Created
June 10, 2014 10:20
-
-
Save fabiok/e8fcc717de738240eec5 to your computer and use it in GitHub Desktop.
Lab hands-on Cloud@CNAF
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Corso Cloud@Cnaf - Hands on | |
# PARTE 1 - BASIC | |
# questa parte e' gia' stata fatta attraverso la dashboard | |
# Source credentials file | |
source userXX-openrc.sh | |
# Change user password | |
keystone password-update | |
# Create private network | |
neutron net-create private_net | |
# Associate subnet | |
neutron subnet-create --name private_subnet private_net 10.0.1.0/24 | |
# Check private network and subnet | |
neutron net-list | |
neutron subnet-list | |
# create router | |
neutron router-create myrouter | |
# uplink router to the public internet (set gateway) | |
neutron router-gateway-set myrouter public | |
# uplink subnet to router | |
neutron router-interface-add myrouter private_subnet | |
# create security profile for jump host | |
neutron security-group-create jumphost | |
# Add rule to allow icmp in | |
neutron security-group-rule-create --protocol icmp jumphost | |
# Add rule to allow ssh in | |
neutron security-group-rule-create --protocol tcp --port-range-min 22 --port-range-max 22 jumphost | |
# Create ssh key and paste output into mykey.pem | |
nova keypair-add mykey | |
chmod 600 mykey.pem # mykey.pem must contain output from previous command | |
# Launch jump host: | |
nova boot --image SL-65 --flavor m1.small jumphost --security_groups jumphost --key-name mykey # retrieve admin (root) password by the output of nova boot command | |
# Check running vm | |
nova list | |
# Determine port-id attached to jumphost | |
neutron port-list --device_id=<instance_id> | |
# Create floatingip | |
neutron floatingip-create public --port-id <port-id> | |
# Test ping/ssh | |
nova list | |
ping -c 3 131.154.96.xxx | |
ssh -i mykey.pem cloud-user@131.154.96.xxx | |
############################################ | |
# PARTE 2 - ADVANCED | |
# Source credentials file | |
source userXX-openrc.sh | |
# Check private network, subnet, running vm | |
neutron net-list | |
neutron subnet-list | |
neutron router-list | |
nova list | |
# Create web security group | |
neutron security-group-create web | |
# Allow tcp 80 in | |
neutron security-group-rule-create --protocol TCP --port-range-min 80 --port-range-max 80 web | |
# Allow ssh from members of jumphost | |
neutron security-group-rule-create --direction ingress --protocol TCP --port-range-min 22 --port-range-max 22 --remote-group-id jumphost web | |
# Boot two webservers | |
# Retrieve admin (root) password by the output of nova boot command | |
nova boot --image SL-65 --flavor m1.small webserver1 --security_groups web --key-name mykey | |
nova boot --image SL-65 --flavor m1.small webserver2 --security_groups web --key-name mykey | |
nova list | |
# Copy private key to jumphost | |
# SSH to jumphost (floating-ip = 131.154.96.xxx) | |
scp -i mykey.pem mykey.pem cloud-user@<floating-ip>: | |
ssh -i mykey.pem cloud-user@<floating-ip> | |
# SSH to webserver1 | |
ssh -i mykey.pem 10.0.1.x | |
# Start dummy webserver | |
sudo su - | |
echo "Welcome to $HOSTNAME" > /var/www/html/index.html | |
/etc/init.d/httpd start | |
chkconfig httpd on | |
curl 10.0.1.x | |
# Exit from root user in webserver1 | |
exit | |
# Exit from webserver1 to jumphost | |
exit | |
# Repeat for webserver2 | |
# From jumphost: curl <webserver1-ip> | |
Welcome to webserver1 | |
# From jumphost: curl <webserver2-ip> | |
Welcome to webserver2 | |
# Exit from jumphost | |
exit | |
# Create loadbalanacer pool | |
neutron subnet-list | |
neutron lb-pool-create --lb-method ROUND_ROBIN --name mypool --protocol HTTP --subnet-id <private_subnet_ID> | |
# Add webservers as memebers | |
neutron lb-member-create --address <webserver_1_ip> --protocol-port 80 mypool | |
neutron lb-member-create --address <webserver_2_ip> --protocol-port 80 mypool | |
# Create health monitor | |
neutron lb-healthmonitor-create --delay 3 --type HTTP --max-retries 3 --timeout 3 | |
# Associate with pool | |
neutron lb-healthmonitor-associate <heath-monitor-id> mypool | |
# Create vip for loadbalaner | |
neutron lb-vip-create --name myvip --protocol-port 80 --protocol HTTP --subnet-id <private_subnet_ID> mypool | |
# Associate floatingip to vip | |
neutron floatingip-create public --port-id <port_ID da output comando precedente> | |
# Requests are now loadbalanced over vip ip: | |
curl <vip-floatingip> | |
# Test loadbalancer timeout | |
nova stop webserver1 | |
curl <vip-floatingip> #only returns webserver2, after a while | |
# Start the stopped node | |
nova start webserver1 | |
curl <vip-floatingip> #loadbalances again the requests between the two nodes |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment