Estou bastante perdida com essa por alguns dias e não posso me mover mais. Qualquer idéia será muito bem vinda. Minha rede privada para VMs: 10.5.5.0/24 Link externo via 192.168.22.0/24 (IP 192.168.22.1 do meu roteador)
neutron subnet-list
+--------------------------------------+------+-----------------+------------------------------------------------------+
| id | name | cidr | allocation_pools |
+--------------------------------------+------+-----------------+------------------------------------------------------+
| 7b77e45f-160f-4808-b710-f644045f8d19 | | 192.168.22.0/24 | {"start": "192.168.22.130", "end": "192.168.22.135"} |
| b783a811-98f3-4fbe-bd2d-2f7b1378a000 | | 10.5.5.0/24 | {"start": "10.5.5.2", "end": "10.5.5.254"} |
+--------------------------------------+------+-----------------+------------------------------------------------------+
neutron net-list
+--------------------------------------+---------+------------------------------------------------------+
| id | name | subnets |
+--------------------------------------+---------+------------------------------------------------------+
| 5a523463-77e6-410e-92e2-cb191418e3c5 | net1 | b783a811-98f3-4fbe-bd2d-2f7b1378a000 10.5.5.0/24 |
| efaa5928-ddca-4dbc-88a0-80dd9a95e5b8 | ext_net | 7b77e45f-160f-4808-b710-f644045f8d19 192.168.22.0/24 |
+--------------------------------------+---------+------------------------------------------------------+
nova list
+--------------------------------------+--------------+--------+------------+-------------+-------------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+--------------+--------+------------+-------------+-------------------------------+
| 6a84c26c-47c4-4b03-9bd1-fa3abd2c9ad3 | CirrOS test1 | ACTIVE | None | Running | net1=10.5.5.2, 192.168.22.131 |
+--------------------------------------+--------------+--------+------------+-------------+-------------------------------+
neutron floatingip-list
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id | fixed_ip_address | floating_ip_address | port_id |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| 4fcaa953-4fac-4459-a27e-1c2349e8f3b4 | 10.5.5.2 | 192.168.22.131 | f0d72b97-a8fa-42f0-942f-83f623c83128 |
+--------------------------------------+------------------+---------------------+--------------------------------------+
Eu posso executar ping com êxito entre VMs quando há várias execuções na rede 10.5.5.0/24, mas todas as outras comunicações internas ou externas não funcionam.
ovs-vsctl show
5d243164-aa3f-4323-aa64-64239b7f3ba2
Bridge br-int
Port "qg-85228b4f-4c"
Interface "qg-85228b4f-4c"
type: internal
Port "em1"
Interface "em1"
Port "qr-88abb9f7-6d"
Interface "qr-88abb9f7-6d"
type: internal
Port "tap9f56fceb-45"
Interface "tap9f56fceb-45"
type: internal
Port br-int
Interface br-int
type: internal
Bridge br-ex
Port "em2"
Interface "em2"
Port br-ex
Interface br-ex
type: internal
ovs_version: "1.10.2"
ip netns list
qdhcp-5a523463-77e6-410e-92e2-cb191418e3c5
qrouter-67268e5b-89bc-4c79-b698-ca3b57912371
ip netns exec qrouter-67268e5b-89bc-4c79-b698-ca3b57912371 ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:130 errors:0 dropped:0 overruns:0 frame:0
TX packets:130 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:12241 (12.2 KB) TX bytes:12241 (12.2 KB)
qg-85228b4f-4c Link encap:Ethernet HWaddr fa:16:3e:ea:3e:ff
inet addr:192.168.22.130 Bcast:192.168.22.255 Mask:255.255.255.0
inet6 addr: fe80::f816:3eff:feea:3eff/64 Scope:Link
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:1338504 errors:0 dropped:1210 overruns:0 frame:0
TX packets:138 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:105453095 (105.4 MB) TX bytes:15786 (15.7 KB)
qr-88abb9f7-6d Link encap:Ethernet HWaddr fa:16:3e:73:b1:ff
inet addr:10.5.5.1 Bcast:10.5.5.255 Mask:255.255.255.0
inet6 addr: fe80::f816:3eff:fe73:b1ff/64 Scope:Link
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:1338707 errors:0 dropped:1208 overruns:0 frame:0
TX packets:21 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:105590392 (105.5 MB) TX bytes:1642 (1.6 KB)
Conteúdo do /etc/nova/nova.conf:
[DEFAULT]
neutron_metadata_proxy_shared_secret = pass
service_neutron_metadata_proxy = true
network_api_class=nova.network.neutronv2.api.API
neutron_url=htxp://Control:9696
neutron_auth_strategy=keystone
neutron_admin_tenant_name=service
neutron_admin_username=neutron
neutron_admin_password=pass
neutron_admin_auth_url=htxp://Control:35357/v2.0
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver=nova.virt.firewall.NoopFirewallDriver
dhcpbridge_flagfile=/etc/nova/nova.conf
dhcpbridge=/usr/bin/nova-dhcpbridge
logdir=/var/log/nova
state_path=/var/lib/nova
lock_path=/var/lock/nova
force_dhcp_release=True
iscsi_helper=tgtadm
libvirt_use_virtio_for_bridges=True
connection_type=libvirt
root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf
verbose=True
ec2_private_dns_show_ip=True
api_paste_config=/etc/nova/api-paste.ini
volumes_path=/var/lib/nova/volumes
enabled_apis=ec2,osapi_compute,metadata
my_ip=192.168.22.10
vncserver_listen=192.168.22.10
vncserver_proxyclient_address=192.168.22.10
auth_protocol = http
auth_strategy=keystone
rpc_backend = nova.rpc.impl_kombu
rabbit_host = Control
rabbit_password = pass
rabbit_port = 5672
rabbit_use_ssl=false
rabbit_userid=guest
[database]
connection = mysql://nova:pass@Control/nova
[keystone_authtoken]
auth_host = Control
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = nova
admin_password = adminpass
Conteúdo do /etc/neutron/neutron.conf:
[DEFAULT]
rabbit_host = Control
rabbit_password =
rabbit_port = 5672
rabbit_use_ssl=false
rabbit_userid=guest
state_path = /var/lib/neutron
lock_path = $state_path/lock
core_plugin = neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2
api_paste_config = /etc/neutron/api-paste.ini
auth_strategy = keystone
fake_rabbit = False
notification_driver = neutron.openstack.common.notifier.rpc_notifier
neutron.services.loadbalancer.agent_scheduler.ChanceScheduler
[quotas]
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[keystone_authtoken]
auth_host = Control
admin_tenant_name = service
admin_user = neutron
admin_password =
auth_port = 35357
auth_protocol = http
auth_strategy = keystone
signing_dir = $state_path/keystone-signing
rpc_backend = neutron.openstack.common.rpc.impl_kombu
rabbit_host = Control
rabbit_port = 5672
rabbit_password =
[database]
connection = mysql://neutron:@Control/neutron
[service_providers]
service_provider=LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
Conteúdo do /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini:
[ovs]
tenant_network_type = vlan
network_vlan_ranges = physnet1:1100:2999
bridge_mappings = physnet1:br-int
[agent]
[securitygroup]
neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver
Qualquer ponteiro na direção certa será muito apreciado, depois de puxar meu cabelo por causa disso nos últimos dias.
Se vocês precisarem de qualquer outra informação, terei prazer em postar.
TIA, Matej
br-int é o brige de integração - ou seja, VM enfrentando.
Em uma configuração de rede da OS VLAN, o mapeamento da ponte física deve ser para a interface externa que tem as VLANs troncalizadas para ela.
Isso normalmente parece com algo assim:
bridge_mappings = physnet1: br-eth1