Wir haben OpenStack-Server auf zwei Server-Hosts eingerichtet, die mit einem Router und einem Switch verbunden sind. Wir haben den Switch in zwei VLANs aufgeteilt:
- VLAN2: 10.2.xx
- VLAN3: 10.3.xx
Unsere Netzwerkarchitektur umfasst von VMware erstellte Knoten:
- Controller: Verbunden mit:
- Platzierung
- nova-API
- Neutronenserver
- Blick
- Schlussstein
- Asche.
- Fünf Compute-Knoten: Jeder kommuniziert mit Nova-API und Neutron-Server und stellt auch eine Verbindung zu VLAN2 und VLAN3 her.
Die Compute-Knoten verfügen über die erforderlichen Dienste wie openstack-nova-computeund können sich mit beiden VLANs verbinden.
Ausgabe
Nach dem erfolgreichen Erstellen von Instanzen im Dashboard laufen die Instanzen einwandfrei, können sich aber nicht mit dem Netzwerk verbinden. Im Abschnitt „Netzwerk“ -> „Port“ bleibt der Status „Build“. Beim Abfragen der Protokolle ist es offensichtlich, dass der neutron-linuxbridge-agentCompute-Knoten die Instanz-NIC nicht identifizieren kann.
Relevante Protokolle
[user@controller ~]$ openstack network create --share --external \
> --provider-physical-network provider \
> --provider-network-type flat provider
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2023-09-03T14:03:35Z |
| description | |
| dns_domain | None |
| id | 9196400a-dda7-4806-b343-c0ef77abf2e6 |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| is_default | None |
| is_vlan_transparent | None |
| mtu | 1500 |
| name | provider |
| port_security_enabled | True |
| project_id | d95d6f1287f04732bd9c4c6abe87f3a5 |
| provider:network_type | flat |
| provider:physical_network | provider |
| provider:segmentation_id | None |
| qos_policy_id | None |
| revision_number | 1 |
| router:external | External |
| segments | None |
| shared | True |
| status | ACTIVE |
| subnets | |
| tags | |
| updated_at | 2023-09-03T14:03:35Z |
+---------------------------+--------------------------------------+
[user@controller ~]$ openstack subnet create --network provider \
> --allocation-pool start=10.3.4.1,end=10.3.4.128 \
> --dns-nameserver 223.5.5.5 --gateway 10.0.0.1 \
> --subnet-range 10.0.0.0/8 provider
+----------------------+--------------------------------------+
| Field | Value |
+----------------------+--------------------------------------+
| allocation_pools | 10.3.4.1-10.3.4.128 |
| cidr | 10.0.0.0/8 |
| created_at | 2023-09-03T14:03:44Z |
| description | |
| dns_nameservers | 223.5.5.5 |
| dns_publish_fixed_ip | None |
| enable_dhcp | True |
| gateway_ip | 10.0.0.1 |
| host_routes | |
| id | f77dd93b-b3dc-46b1-8386-b4a2f613f830 |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| name | provider |
| network_id | 9196400a-dda7-4806-b343-c0ef77abf2e6 |
| project_id | d95d6f1287f04732bd9c4c6abe87f3a5 |
| revision_number | 0 |
| segment_id | None |
| service_types | |
| subnetpool_id | None |
| tags | |
| updated_at | 2023-09-03T14:03:44Z |
+----------------------+--------------------------------------+
[user@controller ~]$ . admin-openrc
[user@controller ~]$ openstack port list
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------+--------+
| ID | Name | MAC Address | Fixed IP Addresses | Status |
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------+--------+
| 0b71ee0f-9ccd-43bd-a4c6-0abacfaa5be5 | | fa:16:3e:39:b2:d0 | ip_address='10.3.4.40', subnet_id='f77dd93b-b3dc-46b1-8386-b4a2f613f830' | BUILD |
| cfb73285-4add-4eb0-91ab-ac68819c47a3 | | fa:16:3e:43:1b:f8 | ip_address='10.3.4.1', subnet_id='f77dd93b-b3dc-46b1-8386-b4a2f613f830' | BUILD |
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------+--------+
[user@Compute-Node-3 ~]$ sudo nmcli d
DEVICE TYPE STATE CONNECTION
ens34 ethernet Connected ens34
ens35 ethernet Connected ens35
lo loopback Unmanaged --
Fehlerprotokolle inlinuxbridge-agent.log
OneDrive-Link fürlinuxbridge-agent.log
Netzwerkagentenliste
[user@controller ~]$ . admin-openrc
[user@controller ~]$ openstack network agent list
+--------------------------------------+--------------------+-----------------+-------------------+-------+-------+---------------------------+
| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
+--------------------------------------+--------------------+-----------------+-------------------+-------+-------+---------------------------+
| 18b075eb-d309-40f2-971a-000242a65025 | Linux bridge agent | network-service | None | :-) | UP | neutron-linuxbridge-agent |
| 4c347266-16a0-4aa3-a9df-830224736185 | Metadata agent | network-service | None | :-) | UP | neutron-metadata-agent |
| 62e12e3e-fcd4-4b78-be16-a60d881cc5f2 | Linux bridge agent | Compute-Node-4 | None | :-) | UP | neutron-linuxbridge-agent |
| 95cbadbd-ec54-42f4-96c7-81ce1f0ddbd4 | Linux bridge agent | Compute-Node-5 | None | :-) | UP | neutron-linuxbridge-agent |
| b4430f05-80d7-49ea-83fe-2e14db97da67 | DHCP agent | network-service | nova | :-) | UP | neutron-dhcp-agent |
| d3fe4062-30bb-4fb5-9618-0d07877142c3 | Linux bridge agent | Compute-Node-3 | None | :-) | UP | neutron-linuxbridge-agent |
| e90f054c-e2a8-4c87-a986-7f01a365912b | Linux bridge agent | Compute-Node-2 | None | :-) | UP | neutron-linuxbridge-agent |
| f3cc749d-5e40-42ad-b103-11b9657aee16 | Linux bridge agent | Compute-Node-1 | None | :-) | UP | neutron-linuxbridge-agent |
+--------------------------------------+--------------------+-----------------+-------------------+-------+-------+---------------------------+
neutron.conf im Netzwerkknoten
[database]
connection = mysql+pymysql://neutron:********@10.2.3.1/neutron
[DEFAULT]
core_plugin = ml2
service_plugins =
transport_url = rabbit://openstack:********@10.2.3.1
auth_strategy = keystone
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true
[keystone_authtoken]
www_authenticate_uri = http://10.2.3.4:5000
auth_url = http://10.2.3.4:5000
memcached_servers = 10.2.3.1:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = *******
[nova]
auth_url = http://10.2.3.4:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = admin
username = nova
password = *******
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
neutron.conf im Compute-Knoten
[DEFAULT]
transport_url = rabbit://openstack:********@10.2.3.1
auth_strategy = keystone
[cache]
[cors]
[database]
[healthcheck]
[keystone_authtoken]
www_authenticate_uri = http://10.2.3.4:5000
auth_url = http://10.2.3.4:5000
memcached_servers = 10.2.3.1:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = ********
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_policy]
[privsep]
[profiler]
[ssl]
linuxbridge_agent.ini: Anbieternetzwerk (Option 1 in den offiziellen Leitlinien)
[DEFAULT]
[linux_bridge]
physical_interface_mappings = provider:ens34
[vxlan]
enable_vxlan = false
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
neutron-server.logim Netzwerkknoten
2023-09-03 22:03:35.100 64478 WARNING neutron.services.revisions.revision_plugin [req-8891ef64-0e90-47c8-aea4-03cd8f70c1c9 f39040c33d3b4e09bcad1e305b9b02e7 d95d6f1287f04732bd9c4c6abe87f3a5 - default default] Could not find related network for resource <neutron.db.rbac_db_models.NetworkRBAC[object at 7f235c0d1fd0] {project_id='d95d6f1287f04732bd9c4c6abe87f3a5', id='36c749a5-591d-41a7-840a-d834c8fc9f6c', target_project='*', action='access_as_shared', object_id='9196400a-dda7-4806-b343-c0ef77abf2e6'}> to bump revision.
2023-09-03 22:03:35.160 64478 INFO neutron.db.segments_db [req-8891ef64-0e90-47c8-aea4-03cd8f70c1c9 f39040c33d3b4e09bcad1e305b9b02e7 d95d6f1287f04732bd9c4c6abe87f3a5 - default default] Added segment 78d46700-7f55-47df-a124-5ee0cd3c7da4 of type flat for network 9196400a-dda7-4806-b343-c0ef77abf2e6
2023-09-03 22:03:35.387 64478 INFO neutron.wsgi [req-8891ef64-0e90-47c8-aea4-03cd8f70c1c9 f39040c33d3b4e09bcad1e305b9b02e7 d95d6f1287f04732bd9c4c6abe87f3a5 - default default] 10.2.3.1 "POST /v2.0/networks HTTP/1.1" status: 201 len: 830 time: 0.6657691
2023-09-03 22:03:44.096 64479 INFO neutron.pecan_wsgi.hooks.translation [req-71c84e97-f4f5-4617-9b41-3f3e8e66c4cb f39040c33d3b4e09bcad1e305b9b02e7 d95d6f1287f04732bd9c4c6abe87f3a5 - default default] GET failed (client error): The resource could not be found.
2023-09-03 22:03:44.098 64479 INFO neutron.wsgi [req-71c84e97-f4f5-4617-9b41-3f3e8e66c4cb f39040c33d3b4e09bcad1e305b9b02e7 d95d6f1287f04732bd9c4c6abe87f3a5 - default default] 10.2.3.1 "GET /v2.0/networks/provider HTTP/1.1" status: 404 len: 316 time: 0.4845898
2023-09-03 22:03:44.212 64479 INFO neutron.wsgi [req-6ed45ac2-0f25-4ba4-a191-dd931c4d7f80 f39040c33d3b4e09bcad1e305b9b02e7 d95d6f1287f04732bd9c4c6abe87f3a5 - default default] 10.2.3.1 "GET /v2.0/networks?name=provider HTTP/1.1" status: 200 len: 828 time: 0.1054440
2023-09-03 22:03:44.741 64479 INFO neutron.wsgi [req-73a13804-ebe5-49a9-aa1d-3413dcea6867 f39040c33d3b4e09bcad1e305b9b02e7 d95d6f1287f04732bd9c4c6abe87f3a5 - default default] 10.2.3.1 "POST /v2.0/subnets HTTP/1.1" status: 201 len: 817 time: 0.5180576
2023-09-03 22:03:47.977 64480 INFO neutron.plugins.ml2.plugin [req-79bc1d89-40f3-4e51-9459-7cb081b44cdc - - - - -] Attempt 1 to provision port cfb73285-4add-4eb0-91ab-ac68819c47a3
2023-09-03 22:03:48.661 64480 INFO neutron.plugins.ml2.plugin [req-40955894-03d8-4a72-a41e-68c61c07f92f - - - - -] Attempt 1 to provision port cfb73285-4add-4eb0-91ab-ac68819c47a3