OpenStack: никакой ping к Интернету от экземпляра и neutron-gateway/0 - ошибка “Недостижимый Узел назначения”
План IP:
Maas: 10.20.81.1
Juju: 10.20.81.2
Openstack: 10.20.81.21-24
External Gateway: 10.20.81.254
Private Network: 10.1.0.0/24
Instance: 10.1.0.9 - 10.20.81.220 (floating IP)
Private Gateway: 10.1.0.1
Private DHCP service: 10.1.0.10
Топология сети
10.20.81.0/24
+-------------+
Firewall
10.20.81.254
+-------------+
|
+-------------------------------------------------------------+
Switch
vlan81 vlan81 vlan81
+-------------------------------------------------------------+
| | || | | |
+--------------+ +------------+ +------------------+
|Maas+Juju |Juju Gui| |Openstack
|10.20.81.1 |10.20.81.2 |10.20.81.21-24
+--------------+ +-------------+ +------------------+
|
+--------------------------------------------+
Private Subnet-1 Public Subnet-2
10.1.0.0/24 10.20.81.0/24
+---+----+--+ +----+------+
| | +----+ |
| | .1 | |.221 |
| +--------+ VR +-------------+
| | |
+--+-+ +----+
| |
|VM |
|.9 |
| |
+----+
На этот раз проблемой является ping к Интернету. Экземпляр OpenStack и netron-gateway/0 не может достигнуть внешнего мира.
от neutron-gateway/0
ubuntu@os-compute02:~$ sudo ip netns exec qrouter-e933429f-6816-47b3-9e50-581d78243935 ping 10.20.81.254
PING 10.20.81.254 (10.20.81.254) 56(84) bytes of data.
From 10.20.81.221 icmp_seq=1 Destination Host Unreachable
From 10.20.81.221 icmp_seq=2 Destination Host Unreachable
ubuntu@os-compute02:~$ sudo ip netns exec qrouter-e933429f-6816-47b3-9e50-581d78243935 ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
From 10.20.81.221 icmp_seq=1 Destination Host Unreachable
From 10.20.81.221 icmp_seq=2 Destination Host Unreachable
ubuntu@os-compute02:~$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=120 time=16.7 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=120 time=17.9 ms
ubuntu@os-compute02:~$ ping 10.20.81.254
PING 10.20.81.254 (10.20.81.254) 56(84) bytes of data.
64 bytes from 10.20.81.254: icmp_seq=1 ttl=64 time=0.637 ms
64 bytes from 10.20.81.254: icmp_seq=2 ttl=64 time=0.435 ms
ubuntu@os-compute02:~$ sudo ip netns exec qrouter-e933429f-6816-47b3-9e50-581d78243935 route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.1.0.0 0.0.0.0 255.255.255.0 U 0 0 0 qr-44aa8011-cf
10.20.81.0 0.0.0.0 255.255.255.0 U 0 0 0 qg-f33e7db4-43
ubuntu@os-compute02:~$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.20.81.254 0.0.0.0 UG 0 0 0 br-eno2
10.4.251.0 0.0.0.0 255.255.255.0 U 0 0 0 lxdbr0
10.20.81.0 0.0.0.0 255.255.255.0 U 0 0 0 br-eno2
от экземпляра
ubuntu@os-compute02:~$ sudo ip netns exec qrouter-e933429f-6816-47b3-9e50-581d78243935 ssh -p 22 -i ~/.ssh/u1804Key.pem ubuntu@10.1.0.9 -v
O
Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-33-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
System information as of Fri Apr 5 09:50:37 UTC 2019
System load: 0.0 Processes: 90
Usage of /: 1.2% of 77.36GB Users logged in: 0
Memory usage: 12% IP address for ens2: 10.1.0.9
Swap usage: 0%
Get cloud support with Ubuntu Advantage Cloud Guest:
http://www.ubuntu.com/business/services/cloud
* Canonical Livepatch is available for installation.
- Reduce system reboots and improve kernel security. Activate at:
https://ubuntu.com/livepatch
0 packages can be updated.
0 updates are security updates.
Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings
Last login: Fri Apr 5 09:32:40 2019 from 10.20.81.221
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.
ubuntu@u1804ins:~$ ping 10.1.0.1
PING 10.1.0.1 (10.1.0.1) 56(84) bytes of data.
64 bytes from 10.1.0.1: icmp_seq=1 ttl=64 time=0.333 ms
64 bytes from 10.1.0.1: icmp_seq=2 ttl=64 time=0.471 ms
ubuntu@u1804ins:~$ ping 10.1.0.10
PING 10.1.0.10 (10.1.0.10) 56(84) bytes of data.
64 bytes from 10.1.0.10: icmp_seq=1 ttl=64 time=1.46 ms
64 bytes from 10.1.0.10: icmp_seq=2 ttl=64 time=0.416 ms
ubuntu@u1804ins:~$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
From 10.20.81.220 icmp_seq=1 Destination Host Unreachable
From 10.20.81.220 icmp_seq=2 Destination Host Unreachable
ubuntu@u1804ins:~$ ping 10.20.81.220
PING 10.20.81.220 (10.20.81.220) 56(84) bytes of data.
64 bytes from 10.20.81.220: icmp_seq=1 ttl=63 time=0.871 ms
64 bytes from 10.20.81.220: icmp_seq=2 ttl=63 time=0.859 ms
его маршрут от экземпляра
ubuntu@u1804ins:~$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.1.0.1 0.0.0.0 UG 100 0 0 ens2
10.1.0.0 0.0.0.0 255.255.255.0 U 0 0 0 ens2
169.254.169.254 10.1.0.1 255.255.255.255 UGH 100 0 0 ens2
группа безопасности - это
Кто-либо может помочь мне решить тот вопрос?
Обновление 04.08.2019
Как предложено меня waltinator я добавил маршрут как показано здесь:
ubuntu@os-compute02:~$ sudo ip netns exec qrouter-e933429f-6816-47b3-9e50-581d78243935 ifconfig
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 6191392 bytes 645353092 (645.3 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 6191392 bytes 645353092 (645.3 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qg-f33e7db4-43: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.20.81.221 netmask 255.255.255.0 broadcast 10.20.81.255
inet6 fe80::f816:3eff:fe66:29fc prefixlen 64 scopeid 0x20<link>
ether fa:16:3e:66:29:fc txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 653117 bytes 27431366 (27.4 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
qr-44aa8011-cf: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1458
inet 10.1.0.1 netmask 255.255.255.0 broadcast 10.1.0.255
inet6 fe80::f816:3eff:feb3:ccab prefixlen 64 scopeid 0x20<link>
ether fa:16:3e:b3:cc:ab txqueuelen 1000 (Ethernet)
RX packets 1439607 bytes 124114833 (124.1 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2439777 bytes 168001647 (168.0 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ubuntu@os-compute02:~$ sudo ip netns exec qrouter-e933429f-6816-47b3-9e50-581d78243935 route add default gw 10.1.0.1 qr-44aa8011-cf
затем
ubuntu@os-compute02:~$ sudo ip netns exec qrouter-e933429f-6816-47b3-9e50-581d78243935 netstat -rn
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 10.1.0.1 0.0.0.0 UG 0 0 0 qr-44aa8011-cf
10.1.0.0 0.0.0.0 255.255.255.0 U 0 0 0 qr-44aa8011-cf
10.20.81.0 0.0.0.0 255.255.255.0 U 0 0 0 qg-f33e7db4-43
но ничто
ubuntu@os-compute02:~$ sudo ip netns exec qrouter-e933429f-6816-47b3-9e50-581d78243935 ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
From 10.1.0.1 icmp_seq=1 Destination Host Unreachable
From 10.1.0.1 icmp_seq=2 Destination Host Unreachable
0
задан Riccardo Magrini
16 April 2019 в 09:12
поделиться
1 ответ
Я решил, что изменил значение порта данных до запуска развертывания OPS через juju
с:
neutron-gateway:
bridge-mappings: physnet1:br-ex
data-port: br-ex:eno2
на:
neutron-gateway:
bridge-mappings: physnet1:br-ex
data-port: br-ex:eno3
Теперь экземпляр может достичь Интернета
ubuntu@u1804svr:~$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=119 time=17.7 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=119 time=17.3 ms
ubuntu@u1804svr:~$ ping google.it
PING google.it (216.58.205.35) 56(84) bytes of data.
64 bytes from mil04s24-in-f35.1e100.net (216.58.205.35): icmp_seq=1 ttl=53 time=13.7 ms
64 bytes from mil04s24-in-f35.1e100.net (216.58.205.35): icmp_seq=2 ttl=53 time=13.7 ms
0
ответ дан Riccardo Magrini
25 October 2019 в 06:52
поделиться