This section creates the necessary virtual networks to support launching one more instances. Networking option 1 includes one public virtual network and one instance that uses it. Networking option 2 includes one public virtual network, one private virtual network, and one instance that uses each network. The instructions in this section use command-line interface (CLI) tools on the controller node. For more information on the CLI tools, see the OpenStack User Guide. To use the dashboard, see the OpenStack User Guide.
你选择的 :ref:`networking`中为网络选项创建虚拟网络。如果你选择选项1,只创建公共虚拟网络。如果你选择选项2,创建公共和私有虚拟网络。
在完成你环境中合适网络的创建后,你可以继续准备启动实例。
大部分云镜像支持 :term:`public key authentication`而不是传统的密码登陆。在启动实例前,你必须添加一个公共密钥到计算服务。
执行 ``demo``租户凭证:
$ source demo-openrc.sh
生成和添加秘钥对:
$ ssh-keygen -q -N ""
$ nova keypair-add --pub-key ~/.ssh/id_rsa.pub mykey
注解
另外,你可以跳过执行 ssh-keygen 命令而使用已存在的公钥。
验证公钥的添加:
$ nova keypair-list
+-------+-------------------------------------------------+
| Name | Fingerprint |
+-------+-------------------------------------------------+
| mykey | 6c:74:ec:3a:08:05:4e:9e:21:22:a6:dd:b2:62:b8:28 |
+-------+-------------------------------------------------+
默认情况下, ``default``安全组适用于所有实例并且包括拒绝远程访问实例的防火墙规则。对诸如CirrOS这样的Linux镜像,我们推荐至少允许ICMP (ping) 和安全shell(SSH)。
添加规则到 default 安全组。
允许 ICMP (ping):
$ nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| icmp | -1 | -1 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
允许安全 shell (SSH) 的访问:
$ nova secgroup-add-rule default tcp 22 22 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| tcp | 22 | 22 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.