问题描述
我使用 KAYOBE 安装了 Openstack(多合一)。我遵循此处 https://docs.openstack.org/kayobe/latest/installation.html 和此处 https://docs.openstack.org/kayobe/latest/configuration/scenarios/all-in-one/overcloud.html#configuration
描述的所有配置步骤一切似乎都很好,网络/浮动 IP、风格、图像、实例,但我仍然遇到问题,无法从我的实例访问 Internet,也无法从主机访问实例。
我的 Openstack 中有 2 个实例,每个实例在 192.168.213.xxx/24 中有一个浮动 IP
我可以从两个实例 ping 他们的浮动 IP 和他们的本地 IP。 我还可以从两个实例 ping 我的公共网络 (EXT) 的公共接口
欢迎任何想法或支持。
谢谢。
我的配置是这样的:
On my host the network interfaces are the following:
brens33: flags=4163<UP,broADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.213.36 netmask 255.255.255.0 broadcast 192.168.213.255
inet6 fe80::ec5d:5cff:fee4:e865 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:26:9f:e3 txqueuelen 1000 (Ethernet)
RX packets 975109 bytes 2110124730 (1.9 GiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 607990 bytes 243846445 (232.5 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
docker0: flags=4099<UP,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:ec:7a:b0:c6 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens33: flags=4163<UP,MULTICAST> mtu 1500
inet6 fe80::20c:29ff:fe26:9fe3 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:26:9f:e3 txqueuelen 1000 (Ethernet)
RX packets 1793551 bytes 2197893693 (2.0 GiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 706011 bytes 252766868 (241.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Boucle locale)
RX packets 48961080 bytes 56924742056 (53.0 GiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 48961080 bytes 56924742056 (53.0 GiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
p-brens33-ovs: flags=4163<UP,MULTICAST> mtu 1500
inet6 fe80::9040:7aff:fe13:333e prefixlen 64 scopeid 0x20<link>
ether 92:40:7a:13:33:3e txqueuelen 1000 (Ethernet)
RX packets 83424 bytes 9297973 (8.8 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 30 bytes 2056 (2.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
p-brens33-phy: flags=4163<UP,MULTICAST> mtu 1500
inet6 fe80::ccf3:e0ff:fe09:eeb prefixlen 64 scopeid 0x20<link>
ether ce:f3:e0:09:0e:eb txqueuelen 1000 (Ethernet)
RX packets 30 bytes 2056 (2.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 83424 bytes 9297973 (8.8 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qbr24033e67-96: flags=4163<UP,MULTICAST> mtu 1450
ether 1a:08:1a:6e:23:fc txqueuelen 1000 (Ethernet)
RX packets 90 bytes 6932 (6.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qbr2aa4f6fc-67: flags=4163<UP,MULTICAST> mtu 1450
ether 66:d4:18:69:3b:12 txqueuelen 1000 (Ethernet)
RX packets 79 bytes 5618 (5.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qvb24033e67-96: flags=4163<UP,MULTICAST> mtu 1450
inet6 fe80::1808:1aff:fe6e:23fc prefixlen 64 scopeid 0x20<link>
ether 1a:08:1a:6e:23:fc txqueuelen 1000 (Ethernet)
RX packets 189 bytes 19262 (18.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 190 bytes 15978 (15.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qvb2aa4f6fc-67: flags=4163<UP,MULTICAST> mtu 1450
inet6 fe80::64d4:18ff:fe69:3b12 prefixlen 64 scopeid 0x20<link>
ether 66:d4:18:69:3b:12 txqueuelen 1000 (Ethernet)
RX packets 1567 bytes 185484 (181.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1654 bytes 154488 (150.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qvo24033e67-96: flags=4163<UP,MULTICAST> mtu 1450
inet6 fe80::c411:18ff:fe38:f94a prefixlen 64 scopeid 0x20<link>
ether c6:11:18:38:f9:4a txqueuelen 1000 (Ethernet)
RX packets 190 bytes 15978 (15.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 189 bytes 19262 (18.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qvo2aa4f6fc-67: flags=4163<UP,MULTICAST> mtu 1450
inet6 fe80::8c85:c4ff:fe68:8145 prefixlen 64 scopeid 0x20<link>
ether 8e:85:c4:68:81:45 txqueuelen 1000 (Ethernet)
RX packets 1654 bytes 154488 (150.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1567 bytes 185484 (181.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tap24033e67-96: flags=4163<UP,MULTICAST> mtu 1450
inet6 fe80::fc16:3eff:fee4:c722 prefixlen 64 scopeid 0x20<link>
ether fe:16:3e:e4:c7:22 txqueuelen 1000 (Ethernet)
RX packets 168 bytes 14342 (14.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 201 bytes 18968 (18.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tap2aa4f6fc-67: flags=4163<UP,MULTICAST> mtu 1450
inet6 fe80::fc16:3eff:fef6:8f99 prefixlen 64 scopeid 0x20<link>
ether fe:16:3e:f6:8f:99 txqueuelen 1000 (Ethernet)
RX packets 1632 bytes 152852 (149.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1587 bytes 186940 (182.5 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tapbdd8182b-15: flags=4163<UP,MULTICAST> mtu 1450
inet6 fe80::f816:3eff:fe61:78d5 prefixlen 64 scopeid 0x20<link>
ether fa:16:3e:61:78:d5 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 24 bytes 1776 (1.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Host: VMWARE Workstation 16
My WM where is installed my Openstack Instance:
-----------------------------------------------
- Operating System: CentOS 8
- Selinux deactivated
- Firewalld service inactive
One single network interface setup in NAT with a static IP address:
IP: 192.168.213.36/24
DNS1: 192.168.213.2 (DNS from my VMWARE Workstation network)
DNS2: 8.8.8.8
GATEWAY: 192.168.213.2
我的 Openstack 网络配置文件:
来自 /etc/neutron 目录:
##################
File: ml2_conf.ini
##################
[ml2]
type_drivers = flat,vlan,vxlan
tenant_network_types = flat,vxlan
mechanism_drivers = openvswitch,l2population
extension_drivers = port_security,dns
[ml2_type_vlan]
network_vlan_ranges =
[ml2_type_flat]
flat_networks = physnet1
[ml2_type_vxlan]
vni_ranges = 1:1000
#################
File neutron.conf
#################
[DEFAULT]
debug = True
log_dir = /var/log/kolla/neutron
use_stderr = False
bind_host = 192.168.213.36
bind_port = 9696
api_paste_config = /usr/share/neutron/api-paste.ini
api_workers = 1
Metadata_workers = 1
rpc_workers = 2
rpc_state_report_workers = 2
Metadata_proxy_socket = /var/lib/neutron/kolla/Metadata_proxy
interface_driver = openvswitch
allow_overlapping_ips = true
core_plugin = ml2
service_plugins = metering,router,vpnaas
transport_url = rabbit://openstack:uUmeMPEtFFu6IIQNoJ4Kdl026ZEG9TvlT5PdZnR9@192.168.213.36:5672//
dns_domain = sample.openstack.org.
external_dns_driver = designate
ipam_driver = internal
[nova]
auth_url = http://192.168.213.120:35357
auth_type = password
project_domain_id = default
user_domain_id = default
region_name = Toulouse
project_name = service
username = nova
password = wxXLLtG3uRpUxExM3YJvCsofbmPMWFy0RbnZ92Wk
endpoint_type = internal
cafile =
[oslo_middleware]
enable_proxy_headers_parsing = True
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
[agent]
root_helper = sudo neutron-rootwrap /etc/neutron/rootwrap.conf
[database]
connection = MysqL+pyMysqL://neutron:zRMXmINppxB7QNBSROcks7MuWdzbYw3TIoURbI7m@192.168.213.120:3306/neutron
connection_recycle_time = 10
max_pool_size = 1
max_retries = -1
[keystone_authtoken]
www_authenticate_uri = http://192.168.213.120:5000
auth_url = http://192.168.213.120:35357
auth_type = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = IujTCY3xxrnATYsc5BLw7MMDOjsvktHkaxnJvWux
cafile =
region_name = Toulouse
memcache_security_strategy = ENCRYPT
memcache_secret_key = vUHcQln5CqIRRbnABG6D4MO81Fb6jVEum4gPPMvY
memcached_servers = 192.168.213.36:11211
memcache_use_advanced_pool = True
[oslo_messaging_notifications]
transport_url = rabbit://openstack:uUmeMPEtFFu6IIQNoJ4Kdl026ZEG9TvlT5PdZnR9@192.168.213.36:5672//
driver = messagingv2
topics = notifications,notifications_designate
[designate]
url = http://192.168.213.120:9001/v2
auth_uri = http://192.168.213.120:5000
auth_url = http://192.168.213.120:35357
auth_type = password
project_domain_id = default
user_domain_id = default
project_name = service
username = designate
password = ngYG2ZLmGwfdfWHgSq4u0fqZz1s4fGmIola9pfL9
allow_reverse_dns_lookup = True
ipv4_ptr_zone_prefix_size = 24
ipv6_ptr_zone_prefix_size = 116
cafile =
region_name = Toulouse
[placement]
auth_type = password
auth_url = http://192.168.213.120:35357
username = placement
password = fJmE67U1r91mM0n7PqvgI0JJ55qjbBxem1qahJuL
user_domain_name = Default
project_name = service
project_domain_name = Default
os_region_name = Toulouse
os_interface = internal
cafile =
region_name = Toulouse
[privsep]
helper_command = sudo neutron-rootwrap /etc/neutron/rootwrap.conf privsep-helper
################
File config.json
################
{
"command": "neutron-server --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --config-file /etc/neutron/neutron_vpnaas.conf ","config_files": [
{
"source": "/var/lib/kolla/config_files/neutron.conf","dest": "/etc/neutron/neutron.conf","owner": "neutron","perm": "0600"
},{
"source": "/var/lib/kolla/config_files/neutron_vpnaas.conf","dest": "/etc/neutron/neutron_vpnaas.conf",{
"source": "/var/lib/kolla/config_files/ml2_conf.ini","dest": "/etc/neutron/plugins/ml2/ml2_conf.ini","perm": "0600"
}
],"permissions": [
{
"path": "/var/log/kolla/neutron","owner": "neutron:neutron","recurse": true
}
]
}
#################
File config.json
#################
{
"command": "neutron-server --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --config-file /etc/neutron/neutron_vpnaas.conf ","recurse": true
}
]
}
来自 /etc/neutron-openvswitch-agent
################
File config.json
################
{
"command": "neutron-openvswitch-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini",{
"source": "/var/lib/kolla/config_files/openvswitch_agent.ini","dest": "/etc/neutron/plugins/ml2/openvswitch_agent.ini","recurse": true
}
]
}
#################
File neutron.conf
#################
[DEFAULT]
debug = True
log_dir = /var/log/kolla/neutron
use_stderr = False
bind_host = 192.168.213.36
bind_port = 9696
api_paste_config = /usr/share/neutron/api-paste.ini
api_workers = 1
Metadata_workers = 1
rpc_workers = 2
rpc_state_report_workers = 2
Metadata_proxy_socket = /var/lib/neutron/kolla/Metadata_proxy
interface_driver = openvswitch
allow_overlapping_ips = true
core_plugin = ml2
service_plugins = metering,notifications_designate
[designate]
url = http://192.168.213.120:9001/v2
auth_uri = http://192.168.213.120:5000
auth_url = http://192.168.213.120:35357
auth_type = password
project_domain_id = default
user_domain_id = default
project_name = service
username = designate
password = ngYG2ZLmGwfdfWHgSq4u0fqZz1s4fGmIola9pfL9
allow_reverse_dns_lookup = True
ipv4_ptr_zone_prefix_size = 24
ipv6_ptr_zone_prefix_size = 116
cafile =
region_name = Toulouse
[placement]
auth_type = password
auth_url = http://192.168.213.120:35357
username = placement
password = fJmE67U1r91mM0n7PqvgI0JJ55qjbBxem1qahJuL
user_domain_name = Default
project_name = service
project_domain_name = Default
os_region_name = Toulouse
os_interface = internal
cafile =
region_name = Toulouse
[privsep]
helper_command = sudo neutron-rootwrap /etc/neutron/rootwrap.conf privsep-helper
##########################
File openvswitch_agent.ini
##########################
[agent]
tunnel_types = vxlan
l2_population = true
arp_responder = true
[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
bridge_mappings = physnet1:brens33-ovs
datapath_type = system
ovsdb_connection = tcp:127.0.0.1:6640
local_ip = 192.168.213.36
Openstack 安全组链接附加到实例网络
[root@controller0 kolla]# openstack security group show be8d2de7-6bd4-4702-9b9f-c3e0f96d451a
+-----------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-----------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at | 2021-07-31T12:06:30Z |
| description | Project-00000 |
| id | be8d2de7-6bd4-4702-9b9f-c3e0f96d451a |
| location | cloud='',project.domain_id=,project.domain_name=,project.id='8d4b5b9558d64a04b34b797db97157bf',project.name=,region_name='Toulouse',zone= |
| name | Project-00000 |
| project_id | 8d4b5b9558d64a04b34b797db97157bf |
| revision_number | 6 |
| rules | created_at='2021-07-31T12:06:57Z',direction='ingress',ethertype='IPv4',id='5a896360-c712-4c93-bda9-be669662915e',port_range_max='22',port_range_min='22',protocol='tcp',remote_ip_prefix='0.0.0.0/0',updated_at='2021-07-31T12:06:57Z' |
| | created_at='2021-07-31T12:06:45Z',ethertype='IPv6',id='7e8642ed-05d2-44a1-9034-216856d21492',protocol='ipv6-icmp',remote_ip_prefix='::/0',updated_at='2021-07-31T12:06:45Z' |
| | created_at='2021-07-31T12:06:31Z',direction='egress',id='85074747-5623-4142-86a3-045bf3b84ce6',updated_at='2021-07-31T12:06:31Z' |
| | created_at='2021-07-31T12:06:38Z',id='86270591-3ad2-4feb-a278-5c2a5968fd27',protocol='icmp',updated_at='2021-07-31T12:06:38Z' |
| | created_at='2021-07-31T12:06:31Z',id='8fa6cb0e-7616-4b0e-9662-887dd012e777',updated_at='2021-07-31T12:06:31Z' |
| | created_at='2021-07-31T12:07:05Z',id='acd0daab-a5b7-4eb3-9e2b-5c848f546ba6',updated_at='2021-07-31T12:07:05Z' |
| stateful | True |
| tags | [u'Project-00000',u'TrashProject'] |
| updated_at | 2021-07-31T12:07:05Z |
+-----------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
[root@controller0 kolla]# openstack security group show 88e4c862-eed0-4884-b205-defd8a50c67b
+-----------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-----------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at | 2021-07-31T12:05:25Z |
| description | Default security group |
| id | 88e4c862-eed0-4884-b205-defd8a50c67b |
| location | cloud='',zone= |
| name | default |
| project_id | 8d4b5b9558d64a04b34b797db97157bf |
| revision_number | 1 |
| rules | created_at='2021-07-31T12:05:26Z',id='26b1decc-0515-436a-a3a6-445e93c1797c',updated_at='2021-07-31T12:05:26Z' |
| | created_at='2021-07-31T12:05:26Z',id='508e85c3-1bac-4407-903b-92be818e012b',remote_group_id='88e4c862-eed0-4884-b205-defd8a50c67b',updated_at='2021-07-31T12:05:26Z' |
| | created_at='2021-07-31T12:05:26Z',id='51abe797-cead-4790-86ee-3341af0253de',id='591c792d-c8c6-4282-8f6e-f66c9cc1c0f7',updated_at='2021-07-31T12:05:26Z' |
| stateful | True |
| tags | [] |
| updated_at | 2021-07-31T12:05:26Z |
+-----------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
网络拓扑
网络的一个端口
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)