1,011
社区成员
发帖
与我相关
我的任务
分享windows实例可以运行,但无法ping通
大家好!我在使用OpenStack跑windows实例时,系统显示实例运行正常,获得了IP地址,但无法ping通实例。
在运行linux的实例时,可以ping通,也可以访问。
windows的实例已经关闭了防火墙,IP地址是DHCP获得。
OpenStack的规则设置配置了允许ping
nova secgroup-add-rule default icmp -1 -1 -s 0.0.0.0/0
外网是通过DHCP获得IP地址
内网只有一个交换机,无DHCP服务器。
控制节点
eth0 10.10.11.15 外网
eth1 192.168.2.15 内网
控制节点没有生成实例的功能,没有安装nova-compute
计算节点:
eth0 10.10.11.11 外网
eth1 192.168.2.11 内网
控制节点信息:
root@master:~# nova-manage service list
Binary Host Zone
Status State Updated_At
nova-scheduler master nova
enabled :-) 2012-10-08 08:07:52
nova-cert master nova
enabled :-) 2012-10-08 08:07:52
nova-consoleauth master nova
enabled :-) 2012-10-08 08:07:52
nova-compute node nova
enabled :-) 2012-10-08 08:07:45
nova-network node nova
enabled :-) 2012-10-08 08:07:46
root@master:~#
root@master:~# ifconfig
eth0 Link encap:Ethernet HWaddr fc:75:16:84:70:c3
inet addr:10.10.7.15 Bcast:10.10.7.255 Mask:255.255.255.0
inet6 addr: fe80::fe75:16ff:fe84:70c3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:265287 errors:0 dropped:0 overruns:0 frame:0
TX packets:148229 errors:1 dropped:0 overruns:1 carrier:0
collisions:0 txqueuelen:1000
RX bytes:68569088 (68.5 MB) TX bytes:78003421 (78.0 MB)
Interrupt:19
eth1 Link encap:Ethernet HWaddr b8:a3:86:8f:5a:e2
inet addr:192.168.2.15 Bcast:192.168.2.255 Mask:
255.255.255.0
inet6 addr: fe80::baa3:86ff:fe8f:5ae2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:774 errors:0 dropped:0 overruns:0 frame:0
TX packets:280 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:127556 (127.5 KB) TX bytes:22688 (22.6 KB)
Interrupt:18 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:188176 errors:0 dropped:0 overruns:0 frame:0
TX packets:188176 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:117843520 (117.8 MB) TX bytes:117843520 (117.8 MB)
virbr0 Link encap:Ethernet HWaddr 4e:57:c8:ff:00:eb
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:
255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
控制节点nova.conf
root@master:~# cat /etc/nova/nova.conf
[DEFAULT]
###### LOGS/STATE
#verbose=True
verbose=False
###### AUTHENTICATION
auth_strategy=keystone
###### SCHEDULER
#--
compute_scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler
scheduler_driver=nova.scheduler.simple.SimpleScheduler
###### VOLUMES
volume_group=nova-volumes
volume_name_template=volume-%08x
iscsi_helper=tgtadm
###### DATABASE
sql_connection=mysql://nova:openvision@10.10.7.15/nova
###### COMPUTE
libvirt_type=kvm
#libvirt_type=qemu
connection_type=libvirt
instance_name_template=instance-%08x
api_paste_config=/etc/nova/api-paste.ini
allow_resize_to_same_host=True
libvirt_use_virtio_for_bridges=true
start_guests_on_host_boot=true
resume_guests_state_on_host_boot=true
###### APIS
osapi_compute_extension=nova.api.openstack.compute.contrib.standard_extensions
allow_admin_api=true
s3_host=10.10.7.15
cc_host=10.10.7.15
###### RABBITMQ
rabbit_host=10.10.7.15
###### GLANCE
image_service=nova.image.glance.GlanceImageService
glance_api_servers=10.10.7.15:9292
###### NETWORK
network_manager=nova.network.manager.FlatDHCPManager
force_dhcp_release=True
dhcpbridge_flagfile=/etc/nova/nova.conf
dhcpbridge=/usr/bin/nova-dhcpbridge
firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver
public_interface=eth0
flat_interface=eth1
flat_injected=false
flat_network_bridge=br100
fixed_range=192.168.2.0/24
multi_host=true
###### NOVNC CONSOLE
novnc_enabled=true
novncproxy_base_url= http://10.10.7.15:6080/vnc_auto.html
vncserver_proxyclient_address=10.10.7.15
vncserver_listen=10.10.7.15
########Nova
logdir=/var/log/nova
state_path=/var/lib/nova
lock_path=/var/lock/nova
#####MISC
use_deprecated_auth=false
root_helper=sudo nova-rootwrap
allow_same_net_traffic=true
控制节点防火墙:
root@master:~# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp
dpt:domain
ACCEPT tcp -- anywhere anywhere tcp
dpt:domain
ACCEPT udp -- anywhere anywhere udp
dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp
dpt:bootps
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere 192.168.122.0/24 state
RELATED,ESTABLISHED
ACCEPT all -- 192.168.122.0/24 anywhere
ACCEPT all -- anywhere anywhere
REJECT all -- anywhere anywhere reject-
with icmp-port-unreachable
REJECT all -- anywhere anywhere reject-
with icmp-port-unreachable
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
控制节点路由信息:
root@master:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref
Use Iface
0.0.0.0 10.10.7.1 0.0.0.0 UG 100 0
0 eth0
10.10.7.0 0.0.0.0 255.255.255.0 U 0 0
0 eth0
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0
0 eth1
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0
0 virbr0
计算节点:
计算节点网络配置:
root@node:~# ifconfig
br100 Link encap:Ethernet HWaddr fc:75:16:84:70:c9
inet addr:192.168.2.3 Bcast:192.168.2.255 Mask:
255.255.255.0
inet6 addr: fe80::1c09:b5ff:fe0f:1e42/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:120 errors:0 dropped:0 overruns:0 frame:0
TX packets:101 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:17895 (17.8 KB) TX bytes:13961 (13.9 KB)
eth0 Link encap:Ethernet HWaddr b8:a3:86:06:8a:7d
inet addr:10.10.7.11 Bcast:10.10.7.255 Mask:255.255.255.0
inet6 addr: fe80::baa3:86ff:fe06:8a7d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4495 errors:0 dropped:0 overruns:0 frame:0
TX packets:4132 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1695554 (1.6 MB) TX bytes:1378230 (1.3 MB)
Interrupt:19
eth1 Link encap:Ethernet HWaddr fc:75:16:84:70:c9
inet6 addr: fe80::fe75:16ff:fe84:70c9/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5 errors:0 dropped:0 overruns:0 frame:0
TX packets:57 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:430 (430.0 B) TX bytes:9358 (9.3 KB)
Interrupt:18 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:16 errors:0 dropped:0 overruns:0 frame:0
TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1296 (1.2 KB) TX bytes:1296 (1.2 KB)
virbr0 Link encap:Ethernet HWaddr be:35:73:a1:2f:79
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:
255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
vnet0 Link encap:Ethernet HWaddr fe:16:3e:6c:7c:dc
inet6 addr: fe80::fc16:3eff:fe6c:7cdc/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:67 errors:0 dropped:0 overruns:0 frame:0
TX packets:84 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:10624 (10.6 KB) TX bytes:11962 (11.9 KB)
vnet1 Link encap:Ethernet HWaddr fe:16:3e:34:a3:e0
inet6 addr: fe80::fc16:3eff:fe34:a3e0/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
vnet2 Link encap:Ethernet HWaddr fe:16:3e:00:30:8e
inet6 addr: fe80::fc16:3eff:fe00:308e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:63 errors:0 dropped:0 overruns:0 frame:0
TX packets:73 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:9811 (9.8 KB) TX bytes:10631 (10.6 KB)
在运行linux的实例时,可以ping通,也可以访问。
windows的实例已经关闭了防火墙,IP地址是DHCP获得。
OpenStack的规则设置配置了允许ping
nova secgroup-add-rule default icmp -1 -1 -s 0.0.0.0/0
外网是通过DHCP获得IP地址
内网只有一个交换机,无DHCP服务器。
控制节点
eth0 10.10.11.15 外网
eth1 192.168.2.15 内网
控制节点没有生成实例的功能,没有安装nova-compute
计算节点:
eth0 10.10.11.11 外网
eth1 192.168.2.11 内网
控制节点信息:
root@master:~# nova-manage service list
Binary Host Zone
Status State Updated_At
nova-scheduler master nova
enabled :-) 2012-10-08 08:07:52
nova-cert master nova
enabled :-) 2012-10-08 08:07:52
nova-consoleauth master nova
enabled :-) 2012-10-08 08:07:52
nova-compute node nova
enabled :-) 2012-10-08 08:07:45
nova-network node nova
enabled :-) 2012-10-08 08:07:46
root@master:~#
root@master:~# ifconfig
eth0 Link encap:Ethernet HWaddr fc:75:16:84:70:c3
inet addr:10.10.7.15 Bcast:10.10.7.255 Mask:255.255.255.0
inet6 addr: fe80::fe75:16ff:fe84:70c3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:265287 errors:0 dropped:0 overruns:0 frame:0
TX packets:148229 errors:1 dropped:0 overruns:1 carrier:0
collisions:0 txqueuelen:1000
RX bytes:68569088 (68.5 MB) TX bytes:78003421 (78.0 MB)
Interrupt:19
eth1 Link encap:Ethernet HWaddr b8:a3:86:8f:5a:e2
inet addr:192.168.2.15 Bcast:192.168.2.255 Mask:
255.255.255.0
inet6 addr: fe80::baa3:86ff:fe8f:5ae2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:774 errors:0 dropped:0 overruns:0 frame:0
TX packets:280 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:127556 (127.5 KB) TX bytes:22688 (22.6 KB)
Interrupt:18 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:188176 errors:0 dropped:0 overruns:0 frame:0
TX packets:188176 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:117843520 (117.8 MB) TX bytes:117843520 (117.8 MB)
virbr0 Link encap:Ethernet HWaddr 4e:57:c8:ff:00:eb
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:
255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
控制节点nova.conf
root@master:~# cat /etc/nova/nova.conf
[DEFAULT]
###### LOGS/STATE
#verbose=True
verbose=False
###### AUTHENTICATION
auth_strategy=keystone
###### SCHEDULER
#--
compute_scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler
scheduler_driver=nova.scheduler.simple.SimpleScheduler
###### VOLUMES
volume_group=nova-volumes
volume_name_template=volume-%08x
iscsi_helper=tgtadm
###### DATABASE
sql_connection=mysql://nova:openvision@10.10.7.15/nova
###### COMPUTE
libvirt_type=kvm
#libvirt_type=qemu
connection_type=libvirt
instance_name_template=instance-%08x
api_paste_config=/etc/nova/api-paste.ini
allow_resize_to_same_host=True
libvirt_use_virtio_for_bridges=true
start_guests_on_host_boot=true
resume_guests_state_on_host_boot=true
###### APIS
osapi_compute_extension=nova.api.openstack.compute.contrib.standard_extensions
allow_admin_api=true
s3_host=10.10.7.15
cc_host=10.10.7.15
###### RABBITMQ
rabbit_host=10.10.7.15
###### GLANCE
image_service=nova.image.glance.GlanceImageService
glance_api_servers=10.10.7.15:9292
###### NETWORK
network_manager=nova.network.manager.FlatDHCPManager
force_dhcp_release=True
dhcpbridge_flagfile=/etc/nova/nova.conf
dhcpbridge=/usr/bin/nova-dhcpbridge
firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver
public_interface=eth0
flat_interface=eth1
flat_injected=false
flat_network_bridge=br100
fixed_range=192.168.2.0/24
multi_host=true
###### NOVNC CONSOLE
novnc_enabled=true
novncproxy_base_url= http://10.10.7.15:6080/vnc_auto.html
vncserver_proxyclient_address=10.10.7.15
vncserver_listen=10.10.7.15
########Nova
logdir=/var/log/nova
state_path=/var/lib/nova
lock_path=/var/lock/nova
#####MISC
use_deprecated_auth=false
root_helper=sudo nova-rootwrap
allow_same_net_traffic=true
控制节点防火墙:
root@master:~# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp
dpt:domain
ACCEPT tcp -- anywhere anywhere tcp
dpt:domain
ACCEPT udp -- anywhere anywhere udp
dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp
dpt:bootps
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere 192.168.122.0/24 state
RELATED,ESTABLISHED
ACCEPT all -- 192.168.122.0/24 anywhere
ACCEPT all -- anywhere anywhere
REJECT all -- anywhere anywhere reject-
with icmp-port-unreachable
REJECT all -- anywhere anywhere reject-
with icmp-port-unreachable
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
控制节点路由信息:
root@master:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref
Use Iface
0.0.0.0 10.10.7.1 0.0.0.0 UG 100 0
0 eth0
10.10.7.0 0.0.0.0 255.255.255.0 U 0 0
0 eth0
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0
0 eth1
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0
0 virbr0
计算节点:
计算节点网络配置:
root@node:~# ifconfig
br100 Link encap:Ethernet HWaddr fc:75:16:84:70:c9
inet addr:192.168.2.3 Bcast:192.168.2.255 Mask:
255.255.255.0
inet6 addr: fe80::1c09:b5ff:fe0f:1e42/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:120 errors:0 dropped:0 overruns:0 frame:0
TX packets:101 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:17895 (17.8 KB) TX bytes:13961 (13.9 KB)
eth0 Link encap:Ethernet HWaddr b8:a3:86:06:8a:7d
inet addr:10.10.7.11 Bcast:10.10.7.255 Mask:255.255.255.0
inet6 addr: fe80::baa3:86ff:fe06:8a7d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4495 errors:0 dropped:0 overruns:0 frame:0
TX packets:4132 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1695554 (1.6 MB) TX bytes:1378230 (1.3 MB)
Interrupt:19
eth1 Link encap:Ethernet HWaddr fc:75:16:84:70:c9
inet6 addr: fe80::fe75:16ff:fe84:70c9/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5 errors:0 dropped:0 overruns:0 frame:0
TX packets:57 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:430 (430.0 B) TX bytes:9358 (9.3 KB)
Interrupt:18 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:16 errors:0 dropped:0 overruns:0 frame:0
TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1296 (1.2 KB) TX bytes:1296 (1.2 KB)
virbr0 Link encap:Ethernet HWaddr be:35:73:a1:2f:79
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:
255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
vnet0 Link encap:Ethernet HWaddr fe:16:3e:6c:7c:dc
inet6 addr: fe80::fc16:3eff:fe6c:7cdc/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:67 errors:0 dropped:0 overruns:0 frame:0
TX packets:84 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:10624 (10.6 KB) TX bytes:11962 (11.9 KB)
vnet1 Link encap:Ethernet HWaddr fe:16:3e:34:a3:e0
inet6 addr: fe80::fc16:3eff:fe34:a3e0/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
vnet2 Link encap:Ethernet HWaddr fe:16:3e:00:30:8e
inet6 addr: fe80::fc16:3eff:fe00:308e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:63 errors:0 dropped:0 overruns:0 frame:0
TX packets:73 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:9811 (9.8 KB) TX bytes:10631 (10.6 KB)
...全文
请发表友善的回复…
发表回复
兆帅 2012-11-29
- 打赏
- 举报
你是windows 2008 server ? 默认禁PING的.
你可以在计算节点PING实例名
制作镜像时打开远程桌面服务
在安全组加TCP 3389启动远程桌面端口
那样实例就能用了.当然要记住密码
十一文-攒钱买阿花 2012-11-07
- 打赏
- 举报
你是windows 2008 server ? 默认禁PING的.
你可以在计算节点PING实例名
制作镜像时打开远程桌面服务
在安全组加TCP 3389启动远程桌面端口
那样实例就能用了.当然要记住密码
赵宝东 2012-11-06
- 打赏
- 举报
你是windows 2008 server ? 默认禁PING的.
你可以在计算节点PING实例名
制作镜像时打开远程桌面服务
在安全组加TCP 3389启动远程桌面端口
那样实例就能用了.当然要记住密码
Adela可爱多 2012-10-17
- 打赏
- 举报
继续补充
运行的实例:
root@master:~# nova list
+--------------------------------------+----------+--------
+---------------------+
| ID | Name | Status |
Networks |
+--------------------------------------+----------+--------
+---------------------+
| 6c38e1c0-3e09-42a9-ac4a-85ca7cd80103 | xp001 | ACTIVE |
private=192.168.2.5 |
| 86295154-3175-48a4-b330-5799328f9fb6 | linux001 | ACTIVE |
private=192.168.2.4 |
| cb332c97-b3dd-4903-ac89-495153864f34 | linux002 | ACTIVE |
private=192.168.2.6 |
+--------------------------------------+----------+--------
+---------------------+
计算节点nova.conf配置
root@node:~# cat /etc/nova/nova.conf
[DEFAULT]
###### LOGS/STATE
#verbose=True
verbose=False
###### AUTHENTICATION
auth_strategy=keystone
###### SCHEDULER
#--
compute_scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler
scheduler_driver=nova.scheduler.simple.SimpleScheduler
###### VOLUMES
volume_group=nova-volumes
volume_name_template=volume-%08x
iscsi_helper=tgtadm
###### DATABASE
sql_connection=mysql://nova:openvision@10.10.7.15/nova
###### COMPUTE
libvirt_type=kvm
#libvirt_type=qemu
connection_type=libvirt
instance_name_template=instance-%08x
api_paste_config=/etc/nova/api-paste.ini
allow_resize_to_same_host=True
libvirt_use_virtio_for_bridges=true
start_guests_on_host_boot=true
resume_guests_state_on_host_boot=true
###### APIS
osapi_compute_extension=nova.api.openstack.compute.contrib.standard_extensions
allow_admin_api=true
s3_host=10.10.7.15
cc_host=10.10.7.15
###### RABBITMQ
rabbit_host=10.10.7.15
###### GLANCE
image_service=nova.image.glance.GlanceImageService
glance_api_servers=10.10.7.15:9292
###### NETWORK
network_manager=nova.network.manager.FlatDHCPManager
force_dhcp_release=True
#force_dhcp_release=False
dhcpbridge_flagfile=/etc/nova/nova.conf
dhcpbridge=/usr/bin/nova-dhcpbridge
firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver
public_interface=eth0
flat_interface=eth1
flat_network_bridge=br100
fixed_range=192.168.2.0/24
multi_host=true
###### NOVNC CONSOLE
novnc_enabled=true
novncproxy_base_url= http://10.10.7.15:6080/vnc_auto.html
vncserver_proxyclient_address=10.10.7.11
vncserver_listen=10.10.7.11
########Nova
logdir=/var/log/nova
state_path=/var/lib/nova
lock_path=/var/lock/nova
#####MISC
use_deprecated_auth=false
root_helper=sudo nova-rootwrap
allow_same_net_traffic=true
计算节点防火墙配置:
root@node:~# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
nova-compute-INPUT all -- anywhere anywhere
nova-network-INPUT all -- anywhere anywhere
nova-api-INPUT all -- anywhere anywhere
ACCEPT udp -- anywhere anywhere udp
dpt:domain
ACCEPT tcp -- anywhere anywhere tcp
dpt:domain
ACCEPT udp -- anywhere anywhere udp
dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp
dpt:bootps
Chain FORWARD (policy ACCEPT)
target prot opt source destination
nova-filter-top all -- anywhere anywhere
nova-compute-FORWARD all -- anywhere
anywhere
nova-network-FORWARD all -- anywhere
anywhere
nova-api-FORWARD all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
nova-filter-top all -- anywhere anywhere
nova-compute-OUTPUT all -- anywhere
anywhere
nova-network-OUTPUT all -- anywhere
anywhere
nova-api-OUTPUT all -- anywhere anywhere
Chain nova-api-FORWARD (1 references)
target prot opt source destination
Chain nova-api-INPUT (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere 10.10.7.11 tcp dpt:
8775
Chain nova-api-OUTPUT (1 references)
target prot opt source destination
Chain nova-api-local (1 references)
target prot opt source destination
Chain nova-compute-FORWARD (1 references)
target prot opt source destination
Chain nova-compute-INPUT (1 references)
target prot opt source destination
Chain nova-compute-OUTPUT (1 references)
target prot opt source destination
Chain nova-compute-inst-7 (1 references)
target prot opt source destination
DROP all -- anywhere anywhere state
INVALID
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
nova-compute-provider all -- anywhere
anywhere
ACCEPT udp -- 192.168.2.3 anywhere udp
spt:bootps dpt:bootpc
ACCEPT all -- 192.168.2.0/24 anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:
3389
ACCEPT tcp -- anywhere anywhere tcp
dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp
dpt:http
ACCEPT tcp -- anywhere anywhere tcp
dpt:http-alt
ACCEPT icmp -- anywhere anywhere
nova-compute-sg-fallback all -- anywhere
anywhere
Chain nova-compute-inst-8 (1 references)
target prot opt source destination
DROP all -- anywhere anywhere state
INVALID
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
nova-compute-provider all -- anywhere
anywhere
ACCEPT udp -- 192.168.2.3 anywhere udp
spt:bootps dpt:bootpc
ACCEPT all -- 192.168.2.0/24 anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:
3389
ACCEPT icmp -- anywhere anywhere
nova-compute-sg-fallback all -- anywhere
anywhere
Chain nova-compute-inst-9 (1 references)
target prot opt source destination
DROP all -- anywhere anywhere state
INVALID
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
nova-compute-provider all -- anywhere
anywhere
ACCEPT udp -- 192.168.2.3 anywhere udp
spt:bootps dpt:bootpc
ACCEPT all -- 192.168.2.0/24 anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:
3389
ACCEPT tcp -- anywhere anywhere tcp
dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp
dpt:http
ACCEPT tcp -- anywhere anywhere tcp
dpt:http-alt
ACCEPT icmp -- anywhere anywhere
nova-compute-sg-fallback all -- anywhere
anywhere
Chain nova-compute-local (1 references)
target prot opt source destination
nova-compute-inst-7 all -- anywhere
192.168.2.4
nova-compute-inst-8 all -- anywhere
192.168.2.5
nova-compute-inst-9 all -- anywhere
192.168.2.6
Chain nova-compute-provider (3 references)
target prot opt source destination
Chain nova-compute-sg-fallback (3 references)
target prot opt source destination
DROP all -- anywhere anywhere
Chain nova-filter-top (2 references)
target prot opt source destination
nova-compute-local all -- anywhere anywhere
nova-network-local all -- anywhere anywhere
nova-api-local all -- anywhere anywhere
Chain nova-network-FORWARD (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain nova-network-INPUT (1 references)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp
dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp
dpt:bootps
ACCEPT udp -- anywhere anywhere udp
dpt:domain
ACCEPT tcp -- anywhere anywhere tcp
dpt:domain
Chain nova-network-OUTPUT (1 references)
target prot opt source destination
Chain nova-network-local (1 references)
target prot opt source destination
计算节点路由信息:
root@node:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref
Use Iface
0.0.0.0 10.10.7.1 0.0.0.0 UG 100 0
0 eth0
10.10.7.0 0.0.0.0 255.255.255.0 U 0 0
0 eth0
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0
0 br100
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0
0 virbr0
参考了以下文档:
https://answers.launchpad.net/nova/+question/157925
http://forums.openstack.org/viewtopic.php?f=10&t=344
http://stackoverflow.com/questions/11795057/openstack-networking-cant-ping-ssh-from-to-vms
http://www.vpsee.com/2011/08/openstack-nova-network-settings-for-flatmanager/
目前感觉是在网络配置上需要调整,如何调整不了解。
请熟悉的大牛帮忙分析下
非常感谢!
求大牛指点,
运行的实例:
root@master:~# nova list
+--------------------------------------+----------+--------
+---------------------+
| ID | Name | Status |
Networks |
+--------------------------------------+----------+--------
+---------------------+
| 6c38e1c0-3e09-42a9-ac4a-85ca7cd80103 | xp001 | ACTIVE |
private=192.168.2.5 |
| 86295154-3175-48a4-b330-5799328f9fb6 | linux001 | ACTIVE |
private=192.168.2.4 |
| cb332c97-b3dd-4903-ac89-495153864f34 | linux002 | ACTIVE |
private=192.168.2.6 |
+--------------------------------------+----------+--------
+---------------------+
计算节点nova.conf配置
root@node:~# cat /etc/nova/nova.conf
[DEFAULT]
###### LOGS/STATE
#verbose=True
verbose=False
###### AUTHENTICATION
auth_strategy=keystone
###### SCHEDULER
#--
compute_scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler
scheduler_driver=nova.scheduler.simple.SimpleScheduler
###### VOLUMES
volume_group=nova-volumes
volume_name_template=volume-%08x
iscsi_helper=tgtadm
###### DATABASE
sql_connection=mysql://nova:openvision@10.10.7.15/nova
###### COMPUTE
libvirt_type=kvm
#libvirt_type=qemu
connection_type=libvirt
instance_name_template=instance-%08x
api_paste_config=/etc/nova/api-paste.ini
allow_resize_to_same_host=True
libvirt_use_virtio_for_bridges=true
start_guests_on_host_boot=true
resume_guests_state_on_host_boot=true
###### APIS
osapi_compute_extension=nova.api.openstack.compute.contrib.standard_extensions
allow_admin_api=true
s3_host=10.10.7.15
cc_host=10.10.7.15
###### RABBITMQ
rabbit_host=10.10.7.15
###### GLANCE
image_service=nova.image.glance.GlanceImageService
glance_api_servers=10.10.7.15:9292
###### NETWORK
network_manager=nova.network.manager.FlatDHCPManager
force_dhcp_release=True
#force_dhcp_release=False
dhcpbridge_flagfile=/etc/nova/nova.conf
dhcpbridge=/usr/bin/nova-dhcpbridge
firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver
public_interface=eth0
flat_interface=eth1
flat_network_bridge=br100
fixed_range=192.168.2.0/24
multi_host=true
###### NOVNC CONSOLE
novnc_enabled=true
novncproxy_base_url= http://10.10.7.15:6080/vnc_auto.html
vncserver_proxyclient_address=10.10.7.11
vncserver_listen=10.10.7.11
########Nova
logdir=/var/log/nova
state_path=/var/lib/nova
lock_path=/var/lock/nova
#####MISC
use_deprecated_auth=false
root_helper=sudo nova-rootwrap
allow_same_net_traffic=true
计算节点防火墙配置:
root@node:~# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
nova-compute-INPUT all -- anywhere anywhere
nova-network-INPUT all -- anywhere anywhere
nova-api-INPUT all -- anywhere anywhere
ACCEPT udp -- anywhere anywhere udp
dpt:domain
ACCEPT tcp -- anywhere anywhere tcp
dpt:domain
ACCEPT udp -- anywhere anywhere udp
dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp
dpt:bootps
Chain FORWARD (policy ACCEPT)
target prot opt source destination
nova-filter-top all -- anywhere anywhere
nova-compute-FORWARD all -- anywhere
anywhere
nova-network-FORWARD all -- anywhere
anywhere
nova-api-FORWARD all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
nova-filter-top all -- anywhere anywhere
nova-compute-OUTPUT all -- anywhere
anywhere
nova-network-OUTPUT all -- anywhere
anywhere
nova-api-OUTPUT all -- anywhere anywhere
Chain nova-api-FORWARD (1 references)
target prot opt source destination
Chain nova-api-INPUT (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere 10.10.7.11 tcp dpt:
8775
Chain nova-api-OUTPUT (1 references)
target prot opt source destination
Chain nova-api-local (1 references)
target prot opt source destination
Chain nova-compute-FORWARD (1 references)
target prot opt source destination
Chain nova-compute-INPUT (1 references)
target prot opt source destination
Chain nova-compute-OUTPUT (1 references)
target prot opt source destination
Chain nova-compute-inst-7 (1 references)
target prot opt source destination
DROP all -- anywhere anywhere state
INVALID
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
nova-compute-provider all -- anywhere
anywhere
ACCEPT udp -- 192.168.2.3 anywhere udp
spt:bootps dpt:bootpc
ACCEPT all -- 192.168.2.0/24 anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:
3389
ACCEPT tcp -- anywhere anywhere tcp
dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp
dpt:http
ACCEPT tcp -- anywhere anywhere tcp
dpt:http-alt
ACCEPT icmp -- anywhere anywhere
nova-compute-sg-fallback all -- anywhere
anywhere
Chain nova-compute-inst-8 (1 references)
target prot opt source destination
DROP all -- anywhere anywhere state
INVALID
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
nova-compute-provider all -- anywhere
anywhere
ACCEPT udp -- 192.168.2.3 anywhere udp
spt:bootps dpt:bootpc
ACCEPT all -- 192.168.2.0/24 anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:
3389
ACCEPT icmp -- anywhere anywhere
nova-compute-sg-fallback all -- anywhere
anywhere
Chain nova-compute-inst-9 (1 references)
target prot opt source destination
DROP all -- anywhere anywhere state
INVALID
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
nova-compute-provider all -- anywhere
anywhere
ACCEPT udp -- 192.168.2.3 anywhere udp
spt:bootps dpt:bootpc
ACCEPT all -- 192.168.2.0/24 anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:
3389
ACCEPT tcp -- anywhere anywhere tcp
dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp
dpt:http
ACCEPT tcp -- anywhere anywhere tcp
dpt:http-alt
ACCEPT icmp -- anywhere anywhere
nova-compute-sg-fallback all -- anywhere
anywhere
Chain nova-compute-local (1 references)
target prot opt source destination
nova-compute-inst-7 all -- anywhere
192.168.2.4
nova-compute-inst-8 all -- anywhere
192.168.2.5
nova-compute-inst-9 all -- anywhere
192.168.2.6
Chain nova-compute-provider (3 references)
target prot opt source destination
Chain nova-compute-sg-fallback (3 references)
target prot opt source destination
DROP all -- anywhere anywhere
Chain nova-filter-top (2 references)
target prot opt source destination
nova-compute-local all -- anywhere anywhere
nova-network-local all -- anywhere anywhere
nova-api-local all -- anywhere anywhere
Chain nova-network-FORWARD (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain nova-network-INPUT (1 references)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp
dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp
dpt:bootps
ACCEPT udp -- anywhere anywhere udp
dpt:domain
ACCEPT tcp -- anywhere anywhere tcp
dpt:domain
Chain nova-network-OUTPUT (1 references)
target prot opt source destination
Chain nova-network-local (1 references)
target prot opt source destination
计算节点路由信息:
root@node:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref
Use Iface
0.0.0.0 10.10.7.1 0.0.0.0 UG 100 0
0 eth0
10.10.7.0 0.0.0.0 255.255.255.0 U 0 0
0 eth0
192.168.2.0 0.0.0.0 255.255.255.0 U 0 0
0 br100
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0
0 virbr0
参考了以下文档:
https://answers.launchpad.net/nova/+question/157925
http://forums.openstack.org/viewtopic.php?f=10&t=344
http://stackoverflow.com/questions/11795057/openstack-networking-cant-ping-ssh-from-to-vms
http://www.vpsee.com/2011/08/openstack-nova-network-settings-for-flatmanager/
目前感觉是在网络配置上需要调整,如何调整不了解。
请熟悉的大牛帮忙分析下
非常感谢!
求大牛指点,
