path: root/next_steps

Authenticate
$ . debian_openstack_installer/admin-openrc


verify all network agents are ready
$ openstack network agent list


Create provider network:

define network
$ openstack network create --share --external \
  --provider-physical-network provider \
  --provider-network-type flat provider


define subnet
$ openstack subnet create --network provider \
  --allocation-pool start=192.168.0.20,end=192.168.0.90 \
  --dns-nameserver 192.168.0.1 --gateway 192.168.0.1 \
  --subnet-range 192.168.0.0/24 provider


enable icmp and ssh ports
$ openstack security group rule create --proto icmp default
$ openstack security group rule create --proto tcp --dst-port 22 default


Generate a key pair:
$ ssh-keygen -q -N ""


cd to your home directory
$ openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey

verify
$ openstack keypair list


create cpu flavor
$ openstack flavor create --id 0 --vcpus 2 --ram 1024 --disk 10 m1.nano


download debian openstack image
https://cdimage.debian.org/cdimage/openstack/

upload
$ openstack image create \
  --container-format bare \
  --disk-format qcow2 \
  --property hw_disk_bus=scsi \
  --property hw_scsi_model=virtio-scsi \
  --property os_type=linux \
  --property os_distro=debian \
  --property os_admin_user=debian \
  --property os_version='10' \
  --public \
  --file debian-10-openstack-amd64.qcow2 \
  debian-10-openstack-amd64


check network
$ openstack network list
+--------------------------------------+----------+--------------------------------------+
| ID                                   | Name     | Subnets                              |
+--------------------------------------+----------+--------------------------------------+
| da5f9aa8-1bac-4aab-9931-0ce4d835783a | provider | eeeb4a46-8bb0-442b-b81c-20103c2d7f80 |
+--------------------------------------+----------+--------------------------------------+

copy ID as net-id while creating server

$ openstack server create --flavor m1.nano --image debian-10-openstack-amd64 \
  --nic net-id=da5f9aa8-1bac-4aab-9931-0ce4d835783a \
  --security-group default \
  --key-name mykey debianinstance


If you get error like "More than one SecurityGroup exists with the name 'default'."

$ openstack security group list
+--------------------------------------+---------+------------------------+----------------------------------+------+
| ID                                   | Name    | Description            | Project                          | Tags |
+--------------------------------------+---------+------------------------+----------------------------------+------+
| cd54c8c9-d754-434a-9f5c-807c3288fced | default | Default security group | 53c2118ffdbb4b6388611480c7c7a7c0 | []   |
| f9151d2a-f49b-4828-9467-418d7cdfd1e8 | default | Default security group | 87b3104005904a2fbe18ad1a7ab601b3 | []   |
+--------------------------------------+---------+------------------------+----------------------------------+------+

inspect which one you enabled icmp and port 22 using the following command

$ openstack security group show cd54c8c9-d754-434a-9f5c-807c3288fced

delete the other one
$ openstack security group delete ID

you may also specify security group id instead of name
$ openstack server create --flavor m1.nano --image debian-10-openstack-amd64 \
  --nic net-id=b2d69a6e-3a77-4d55-94fd-308558088a3d \
  --security-group cd54c8c9-d754-434a-9f5c-807c3288fced \
  --key-name mykey debianinstance

You may need to delete other default security group.
note: openstack server list may fail if multiple default profiles are present.

verify
$ openstack server list


when virtual server is ready you may ssh
$ ssh debian@IP

You may install apache2 for testing in vm.

You need to enable port 80 for security group to allow accessing from other hosts.
example:
$ openstack security group rule create --proto tcp --dst-port 80 default

(better create a new security group instead of enabling port 80 for default profile)


dashboard: https://192.168.0.155/horizon/