Openstack-Neutron
Openstack 無法從其他網路訪問控制器節點
我已經安裝了 Openstack,沒有任何問題。我面臨無法從其他網路訪問控制器主機的問題。
在我的工作環境中,我在 Cisco 交換機上配置了許多 VLAN。
- 使用者 VLAN 為 (10.10.10.0/24.)
- 伺服器 VLAN 為 (192.168.100.0/24)。
控制器伺服器 ext IP (192.168.100.100),在控制器上創建網路/路由器後,使用者 (10.10.10.0/24) 的網路無法 ping/訪問 192.168.100.100,但在控制器的同一網路上 (192.168 .100.0/24) 仍然可以 ping 到控制器節點。
這意味著只有控制器的同一網路可以訪問它,而其他網路不能。
那麼如何使其可用於所有網路呢?
控制器的一些結果:
tcpdump:
verbose output suppressed, use -v or -vv for full protocol decode listening on vxlan-1, link-type EN10MB (Ethernet), capture size 262144 bytes.IP地址
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 00:50:56:87:7c:e8 brd ff:ff:ff:ff:ff:ff inet 10.0.0.11/24 brd 10.0.0.255 scope global ens160 valid_lft forever preferred_lft forever inet6 fe80::250:56ff:fe87:7ce8/64 scope link valid_lft forever preferred_lft forever 3: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master brq2d2d66af-87 state UP group default qlen 1000 link/ether 00:50:56:87:d6:1c brd ff:ff:ff:ff:ff:ff 6: tap96c05264-57@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master brq2d2d66af-87 state UP group default qlen 1000 link/ether 72:b8:0a:01:9d:36 brd ff:ff:ff:ff:ff:ff link-netns qdhcp-2d2d66af-87f8-4c5e-9329-dbb903debc0d 7: tape473efb7-92@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master brq98128308-8d state UP group default qlen 1000 link/ether 96:e0:72:ac:06:18 brd ff:ff:ff:ff:ff:ff link-netns qdhcp-98128308-8d26-4ef5-947d-0620396348d7 8: vxlan-1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master brq98128308-8d state UNKNOWN group default qlen 1000 link/ether ee:48:01:ef:1f:03 brd ff:ff:ff:ff:ff:ff 9: brq98128308-8d: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP group default qlen 1000 link/ether 02:d5:28:7f:48:8f brd ff:ff:ff:ff:ff:ff inet6 fe80::5093:1dff:feaa:1698/64 scope link valid_lft forever preferred_lft forever 10: brq2d2d66af-87: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 00:50:56:87:d6:1c brd ff:ff:ff:ff:ff:ff inet 192.168.100.100/24 brd 192.168.100.255 scope global brq2d2d66af-87 valid_lft forever preferred_lft forever inet6 fe80::250:56ff:fe87:d61c/64 scope link valid_lft forever preferred_lft forever inet6 fe80::70dc:72ff:fe53:152f/64 scope link valid_lft forever preferred_lft forever 11: tape188178b-33@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master brq98128308-8d state UP group default qlen 1000 link/ether 02:d5:28:7f:48:8f brd ff:ff:ff:ff:ff:ff link-netns qrouter-50ae9644-5fe8-4bc3-9813-c96c22c294ff 12: tap97c393cc-e5@if3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master brq2d2d66af-87 state UP group default qlen 1000 link/ether 1a:c8:66:85:59:c6 brd ff:ff:ff:ff:ff:ff link-netns qrouter-50ae9644-5fe8-4bc3-9813-c96c22c294ffip路由
default via 10.0.0.1 dev ens160 proto static default via 192.168.100.1 dev brq2d2d66af-87 proto static metric 100 10.0.0.0/24 dev ens160 proto kernel scope link src 10.0.0.11 192.168.100.0/24 dev brq2d2d66af-87 proto kernel scope link src 192.168.100.100謝謝!
ip路由
預設通過 10.0.0.1 dev ens160 proto static
預設通過 192.168.100.1 dev brq2d2d66af-87 proto static metric 100
由於預設路由是內部介面,因此使用者無法訪問 Openstack。執行以下命令後,問題解決。
ip route del 預設通過 10.0.0.1
非常感謝您的幫助Mr.Berndbausch