Kolla Ansilble：Openstack 实例无法访问互联网或彼此

Question

我是 openstack 的新手（使用 kolla-ansible 部署）并且创建了两个实例，它们都是 ubuntu 20.04 VM。我能够从主机 (192.168.211.133) ping 和 ssh 它们，反之亦然。但是实例无法访问互联网。虚拟路由器也无法上网：

其中一台机器的配置如下；

root@kypo-virtual-machine:/etc/apt/sources.list.d# ip netns ls
qrouter-caca1d42-86b4-42a2-b591-ec7a90437029 (id: 1)
qdhcp-0ec41857-9420-4322-9fef-e332c034e98e (id: 0) 


root@kypo-virtual-machine:/etc/apt/sources.list.d# ip netns e qrouter-caca1d42-86b4-42a2-b591-ec7a90437029 route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.211.1   0.0.0.0         UG    0      0        0 qg-f31a26b7-25
192.168.64.0    0.0.0.0         255.255.192.0   U     0      0        0 qr-e5c8842c-c2
192.168.211.0   0.0.0.0         255.255.255.0   U     0      0        0 qg-f31a26b7-25

实例的Netplan显示：

# This file is generated from information provided by the datasource.  Changes
# to it will not persist across an instance reboot.  To disable cloud-init's
# network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
network:
    version: 2
    ethernets:
        ens3:
           dhcp4: true
           match:
               macaddress: fa:16:3e:a7:9d:70
           mtu: 1450
           set-name: ens3

IP sheme 是：

  ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
   link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
   inet 127.0.0.1/8 scope host lo
      valid_lft forever preferred_lft forever
   inet6 ::1/128 scope host 
      valid_lft forever preferred_lft forever
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc 
 fq_codel state UP group default qlen 1000
    link/ether fa:16:3e:a7:9d:70 brd ff:ff:ff:ff:ff:ff
    inet 192.168.65.39/18 brd 192.168.127.255 scope global dynamic ens3
       valid_lft 85719sec preferred_lft 85719sec
     inet6 fe80::f816:3eff:fea7:9d70/64 scope link 
       valid_lft forever preferred_lft forever

来自Horizon

IP Addresses

kypo-base-net
    192.168.65.39,  192.168.211.250 

Security Groups

kypo-base-proxy-sg

        ALLOW IPv6 to ::/0
        ALLOW IPv4 icmp from 0.0.0.0/0
        ALLOW IPv4 22/tcp from 0.0.0.0/0
        ALLOW IPv4 udp from b9904736-6d8a
        ALLOW IPv4 tcp from b9904736-6d8a
        ALLOW IPv4 tcp from 73ca626b-7cfb
        ALLOW IPv4 udp from 73ca626b-7cfb
        ALLOW IPv4 to 0.0.0.0/0

Answer 1

我能够通过查明虚拟路由器 (192.168.211.1) 使用的网关与我的主机 VM (192.168.211.2) 使用的网关不同来解决问题。

kypo@kypo-virtual-machine:/etc/kolla$ ip route show
default via 192.168.211.2 dev ens33 proto dhcp 
src 192.168.211.133 metric 100

我修改了网关；

openstack subnet set --gateway 192.168.211.2 public-subnet

现在我的实例可以访问互联网了。

此配置问题的主要原因是在创建子网时我使用 auto 作为 --gateway 选项，显然它没有选择正确的网关。

Kolla Ansilble：Openstack 实例无法访问互联网或彼此

Kolla Ansilble: Openstack Instances Unable to access Internet or eachother

ping

connectivity

openstack

ansible