Centos7 Devstack [Rocky] 重启后无法联网

部署devstack-rocky版本后网络,可以 Ping 通自己的 IP,但 Ping 不同网关,ping不通同网段主机,查看网卡和ovs信息如下

解决

第一步

按造网上教程,修改br-ex,ens33的配置文件

[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
DEVICE=ens33
ONBOOT=yes
[root@localhost ~]# 

br-ex

[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-br-ex 
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=br-ex
DEVICE=br-ex
ONBOOT=yes
IPADDR=192.168.163.199
NETMASK=255.255.255.0
GATEWAY=192.168.163.2

添加路由

ip route add default via 92.168.163.2/24 dev br-ex

重启网络,发现还是不行,

进行第二步排查

恢复快照,对比重启前和重启后的ovs流表信息

重启前

[root@localhost network-scripts]# ovs-ofctl dump-flows br-ex
 cookie=0x4820e7ed3fd8443a, duration=2843.818s, table=0, n_packets=14, n_bytes=1012, priority=4,in_port="phy-br-ex",dl_vlan=2 actions=strip_vlan,NORMAL
 cookie=0x4820e7ed3fd8443a, duration=2876.726s, table=0, n_packets=33, n_bytes=3710, priority=2,in_port="phy-br-ex" actions=drop
 cookie=0x4820e7ed3fd8443a, duration=2876.755s, table=0, n_packets=2221, n_bytes=257360, priority=0 actions=NORMAL

重启后

[root@localhost network-scripts]# ovs-ofctl dump-flows br-ex

发现ovs重启后流表未下发

查看ovs数据库日志

vim /var/log/openvswitch/ovsdb-server.log

2019-09-29T02:25:46.301Z|00026|socket_util|ERR|6640:127.0.0.1: bind: Permission denied
2019-09-29T02:25:46.301Z|00027|ovsdb_jsonrpc_server|ERR|Dropped 568 log messages in last 59 seconds (most recently, 1 seconds ago) due to excessive rate
2019-09-29T02:25:46.301Z|00028|ovsdb_jsonrpc_server|ERR|ptcp:6640:127.0.0.1: listen failed: Permission denied
2019-09-29T02:26:46.678Z|00029|socket_util|ERR|Dropped 582 log messages in last 61 seconds (most recently, 2 seconds ago) due to excessive rate
2019-09-29T02:26:46.679Z|00030|socket_util|ERR|6640:127.0.0.1: bind: Permission denied
2019-09-29T02:26:46.679Z|00031|ovsdb_jsonrpc_server|ERR|Dropped 582 log messages in last 61 seconds (most recently, 2 seconds ago) due to excessive rate
2019-09-29T02:26:46.679Z|00032|ovsdb_jsonrpc_server|ERR|ptcp:6640:127.0.0.1: listen failed: Permission denied
2019-09-29T02:27:47.402Z|00033|socket_util|ERR|Dropped 581 log messages in last 60 seconds (most recently, 1 seconds ago) due to excessive rate
2019-09-29T02:27:47.402Z|00034|socket_util|ERR|6640:127.0.0.1: bind: Permission denied
2019-09-29T02:27:47.402Z|00035|ovsdb_jsonrpc_server|ERR|Dropped 581 log messages in last 60 seconds (most recently, 1 seconds ago) due to excessive rate
2019-09-29T02:27:47.402Z|00036|ovsdb_jsonrpc_server|ERR|ptcp:6640:127.0.0.1: listen failed: Permission denied
2019-09-29T02:28:46.257Z|00037|socket_util|ERR|Dropped 568 log messages in last 59 seconds (most recently, 0 seconds ago) due to excessive rate
2019-09-29T02:28:46.257Z|00038|socket_util|ERR|6640:127.0.0.1: bind: Permission denied
2019-09-29T02:28:46.257Z|00039|ovsdb_jsonrpc_server|ERR|Dropped 568 log messages in last 59 seconds (most recently, 0 seconds ago) due to excessive rate
2019-09-29T02:28:46.257Z|00040|ovsdb_jsonrpc_server|ERR|ptcp:6640:127.0.0.1: listen failed: Permission denied
2019-09-29T02:29:47.173Z|00041|socket_util|ERR|Dropped 580 log messages in last 61 seconds (most recently, 1 seconds ago) due to excessive rate
2019-09-29T02:29:47.173Z|00042|socket_util|ERR|6640:127.0.0.1: bind: Permission denied

解决办法

1.编辑vim /etc/selinux/config配置文件
2.修改 SELINUX=enforcing为SELINUX=disabled
3.关闭selinux防火墙 setenforce 0
4.重启 reboot

问题解决

小结两点经验,在 OpenStack 环境中:

  1. 无法 Ping 通同网段 IP,则检查自身 IP 地址设置。
  2. 无法 Ping 通公网,则检查自身 Route 表项设置。
  3. 能 Ping 通网关、但无法 Ping 通公网,则检查是否存在 ARP 欺诈。

参考:https://blog.csdn.net/Jmilk/article/details/89850079

posted @ 2019-09-29 11:09  mrwuzs  阅读(670)  评论(0编辑  收藏  举报