Openstack nova：无法访问虚拟机

Question

Kolla Ansible was installed in the all-in-one config and a provisioned nova VM is not reachable either via ping or ssh. Kolla Ansible 安装在多合一配置中，并且无法通过 ping 或 ssh 访问已配置的 nova VM。 The default security group rules are added to let ingress 22 and icmp on all remote IPs 0.0.0.0/0 .添加默认安全组规则以允许所有远程 IP 上的 ingress 22 和 icmp 0.0.0.0/0 。 There is only one interface on the controller node so 2 veth pairs are created so one can be supplied to network_interface: kolla_i and other to neutron_external_interface: neutron_i + ironic_dnsmasq_interface: neutron_i in globals.yml .控制器节点上只有一个接口，因此创建了 2 个 veth 对，因此可以将一个提供给network_interface: kolla_i ，另一个提供给neutron_external_interface: neutron_i + ironic_dnsmasq_interface: neutron_i in globals.yml 。 The two veth pairs are kolla_i/kolla_b and neutron_i/neutron_b .两个 veth 对是kolla_i/kolla_b和neutron_i/neutron_b 。 Testing the interfaces by assigning them IP addresses on the same network, one can ping another, and both are reached from other physical machines on the network.通过在同一网络上分配 IP 地址来测试接口，一个可以 ping 另一个，并且两者都可以从网络上的其他物理机器访问。 The vm is being launched on the OpenStack controller node. vm 正在 OpenStack 控制器节点上启动。

A network is created on physical interface e2 named n1在名为n1物理接口e2上创建网络

(venv) [admin@controller]# openstack network create --share --provider-network-type flat --provider-physical-network physnet1 --external n1
(venv) [admin@controller]# openstack subnet create --network n1 --allocation-pool start=10.0.2.6,end=10.0.2.230 --dns-nameserver 8.8.8.8 --gateway 10.0.3.1 --subnet-range 10.0.0.0/16 n1-subnet

Provisioning baremetal works and can be reached but VMs are not reachable.供应裸机有效并且可以访问，但无法访问 VM。 The vms are created successfully though:不过，虚拟机已成功创建：

(venv) [admin@controller]# openstack server create --flavor m1.small --image centos8-dev --nic net-id=403a56b9-5ac2-4ec0-9b59-831dfa7fed37 --security-group default --key-name mykey vm01
(venv) [admin@controller]# svrls
+--------------------------------------+---------------------------+--------+--------------------------+----------------------+----------+
| ID                                   | Name                      | Status | Networks                 | Image                | Flavor   |
+--------------------------------------+---------------------------+--------+--------------------------+----------------------+----------+
| f05e9708-91e8-40c4-9a06-16d7ab9f387c | vm01                      | ACTIVE | validation=10.0.2.131    | centos8-dev          | m1.small |
+--------------------------------------+---------------------------+--------+--------------------------+----------------------+----------+
(venv) [root@r20s04 kolla-dev]# openstack port list
+--------------------------------------+-----------------------------------------------------------------------------------------+-------------------+----------------------------------------------------------------------------+--------+
| ID                                   | Name                                                                                    | MAC Address       | Fixed IP Addresses                                                         | Status |
+--------------------------------------+-----------------------------------------------------------------------------------------+-------------------+----------------------------------------------------------------------------+--------+
| 17af7b4f-c290-45ef-8421-781e17df8b46 |                                                                                         | fa:16:3e:b3:2a:45 | ip_address='10.0.2.131', subnet_id='afd6221b-26d1-4469-b9af-478756fdd661'  | ACTIVE |
+--------------------------------------+-----------------------------------------------------------------------------------------+-------------------+----------------------------------------------------------------------------+--------+

It seems as if openvswitch is not doing its job correctly似乎 openvswitch 没有正确完成它的工作

                                                             +-------+
                                                             |   e2  |
                                                             +---+---+
                                                                 |
  +------------+      +-----------+      +------------+      +---+---+      +-------+         +--------+
  | ovssystem  +------+ neutron_i +------+ neutron_b  +------+ e2_br +------+kolla_b+---------+kolla_i |
  +----+-------+      +-----------+      +------------+      +-------+      +-------+         +--------+ openstack services
       |             ironic_dnsmasq                                                           |10.0.0.4|
       |                                                                                      +--------+
+------+----------+
|  vm networking  |
+-----------------+

In globals.yml :在globals.yml ：

network_interface: "kolla_i"
neutron_external_interface: "neutron_i"
ironic_dnsmasq_interface: "neutron_i"

One possible issue is to change ironic_dnsmasq_interface to kolla_i instead of neutron_i but not sure if this will resolve the issue of vm machines not being reached on the network.一个可能的问题是将ironic_dnsmasq_interface更改为kolla_i而不是neutron_i但不确定这是否会解决无法在网络上访问 vm 机器的问题。

Answer 1

使用正确的映像（不是裸机映像）并确保启用了端口 22 和 icmp ingress 的安全组解决了该问题。

Openstack nova：无法访问虚拟机

问题描述

1 个解决方案

解决方案1
0 2020-10-22 01:17:07

Openstack nova：无法访问虚拟机

问题描述

1 个解决方案

解决方案1 0 2020-10-22 01:17:07

解决方案1
0 2020-10-22 01:17:07