Question

我使用devstack脚本安装了多节点openstak。可以运行虚拟机，但网络问题，无法从一个虚拟机ssh / ping到另一个虚拟机。我只能从运行它的主机（control1，computeX）ssh到VM，而不能从其他主机运行。有什么建议？

nova-compute     control1                             nova             enabled    :-)   
nova-cert        control1                             nova             enabled    :-)   
nova-network     control1                             nova             enabled    :-)   
nova-scheduler   control1                             nova             enabled    :-)   
nova-consoleauth control1                             nova             enabled    :-)   
nova-compute     compute1                             nova             enabled    :-)   
nova-volume      compute1                             nova             enabled    :-)   
nova-network     compute1                             nova             enabled    :-)   
nova-compute     compute2                             nova             enabled    :-)   
nova-volume      compute2                             nova             enabled    :-)   
nova-network     compute2                             nova             enabled    :-)

control1 / etc / network / interfaces

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
address 172.16.0.1
#address 172.16.0.101
netmask 255.255.255.0
network 172.16.0.0
broadcast 172.16.0.255
gateway 172.16.0.254
dns-nameservers 8.8.8.8


auto eth1
iface eth1 inet static
address 11.0.0.4
netmask 255.255.255.0
network 11.0.0.0
broadcast 11.0.0.255

compute1 / etc / network / interfaces

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
address 172.16.0.2
netmask 255.255.255.0
network 172.16.0.0
broadcast 172.16.0.255
gateway 172.16.0.254
dns-nameservers 8.8.8.8


auto eth1
iface eth1 inet static
address 11.0.0.5
netmask 255.255.255.0
network 11.0.0.0
broadcast 11.0.0.255

control1 /etc/nova/nova.conf

[DEFAULT]
verbose=True
auth_strategy=keystone
allow_resize_to_same_host=True
root_helper=sudo /usr/local/bin/nova-rootwrap /etc/nova/rootwrap.conf
compute_scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler
dhcpbridge_flagfile=/etc/nova/nova.conf
fixed_range=10.1.0.0/16
s3_host=172.16.0.1
s3_port=3333
network_manager=nova.network.manager.FlatDHCPManager
osapi_compute_extension=nova.api.openstack.compute.contrib.standard_extensions
my_ip=172.16.0.1
public_interface=eth0
vlan_interface=eth0
flat_network_bridge=br100
flat_interface=eth1
sql_connection=mysql://root:supersecret@172.16.0.1/nova?charset=utf8
libvirt_type=qemu
libvirt_cpu_mode=none
instance_name_template=instance-%08x
novncproxy_base_url=http://172.16.0.1:6080/vnc_auto.html
xvpvncproxy_base_url=http://172.16.0.1:6081/console
vncserver_listen=127.0.0.1
vncserver_proxyclient_address=127.0.0.1
api_paste_config=/etc/nova/api-paste.ini
image_service=nova.image.glance.GlanceImageService
ec2_dmz_host=172.16.0.1
rabbit_host=172.16.0.1
rabbit_password=supersecret
glance_api_servers=172.16.0.1:9292
force_dhcp_release=True
multi_host=True
send_arp_for_ha=True
use_syslog=True
logging_context_format_string=%(asctime)s %(levelname)s %(name)s [%(request_id)s %(user_name)s %(project_name)s] %(instance)s%(message)s
volume_api_class=nova.volume.cinder.API
compute_driver=libvirt.LibvirtDriver
firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver
enabled_apis=ec2,osapi_compute,metadata

Answer 1

您可能需要将规则添加到默认的OpenStack安全组以启用ping和SSH：

nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
nova secgroup-add-rule default tcp 22 22 0.0.0.0/0

第一个规则为VM实例启用Internet控制消息协议（ICMP）（ping命令）。第二个规则通过SSH端口启用TCP连接，该端口由SSH使用。

Answer 2

尝试将network_manager = nova.network.manager.FlatDHCPManager更改为network_manager = nova.network.manager.FlatManager，并尝试其他配置以进行network_manager设置。它说FLatManager应该在这里工作：http://docs.openstack.org/trunk/openstack-compute/admin/content/configuring-flat-networking.html并且它与FLatDHCPManager类似，所以不太确定问题是什么，因为你似乎绑定了一个物理以太网卡。

Answer 3

尝试将以下选项添加到nova.conf，它控制防火墙（iptables）是否允许实例之间的流量：

allow_same_net_traffic=true

默认情况下应该打开，所以这可能不是你的问题，但这是我要尝试的第一件事。

这来自Description of nova.conf file configuration options of networking options。{/ p>中名为OpenStack Compute Admin guide的表格

openstack网络无法ping / ssh到VM

3 个答案: