Microstack - 无法访问(ping/ssh)启动虚拟机

Microstack - Cannont access (ping/ssh) launched VMs

我试图访问一些已启动的虚拟机,但没有成功。我关注了this tutorial to create a private network。如下所示:

+--------------------------------------+----------+--------------------------------------+
| ID                                   | Name     | Subnets                              |
+--------------------------------------+----------+--------------------------------------+
| 326a319c-e75d-48f1-ac36-aed342c45874 | private  | f16b8b8c-482e-4cf5-a5d6-74e284b7e0f1 |

下面列出了安全组:

microstack.openstack security group list
+--------------------------------------+---------+------------------------+----------------------------------+------+
| ID                                   | Name    | Description            | Project                          | Tags |
+--------------------------------------+---------+------------------------+----------------------------------+------+
| 04c5c579-91bf-4497-bd01-47c7fa69df81 | default | Default security group | 9c12393bf2e54547bef78aac510ba6c6 | []   |
| 3c69498c-c210-48c8-ba43-fbf60a0c224e | default | Default security group | 37f73779b3cd42dc96044ea0fd6d1e98 | []   |
| 5a20b02a-aac4-4c62-9ea2-24dfd8c59f67 | default | Default security group |                                  | []   |
+--------------------------------------+---------+------------------------+----------------------------------+------+

我正在使用以下安全组:

microstack.openstack security group show 3c69498c-c210-48c8-ba43-fbf60a0c224e
+-----------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field           | Value                                                                                                                                                                                                                                          |
+-----------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at      | 2020-08-14T17:54:45Z                                                                                                                                                                                                                           |
| description     | Default security group                                                                                                                                                                                                                         |
| id              | 3c69498c-c210-48c8-ba43-fbf60a0c224e                                                                                                                                                                                                           |
| location        | Munch({'cloud': '', 'region_name': '', 'zone': None, 'project': Munch({'id': '37f73779b3cd42dc96044ea0fd6d1e98', 'name': 'admin', 'domain_id': None, 'domain_name': 'default'})})                                                              |
| name            | default                                                                                                                                                                                                                                        |
| project_id      | 37f73779b3cd42dc96044ea0fd6d1e98                                                                                                                                                                                                               |
| revision_number | 3                                                                                                                                                                                                                                              |
| rules           | created_at='2020-08-14T17:54:45Z', direction='egress', ethertype='IPv6', id='1e5c2fed-7c7a-4dd4-9e11-c87d0de012ee', updated_at='2020-08-14T17:54:45Z'                                                                                          |
|                 | created_at='2020-08-14T17:54:45Z', direction='ingress', ethertype='IPv4', id='36394ec6-0f35-4b26-9788-61bf76a08088', remote_group_id='3c69498c-c210-48c8-ba43-fbf60a0c224e', updated_at='2020-08-14T17:54:45Z'                                 |
|                 | created_at='2020-08-14T17:54:45Z', direction='ingress', ethertype='IPv6', id='48986d96-ec57-4f49-aee8-6e1c68e273b1', remote_group_id='3c69498c-c210-48c8-ba43-fbf60a0c224e', updated_at='2020-08-14T17:54:45Z'                                 |
|                 | created_at='2020-08-14T17:56:16Z', direction='ingress', ethertype='IPv4', id='58816267-8df8-4a89-a9c5-31986a441365', port_range_max='22', port_range_min='22', protocol='tcp', remote_ip_prefix='0.0.0.0/0', updated_at='2020-08-14T17:56:16Z' |
|                 | created_at='2020-08-14T17:54:45Z', direction='egress', ethertype='IPv4', id='c75e9aa8-84f3-4d05-9d33-0da7892f7a07', updated_at='2020-08-14T17:54:45Z'                                                                                          |
|                 | created_at='2020-08-14T17:56:14Z', direction='ingress', ethertype='IPv4', id='d029b66c-219e-488d-93af-1f87a9d8b006', protocol='icmp', remote_ip_prefix='0.0.0.0/0', updated_at='2020-08-14T17:56:14Z'                                          |
| tags            | []                                                                                                                                                                                                                                             |
| updated_at      | 2020-08-14T17:56:16Z                                                                                                                                                                                                                           |

我用来启动虚拟机的命令:

microstack.openstack server create --flavor m1.medium --image ubuntu_1804 --nic net-id=326a319c-e75d-48f1-ac36-aed342c45874 --key-name microstack --security-group 3c69498c-c210-48c8-ba43-fbf60a0c224e server_micro

下面,我们可以看到 VM 已启动:

microstack.openstack server list
| ID                                   | Name         | Status | Networks                          | Image       | Flavor    |
+--------------------------------------+--------------+--------+-----------------------------------+-------------+-----------+
| 9e88311d-0907-4534-ba5d-ee80d2de06ee | server_micro | ACTIVE | private=10.0.0.127                | ubuntu_1804 | m1.medium |

microstack.openstack server show 9e88311d-0907-4534-ba5d-ee80d2de06ee
+-------------------------------------+----------------------------------------------------------+
| Field                               | Value                                                    |
+-------------------------------------+----------------------------------------------------------+
| OS-DCF:diskConfig                   | MANUAL                                                   |
| OS-EXT-AZ:availability_zone         | nova                                                     |
| OS-EXT-SRV-ATTR:host                | jabuti                                                   |
| OS-EXT-SRV-ATTR:hypervisor_hostname | jabuti                                                   |
| OS-EXT-SRV-ATTR:instance_name       | instance-0000000a                                        |
| OS-EXT-STS:power_state              | Running                                                  |
| OS-EXT-STS:task_state               | None                                                     |
| OS-EXT-STS:vm_state                 | active                                                   |
| OS-SRV-USG:launched_at              | 2020-08-31T13:54:52.000000                               |
| OS-SRV-USG:terminated_at            | None                                                     |
| accessIPv4                          |                                                          |
| accessIPv6                          |                                                          |
| addresses                           | private=10.0.0.127                                       |
| config_drive                        |                                                          |
| created                             | 2020-08-31T13:54:45Z                                     |
| flavor                              | m1.medium (3)                                            |
| hostId                              | 61fe40d2c4303db62eef04a071c6d7ee01f0465ec467f911ac05e2c0 |
| id                                  | 9e88311d-0907-4534-ba5d-ee80d2de06ee                     |
| image                               | ubuntu_1804 (a1d60e2d-72d7-47d8-8aea-e97e8ba2a09b)       |
| key_name                            | microstack                                               |
| name                                | server_micro                                             |
| progress                            | 0                                                        |
| project_id                          | 37f73779b3cd42dc96044ea0fd6d1e98                         |
| properties                          |                                                          |
| security_groups                     | name='default'                                           |
| status                              | ACTIVE                                                   |
| updated                             | 2020-08-31T13:54:53Z                                     |
| user_id                             | ff66b68443994bfeb2101851e7ea026d                         |
| volumes_attached                    |                                                          |
+-------------------------------------+----------------------------------------------------------+

但是我无法访问启动的实例:

ping 10.0.0.127
PING 10.0.0.127 (10.0.0.127) 56(84) bytes of data.
From 10.75.211.9: icmp_seq=2 Redirect Host(New nexthop: 10.75.211.13)
From 10.75.211.9: icmp_seq=3 Redirect Host(New nexthop: 10.75.211.13)
From 10.75.211.9: icmp_seq=4 Redirect Host(New nexthop: 10.75.211.13)
From 10.75.211.9: icmp_seq=5 Redirect Host(New nexthop: 10.75.211.13)
^C
--- 10.0.0.127 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4004ms

我错过了什么?我应该如何处理 ping/ssh 启动的实例?

一旦我们创建了一个带有专用网络的虚拟机,我们需要将一个浮动 IP 关联到它。下面,我列出解决问题所需的步骤。

  1. 为您的 external 网络创建浮动 IP:

    microstack.openstack floating ip create external
    
  2. 创建一个路由器来通信两个网络(内部和外部):

    microstack.openstack router create router1
    
  3. external网络添加到路由器:

    microstack.openstack router set router1 --external-gateway external
    
  4. 将您的私有子网添加到路由器:

    microstack.openstack router add subnet router1 f16b8b8c-482e-4cf5-a5d6-74e284b7e0f1
    
  5. 将浮动IP关联到您的VM(假设创建的IP为10.20.20.92):

    microstack.openstack server add floating ip server_micro 10.20.20.92
    

现在您应该可以 ping 虚拟机并通过 ssh 访问它。