
- neutron net-create private_net
- # Associate subnet
- neutron subnet-create --name private_subnet private_net 10.0.1.0/24
- # Check private network and subnet
- neutron net-list
- neutron subnet-list
- # create router
- neutron router-create myrouter
- # uplink router to the public internet (set gateway)
- neutron router-gateway-set myrouter public
- # uplink subnet to router
- neutron router-interface-add myrouter private_subnet
- # create security profile for jump host
- neutron security-group-create jumphost
- # Add rule to allow icmp in
- neutron security-group-rule-create --protocol icmp jumphost
- # Add rule to allow ssh in
- neutron security-group-rule-create --protocol tcp --port-range-min 22 --port-range-max 22 jumphost
- # Create ssh key and paste output into mykey.pem
- nova keypair-add mykey
- chmod 600 mykey.pem # mykey.pem must contain output from previous command
- # Launch jump host:
- nova boot --image SL-65 --flavor m1.small jumphost --security_groups jumphost --key-name mykey # retrieve admin (root) password by the output of nova boot command
- # Check running vm
- nova list
- # Determine port-id attached to jumphost
- neutron port-list --device_id=<instance_id>
- # Create floatingip
- neutron floatingip-create public --port-id <port-id>
- # Test ping/ssh
- nova list
- ping -c 3 131.154.96.xxx
- ssh -i mykey.pem cloud-user@131.154.96.xxx
- ############################################
- # PARTE 2 - ADVANCED
- # Source credentials file
- source userXX-openrc.sh
- # Check private network, subnet, running vm
- neutron net-list
- neutron subnet-list
- neutron router-list
- nova list
- # Create web security group
- neutron security-group-create web
- # Allow tcp 80 in
- neutron security-group-rule-create --protocol TCP --port-range-min 80 --port-range-max 80 web
- # Allow ssh from members of jumphost
- neutron security-group-rule-create --direction ingress --protocol TCP --port-range-min 22 --port-range-max 22 --remote-group-id jumphost web
- # Boot two webservers
- # Retrieve admin (root) password by the output of nova boot command
- nova boot --image SL-65 --flavor m1.small webserver1 --security_groups web --key-name mykey
- nova boot --image SL-65 --flavor m1.small webserver2 --security_groups web --key-name mykey
- nova list
- # Copy private key to jumphost
- # SSH to jumphost (floating-ip = 131.154.96.xxx)
- scp -i mykey.pem mykey.pem cloud-user@<floating-ip>:
- ssh -i mykey.pem cloud-user@<floating-ip>
- # SSH to webserver1
- ssh -i mykey.pem 10.0.1.x
- # Start dummy webserver
- sudo su -
- echo "Welcome to $HOSTNAME" > /var/www/html/index.html
- /etc/init.d/httpd start
- chkconfig httpd on
- curl 10.0.1.x
- # Exit from root user in webserver1
- exit
- # Exit from webserver1 to jumphost
- exit
- # Repeat for webserver2
- # From jumphost: curl <webserver1-ip>
- Welcome to webserver1
- # From jumphost: curl <webserver2-ip>
- Welcome to webserver2
- # Exit from jumphost
- exit
- # Create loadbalanacer pool
- neutron subnet-list
- neutron lb-pool-create --lb-method ROUND_ROBIN --name mypool --protocol HTTP --subnet-id <private_subnet_ID>
- # Add webservers as memebers
- neutron lb-member-create --address <webserver_1_ip> --protocol-port 80 mypool
- neutron lb-member-create --address <webserver_2_ip> --protocol-port 80 mypool
- # Create health monitor
- neutron lb-healthmonitor-create --delay 3 --type HTTP --max-retries 3 --timeout 3
- # Associate with pool
- neutron lb-healthmonitor-associate <heath-monitor-id> mypool
- # Create vip for loadbalaner
- neutron lb-vip-create --name myvip --protocol-port 80 --protocol HTTP --subnet-id <private_subnet_ID> mypool
- # Associate floatingip to vip
- neutron floatingip-create public --port-id <port_ID da output comando precedente>
- # Requests are now loadbalanced over vip ip:
- curl <vip-floatingip>
- # Test loadbalancer timeout
- nova stop webserver1
- curl <vip-floatingip> #only returns webserver2, after a while
- # Start the stopped node
- nova start webserver1
- curl <vip-floatingip> #loadbalances again the requests between the two nodes
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement