~/.config/openstack/clouds.yamlLast updated
clouds:
cloud-advanced:
auth:
auth_url: https://iam.hc.openstack.local/v3 # just example
username: "<username>"
password: "<password>"
project_id: "<project_id>"
user_domain_id: "<user_domain_id>"
# user_domain_name: "<user_domain_name>" # some value instead of domain_id
project_domain_id: "<project_domain_id>"
region_name: "<region_name>"
interface: "public"
identity_api_version: 3
volume_api_version: 3# List porject
openstack project list
# Region list
openstack region list
# Groups
openstack --os-cloud cloud-advanced --os-project-id <project_id> group list
# Roles
openstack --os-cloud cloud-advanced --os-project-id <project_id> role assignment list \
--user <username|user_id> --project <project_id> --names --effective
# Quotes (usefull for snapshot avalability check)
openstack --os-cloud cloud-advanced --os-project-id <project_id> limits show
openstack --os-cloud cloud-advanced --os-project-id <project_id> volume qos list# Hypervisors check (need extanded rights)
openstack --os-cloud cloud-advanced --os-project-id <project_id> hypervisor list
# Compute cloud servers
openstack --os-cloud cloud-advanced --os-project-id <project_id> server list --long
# Server details
openstack --os-cloud cloud-advanced --os-project-id <project_id> \
server show <server_id> -f yaml# Floating ips
openstack --os-cloud cloud-advanced --os-project-id <project_id> floating ip list
# SG rules for ssh/rdp
openstack --os-cloud cloud-advanced --os-project-id <project_id> security group rule \
list <sg_id> | egrep ' 22 | 3389 '
# Routers & networks
openstack --os-cloud cloud-advanced --os-project-id <project_id> router list
openstack --os-cloud cloud-advanced --os-project-id <project_id> network list
# Ports & SG (Check net access)
openstack --os-cloud cloud-advanced --os-project-id <project_id> port list --server <server_id> -f yaml
openstack --os-cloud cloud-advanced --os-project-id <project_id> security group list
openstack --os-cloud cloud-advanced --os-project-id <project_id> security group rule list <sg_id>
# Connect to console with vnc (novnc/serial).
openstack --os-cloud cloud-advanced --os-project-id <project_id> console url show \
<server_id>
# Console logs
openstack --os-cloud cloud-advanced --os-project-id <project_id> console log show \
<server_id> --lines 200
#Get password
openstack --os-cloud cloud-advanced --os-project-id <project_id> server get password \
<server_id> --private-key <path_to_private_key.pem># Server image snapshot from working VM
openstack --os-cloud cloud-advanced --os-project-id <project_id> \
server image create --name <image_name> <server_id>
# Volume snapshot
openstack --os-cloud cloudru-advanced-fo volume snapshot create --force \
--name <snap_name> <volume_id>
# Forensic volume snapshot (for read-only mount)
openstack --os-cloud cloudru-advanced-fo volume create --snapshot <snap_id> \
--size <>=orig> <forensic_vol>curl -i -s -X POST https://iam.cloud.local/v3/auth/tokens \
-H "Content-Type: application/json" \
-d '{
"auth": {
"identity": {
"methods": ["password"],
"password": {
"user": {
"name": "<username>",
"password": "<password>",
"domain": { "id": "<domain-id>" }
}
}
},
"scope": {
"project": { "id": "<project-id>" }
}
}
}'curl -H "X-Auth-Token: $TOKEN" \
"https://cce.cloud.local/api/v3/projects/<id>/clusters"