任务一、IaaS云平台搭建(15分)
修改云平台IaaS各节点的系统配置,按云平台搭建步骤逐步安装,并完成相应的答题。
1.操作系统环境配置(1分)
按以下要求设置主机名、防火墙及SELinux:
(1)设置控制节点主机名为controller,计算节点主机名为compute;
(2)关闭控制节点和计算节点的防火墙,设置开机不启动;
(3)设置控制节点和计算节点的SELinux为Permissive模式;
(4)退出SecureCRT,重新通过ssh连接各节点服务器;
使用命令查询控制节点和计算节点的主机名、防火墙是否处于关闭状态及SELinux的状态。以文本形式依次将命令行及查询信息提交到答题框。
[root@controller~]#hostname
controller
[root@compute~]#hostname
compute
[root@controller~]#systemctlstatusfirewalld
●firewalld.service-firewalld-dynamicfirewalldaemon
Loaded:loaded(/usr/lib/systemd/system/firewalld.service;disabled;vendorpreset:enabled)
Active:inactive(dead)
Docs:man:firewalld(1)
[root@controller~]#getenforce
Permissive
2.上传镜像源并挂载(1分)
通过SecureFX上传两个镜像文件CentOS-7-x86_64-DVD-1511.iso和XianDian-IaaS-v2.2.iso到控制节点的opt目录下;在opt目录下创建两个子目录centos和iaas,并将镜像文件对应挂载到上述两个目录下;使用df命令查看挂载的信息(需显示挂载的文件系统类型)。依次将操作命令及执行结果以文本形式提交到答题框。
[root@controller~]#mkdir/opt/{centos,iaas}
[root@controller~]#mount-oloopCentOS-7-x86_64-DVD-1511.iso/opt/centos/
mount:/dev/loop0iswrite-protected,mountingread-only
[root@controller~]#mount-oloopXianDian-IaaS-v2.2.iso/opt/iaas/
mount:/dev/loop1iswrite-protected,mountingread-only
[root@controller~]#df-Th
FilesystemTypeSizeUsedAvailUse%Mountedon
/dev/vda1xfs50G7.6G43G16%/
devtmpfsdevtmpfs984M0984M0%/dev
tmpfstmpfs1001M01001M0%/dev/shm
tmpfstmpfs1001M17M985M2%/run
tmpfstmpfs1001M01001M0%/sys/fs/cgroup
/dev/loop0iso96604.1G4.1G0100%/opt/centos
/dev/loop1iso96602.7G2.7G0100%/opt/iaas
3.配置本地以及远程yum源(1分)
配置控制节点本地yum源文件local.repo,搭建ftp服务并配置根目录为指向存放yum源的路径;配置计算节点yum源文件ftp.repo,使用控制节点ftp服务作为yum源,其中节点的地址以主机名表示;使用cat命令查看控制节点和计算节点的yum源全路径配置文件。依次将操作命令及返回结果以文本形式提交到答题框。
[root@controller~]#cat/etc/yum.repos.d/local.repo
[centos]
name=centos
baseurl=file:///opt/centos
enabled=1
gpgcheck=0
[iaas]
name=iaas
baseurl=file:///opt/iaas/iaas-repo
enabled=1
gpgcheck=0
[root@compute~]#cat/etc/yum.repos.d/ftp.repo
[centos]
name=centos
baseurl=ftp://controller/centos
enabled=1
gpgcheck=0
[iaas]
name=iaas
baseurl=ftp://controller/iaas/iaas-repo
enabled=1
gpgcheck=0
4.环境变量配置(1分)
在控制节点和计算节点分别安装iaas-xiandian软件包,根据表2完成脚本文件openrc.sh的配置。以文本形式提交脚本文件的内容到答题框中。
表2变量配置表
服务 变量 参数/密码
Mysql root 000000
Keystone 000000
Glance 000000
Nova 000000
Neutron 000000
Heat 000000
Trove 000000
Keystone DOMAIN_NAME demo
Admin 000000
Rabbit 000000
Glance 000000
Nova 000000
Neutron 000000
Heat 000000
Trove 000000
Neutron Metadata 000000
ExternalNetwork enp9s0
[root@controlleropt]#cat/etc/xiandian/openrc.sh
##--------------------systemconfig--------------------##
##ControllerServerManagerIP.example:x.x.x.x
HOST_IP=192.168.100.10
##ControllerServerhostname.example:controller
HOST_NAME=controller
##ComputeNodeManagerIP.example:x.x.x.x
HOST_IP_NODE=192.168.100.20
##ComputeNodehostname.example:compute
HOST_NAME_NODE=compute
##--------------------Rabbitconfig------------------##
##userforrabbit.example:openstack
RABBIT_USER=openstack
##Passwordforrabbituser.example:000000
RABBIT_PASS=000000
##--------------------MySQLconfig---------------------##
##PasswordforMySQLrootuser.exmaple:000000
DB_PASS=000000
##--------------------Keystoneconfig------------------##
##PasswordforKeystoreadminuser.exmaple:000000
DOMAIN_NAME=demo
ADMIN_PASS=000000
DEMO_PASS=000000
##PasswordforMysqlkeystoreuser.exmaple:000000
KEYSTONE_DBPASS=000000
##--------------------Glanceconfig--------------------##
##PasswordforMysqlglanceuser.exmaple:000000
GLANCE_DBPASS=000000
##PasswordforKeystoreglanceuser.exmaple:000000
GLANCE_PASS=000000
##--------------------Novaconfig----------------------##
##PasswordforMysqlnovauser.exmaple:000000
NOVA_DBPASS=000000
##PasswordforKeystorenovauser.exmaple:000000
NOVA_PASS=000000
##--------------------Neturonconfig-------------------##
##PasswordforMysqlneutronuser.exmaple:000000
NEUTRON_DBPASS=000000
##PasswordforKeystoreneutronuser.exmaple:000000
NEUTRON_PASS=000000
##metadatasecretforneutron.exmaple:000000
METADATA_SECRET=000000
##ExternalNetworkInterface.example:eth1
INTERFACE_NAME=enp8s0
##FirstVlanIDinVLANRANGEforVLANNetwork.exmaple:101
minvlan=101
##LastVlanIDinVLANRANGEforVLANNetwork.example:200
maxvlan=200
##--------------------Cinderconfig--------------------##
##PasswordforMysqlcinderuser.exmaple:000000
CINDER_DBPASS=000000
##PasswordforKeystorecinderuser.exmaple:000000
CINDER_PASS=000000
##CinderBlockDisk.example:md126p3
BLOCK_DISK=md126p4
##--------------------Swiftconfig---------------------##
##PasswordforKeystoreswiftuser.exmaple:000000
SWIFT_PASS=000000
##TheNO1.NODEObjectDiskforSwift.example:md126p4.The2ndwillbeOBJECT_DISK_2
OBJECT_DISK=md126p5
##TheNO1.NODEIPforSwiftStorageNetwork.example:x.x.x.x.The2ndwillbeSTORAGE_LOCAL_NET_IP_2
STORAGE_LOCAL_NET_IP=192.168.100.20
##--------------------Heatconfig----------------------##
##PasswordforMysqlheatuser.exmaple:000000
HEAT_DBPASS=000000
##PasswordforKeystoreheatuser.exmaple:000000
HEAT_PASS=000000
##--------------------Ceilometerconfig----------------##
##PasswordforMysqlceilometeruser.exmaple:000000
CEILOMETER_DBPASS=000000
##PasswordforKeystoreceilometeruser.exmaple:000000
CEILOMETER_PASS=000000
##--------------------AODHconfig----------------##
##PasswordforMysqlAODHuser.exmaple:000000
AODH_DBPASS=000000
##PasswordforKeystoreAODHuser.exmaple:000000
AODH_PASS=000000
5.数据库安装(2分)
使用脚本安装数据库服务,进入数据库。
创建本地用户examuser,密码为000000;
查询mysql数据库中的user表的host,user,password字段;
赋予这个用户对所有数据库拥有“查询”“删除”“更新”“创建”的本地权限。依次将操作命令和返回结果以文本形式提交到答题框。
[MariaDB[(none)]>insertintomysql.user(host,user,Password)values("localhost","examuser",Password("000000"));
QueryOK,1rowaffected,4warnings(0.00sec)
MariaDB[(none)]>usemysql
Readingtableinformationforcompletionoftableandcolumnnames
Youcanturnoffthisfeaturetogetaquickerstartupwith-A
Databasechanged
MariaDB[mysql]>selecthost,user,passwordfromuser;
+-----------+----------+-------------------------------------------+
|host|user|password|
+-----------+----------+-------------------------------------------+
|localhost|root|*032197AE5731D4664921A6CCAC7CFCE6A0698693|
|xiandian|root|*032197AE5731D4664921A6CCAC7CFCE6A0698693|
|127.0.0.1|root|*032197AE5731D4664921A6CCAC7CFCE6A0698693|
|::1|root|*032197AE5731D4664921A6CCAC7CFCE6A0698693|
|localhost|keystone|*032197AE5731D4664921A6CCAC7CFCE6A0698693|
|%|keystone|*032197AE5731D4664921A6CCAC7CFCE6A0698693|
|localhost|glance|*032197AE5731D4664921A6CCAC7CFCE6A0698693|
|%|glance|*032197AE5731D4664921A6CCAC7CFCE6A0698693|
|localhost|nova|*032197AE5731D4664921A6CCAC7CFCE6A0698693|
|%|nova|*032197AE5731D4664921A6CCAC7CFCE6A0698693|
|localhost|neutron|*032197AE5731D4664921A6CCAC7CFCE6A0698693|
|%|neutron|*032197AE5731D4664921A6CCAC7CFCE6A0698693|
|localhost|cinder|*032197AE5731D4664921A6CCAC7CFCE6A0698693|
|%|cinder|*032197AE5731D4664921A6CCAC7CFCE6A0698693|
|localhost|heat|*032197AE5731D4664921A6CCAC7CFCE6A0698693|
|%|heat|*032197AE5731D4664921A6CCAC7CFCE6A0698693|
|localhost|aodh|*032197AE5731D4664921A6CCAC7CFCE6A0698693|
|%|aodh|*032197AE5731D4664921A6CCAC7CFCE6A0698693|
|localhost|examuser|*032197AE5731D4664921A6CCAC7CFCE6A0698693|
+-----------+----------+-------------------------------------------+
19rowsinset(0.00sec)
MariaDB[mysql]>grantselect,delete,update,createon*.*toexamuser@"localhost"identifiedby"000000";
QueryOK,0rowsaffected(0.01sec)
6.keystone安装(2分)
使用脚本安装keystone服务,创建用户testuser,密码为xiandian,将testuser用户分配给admin项目,赋予用户admin的权限。依次将操作命令和查询结果以文本形式提交到答题框。
[root@xiandian~]#source/etc/keystone/admin-openrc.sh
[root@xiandian~]#openstackusercreate--domaindemo--passwordxiandiantestuser
+-----------+----------------------------------+
|Field |Value |
+-----------+----------------------------------+
|domain_id|5a486c51bc8e4dffa4a181f6c54e0938|
|enabled |True |
|id |ec6d67cdb3ac4b3ca827587c14be0a3e|
|name |testuser |
+-----------+----------------------------------+
[root@xiandian~]#openstackroleadd--projectadmin--usertestuseradmin
7.glance安装(2分)
使用脚本安装glance服务。使用CentOS_6.5_x86_64_XD.qcow2文件创建名为examimage的镜像;使用openstack命令查看镜像列表;设置该镜像的标签为lastone,查询镜像详细信息。依次将操作命令和查询结果以文本形式提交到答题框。
[root@xiandian~]#glanceimage-create--name"testone"--disk-format"qcow2"--container-formatbare--progress
[=============================>]100%
+------------------+--------------------------------------+
|Property|Value|
+------------------+--------------------------------------+
|checksum|3e565ace16066679ea363dde5411ed25|
|container_format|bare|
|created_at|2018-01-17T09:01:36Z|
|disk_format|qcow2|
|id|3bb63ae0-3129-442b-b19f-9f66298132aa|
|min_disk|0|
|min_ram|0|
|name|examimage|
|owner|0ab2dbde4f754b699e22461426cd0774|
|protected|False|
|size|283181056|
|status|active|
|tags|[]|
|updated_at|2018-01-17T09:01:38Z|
|virtual_size|None|
|visibility|private|
+------------------+--------------------------------------+
[root@xiandian~]#openstackimagelist
+--------------------------------------+-----------+--------+
|ID|Name|Status|
+--------------------------------------+-----------+--------+
|3bb63ae0-3129-442b-b19f-9f66298132aa|examimage|active|
+--------------------------------------+-----------+--------+
[root@xiandian~]#openstackimagesetexamimage--taglastone
[root@xiandian~]#openstackimageshowexamimage
+------------------+------------------------------------------------------+
|Field|Value|
+------------------+------------------------------------------------------+
|checksum|3e565ace16066679ea363dde5411ed25|
|container_format|bare|
|created_at|2018-01-17T09:01:36Z|
|disk_format|qcow2|
|file|/v2/images/3bb63ae0-3129-442b-b19f-9f66298132aa/file|
|id|3bb63ae0-3129-442b-b19f-9f66298132aa|
|min_disk|0|
|min_ram|0|
|name|examimage|
|owner|0ab2dbde4f754b699e22461426cd0774|
|protected|False|
|schema|/v2/schemas/image|
|size|283181056|
|status|active|
|tags|lastone|
|updated_at|2018-01-18T01:15:18Z|
|virtual_size|None|
|visibility|private|
+------------------+------------------------------------------------------+
8.nova管理(2分)
使用脚本安装nova服务,通过nova的相关命令创建名为exam,ID为1234,内存为1024M,硬盘为20G,虚拟内核数量为2的云主机类型,查看exam的详细信息。依次将操作命令及返回结果以文本形式提交到答题框。
[root@xiandian~]#novaflavor-createexam12341024202
+------+------+-----------+------+-----------+------+-------+-------------+-----------+
|ID|Name|Memory_MB|Disk|Ephemeral|Swap|VCPUs|RXTX_Factor|Is_Public|
+------+------+-----------+------+-----------+------+-------+-------------+-----------+
|1234|exam|1024|20|0||2|1.0|True|
+------+------+-----------+------+-----------+------+-------+-------------+-----------+
[root@xiandian~]#novaflavor-show1234
+----------------------------+-------+
|Property|Value|
+----------------------------+-------+
|OS-FLV-DISABLED:disabled|False|
|OS-FLV-EXT-DATA:ephemeral|0|
|disk|20|
|extra_specs|{}|
|id|1234|
|name|exam|
|os-flavor-access:is_public|True|
|ram|1024|
|rxtx_factor|1.0|
|swap||
|vcpus|2|
+----------------------------+-------+
9.网络创建(2分)
使用脚本安装neutron服务,并配置为GRE网络:
(1)创建云主机外部网络为ext-net,子网为ext-subnet,虚拟机浮动IP网段为192.168.200.0/24,网关为192.168.200.1;
(2)创建云主机隧道网络int-net1,子网为int-subnet1,虚拟机子网IP网段为10.0.0.0/24,网关为10.0.0.1;
(3)创建云主机隧道网络int-net2,子网为int-subnet2,虚拟机子网IP网段为10.0.1.0/24,网关为10.0.1.1;
(4)添加名为ext-router的路由器,配置路由接口地址,完成隧道网络int-net1和外部网络ext-net的连通。
使用neutron相关命令查询子网的列表信息,并查看int-subnet1的详细信息。依次将操作命令和查询结果以文本形式提交到答题框。
[root@controller~]#neutronsubnet-list
+--------------------------------------+------------+----------------+--------------------------------------------------+
|id|name|cidr|allocation_pools|
+--------------------------------------+------------+----------------+--------------------------------------------------+
|1e097cb7-9630-418d-bfd1-57e80354b39a|ext-subnet|172.30.24.0/21|{"start":"172.30.24.2","end":"172.30.31.254"}|
|6386b9ad-c446-45ae-a947-8a44b580feaf|int-subnet1|20.1.0.0/21|{"start":"20.1.0.2","end":"20.1.7.254"}|
+--------------------------------------+------------+----------------+--------------------------------------------------+
[root@controller~]#neutronsubnet-show6386b9ad-c446-45ae-a947-8a44b580feaf
+-------------------+--------------------------------------------+
|Field|Value|
+-------------------+--------------------------------------------+
|allocation_pools|{"start":"20.1.0.2","end":"20.1.7.254"}|
|cidr|20.1.0.0/21|
|created_at|2018-01-13T04:37:27|
|description||
|dns_nameservers||
|enable_dhcp|True|
|gateway_ip|20.1.0.1|
|host_routes||
|id|6386b9ad-c446-45ae-a947-8a44b580feaf|
|ip_version|4|
|ipv6_address_mode||
|ipv6_ra_mode||
|name|int-subnet1|
|network_id|3d4eccf3-8967-4bc4-8c9c-78191e03f0c6|
|subnetpool_id||
|tenant_id|38e4fd41edaf40189d152dda18935b97|
|updated_at|2018-01-13T04:37:27|
+-------------------+--------------------------------------------+
10.dashboard配置(1分)
使用脚本安装dashboard服务,使用curl命令查询http://192.168.100.10/dashboard/auth/login/。依次将操作命令和查询结果以文本形式提交到答题框。
[root@controller~]#curlhttp://192.168.100.10/dashboard/auth/login/
Login-XianDianDashboard
云计算基础架构服务平台
任务一、IaaS云平台运维(20分)
IaaS平台运维准备工作:
按以下配置在云平台中创建云主机:
(1)名称:iaas_all;
(2)镜像文件:iaas-all;
(3)云主机类型:m1.large;
(4)网络1:int-net1,绑定浮动IP;
(5)网络2:int-net2。
1.MongoDB管理(3分)
登录“iaas_all”云主机,使用mongoimport命令,将附件中的test.dat文件,导入至MongoDB下的basketball数据库中的player集合中。导入后登录MongoDB数据库。
(1)使用命令查询player集合中MPG大于35分钟,且PPG在20-25分之间(包括20和25)的所有数据,并按照PTS的降序排序。
(2)使用命令查询player集合中PTS超过2000分,且3P%大于等于33的前两条数据。
依次将操作命令及返回结果以文本形式提交到答题框。
PPG--场均得分;PTS--总得分;FG%--投篮命中率;3P%--三分命中率;MPG--平均上场时间
[root@xiandian~]#mongoimport-dbasketball-cplayertest.dat
connectedto:127.0.0.1
2018-03-16T23:12:06.364+0000check925
2018-03-16T23:12:06.365+0000imported25objects
>usebasketball
switchedtodbbasketball
>db.player.find({"MPG":{$gt:"35"},"PPG":{$gte:"20"},"PPG":{$lte:"25"}}).sort({"PTS":-1})
{"_id":ObjectId("5aac4f461c7c77fbfa3fc096"),"name":"tangsi","PPG":"21.3","PTS":"1743","FG%":"54.5","3P%":"42.1","MPG":"35.6"}
{"_id":ObjectId("5aac4f461c7c77fbfa3fc093"),"name":"qiaozhi","PPG":"21.9","PTS":"1734","FG%":"43","3P%":"40.1","MPG":"36.6"}
{"_id":ObjectId("5aac4f461c7c77fbfa3fc095"),"name":"maikelemu","PPG":"21.4","PTS":"1732","FG%":"44.3","3P%":"39.7","MPG":"36.1"}
{"_id":ObjectId("5aac4f461c7c77fbfa3fc098"),"name":"mideerdun","PPG":"20.1","PTS":"1652","FG%":"46.6","3P%":"35.9","MPG":"36.4"}
{"_id":ObjectId("5aac4f461c7c77fbfa3fc091"),"name":"batele","PPG":"22.2","PTS":"1307","FG%":"47.4","3P%":"35","MPG":"36.7"}
>db.player.find({"PTS":{$gt:"2000"},"3P%":{$gte:"33"}}).limit(2)
{"_id":ObjectId("5aac4f451c7c77fbfa3fc083"),"name":"hadeng","PPG":"30.4","PTS":"2191","FG%":"44.9","3P%":"36.7","MPG":"35.4"}
{"_id":ObjectId("5aac4f461c7c77fbfa3fc084"),"name":"daiweisi","PPG":"28.1","PTS":"2110","FG%":"53.4","3P%":"34","MPG":"36.4"}
2.rabbitmq管理(3分)
登录“iaas_all”云主机。
(1)使用rabbitmqctl命令创建用户xiandian-admin,密码为admin;
(2)赋予xiandian-admin用户administrator的角色并查询;
(3)授予用户xiandian-admin对本机所有资源可写可读可执行的权限,查询xiandian-admin用户的授权信息。
依次将操作命令及返回结果以文本形式提交到答题框。
[root@xiandian~]#rabbitmqctladd_userxiandian-adminadmin
Creatinguser"xiandian-admin"...
[root@xiandian~]#rabbitmqctlset_user_tagsxiandian-adminadministrator
Settingtagsforuser"xiandian-admin"to[administrator]...
[root@xiandian~]#rabbitmqctllist_users
Listingusers...
xiandian[]
xiandian-admin[administrator]
guest[administrator]
[root@xiandian~]#rabbitmqctlset_permissionsxiandian-admin".*"".*"".*"
Settingpermissionsforuser"xiandian-admin"invhost"/"...
[root@xiandian~]#rabbitmqctllist_user_permissionsxiandian-admin
Listingpermissionsforuser"xiandian-admin"...
/.*.*.*
3.openstackapi管理(4分)
登录“iaas-all”云主机,使用curl的方式,获取token值(使用admin用户与admin项目),并使用该token值,使用curl的方式,获取domain为xiandian下面的所有用户信息。将上述所有操作命令和返回结果以文本形式提交到答题框。
[root@xiandian~]#openstackuserlist
+----------------------------------+-------------------+
|ID|Name|
+----------------------------------+-------------------+
|020cce9b69a44aef984fa8aba5135f3f|heat_domain_admin|
|2c8b1e282f804fc58bc8cdfe7518d80f|neutron|
|372c371d6c4a4d5aa099376499fa21ef|aodh|
|413c222a0c0d476fa77e3a096f9da216|heat|
|46faed53c3534611a83f586d55951246|glance|
|53a1cf0ad2924532aa4b7b0750dec282|admin|
|73191a8367e4410da4bf764263ade04c|demo|
|95f197fef75a490cbe926350d2688512|cinder|
|97dcfcb9a3b84dd5a47d40c01425e8f5|swift|
|a0024f4b405745b999aaa1276844dec6|nova|
|d46602d109214aea92ec4f9f0e4223e2|ceilometer|
+----------------------------------+-------------------+
[root@xiandian~]#openstackprojectlist
+----------------------------------+---------+
|ID|Name|
+----------------------------------+---------+
|0ab2dbde4f754b699e22461426cd0774|admin|
|20b1ab08ea644670addb52f6d2f2ed61|service|
|f35885323bac4e4987065a4ca2d364f6|demo|
+----------------------------------+---------+
[root@xiandian~]#curl-i-XPOSThttp://xiandian:35357/v3/auth/tokens-H"Content-type:application/json"-d'{"auth":{"identity":{"methods":["password"],"password":{"user":{"id":"53a1cf0ad2924532aa4b7b0750dec282","password":"000000"}}},"scope":{"project":{"id":"0ab2dbde4f754b699e22461426cd0774"}}}}'|grepX-Subject-Token
%Total%Received%XferdAverageSpeedTimeTimeTimeCurrent
DloadUploadTotalSpentLeftSpeed
1007223100702310020021828621--:--:----:--:----:--X-Subject-Token:gAAAAABcmftpPtik3HPXTSM5NkrDCz7yiBGBhu3JivLmKXDrztMo7MyDI1nnirxatvOEHa9gu0e8_bIgl7y6GMFR51AylnE0711BZlxcLzTcHtUamOjIGJAIVl_GgqCCMfC0qIipGq0U58wnvpVHPVxDtmRHRtDk7wDHMiKqv2hSAXjdWkiZxVU
:--21810
[root@xiandian~]#openstackdomainlist
+----------------------------------+----------+---------+--------------------------+
|ID|Name|Enabled|Description|
+----------------------------------+----------+---------+--------------------------+
|3ac89594c8e944a9b5bb567fca4e75aa|xiandian|True|DefaultDomain|
|d457e4c70e884effa73eeaea735f985e|heat|True|Stackprojectsandusers|
+----------------------------------+----------+---------+--------------------------+
[root@xiandian~]#curlhttp://xiandian:35357/v3/users?domain_id=3ac89594c8e944a9b5bb567fca4e75aa-H"X-Auth-Token:gAAAAABcmgR4-5sZbCtSEIxivBX9T78qpxeWDu-21DDuvq_HAujMXcSvZSPHOWwi-9ieGJyPxfw33nwuCkdUlGa4tk8i8bpjWY3IQx3t2tPWMzHWC8TBJ9e1OabSfBYdNIyjVfF5zlu7JgBXqJLkXkGg9BcVkuACx8oXDVcA-Dt271fb-YOEPYE"|python-mjson.tool
%Total%Received%XferdAverageSpeedTimeTimeTimeCurrent
DloadUploadTotalSpentLeftSpeed
100227410022740071950--:--:----:--:----:--:--7219
{
"links":{
"next":null,
"previous":null,
"self":"http://xiandian:35357/v3/users?domain_id=3ac89594c8e944a9b5bb567fca4e75aa"
},
"users":[
{
"domain_id":"3ac89594c8e944a9b5bb567fca4e75aa",
"enabled":true,
"id":"53a1cf0ad2924532aa4b7b0750dec282",
"links":{
"self":"http://xiandian:35357/v3/users/53a1cf0ad2924532aa4b7b0750dec282"
},
"name":"admin"
},
{
"domain_id":"3ac89594c8e944a9b5bb567fca4e75aa",
"enabled":true,
"id":"73191a8367e4410da4bf764263ade04c",
"links":{
"self":"http://xiandian:35357/v3/users/73191a8367e4410da4bf764263ade04c"
},
"name":"demo"
},
{
"domain_id":"3ac89594c8e944a9b5bb567fca4e75aa",
"enabled":true,
"id":"46faed53c3534611a83f586d55951246",
"links":{
"self":"http://xiandian:35357/v3/users/46faed53c3534611a83f586d55951246"
},
"name":"glance"
},
{
"domain_id":"3ac89594c8e944a9b5bb567fca4e75aa",
"enabled":true,
"id":"a0024f4b405745b999aaa1276844dec6",
"links":{
"self":"http://xiandian:35357/v3/users/a0024f4b405745b999aaa1276844dec6"
},
"name":"nova"
},
{
"domain_id":"3ac89594c8e944a9b5bb567fca4e75aa",
"enabled":true,
"id":"2c8b1e282f804fc58bc8cdfe7518d80f",
"links":{
"self":"http://xiandian:35357/v3/users/2c8b1e282f804fc58bc8cdfe7518d80f"
},
"name":"neutron"
},
{
"domain_id":"3ac89594c8e944a9b5bb567fca4e75aa",
"enabled":true,
"id":"95f197fef75a490cbe926350d2688512",
"links":{
"self":"http://xiandian:35357/v3/users/95f197fef75a490cbe926350d2688512"
},
"name":"cinder"
},
{
"domain_id":"3ac89594c8e944a9b5bb567fca4e75aa",
"enabled":true,
"id":"97dcfcb9a3b84dd5a47d40c01425e8f5",
"links":{
"self":"http://xiandian:35357/v3/users/97dcfcb9a3b84dd5a47d40c01425e8f5"
},
"name":"swift"
},
{
"domain_id":"3ac89594c8e944a9b5bb567fca4e75aa",
"enabled":true,
"id":"413c222a0c0d476fa77e3a096f9da216",
"links":{
"self":"http://xiandian:35357/v3/users/413c222a0c0d476fa77e3a096f9da216"
},
"name":"heat"
},
{
"domain_id":"3ac89594c8e944a9b5bb567fca4e75aa",
"enabled":true,
"id":"d46602d109214aea92ec4f9f0e4223e2",
"links":{
"self":"http://xiandian:35357/v3/users/d46602d109214aea92ec4f9f0e4223e2"
},
"name":"ceilometer"
},
{
"domain_id":"3ac89594c8e944a9b5bb567fca4e75aa",
"enabled":true,
"id":"372c371d6c4a4d5aa099376499fa21ef",
"links":{
"self":"http://xiandian:35357/v3/users/372c371d6c4a4d5aa099376499fa21ef"
},
"name":"aodh"
}
]
}
4.cinder管理(3分)
登录“iaas-all”云主机,查看cinder后端存储空间大小,将cinder存储空间扩容10个G大小,最后查看cinder后端存储空间大小。
依次将操作命令及返回结果以文本形式提交到答题框。
[root@xiandian~]#fdisk /dev/vda
Welcometofdisk(util-linux2.23.2).
Changeswillremaininmemoryonly,untilyoudecidetowritethem.
Becarefulbeforeusingthewritecommand.
Command(mforhelp):n
Partitiontype:
pprimary(1primary,1extended,2free)
llogical(numberedfrom5)
Select(defaultp):p
Partitionnumber(2,4,default2):
Firstsector(104857600-209715199,default104857600):
Usingdefaultvalue104857600
Lastsector,+sectorsor+size{K,M,G}(104857600-209715199,default209715199):+10G
Partition2oftypeLinuxandofsize10GiBisset
Command(mforhelp):w
Thepartitiontablehasbeenaltered!
Callingioctl()tore-readpartitiontable.
WARNING:Re-readingthepartitiontablefailedwitherror16:Deviceorresourcebusy.
Thekernelstillusestheoldtable.Thenewtablewillbeusedat
thenextrebootorafteryourunpartprobe(8)orkpartx(8)
Syncingdisks.
root@xiandian~]#lsblk
NAMEMAJ:MINRMSIZEROTYPEMOUNTPOINT
vda253:00100G0disk
├─vda1253:1040.6G0part/
├─vda3253:301K0part
├─vda5253:501.9G0part
├─vda6253:602.8G0part
└─vda7253:704.8G0part
vdb253:16010G0disk/mnt
loop07:002.8G0loop/swift/node
[root@xiandian~]#partprobe 生效
[root@xiandian~]#lsblk
NAMEMAJ:MINRMSIZEROTYPEMOUNTPOINT
vda253:00100G0disk
├─vda1253:1040.6G0part/
├─vda2253:2010G0part
├─vda3253:301K0part
├─vda5253:501.9G0part
├─vda6253:602.8G0part
└─vda7253:704.8G0part
vdb253:16010G0disk/mnt
loop07:002.8G0loop/swift/node
[root@xiandian~]#pvcreate /dev/vda2
Device/dev/vda2notfound(orignoredbyfiltering).
[root@xiandian~]#vi /etc/lvm/lvm.conf
[root@xiandian~]#pvcreate /dev/vda2
Physicalvolume"/dev/vda2"successfullycreated
[root@xiandian~]#pvs
PVVGFmtAttrPSizePFree
/dev/vda2lvm2---10.00g10.00g
/dev/vda7cinder-volumeslvm2a--4.75g4.75g
[root@xiandian~]#vgextend cinder-volumes /dev/vda2
Volumegroup"cinder-volumes"successfullyextended
[root@xiandian~]#vgs
VG#PV#LV#SNAttrVSizeVFree
cinder-volumes200wz--n-14.74g14.74g
5.Ceilometer管理(3分)
登录“iaas-all”云主机,使用cirros-0.3.4-x86_64-disk.img镜像文件,创建名为cirros的云主机,使用Ceilometer命令,查看该云主机有哪些meter,然后使用Ceilometer命令查看该云主机cpu使用率的最近2两条数据。
[root@xiandian~]#novalist
+--------------------------------------+---------+--------+------------+-------------+---------------------+
|ID|Name|Status|TaskState|PowerState|Networks|
+--------------------------------------+---------+--------+------------+-------------+---------------------+
|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|cirros2|ACTIVE|-|Running|sharednet1=10.0.0.4|
+--------------------------------------+---------+--------+------------+-------------+---------------------+
[root@xiandian~]#ceilometermeter-list-qresource="6dc8b4ec-4aac-4aa2-a417-24c18da78de0"
+-------------------------------+------------+-----------+--------------------------------------+----------------------------------+----------------------------------+
|Name|Type|Unit|ResourceID|UserID|ProjectID|
+-------------------------------+------------+-----------+--------------------------------------+----------------------------------+----------------------------------+
|compute.instance.booting.time|gauge|sec|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|53a1cf0ad2924532aa4b7b0750dec282|0ab2dbde4f754b699e22461426cd0774|
|cpu|cumulative|ns|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|53a1cf0ad2924532aa4b7b0750dec282|0ab2dbde4f754b699e22461426cd0774|
|cpu.delta|delta|ns|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|53a1cf0ad2924532aa4b7b0750dec282|0ab2dbde4f754b699e22461426cd0774|
|cpu_util|gauge|%|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|53a1cf0ad2924532aa4b7b0750dec282|0ab2dbde4f754b699e22461426cd0774|
|disk.allocation|gauge|B|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|53a1cf0ad2924532aa4b7b0750dec282|0ab2dbde4f754b699e22461426cd0774|
|disk.capacity|gauge|B|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|53a1cf0ad2924532aa4b7b0750dec282|0ab2dbde4f754b699e22461426cd0774|
|disk.ephemeral.size|gauge|GB|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|53a1cf0ad2924532aa4b7b0750dec282|0ab2dbde4f754b699e22461426cd0774|
|disk.read.bytes|cumulative|B|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|53a1cf0ad2924532aa4b7b0750dec282|0ab2dbde4f754b699e22461426cd0774|
|disk.read.bytes.rate|gauge|B/s|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|53a1cf0ad2924532aa4b7b0750dec282|0ab2dbde4f754b699e22461426cd0774|
|disk.read.requests|cumulative|request|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|53a1cf0ad2924532aa4b7b0750dec282|0ab2dbde4f754b699e22461426cd0774|
|disk.read.requests.rate|gauge|request/s|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|53a1cf0ad2924532aa4b7b0750dec282|0ab2dbde4f754b699e22461426cd0774|
|disk.root.size|gauge|GB|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|53a1cf0ad2924532aa4b7b0750dec282|0ab2dbde4f754b699e22461426cd0774|
|disk.usage|gauge|B|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|53a1cf0ad2924532aa4b7b0750dec282|0ab2dbde4f754b699e22461426cd0774|
|disk.write.bytes|cumulative|B|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|53a1cf0ad2924532aa4b7b0750dec282|0ab2dbde4f754b699e22461426cd0774|
|disk.write.bytes.rate|gauge|B/s|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|53a1cf0ad2924532aa4b7b0750dec282|0ab2dbde4f754b699e22461426cd0774|
|disk.write.requests|cumulative|request|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|53a1cf0ad2924532aa4b7b0750dec282|0ab2dbde4f754b699e22461426cd0774|
|disk.write.requests.rate|gauge|request/s|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|53a1cf0ad2924532aa4b7b0750dec282|0ab2dbde4f754b699e22461426cd0774|
|instance|gauge|instance|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|53a1cf0ad2924532aa4b7b0750dec282|0ab2dbde4f754b699e22461426cd0774|
|memory|gauge|MB|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|53a1cf0ad2924532aa4b7b0750dec282|0ab2dbde4f754b699e22461426cd0774|
|memory.resident|gauge|MB|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|53a1cf0ad2924532aa4b7b0750dec282|0ab2dbde4f754b699e22461426cd0774|
|vcpus|gauge|vcpu|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|53a1cf0ad2924532aa4b7b0750dec282|0ab2dbde4f754b699e22461426cd0774|
+-------------------------------+------------+-----------+--------------------------------------+----------------------------------+----------------------------------+
[root@xiandian~]#ceilometersample-list-mcpu_util-qresource="6dc8b4ec-4aac-4aa2-a417-24c18da78de0"-l2
+--------------------------------------+----------+-------+---------------+------+----------------------------+
|ResourceID|Name|Type|Volume|Unit|Timestamp|
+--------------------------------------+----------+-------+---------------+------+----------------------------+
|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|cpu_util|gauge|4.86476234825|%|2019-02-13T03:28:35.345000|
|6dc8b4ec-4aac-4aa2-a417-24c18da78de0|cpu_util|gauge|4.84203966512|%|2019-02-13T03:18:35.316000|
+--------------------------------------+----------+-------+---------------+------+----------------------------+
6.数据加密管理(4分)
前提:按要求配置静态fixed_key,使cinder和nova组件可以使用加密过的BlockStorage卷服务,配置好之后,创建一个卷类型叫luks,并把这个类型配置为加密类型,cipher使用“aes-xts-plain64”,key_size使用“512”,control-location使用“front-end”,Provider使用“nova.volume.encryptors.luks.LuksEncryptor”。
登录“iaas_all”云主机,使用命令创建两个云硬盘,分别叫“unencryptedvolume”和“encryptedvolume”大小都是1G,前者不加密,后者使用luks卷类型加密。使用nova命令,创建一个云主机vm-test,镜像使用提供的cirros镜像,然后使用命令分别将创建的两块云硬盘attach到云主机上,最后使用cinderlist查看。依次将操作命令和返回结果以文本形式提交到答题框。
[root@xiandian~]#cindercreate--display-name'unencryptedvolume'1
+--------------------------------+--------------------------------------+
|Property|Value|
+--------------------------------+--------------------------------------+
|attachments|[]|
|availability_zone|nova|
|bootable|false|
|consistencygroup_id|None|
|created_at|2018-01-25T00:43:42.000000|
|description|None|
|encrypted|False|
|id|348199b8-c2b4-45ed-a03c-7e542e4f5488|
|metadata|{'readonly':'False'}|
|migration_status|None|
|multiattach|False|
|name|unencryptedvolume|
|os-vol-host-attr:host|xiandian@lvm#LVM|
|os-vol-mig-status-attr:migstat|None|
|os-vol-mig-status-attr:name_id|None|
|os-vol-tenant-attr:tenant_id|0ab2dbde4f754b699e22461426cd0774|
|replication_status|disabled|
|size|1|
|snapshot_id|None|
|source_volid|None|
|status|available|
|updated_at|2018-01-25T05:10:07.000000|
|user_id|53a1cf0ad2924532aa4b7b0750dec282|
|volume_type|None|
+--------------------------------+--------------------------------------+
[root@xiandian~]#cindercreate--display-name'encryptedvolume'--volume-typeluks1
+--------------------------------+--------------------------------------+
|Property|Value|
+--------------------------------+--------------------------------------+
|attachments|[]|
|availability_zone|nova|
|bootable|false|
|consistencygroup_id|None|
|created_at|2018-01-25T02:48:13.000000|
|description|None|
|encrypted|True|
|id|928f4eab-69da-4bdb-9a30-1edbb2cbe6ee|
|metadata|{}|
|migration_status|None|
|multiattach|False|
|name|encryptedvolume|
|os-vol-host-attr:host|xiandian@lvm#LVM|
|os-vol-mig-status-attr:migstat|None|
|os-vol-mig-status-attr:name_id|None|
|os-vol-tenant-attr:tenant_id|0ab2dbde4f754b699e22461426cd0774|
|replication_status|disabled|
|size|1|
|snapshot_id|None|
|source_volid|None|
|status|creating|
|updated_at|2018-01-25T02:48:14.000000|
|user_id|53a1cf0ad2924532aa4b7b0750dec282|
|volume_type|luks|
+--------------------------------+--------------------------------------+
[root@xiandian~]#cinderlist
+--------------------------------------+-----------+--------------------+------+-------------+----------+-------------+
|ID|Status|Name|Size|VolumeType|Bootable|Attachedto|
+--------------------------------------+-----------+--------------------+------+-------------+----------+-------------+
|348199b8-c2b4-45ed-a03c-7e542e4f5488|available|unencryptedvolume|1|-|false||
|928f4eab-69da-4bdb-9a30-1edbb2cbe6ee|available|encryptedvolume|1|luks|false||
+--------------------------------------+-----------+--------------------+------+-------------+----------+-------------+
[root@xiandian~]#novaboot--flavorm1.tiny--image"cirros"vm-test
[root@xiandian~]#cinderlist
+--------------------------------------+-----------+--------------------+------+-------------+----------+-------------+
|ID|Status|Name|Size|VolumeType|Bootable|Attachedto|
+--------------------------------------+-----------+--------------------+------+-------------+----------+-------------+
|348199b8-c2b4-45ed-a03c-7e542e4f5488|available|unencryptedvolume|1|-|false||
|928f4eab-69da-4bdb-9a30-1edbb2cbe6ee|available|encryptedvolume|1|luks|false||
+--------------------------------------+-----------+--------------------+------+-------------+----------+-------------+
[root@xiandian~]#novavolume-attachvm-test348199b8-c2b4-45ed-a03c-7e542e4f5488
+----------+--------------------------------------+
|Property|Value|
+----------+--------------------------------------+
|device|/dev/vdb|
|id|348199b8-c2b4-45ed-a03c-7e542e4f5488|
|serverId|fce35460-2653-4d2a-ad18-e0522a8dbfd4|
|volumeId|348199b8-c2b4-45ed-a03c-7e542e4f5488|
+----------+--------------------------------------+
[root@xiandian~]#novavolume-attachvm-test928f4eab-69da-4bdb-9a30-1edbb2cbe6ee
+----------+--------------------------------------+
|Property|Value|
+----------+--------------------------------------+
|device|/dev/vdc|
|id|928f4eab-69da-4bdb-9a30-1edbb2cbe6ee|
|serverId|fce35460-2653-4d2a-ad18-e0522a8dbfd4|
|volumeId|928f4eab-69da-4bdb-9a30-1edbb2cbe6ee|
+----------+--------------------------------------+
[root@xiandian~]#cinderlist
+--------------------------------------+--------+--------------------+------+-------------+----------+--------------------------------------+
|ID|Status|Name|Size|VolumeType|Bootable|Attachedto|
+--------------------------------------+--------+--------------------+------+-------------+----------+--------------------------------------+
|348199b8-c2b4-45ed-a03c-7e542e4f5488|in-use|unencryptedvolume|1|-|false|fce35460-2653-4d2a-ad18-e0522a8dbfd4|
|928f4eab-69da-4bdb-9a30-1edbb2cbe6ee|in-use|encryptedvolume|1|luks|false|fce35460-2653-4d2a-ad18-e0522a8dbfd4|
+--------------------------------------+--------+--------------------+------+-------------+----------+--------------------------------------+