openstack使用笔记
1.常用命令
- 镜像相关
镜像服务(Glance)使用户能够发现、注册和获取虚拟机镜像。它提供了一个REST API,允许用户查询虚拟机镜像的元数据并获取实际的镜像文件。通过镜像服务,虚拟机镜像可以存储在多种位置,包括简单的文件系统或类似于OpenStack对象存储这样的对象存储系统中。Glance默认使用使用文件后端,将镜像存储与控制节点的/var/lib/glance/images/目录。
openstack image子命令提供操作镜像相关操作
openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| b75daf8c-308c-4724-a2ac-8645580e0145 | apline | active |
| d6517dc4-7b19-4cb5-8f77-7051a064b69b | arch | active |
| 28677059-0367-48ec-8cd6-fb4c532c49a1 | centos | active |
+--------------------------------------+--------+--------+
openstack image show d6517dc4-7b19-4cb5-8f77-7051a064b69b -f json
{
"checksum": "ab3aeb65083b702089dfad4ce0ed8f55",
"container_format": "bare",
"created_at": "2025-05-10T10:10:51Z",
"disk_format": "qcow2",
"file": "/v2/images/d6517dc4-7b19-4cb5-8f77-7051a064b69b/file",
"id": "d6517dc4-7b19-4cb5-8f77-7051a064b69b",
"min_disk": 0,
"min_ram": 0,
"name": "arch",
"owner": "8477b13786304b8db735a47f0b958ae1",
"properties": {
"os_hidden": false,
"os_hash_algo": "sha512",
"os_hash_value": "784478b376b65cad399a7e6ccc081cda316ddbc48c26e6d5956e3a5d2592122d739e0d09e76a702489717f8fcc6a3f3b0ca3fe4a7c9b5eeba397990589733baa",
"hw_qemu_guest_agent": "yes"
},
"protected": false,
"schema": "/v2/schemas/image",
"size": 541063168,
"status": "active",
"tags": [],
"updated_at": "2025-05-10T10:12:15Z",
"virtual_size": 2147483648,
"visibility": "shared"
}
openstack image set --property hw_qemu_guest_agent=yes 28677059-0367-48ec-8cd6-fb4c532c49a1
- 实例模板
openstack flavor(定义实例创建所分配的资源)子命令提供云实例模板的相关操作
openstack flavor list
+--------------------------------------+---------+------+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+--------------------------------------+---------+------+------+-----------+-------+-----------+
| 31e8e444-b81c-4738-8d73-d65538c0959d | m1.tiny | 2048 | 32 | 0 | 1 | True |
+--------------------------------------+---------+------+------+-----------+-------+-----------+
openstack flavor show 31e8e444-b81c-4738-8d73-d65538c0959d -f json
{
"OS-FLV-DISABLED:disabled": false,
"OS-FLV-EXT-DATA:ephemeral": 0,
"access_project_ids": null,
"description": null,
"disk": 32,
"id": "31e8e444-b81c-4738-8d73-d65538c0959d",
"name": "m1.tiny",
"os-flavor-access:is_public": true,
"properties": {},
"ram": 2048,
"rxtx_factor": 1.0,
"swap": "",
"vcpus": 1
}
openstack flavor create m1.medium --ram 4096 --disk 64 --vcpus 2
openstack flavor delete bf4cc5c8-9454-4175-a4c2-6d3d601edad1
- 计算实例
Nova是OpenStack的核心组件之一,主要职责是管理和调度虚拟机实例的生命周期,包括创建、启动、停止、迁移、销毁等操作。openstack server子命令提供用户与Nova交互的主要客户端工具。
openstack server list
+--------------------------------------+--------+--------+---------------------------------------+--------+-----------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+--------+--------+---------------------------------------+--------+-----------+
| 05cc58f2-c18c-4572-ba57-4c964f54e92f | centos | ACTIVE | private=192.168.100.12 | centos | m1.large |
| 9538de3b-930c-40dc-bbcd-8b2968d6b58f | alpine | ACTIVE | private=192.168.100.10, 192.168.5.102 | apline | m1.medium |
+--------------------------------------+--------+--------+---------------------------------------+--------+-----------+
openstack server show 05cc58f2-c18c-4572-ba57-4c964f54e92f -f json
{
"OS-DCF:diskConfig": "AUTO",
"OS-EXT-AZ:availability_zone": "nova",
"OS-EXT-SRV-ATTR:host": "compute",
"OS-EXT-SRV-ATTR:hypervisor_hostname": "compute",
"OS-EXT-SRV-ATTR:instance_name": "instance-00000037",
"OS-EXT-STS:power_state": 1,
"OS-EXT-STS:task_state": null,
"OS-EXT-STS:vm_state": "active",
"OS-SRV-USG:launched_at": "2025-05-10T15:50:19.000000",
"OS-SRV-USG:terminated_at": null,
"accessIPv4": "",
"accessIPv6": "",
"addresses": {
"private": [
"192.168.100.12"
]
},
"config_drive": "",
"created": "2025-05-10T15:50:14Z",
"flavor": "m1.large (b3bce3c6-4590-4adf-a6cf-37a4b1627be1)",
"hostId": "5777ee3898de7c3d801ea8945dfb107a8a0be578331f105fbf8026e5",
"id": "05cc58f2-c18c-4572-ba57-4c964f54e92f",
"image": "centos (28677059-0367-48ec-8cd6-fb4c532c49a1)",
"key_name": "default-ssh-key",
"name": "centos",
"progress": 0,
"project_id": "8477b13786304b8db735a47f0b958ae1",
"properties": {},
"security_groups": [
{
"name": "private"
}
],
"status": "ACTIVE",
"updated": "2025-05-10T15:50:19Z",
"user_id": "eeed430da2334a3d95b04608fa746303",
"volumes_attached": []
}
openstack server set --password pyy625886 05cc58f2-c18c-4572-ba57-4c964f54e92f
openstack server delete 05cc58f2-c18c-4572-ba57-4c964f54e92f
- 资源管理
OpenStack的Placement服务是资源调度Resource Scheduling的核心组件,负责跟踪和管理各类资源,如计算、存储、网络的库存Inventory和分配Allocation
openstack resource provider list
+--------------------------------------+---------+------------+--------------------------------------+----------------------+
| uuid | name | generation | root_provider_uuid | parent_provider_uuid |
+--------------------------------------+---------+------------+--------------------------------------+----------------------+
| ad2adb94-13f1-404c-82cb-8e607a6ed2a6 | compute | 62 | ad2adb94-13f1-404c-82cb-8e607a6ed2a6 | None |
+--------------------------------------+---------+------------+--------------------------------------+----------------------+
openstack resource provider show --allocations ad2adb94-13f1-404c-82cb-8e607a6ed2a6 -f json
{
"uuid": "ad2adb94-13f1-404c-82cb-8e607a6ed2a6",
"name": "compute",
"generation": 62,
"root_provider_uuid": "ad2adb94-13f1-404c-82cb-8e607a6ed2a6",
"parent_provider_uuid": null,
"allocations": {
"9538de3b-930c-40dc-bbcd-8b2968d6b58f": {
"resources": {
"DISK_GB": 64,
"MEMORY_MB": 4096,
"VCPU": 2
},
"consumer_generation": 1
},
"05cc58f2-c18c-4572-ba57-4c964f54e92f": {
"resources": {
"DISK_GB": 128,
"MEMORY_MB": 8192,
"VCPU": 4
},
"consumer_generation": 1
}
}
}
openstack resource provider inventory list ad2adb94-13f1-404c-82cb-8e607a6ed2a6
+----------------+------------------+----------+----------+----------+-----------+-------+-------+
| resource_class | allocation_ratio | min_unit | max_unit | reserved | step_size | total | used |
+----------------+------------------+----------+----------+----------+-----------+-------+-------+
| VCPU | 8.0 | 1 | 8 | 0 | 1 | 8 | 6 |
| MEMORY_MB | 1.5 | 1 | 15988 | 512 | 1 | 15988 | 12288 |
| DISK_GB | 1.0 | 1 | 248 | 0 | 1 | 248 | 192 |
+----------------+------------------+----------+----------+----------+-----------+-------+-------+
# 查看符合当前资源要求的计算节点
openstack allocation candidate list --resource VCPU=8
# 资源的超分配置
cat /etc/nova/nova.conf
[DEFAULT]
cpu_allocation_ratio = 8.0
ram_allocation_ratio = 1.5
2.云镜像制作
目前市场绝大多数的操作系统都提供官方标准云镜像下载服务,但开启openstack全功能支持,需要满足以下要求
- 镜像支持自动分区调整
- 没有mac地址硬编码信息
- 保证ssh服务运行正常
- 关闭防火墙功能
- 安装并正确配置cloud-init相关功能
- 保证内核将启动信息打印至ttyS0
这里介绍使用guestfish修改镜像内部文件(libguestfs软件包中的工具),guestfish提供定制的shell,其内部集成很多基础命令
guestfish --rw -a ./ubuntu-22.04-server-cloudimg-amd64.img
Welcome to guestfish, the guest filesystem shell for
editing virtual machine filesystems and disk images.
Type: ‘help’ for help on commands
‘man’ to read the manual
‘quit’ to quit the shell
><fs> run
><fs> list-filesystems
/dev/sda1: ext4
/dev/sda14: unknown
/dev/sda15: vfat
><fs> mount /dev/sda1 /
><fs> cat /etc/fstab
LABEL=cloudimg-rootfs / ext4 discard,errors=remount-ro 0 1
LABEL=UEFI /boot/efi vfat umask=0077 0 1
><fs> help --list
命令 描述
help display a list of commands or help on a command
quit quit guestfish
acl-delete-def-file delete the default POSIX ACL of a directory
acl-get-file get the POSIX ACL attached to a file
acl-set-file set the POSIX ACL attached to a file
add alias for 'add-drive'
add-ro alias for 'add-drive-ro'
add-cdrom add a CD-ROM disk image to examine
add-domain add the disk(s) from a named libvirt domain
add-drive add an image to examine or modify
add-drive-ro add a drive in snapshot mode (read-only)
add-drive-ro-with-if add a drive read-only specifying the QEMU block emulation to use
add-drive-scratch add a temporary scratch drive
add-drive-with-if add a drive specifying the QEMU block emulation to use
alloc allocate and add a disk file
allocate alias for 'alloc'
append alias for 'set-append'
attach-method alias for 'set-attach-method'
aug-clear clear Augeas path
aug-close close the current Augeas handle
aug-defnode define an Augeas node
aug-defvar define an Augeas variable
aug-get look up the value of an Augeas path
aug-init create a new Augeas handle
aug-insert insert a sibling Augeas node
aug-label return the label from an Augeas path expression
aug-load load files into the tree
aug-ls list Augeas nodes under augpath
aug-match return Augeas nodes which match augpath
aug-mv move Augeas node
aug-rm remove an Augeas path
aug-save write all pending Augeas changes to disk
aug-set set Augeas path to value
aug-setm set multiple Augeas nodes
aug-transform add/remove an Augeas lens transformation
autosync alias for 'set-autosync'
available test availability of some parts of the API
available-all-groups return a list of all optional groups
backend alias for 'set-backend'
base64-in upload base64-encoded data to file
base64-out download file and encode as base64
blkdiscard discard all blocks on a device
blkdiscardzeroes return true if discarded blocks are read as zeroes
blkid print block device attributes
blockdev-flushbufs flush device buffers
blockdev-getbsz get blocksize of block device
blockdev-getro is block device set to read-only
blockdev-getsize64 get total size of device in bytes
blockdev-getss get sectorsize of block device
blockdev-getsz get total size of device in 512-byte sectors
blockdev-rereadpt reread partition table
blockdev-setbsz set blocksize of block device
blockdev-setra set readahead
blockdev-setro set block device to read-only
blockdev-setrw set block device to read-write
btrfs-balance alias for 'btrfs-filesystem-balance'
btrfs-balance-cancel cancel a running or paused balance
btrfs-balance-pause pause a running balance
btrfs-balance-resume resume a paused balance
btrfs-balance-status show the status of a running or paused balance
btrfs-device-add add devices to a btrfs filesystem
btrfs-device-delete remove devices from a btrfs filesystem
btrfs-filesystem-balance balance a btrfs filesystem
btrfs-filesystem-defragment defragment a file or directory
btrfs-filesystem-resize resize a btrfs filesystem
btrfs-filesystem-show list devices for btrfs filesystem
btrfs-filesystem-sync sync a btrfs filesystem
btrfs-fsck check a btrfs filesystem
btrfs-image create an image of a btrfs filesystem
btrfs-qgroup-assign add a qgroup to a parent qgroup
btrfs-qgroup-create create a subvolume quota group
btrfs-qgroup-destroy destroy a subvolume quota group
btrfs-qgroup-limit limit the size of a subvolume
btrfs-qgroup-remove remove a qgroup from its parent qgroup
btrfs-qgroup-show show subvolume quota groups
btrfs-quota-enable enable or disable subvolume quota support
btrfs-quota-rescan trash all qgroup numbers and scan the metadata again with the current config
btrfs-replace replace a btrfs managed device with another device
btrfs-rescue-chunk-recover recover the chunk tree of btrfs filesystem
btrfs-rescue-super-recover recover bad superblocks from good copies
btrfs-scrub-cancel cancel a running scrub
btrfs-scrub-resume resume a previously canceled or interrupted scrub
btrfs-scrub-start read all data from all disks and verify checksums
btrfs-scrub-status show status of running or finished scrub
btrfs-set-seeding enable or disable the seeding feature of device
btrfs-subvolume-create create a btrfs subvolume
btrfs-subvolume-delete delete a btrfs subvolume or snapshot
btrfs-subvolume-get-default get the default subvolume or snapshot of a filesystem
btrfs-subvolume-list list btrfs snapshots and subvolumes
btrfs-subvolume-set-default set default btrfs subvolume
btrfs-subvolume-show return detailed information of the subvolume
btrfs-subvolume-snapshot create a btrfs snapshot
btrfstune-enable-extended-inode-refs enable extended inode refs
btrfstune-enable-skinny-metadata-extent-refs enable skinny metadata extent refs
btrfstune-seeding enable or disable seeding of a btrfs device
c-pointer return the C pointer to the guestfs_h handle
cachedir alias for 'set-cachedir'
canonical-device-name return canonical device name
cap-get-file get the Linux capabilities attached to a file
cap-set-file set the Linux capabilities attached to a file
case-sensitive-path return true path on case-insensitive filesystem
cat list the contents of a file
checksum compute MD5, SHAx or CRC checksum of file
checksum-device compute MD5, SHAx or CRC checksum of the contents of a device
checksums-out compute MD5, SHAx or CRC checksum of files in a directory
chmod change file mode
chown change file owner and group
clear-backend-setting remove a single per-backend settings string
command run a command from the guest filesystem
command-lines run a command, returning lines
compress-device-out output compressed device
compress-out output compressed file
config add hypervisor parameters
copy-attributes copy the attributes of a path (file/directory) to another
copy-device-to-device copy from source device to destination device
copy-device-to-file copy from source device to destination file
copy-file-to-device copy from source file to destination device
copy-file-to-file copy from source file to destination file
copy-in copy local files or directories into an image
copy-out copy remote files or directories out of an image
copy-size copy size bytes from source to destination using dd
cp copy a file
cp-a copy a file or directory recursively
cp-r copy a file or directory recursively
cpio-out pack directory into cpio file
cryptsetup-close close an encrypted device
cryptsetup-open open an encrypted block device
dd copy from source to destination using dd
debug debugging and internals
debug-drives debug the drives (internal use only)
debug-upload upload a file to the appliance (internal use only)
delete-event delete a previously registered event handler
device-index convert device to index
df report file system disk space usage
df-h report file system disk space usage (human readable)
direct alias for 'set-direct'
disk-create create a blank disk image
disk-format detect the disk format of a disk image
disk-has-backing-file return whether disk has a backing file
disk-virtual-size return virtual size of a disk
display display an image
dmesg return kernel messages
domain alias for 'add-domain'
download download a file to the local machine
download-blocks download the given data units from the disk
download-inode download a file to the local machine given its inode
download-offset download a file to the local machine with offset and size
drop-caches drop kernel page cache, dentries and inodes
du estimate file space usage
e2fsck check an ext2/ext3 filesystem
e2fsck-f check an ext2/ext3 filesystem
echo display a line of text
echo-daemon echo arguments back to the client
edit edit a file
egrep return lines matching a pattern
egrepi return lines matching a pattern
emacs alias for 'edit'
equal test if two files have equal contents
event register a handler for an event or events
exists test if file or directory exists
extlinux install the SYSLINUX bootloader on an ext2/3/4 or btrfs filesystem
f2fs-expand expand a f2fs filesystem
fallocate preallocate a file in the guest filesystem
fallocate64 preallocate a file in the guest filesystem
feature-available test availability of some parts of the API
fgrep return lines matching a pattern
fgrepi return lines matching a pattern
file determine file type
file-architecture detect the architecture of a binary file
filesize return the size of the file in bytes
filesystem-available check if filesystem is available
filesystem-walk walk through the filesystem content
fill fill a file with octets
fill-dir fill a directory with empty files
fill-pattern fill a file with a repeating pattern of bytes
find find all files and directories
find0 find all files and directories, returning NUL-separated list
find-inode search the entries associated to the given inode
findfs-label find a filesystem by label
findfs-uuid find a filesystem by UUID
fsck run the filesystem checker
fstrim trim free space in a filesystem
get-uuid alias for 'vfs-uuid'
get-append get the additional kernel options
get-attach-method get the backend
get-autosync get autosync mode
get-backend get the backend
get-backend-setting get a single per-backend settings string
get-backend-settings get per-backend settings
get-cachedir get the appliance cache directory
get-direct get direct appliance mode flag
get-e2attrs get ext2 file attributes of a file
get-e2generation get ext2 file generation of a file
get-e2label get the ext2/3/4 filesystem label
get-e2uuid get the ext2/3/4 filesystem UUID
get-hv get the hypervisor binary
get-identifier get the handle identifier
get-libvirt-requested-credential-challenge challenge of i'th requested credential
get-libvirt-requested-credential-defresult default result of i'th requested credential
get-libvirt-requested-credential-prompt prompt of i'th requested credential
get-libvirt-requested-credentials get list of credentials requested by libvirt
get-memsize get memory allocated to the hypervisor
get-network get enable network flag
get-path get the search path
get-pgroup get process group flag
get-pid get PID of hypervisor
get-program get the program name
get-qemu get the hypervisor binary (usually qemu)
get-recovery-proc get recovery process enabled flag
get-selinux get SELinux enabled flag
get-smp get number of virtual CPUs in appliance
get-sockdir get the temporary directory for sockets
get-tmpdir get the temporary directory
get-trace get command trace enabled flag
get-umask get the current umask
get-verbose get verbose mode
getcon get SELinux security context
getxattr get a single extended attribute
getxattrs list extended attributes of a file or directory
glob expand wildcards in command
glob-expand expand a wildcard path
grep return lines matching a pattern
grepi return lines matching a pattern
grub-install install GRUB 1
head return first 10 lines of a file
head-n return first N lines of a file
hexdump dump a file in hexadecimal
hexedit edit with a hex editor
hivex-close close the current hivex handle
hivex-commit commit (write) changes back to the hive
hivex-node-add-child add a child node
hivex-node-children return list of nodes which are subkeys of node
hivex-node-delete-child delete a node (recursively)
hivex-node-get-child return the named child of node
hivex-node-get-value return the named value
hivex-node-name return the name of the node
hivex-node-parent return the parent of node
hivex-node-set-value set or replace a single value in a node
hivex-node-values return list of values attached to node
hivex-open open a Windows Registry hive file
hivex-root return the root node of the hive
hivex-value-key return the key field from the (key, datatype, data) tuple
hivex-value-string return the data field as a UTF-8 string
hivex-value-type return the data type from the (key, datatype, data) tuple
hivex-value-utf8 return the data field as a UTF-8 string
hivex-value-value return the data field from the (key, datatype, data) tuple
hv alias for 'set-hv'
identifier alias for 'set-identifier'
initrd-cat list the contents of a single file in an initrd
initrd-list list files in an initrd
inotify-add-watch add an inotify watch
inotify-close close the inotify handle
inotify-files return list of watched files that had events
inotify-init create an inotify handle
inotify-read return list of inotify events
inotify-rm-watch remove an inotify watch
inspect-get-arch get architecture of inspected operating system
inspect-get-distro get distro of inspected operating system
inspect-get-drive-mappings get drive letter mappings
inspect-get-filesystems get filesystems associated with inspected operating system
inspect-get-format get format of inspected operating system
inspect-get-hostname get hostname of the operating system
inspect-get-icon get the icon corresponding to this operating system
inspect-get-major-version get major version of inspected operating system
inspect-get-minor-version get minor version of inspected operating system
inspect-get-mountpoints get mountpoints of inspected operating system
inspect-get-osinfo get a possible osinfo short ID corresponding to this operating system
inspect-get-package-format get package format used by the operating system
inspect-get-package-management get package management tool used by the operating system
inspect-get-product-name get product name of inspected operating system
inspect-get-product-variant get product variant of inspected operating system
inspect-get-roots return list of operating systems found by last inspection
inspect-get-type get type of inspected operating system
inspect-get-windows-current-control-set get Windows CurrentControlSet of inspected operating system
inspect-get-windows-software-hive get the path of the Windows software hive
inspect-get-windows-system-hive get the path of the Windows system hive
inspect-get-windows-systemroot get Windows systemroot of inspected operating system
inspect-is-live get live flag for install disk
inspect-is-multipart get multipart flag for install disk
inspect-is-netinst get netinst (network installer) flag for install disk
inspect-list-applications get list of applications installed in the operating system
inspect-list-applications2 get list of applications installed in the operating system
inspect-os inspect disk and return list of operating systems found
internal-exit cause the daemon to exit (internal use only)
is-blockdev test if block device
is-chardev test if character device
is-config is in configuration state
is-dir test if a directory
is-fifo test if FIFO (named pipe)
is-file test if a regular file
is-lv test if mountable is a logical volume
is-socket test if socket
is-symlink test if symbolic link
is-whole-device test if a device is a whole device
is-zero test if a file contains all zero bytes
is-zero-device test if a device contains all zero bytes
isoinfo get ISO information from primary volume descriptor of ISO file
isoinfo-device get ISO information from primary volume descriptor of device
journal-close close the systemd journal
journal-get read the current journal entry
journal-get-data-threshold get the data threshold for reading journal entries
journal-get-realtime-usec get the timestamp of the current journal entry
journal-next move to the next journal entry
journal-open open the systemd journal
journal-set-data-threshold set the data threshold for reading journal entries
journal-skip skip forwards or backwards in the journal
kill-subprocess kill the hypervisor
launch launch the backend
lcd change working directory
lchown change file owner and group
ldmtool-create-all scan and create Windows dynamic disk volumes
ldmtool-diskgroup-disks return the disks in a Windows dynamic disk group
ldmtool-diskgroup-name return the name of a Windows dynamic disk group
ldmtool-diskgroup-volumes return the volumes in a Windows dynamic disk group
ldmtool-remove-all remove all Windows dynamic disk volumes
ldmtool-scan scan for Windows dynamic disks
ldmtool-scan-devices scan for Windows dynamic disks
ldmtool-volume-hint return the hint field of a Windows dynamic disk volume
ldmtool-volume-partitions return the partitions in a Windows dynamic disk volume
ldmtool-volume-type return the type of a Windows dynamic disk volume
less alias for 'more'
lgetxattr get a single extended attribute
lgetxattrs list extended attributes of a file or directory
list-9p list 9p filesystems
list-devices list the block devices
list-disk-labels mapping of disk labels to devices
list-dm-devices list device mapper devices
list-events list event handlers
list-filesystems list filesystems
list-ldm-partitions list all Windows dynamic disk partitions
list-ldm-volumes list all Windows dynamic disk volumes
list-md-devices list Linux md (RAID) devices
list-partitions list the partitions
ll list the files in a directory (long format)
llz list the files in a directory (long format with SELinux contexts)
ln create a hard link
ln-f create a hard link
ln-s create a symbolic link
ln-sf create a symbolic link
lremovexattr remove extended attribute of a file or directory
ls list the files in a directory
ls0 get list of files in a directory
lsetxattr set extended attribute of a file or directory
lstat get file information for a symbolic link
lstatlist lstat on multiple files
lstatns get file information for a symbolic link
lstatnslist lstat on multiple files
luks-add-key add a key on a LUKS encrypted device
luks-close close a LUKS device
luks-format format a block device as a LUKS encrypted device
luks-format-cipher format a block device as a LUKS encrypted device
luks-kill-slot remove a key from a LUKS encrypted device
luks-open open a LUKS-encrypted block device
luks-open-ro open a LUKS-encrypted block device read-only
luks-uuid get the UUID of a LUKS device
lvcreate create an LVM logical volume
lvcreate-free create an LVM logical volume in % remaining free space
lvm-canonical-lv-name get canonical name of an LV
lvm-clear-filter clear LVM device filter
lvm-remove-all remove all LVM LVs, VGs and PVs
lvm-scan scan for LVM physical volumes, volume groups and logical volumes
lvm-set-filter set LVM device filter
lvremove remove an LVM logical volume
lvrename rename an LVM logical volume
lvresize resize an LVM logical volume
lvresize-free expand an LV to fill free space
lvs list the LVM logical volumes (LVs)
lvs-full list the LVM logical volumes (LVs)
lvuuid get the UUID of a logical volume
lxattrlist lgetxattr on multiple files
man open the manual
manual alias for 'man'
max-disks maximum number of disks that may be added
md-create create a Linux md (RAID) device
md-detail obtain metadata for an MD device
md-stat get underlying devices from an MD device
md-stop stop a Linux md (RAID) device
memsize alias for 'set-memsize'
mkdir create a directory
mkdir-mode create a directory with a particular mode
mkdir-p create a directory and parents
mkdtemp create a temporary directory
mke2fs create an ext2/ext3/ext4 filesystem on device
mke2fs-J make ext2/3/4 filesystem with external journal
mke2fs-JL make ext2/3/4 filesystem with external journal
mke2fs-JU make ext2/3/4 filesystem with external journal
mke2journal make ext2/3/4 external journal
mke2journal-L make ext2/3/4 external journal with label
mke2journal-U make ext2/3/4 external journal with UUID
mkfifo make FIFO (named pipe)
mkfs make a filesystem
mkfs-b make a filesystem with block size
mkfs-btrfs create a btrfs filesystem
mklost-and-found make lost+found directory on an ext2/3/4 filesystem
mkmountpoint create a mountpoint
mknod make block, character or FIFO devices
mknod-b make block device node
mknod-c make char device node
mksquashfs create a squashfs filesystem
mkswap create a swap partition
mkswap-L create a swap partition with a label
mkswap-U create a swap partition with an explicit UUID
mkswap-file create a swap file
mktemp create a temporary file
modprobe 加载一个内核模块
more 查看一个文件
mount mount a guest disk at a position in the filesystem
mount-9p mount 9p filesystem
mount-local mount on the local filesystem
mount-local-run run main loop of mount on the local filesystem
mount-loop mount a file using the loop device
mount-options mount a guest disk with mount options
mount-ro mount a guest disk, read-only
mount-vfs mount a guest disk with mount options and vfstype
mountable-device extract the device part of a mountable
mountable-subvolume extract the subvolume part of a mountable
mountpoints 显示挂载点
mounts 显示已挂载的文件系统
mv 移动一个文件
network alias for 'set-network'
nr-devices return number of whole block devices (disks) added
ntfs-3g-probe probe NTFS volume
ntfscat-i download a file to the local machine given its inode
ntfsclone-in restore NTFS from backup file
ntfsclone-out save NTFS to backup file
ntfsfix fix common errors and force Windows to check NTFS
ntfsresize resize an NTFS filesystem
ntfsresize-size resize an NTFS filesystem (with size)
parse-environment parse the environment and set handle flags accordingly
parse-environment-list parse the environment and set handle flags accordingly
part-add add a partition to the device
part-del 删除一个分区
part-disk partition whole disk with a single primary partition
part-expand-gpt move backup GPT header to the end of the disk
part-get-bootable return true if a partition is bootable
part-get-disk-guid get the GUID of a GPT-partitioned disk
part-get-gpt-attributes get the attribute flags of a GPT partition
part-get-gpt-guid get the GUID of a GPT partition
part-get-gpt-type get the type GUID of a GPT partition
part-get-mbr-id get the MBR type byte (ID byte) from a partition
part-get-mbr-part-type get the MBR partition type
part-get-name get partition name
part-get-parttype 获取分区表类型
part-init create an empty partition table
part-list 列出设备上的全部分区
part-resize resize a partition
part-set-bootable 令一个分区可引导
part-set-disk-guid set the GUID of a GPT-partitioned disk
part-set-disk-guid-random set the GUID of a GPT-partitioned disk to random value
part-set-gpt-attributes set the attribute flags of a GPT partition
part-set-gpt-guid set the GUID of a GPT partition
part-set-gpt-type set the type GUID of a GPT partition
part-set-mbr-id set the MBR type byte (ID byte) of a partition
part-set-name 是核定分区名称
part-to-dev convert partition name to device name
part-to-partnum convert partition name to partition number
path alias for 'set-path'
pgroup alias for 'set-pgroup'
pid alias for 'get-pid'
ping-daemon ping the guest daemon
pread 读取文件的一部分
pread-device 读取设备的一部分
program alias for 'set-program'
pvchange-uuid generate a new random UUID for a physical volume
pvchange-uuid-all generate new random UUIDs for all physical volumes
pvcreate create an LVM physical volume
pvremove remove an LVM physical volume
pvresize resize an LVM physical volume
pvresize-size resize an LVM physical volume (with size)
pvs list the LVM physical volumes (PVs)
pvs-full list the LVM physical volumes (PVs)
pvuuid get the UUID of a physical volume
pwrite write to part of a file
pwrite-device write to part of a device
qemu alias for 'set-qemu'
read-file 读取一个文件
read-lines read file as lines
readdir read directories entries
readlink read the target of a symbolic link
readlinklist readlink on multiple files
realpath canonicalized absolute pathname
recovery-proc alias for 'set-recovery-proc'
remount remount a filesystem with different options
remove-drive remove a disk image
removexattr remove extended attribute of a file or directory
rename rename a file on the same filesystem
reopen close and reopen libguestfs handle
resize2fs resize an ext2, ext3 or ext4 filesystem
resize2fs-M resize an ext2, ext3 or ext4 filesystem to the minimum size
resize2fs-size resize an ext2, ext3 or ext4 filesystem (with size)
rm 移除一个文件
rm-f remove a file ignoring errors
rm-rf remove a file or directory recursively
rmdir 移除一个目录
rmmountpoint 移除一个挂载点
rsync synchronize the contents of two directories
rsync-in synchronize host or remote filesystem with filesystem
rsync-out synchronize filesystem with host or remote filesystem
run alias for 'launch'
scratch alias for 'add-drive-scratch'
scrub-device scrub (securely wipe) a device
scrub-file scrub (securely wipe) a file
scrub-freespace scrub (securely wipe) free space
selinux alias for 'set-selinux'
selinux-relabel relabel parts of the filesystem
set-append add options to kernel command line
set-attach-method set the backend
set-autosync set autosync mode
set-backend set the backend
set-backend-setting set a single per-backend settings string
set-backend-settings replace per-backend settings strings
set-cachedir set the appliance cache directory
set-direct enable or disable direct appliance mode
set-e2attrs set ext2 file attributes of a file
set-e2generation set ext2 file generation of a file
set-e2label set the ext2/3/4 filesystem label
set-e2uuid set the ext2/3/4 filesystem UUID
set-hv set the hypervisor binary
set-identifier set the handle identifier
set-label set filesystem label
set-libvirt-requested-credential pass requested credential back to libvirt
set-libvirt-supported-credentials set libvirt credentials supported by calling program
set-memsize set memory allocated to the hypervisor
set-network set enable network flag
set-path set the search path
set-pgroup set process group flag
set-program set the program name
set-qemu set the hypervisor binary (usually qemu)
set-recovery-proc enable or disable the recovery process
set-selinux set SELinux enabled or disabled at appliance boot
set-smp set number of virtual CPUs in appliance
set-tmpdir set the temporary directory
set-trace enable or disable command traces
set-uuid set the filesystem UUID
set-uuid-random set a random UUID for the filesystem
set-verbose 设定为啰嗦模式
setcon set SELinux security context
setenv set an environment variable
setxattr set extended attribute of a file or directory
sfdisk create partitions on a block device
sfdiskM create partitions on a block device
sfdisk-N modify a single partition on a block device
sfdisk-disk-geometry display the disk geometry from the partition table
sfdisk-kernel-geometry display the kernel geometry
sfdisk-l display the partition table
sh run a command via the shell
sh-lines run a command via the shell returning lines
shutdown shutdown the hypervisor
sleep sleep for some seconds
smp alias for 'set-smp'
sparse create a sparse disk image and add
stat 获取文件信息
statns 获取文件信息
statvfs 获取文件系统统计数据
strings print the printable strings in a file
strings-e print the printable strings in a file
supported list supported groups of commands
swapoff-device disable swap on device
swapoff-file disable swap on file
swapoff-label disable swap on labeled swap partition
swapoff-uuid disable swap on swap partition by UUID
swapon-device enable swap on device
swapon-file enable swap on file
swapon-label enable swap on labeled swap partition
swapon-uuid enable swap on swap partition by UUID
sync sync disks, writes are flushed through to the disk image
syslinux install the SYSLINUX bootloader
tail return last 10 lines of a file
tail-n return last N lines of a file
tar-in unpack tarfile to directory
tar-out pack directory into tarfile
tgz-in unpack compressed tarball to directory
tgz-out pack directory into compressed tarball
time print elapsed time taken to run a command
tmpdir alias for 'set-tmpdir'
touch update file timestamps or create a new file
trace alias for 'set-trace'
truncate truncate a file to zero size
truncate-size truncate a file to a particular size
tune2fs adjust ext2/ext3/ext4 filesystem parameters
tune2fs-l get ext2/ext3/ext4 superblock details
txz-in unpack compressed tarball to directory
txz-out pack directory into compressed tarball
umask set file mode creation mask (umask)
umount unmount a filesystem
umount-all unmount all filesystems
umount-local unmount a locally mounted filesystem
unmount alias for 'umount'
unmount-all alias for 'umount-all'
unsetenv unset an environment variable
upload upload a file from the local machine
upload-offset upload a file from the local machine with offset
user-cancel cancel the current upload or download operation
utimens set timestamp of a file with nanosecond precision
utsname appliance kernel version
verbose alias for 'set-verbose'
version get the library version number
vfs-label get the filesystem label
vfs-minimum-size get minimum filesystem size
vfs-type get the Linux VFS type corresponding to a mounted device
vfs-uuid get the filesystem UUID
vg-activate activate or deactivate some volume groups
vg-activate-all activate or deactivate all volume groups
vgchange-uuid generate a new random UUID for a volume group
vgchange-uuid-all generate new random UUIDs for all volume groups
vgcreate create an LVM volume group
vglvuuids get the LV UUIDs of all LVs in the volume group
vgmeta get volume group metadata
vgpvuuids get the PV UUIDs containing the volume group
vgremove remove an LVM volume group
vgrename rename an LVM volume group
vgs list the LVM volume groups (VGs)
vgs-full list the LVM volume groups (VGs)
vgscan rescan for LVM physical volumes, volume groups and logical volumes
vguuid get the UUID of a volume group
vi alias for 'edit'
wc-c count characters in a file
wc-l count lines in a file
wc-w count words in a file
wipefs wipe a filesystem signature from a device
write create a new file
write-append append content to end of file
write-file create a file
xfs-admin change parameters of an XFS filesystem
xfs-growfs expand an existing XFS filesystem
xfs-info get geometry of XFS filesystem
xfs-repair repair an XFS filesystem
yara-destroy destroy previously loaded yara rules
yara-load load yara rules within libguestfs
yara-scan scan a file with the loaded yara rules
zegrep return lines matching a pattern
zegrepi return lines matching a pattern
zero write zeroes to the device
zero-device write zeroes to an entire device
zero-free-space zero free space in a filesystem
zerofree zero unused inodes and disk blocks on ext2/3 filesystem
zfgrep return lines matching a pattern
zfgrepi return lines matching a pattern
zfile determine file type inside a compressed file
zgrep return lines matching a pattern
zgrepi return lines matching a pattern
Use -h <cmd> / help <cmd> to show detailed help for a command.
修改基础镜像的内部文件方法有很多,下面的例子使用guestmount将基础镜像挂载至本地目录修改相关文件,配置chroot甚至可以安装相关软件,但实际运行过程中安装软件的功能存在问题,dns解析配置错误,不过可以使用其他方案替代
guestmount -i -a ./ubuntu-22.04-server-cloudimg-amd64.img --rw ./image
chroot ./image
guestunmount ./image
virt-tools工具集,也提供了一系列的虚拟机操作工具
virt-customize -a ./ubuntu-22.04-server-cloudimg-amd64.img --install qemu-guest-agent --run-command "systemctl enable qemu-guest-agent"
virt-customize -a ./ubuntu-22.04-server-cloudimg-amd64.img --root-password password:123456
virt-rescue -a ./ubuntu-22.04-server-cloudimg-amd64.img # 进入rescue模式,救援shell
virt-edit -a ./ubuntu-22.04-server-cloudimg-amd64.img /etc/cloud/cloud.cfg # 编辑指定文件
virt-ls -a ./ubuntu-22.04-server-cloudimg-amd64.img /usr/bin
# 开启qemu-guest-agent特性,使得openstack可以设置实例密码
openstack image set --property hw_qemu_guest_agent=yes b75daf8c-308c-4724-a2ac-8645580e0145
virt-customize -a ./ubuntu-22.04-server-cloudimg-amd64.img --install qemu-guest-agent
openstack server set --password pyy625886 test-3
最后openstack官方文档也详细讲解如何image from scratch的步骤,后面有机会再补充