Table des matières
3 billet(s) pour janvier 2026
| Notes rsh rcp | 2026/01/21 18:08 | Jean-Baptiste |
| Git - Duplication d'un dépôt | 2026/01/19 10:22 | Jean-Baptiste |
| Exemple simple de conf Nagios | 2026/01/14 10:07 | Jean-Baptiste |
OpenStack multidomain
Voir :
openstack domain create --description "Test Domain" xxdom openstack user create --domain xxdom xxadmin --password-prompt openstack role create admin --domain xxdom openstack project create --description "Projet xx 1" xx_prj1 --domain xxdom openstack role add --project xx_prj1 --user xxadmin admin
Activation du réseau
openstack network set --share public
cp -p /opt/stack/horizon/openstack_dashboard/local/local_settings.py{,.orig}
/opt/stack/horizon/openstack_dashboard/local/local_settings.py
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = 'default'
Voir https://github.com/openstack/horizon/blob/master/openstack_dashboard/local/local_settings.py.example
systemctl restart apache2
OpenStack Glance - VIO - Import a Virtual Machine Template as an Image
Note : la commande Glance n'utilise pas le fichier cloud.yaml mais les variables d'environnement.
Voir API CLI OpenStack Glance - configuration authentification via variables d'environnement
Pour connaître l'URL :
Allez sur https://vco.acme.local/ puis icone 2em icone en haut (VMs and Templates)
Créer une image vide
glance image-create --name image-name --disk-format vmdk --container-format bare
Pour retrouver l'ID de l'image
$ openstack image list |grep image-name | dada9516-b37d-481b-8d20-dcaa3951f518 | image-name | active |
Lier le fichier existant à l'image OpenStack nouvellement crée.
glance location-add dada9516-b37d-481b-8d20-dcaa3951f518 --url "vi://vco.acme.local/DC_VIO/vm/OpenStack/Project (89274bfabff64a28abedc8f5fd3d3b2f)/Images/abdd879c-3c6b-4fd5-a42b-458fdc231fee-vco-TL0HWP?managed=True" --visibility public --property vmware_adaptertype="lsiLogicsas" --property vmware_disktype="streamOptimized" --property stores="vco.acme.local"
Pour comparer les métadonnées entre deux images
vimdiff <(openstack image show VM_SUPER -f shell) <(openstack image show VM_NEW -f shell) vimdiff <(openstack image show VM_SUPER -f yaml -c properties) <(openstack image show VM_NEW -f yaml -c properties)
Mettre à jour les métadonnées.
glance image-update 4899c91a-c0ac-4809-b469-70ebd0863e3a --visibility public --property vmware_adaptertype="lsiLogicsas" --property vmware_disktype="streamOptimized" --property stores="vco.acme.local" openstack image set VM_NEW --min-disk 10 --min-ram 1
OpenStack client API
Voir :
Sur le fonctionnement des APIs :
Install
Paquet Debian
apt-get install openstack-clients
Le script suivant permet de jouer avec les APIs /usr/bin/python2-openstack
Install python-openstackclient via pip
sudo apt-get install virtualenv build-essential python-dev mkdir openstackcli cd openstackcli virtualenv . source bin/activate pip install python-openstackclient sudo ln -fs $PWD/bin/openstack /usr/local/bin/ #deactivate
Install Auto-completion
openstack complete |sudo tee /etc/bash_completion.d/osc.bash_completion
Config
~/.config/openstack/clouds.yaml
clouds: devstack: auth: auth_url: http://192.168.56.11/identity/v3 username: "admin" project_id: 17780b954c3a4b04a8123ac76d68f7b4 project_name: "admin" user_domain_name: "Default" password: "toor" region_name: "RegionOne" interface: "public" identity_api_version: 3
Debug - Test flux
curl http://192.168.56.11/identity/v3
Test
openstack project list --os-cloud devstack export OS_CLOUD=devstack # python2-openstack service list openstack service list openstack project list openstack server list
Ou par variables
devstack-openrc
# # See : # * https://docs.openstack.org/python-openstackclient/pike/cli/man/openstack.html#environment-variables # * https://docs.openstack.org/newton/install-guide-ubuntu/keystone-openrc.html unset $(set |grep _ENDPOINT_ |cut -d= -f1) unset $(set |grep ^OS_ |cut -d= -f1) export LC_ALL=C # LC_ALL=C.UTF-8 export OS_NO_CACHE='true' export OS_CACERT=/etc/ssl/certs/ export OS_PROJECT_NAME='admin' export OS_USERNAME='admin' export OS_PASSWORD='toor' export OS_AUTH_URL='http://192.168.56.11/identity/v3' #export OS_DEFAULT_DOMAIN='Default' export OS_USER_DOMAIN_NAME='Default' export OS_IDENTITY_API_VERSION='3' #export OS_INTERFACE='public' #export OS_AUTH_STRATEGY='keystone' #export OS_REGION_NAME='RegionOne' #export OS_ENDPOINT_TYPE="$OS_AUTH_URL" #export CINDER_ENDPOINT_TYPE="OS_AUTH_URL" #export GLANCE_ENDPOINT_TYPE="$OS_AUTH_URL" #export KEYSTONE_ENDPOINT_TYPE="$OS_AUTH_URL" #export NOVA_ENDPOINT_TYPE="$OS_AUTH_URL" #export NEUTRON_ENDPOINT_TYPE="$OS_AUTH_URL" export OS_CLOUDNAME=devstack # Add OS_CLOUDNAME to PS1 if [ -z "${CLOUDPROMPT_ENABLED:-}" ]; then export PS1=${PS1:-""} export PS1=\${OS_CLOUDNAME:+"(\$OS_CLOUDNAME)"}\ $PS1 export CLOUDPROMPT_ENABLED=1 fi
Syntaxe
openstack --os-identity-api-version 3 --help
Exemple
openstack keypair create --public-key ~/.ssh/id_rsa.pub maclef
Pb
Pb certificate verify failed
$ openstack project list --os-cloud vio
Failed to discover available identity versions when contacting https://vio.acme.local:5000/v3. Attempting to parse version from URL.
SSL exception connecting to https://vio.acme.local:5000/v3/auth/tokens: HTTPSConnectionPool(host='vio.acme.local', port=5000): Max retries exceeded with url: /v3/auth/tokens (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))
Solution
openssl s_client -showcerts -verify 5 -connect 192.168.21.53:5000 </dev/null > /usr/local/share/ca-certificates/vio.acme.local_5000.crt update-ca-certificates export OS_CACERT=/etc/ssl/certs/
Pb 'int' object has no attribute 'startswith'
$ openstack server list --os-cloud vio 'int' object has no attribute 'startswith'
Solution 1
Voir https://review.openstack.org/#/c/388832/
Patcher les fichiers ci-dessous comme https://review.openstack.org/#/c/388832/2/osc_lib/cli/client_config.py :
- /usr/lib/python2.7/dist-packages/osc_lib/cli/client_config.py
- /usr/lib/python2.7/dist-packages/openstackclient/common/client_config.py
Solution 2
Dans clouds.yaml remplacer identity_api_version: 3 par identity_api_version: “3”
Autres
OpenSSL Proxy http_proxy
Voir aussi:
On peut utiliser proxytunnel
proxytunnel -p 192.168.56.1:3128 -d www.acme.fr:443 -a 7000 openssl s_client -connect localhost:7000 -showcerts
Clone multi disques dd tee
Voir aussi :
Source : http://superuser.com/questions/145516/cloning-single-disk-drive-to-multiple-drives-simultaneously
cat drive.image |tee >(dd of=/dev/sda) >(dd of=/dev/sdb) >(dd of=/dev/sdc) |dd of=/dev/sdd
cat drive.image |tee >(dd of=/dev/sda) >(dd of=/dev/sdb) >(dd of=/dev/sdc) >(dd of=/dev/sdd) > /dev/null
Avec barre de progression
# sudo apt-get install pv pv drive.image |tee >(dd of=/dev/sda) >(dd of=/dev/sdb) >(dd of=/dev/sdc) |dd of=/dev/sdd