Feb 032014

OpenStack services have very powerful command line interfaces, with lots of different options.  I went looking for a good command line cheat sheet, and did not find many options, so decided to created one myself. This is not a replacement for reading excellent OpenStack documentation, rather, a short summary of some basic commands. Comments, corrections, suggestions are welcome!

OpenStack command line cheat sheet PDF version.

Keystone (Identity Service)

# List all users
keystone user-list

# List identity service catalog
keystone catalog

# Discover keystone endpoints
keystone discover

# List all services in service catalog
keystone service-list

# Create new user
keystone user-create --name --tenant-id --pass --email --enabled

# Create new tenant
keystone tenant-create --name --description --enabled

Nova (Compute Service)

# List instances, notice status of instance
nova list

# List images
nova image-list

# List flavors
nova flavor-list

# Boot an instance using flavor and image names (if names are unique)
nova boot --image --flavor
nova boot --image cirros-0.3.1-x86_64-uec --flavor m1.tiny MyFirstInstance

# Login to instance
ip netns
sudo ip netns exec ssh <user@server or use a key>
sudo ip netns exec qdhcp-6021a3b4-8587-4f9c-8064-0103885dfba2 ssh cirros@

# if you are on devstack, password is “cubswin:)” without the quotes

# Show details of instance
nova show <name>
nova show MyFirstInstance

# View console log of instance
nova console-log MyFirstInstance

# Pause, suspend, stop, rescue, resize, rebuild, reboot an instance
# Pause
nova pause <name>
nova pause volumeTwoImage

# Unpause
nova unpause <name>

# Suspend
nova suspend <name>

# Unsuspend
nova resume <name>

# Stop
nova stop <name>

# Start
nova start <name>

# Rescue
nova rescue <name>

# Resize
nova resize <name> <flavor>
nova resize my-pem-server m1.small
nova resize-confirm server1

# Rebuild
nova rebuild <name> <image>
nova rebuild newtinny cirros-qcow2

# Reboot
nova reboot <name>
nova reboot newtinny

# Inject user data and files into an instance
nova boot --user-data ./userdata.txt MyUserdataInstance
nova boot --user-data userdata.txt --image cirros-qcow2 --flavor m1.tiny MyUserdataInstance2

# to validate file is there, ssh into instance, go to /var/lib/cloud look for file

# Inject a keypair into an instance and access the instance with that keypair
# Create keypair
nova keypair-add test > test.pem
chmod 600 test.pem

# Boot
nova boot --image cirros-0.3.0-x86_64 --flavor m1.small --key_name test my-first-server

# ssh into instance
sudo ip netns exec qdhcp-98f09f1e-64c4-4301-a897-5067ee6d544f ssh -i test.pem cirros@

# Set metadata on an instance
nova meta volumeTwoImage set newmeta=’my meta data’

# Create an instance snapshot
nova image-create volumeTwoImage snapshotOfVolumeImage
nova image-show snapshotOfVolumeImage

# Manage security groups
# Add rules to default security group allowing ping and ssh between #instances in the default security group
nova secgroup-add-group-rule default default icmp -1 -1
nova secgroup-add-group-rule default default tcp 22 22

Glance (Image Service)

# List images you can access
glance image-list

# Delete specified image
glance image-delete <image>

# Describe a specific image
glance image-show <image>

# update image
glance image-update <image>

# Manage images
# Kernel image
glance image-create --name “cirros-threepart-kernel” --disk-format aki --container-format aki --is-public True --file ~/images/cirros-0.3.1~pre4-x86_64-vmlinuz

# Ram image
glance image-create—name “cirros-threepart-ramdisk” --disk-format ari --container-format ari --is-public True --file ~/images/cirros-0.3.1~pre4-x86_64-initrd

# 3-part image
glance image-create—name “cirros-threepart” --disk-format ami --container-format ami --is-public True --property kernel_id=$KID—property ramdisk_id=$RID --file ~/images/cirros-0.3.1~pre4-x86_64-blank.img

# Register raw image
glance image-create --name “cirros-qcow2” --disk-format qcow2 --container-format bare --is-public True --file ~/images/cirros-0.3.1~pre4-x86_64-disk.img

Neutron (Networking Service)

# Create network
neutron net-create <name>
neutron net-create my-network

# Create a subnet
neutron subnet-create <network name> <cidr>
neutron subnet-create my-network

# List network and subnet
neutron net-list
neutron subnet-list

# Examine details of network and subnet
neutron net-show <id or name of network>
neutron subnet-show <id or name of subnet>

Cinder (Block Storage)

# Manage volumes and volume snapshots
# Create a new volume
cinder create <size in GB> --display-name
cinder create 1 --display-name MyFirstVolume

# Boot an instance and attach to volume
nova boot—image cirros-qcow2 --flavor m1.tiny MyVolumeInstance

# List volumes, notice status of volume
cinder list

# Attach volume to instance after instance is active, and volume is available
nova volume-attach <instance-id> <volume-id> auto
nova volume-attach MyVolumeInstance /dev/vdb auto

# Login into instance, list storage devices
sudo fdisk -l

# On the instance, make filesystem on volume
sudo mkfs.ext3 /dev/vdb

# Create a mountpoint
sudo mkdir /myspace

# Mount the volume at the mountpoint
sudo mount /dev/vdc /myspace

# Create a file on the volume
sudo touch /myspace/helloworld.txt
sudo ls /myspace

# Unmount the volume
sudo umount /myspace

Swift (Object Store)

# Displays information for the account, container, or object
swift stat
swift stat <account>
swift stat <container>
swift stat <object>

# List containers
swift list

# Create a container
swift post mycontainer

# Upload file to a container
swift upload <containder name> <file name>
swift upload mycontainer myfile.txt

# List objects in container
swift list container

# Download object from container
swift download <containder name> <file name>

# Upload with chunks, for large file
swift upload -S <size> <containder name> <file name>
swift upload -S 64 container largeFile

Happy stacking!


  11 Responses to “OpenStack Command Line Cheat Sheet”

  1. [...] in the lab yet. To get an idea of what you can do with the CLI, head over to this @eglute‘s blog for a very handy, quick “cheat sheet” of [...]

  2. [...] of what you can do with the CLI, head over to this @eglute‘s blog for a very handy, quick “cheat sheet” of [...]

  3. This is cool stuff. Thanks a lot !!!

  4. This is awesome for a newbie thanks for sharing.

  5. Thank you for making this!

    In the PDF stands: “Keystone (Image Services)”, it should be “Keystone (Identity Service)” like on the article.

  6. How do I boot an instance in the context of a given tenant? I am trying to script the process and it seems to me that I have be user admin and tenant admin to set up the network. There is no –tenant-id or –owner switch on the nova boot command, so it is not obvious to me how to get the instance in a different tenancy.

    Thank you

    • Jeff, I think what you want to do is switch users and then create the instance. If you are doing this with Nova CLI, you would probably have something like this for authentication, so that you don’t have to type them in every time:
      export SERVICE_TOKEN=password
      export OS_TENANT_NAME=demo
      export OS_USERNAME=demo
      export OS_PASSWORD=password
      export OS_AUTH_URL=http://ip:5000/v2.0/
      export SERVICE_ENDPOINT=http://ip:35357/v2.0

      If that is the case, then it is convenient to have a separate file with different credentials for different tenants/users. Source the file of desired user, and your CLI will use the new user’s credentials and relevant info.
      It is also possible that I misunderstood your question- in which case, let me know and I will try again!

      • I almost have this figured out. I have to have the envars OS_USERNAME=admin and OS_PASSWORD=xxxxxxx but then I have to use the switch –os-tenant-name with the command. Some of the commands in my script have to execute in the context of the admin tenant, and some have to execute in the user’s tenancy. The glance image create command has an –owner-id switch, which I find terribly confusing.

        Thank you for your kind assistance.


        • Sounds like you are on the right path! The command line clients between different projects definitely have different flags and naming conventions. I am pretty sure the developers of the CLIs did not talk to each other!

 Leave a Reply



You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>