问题描述
Kolla Ansible已安装在多合一配置中,并且通过ping或ssh无法访问预配置的nova VM。添加了默认安全组规则,以使入口22和icmp进入所有远程IP 0.0.0.0/0上。控制器节点上只有一个接口,因此创建了2个对,因此可以将一个对提供给network_interface: kolla_i中的neutron_external_interface: neutron_i和ironic_dnsmasq_interface: neutron_i + globals.yml。两个对数是kolla_i/kolla_b和neutron_i/neutron_b。通过在同一网络上分配接口IP地址来测试接口,一个接口可以ping通另一个接口,并且两个接口都可以从网络上的其他物理机访问。虚拟机正在OpenStack控制器节点上启动。
在名为e2的物理接口n1上创建了一个网络
(venv) [admin@controller]# openstack network create --share --provider-network-type flat --provider-physical-network physnet1 --external n1
(venv) [admin@controller]# openstack subnet create --network n1 --allocation-pool start=10.0.2.6,end=10.0.2.230 --dns-nameserver 8.8.8.8 --gateway 10.0.3.1 --subnet-range 10.0.0.0/16 n1-subnet
可以配置裸机,并且可以访问但无法访问虚拟机。通过以下方式成功创建了虚拟机:
(venv) [admin@controller]# openstack server create --flavor m1.small --image centos8-dev --nic net-id=403a56b9-5ac2-4ec0-9b59-831dfa7fed37 --security-group default --key-name mykey vm01
(venv) [admin@controller]# svrls
+--------------------------------------+---------------------------+--------+--------------------------+----------------------+----------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+---------------------------+--------+--------------------------+----------------------+----------+
| f05e9708-91e8-40c4-9a06-16d7ab9f387c | vm01 | ACTIVE | validation=10.0.2.131 | centos8-dev | m1.small |
+--------------------------------------+---------------------------+--------+--------------------------+----------------------+----------+
(venv) [root@r20s04 kolla-dev]# openstack port list
+--------------------------------------+-----------------------------------------------------------------------------------------+-------------------+----------------------------------------------------------------------------+--------+
| ID | Name | MAC Address | Fixed IP Addresses | Status |
+--------------------------------------+-----------------------------------------------------------------------------------------+-------------------+----------------------------------------------------------------------------+--------+
| 17af7b4f-c290-45ef-8421-781e17df8b46 | | fa:16:3e:b3:2a:45 | ip_address='10.0.2.131',subnet_id='afd6221b-26d1-4469-b9af-478756fdd661' | ACTIVE |
+--------------------------------------+-----------------------------------------------------------------------------------------+-------------------+----------------------------------------------------------------------------+--------+
openvswitch似乎没有正确完成其工作
+-------+
| e2 |
+---+---+
|
+------------+ +-----------+ +------------+ +---+---+ +-------+ +--------+
| ovssystem +------+ neutron_i +------+ neutron_b +------+ e2_br +------+kolla_b+---------+kolla_i |
+----+-------+ +-----------+ +------------+ +-------+ +-------+ +--------+ openstack services
| ironic_dnsmasq |10.0.0.4|
| +--------+
+------+----------+
| vm networking |
+-----------------+
在globals.yml中:
network_interface: "kolla_i"
neutron_external_interface: "neutron_i"
ironic_dnsmasq_interface: "neutron_i"
一个可能的问题是将ironic_dnsmasq_interface更改为kolla_i而不是neutron_i,但是不确定是否可以解决网络上未连接虚拟机的问题。
解决方法
使用正确的映像(而不是裸机映像)并确保启用了端口22和icmp入口的安全组可以解决此问题。