开启掘金成长之旅！这是我参与「掘金日新计划 · 2 月更文挑战」的第 12 天，点击查看活动详情

• 重启计算服务，确保计算服务没有问题

确保nova服务正常

nova-status upgrade check

• 删除虚机，再次创建

nova delete dbaa631e-cfa7-4551-b143-65583a18d1cc

openstack server create --flavor 2C2G50G --image cirros --nic net-id=95a5d7df-382c-4299-ab33-272ebd737fcb --security-group default provider-instance

• 发现了很多服务都在报错

疯狂百度bing，大概是修改文件最大传输大小：

show variables like '%max_allowed_packet%';

当前好像是4M，修改

vim /etc/my.cnf

[mysqld]
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
max_allowed_packet = 500M

• 重启数据库服务

systemctl restart mariadb.service

• 不太顶事儿，经过漫长的百度

set global wait_timeout=600; # 好像起作用了 不再玩命报错了

接着看虚机起不来的问题

修改计算节点的nova.conf

[libvirt]
virt_type = kvm

• 重启计算服务

systemctl restart libvirtd.service openstack-nova-compute.service

无效

查看dashboard发现虚机并没有绑定IP地址，可能是网络存在问题。 查看控制节点的neutron服务，报错

Failed to bind port ef1fd554-6203-4c4e-8d57-0c38f761f338 on host compute02 for vnic_type normal using segments

• 看了一下计算节点好像没有安装ml2 ml3的插件。。。

查看compute 节点，好像没有配置OVS的ini

• compute01

[ovs]  
tunnel_bridge = br-tun  
local_ip = 10.8.4.39   #隧道IP地址即管理网卡IP地址  
integration_bridge = br-int  
tenant_network_type = vxlan  
tunnel_type = vxlan  
tunnel_id_ranges = 1:1000  
enable_tunneling = true  
bridge_mappings = provider:br-ex  
prevent_arp_spoofing = true  
[agent]  
tunnel_types = vxlan
arp_responder = true
l2_population = true
[securitygroup]  
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver  
enable_security_group = true

• compute02

[ovs]  
tunnel_bridge = br-tun  
local_ip = 10.8.4.40   #隧道IP地址即管理网卡IP地址  
integration_bridge = br-int  
tenant_network_type = vxlan  
tunnel_type = vxlan  
tunnel_id_ranges = 1:1000  
enable_tunneling = true  
bridge_mappings = provider:br-ex  
prevent_arp_spoofing = true  
[agent]  
tunnel_types = vxlan
arp_responder = true
l2_population = true
[securitygroup]  
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver  
enable_security_group = true

• 发现OVS agent 没有alive

• agent识别不到的问题

• 发现最后agent的配置文件有中文，报错，虽然status是running，但是服务一直处于重启状态，修改配置文件，重启服务，bug消除。

修改租户网络类型，从vxlan 修改为vlan

修改前的ml2

[ml2]
type_drivers = flat,vlan,vxlan
tenant_network_types = vxlan
mechanism_drivers = openvswitch,l2population
extension_drivers = port_security

[ml2_type_flat]
flat_networks = provider

[securitygroup]
enable_ipset = true

[ml2_type_vxlan]
vni_ranges = 1:1000

[ml2_type_vlan]
network_vlan_ranges = default:1:4000

修改后的

[ml2]
type_drivers = flat,vlan,vxlan
tenant_network_types = vlan
mechanism_drivers = openvswitch,l2population
extension_drivers = port_security
external_network_type = flat

[ml2_type_flat]
flat_networks = physnet1

[securitygroup]
enable_ipset = true

[ml2_type_vlan]
network_vlan_ranges = default:1:4000

修改openvswitch_agent.ini，原始的

[ovs]
tunnel_bridge = br-tun
local_ip = 10.8.4.38
integration_bridge = br-int
tenant_network_type = vxlan
tunnel_type = vxlan
tunnel_id_ranges = 1:1000
enable_tunneling = true
bridge_mappings = provider:br-ex
prevent_arp_spoofing = true
[agent]
tunnel_types = vxlan
l2_population = true
[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
enable_controller01security_group = true

修改后

[agent]
tunnel_types = 
l2_population = True
[ovs]
bridge_mappings = physnet1:br-em
local_ip = 10.8.8.38
[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

systemctl restart openstack-nova-api.service
systemctl restart neutron-*

修改计算节点的openvswitch_agent.ini，原始的

[ovs]
tunnel_bridge = br-tun
local_ip = 10.8.4.39
integration_bridge = br-int
tenant_network_type = vxlan
tunnel_type = vxlan
tunnel_id_ranges = 1:1000
enable_tunneling = true
[agent]
tunnel_types = vxlan
l2_population = true
extensions = sfc
[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
enable_security_group = true

修改后

[ovs]
local_ip = 10.8.8.39
bridge_mappings = default:br-em
[agent]
tunnel_types = 
l2_population = True

[ovs]
local_ip = 10.8.8.40
bridge_mappings = default:br-em
[agent]
tunnel_types = 
l2_population = True

三节点

ovs-vsctl add-br br-em
ovs-vsctl add-port br-em storage_manage

# 控制
systemctl restart openstack-nova-compute.service
systemctl restart neutron-openvswitch-agent.service

# 计算
systemctl restart openstack-nova-api.service
systemctl restart neutron-server.service neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service

neutron net-create --provider:network_type vlan --provider:physical_network default --provider:segmentation_id 3168 vlan3168

neutron subnet-create --name vlan3168--gateway 192.168.10.254 vlan3168 192.168.10.0/24

清除一个网桥

cp ifcfg-storage_manage ifcfg-storage_manage.bak
rm -rf ifcfg-storage_manage

vi ifcfg-bond0.150


VLAN=yes
TYPE=Vlan
VLAN_ID=150
BOOTPROTO=none
NAME=bond0.150
BONDING_OPTS="mode=1 miimon=100"
DEVICE=bond0.150
ONBOOT=yes
IPADDR=10.8.8.38
PREFIX=22
GATEWAY=10.8.15.254

cp ifcfg-storage_manage ifcfg-storage_manage.bak
rm -rf ifcfg-storage_manage

vi ifcfg-bond0.150


VLAN=yes
TYPE=Vlan
VLAN_ID=150
BOOTPROTO=none
NAME=bond0.150
BONDING_OPTS="mode=1 miimon=100"
DEVICE=bond0.150
ONBOOT=yes
IPADDR=10.8.8.39
PREFIX=22
GATEWAY=10.8.15.254

cp ifcfg-storage_manage ifcfg-storage_manage.bak
rm -rf ifcfg-storage_manage
rm -rf ifcfg-bond0.150
vi ifcfg-bond0.150


VLAN=yes
TYPE=Vlan
VLAN_ID=150
BOOTPROTO=none
NAME=bond0.150
BONDING_OPTS="mode=1 miimon=100"
DEVICE=bond0.150
ONBOOT=yes
IPADDR=10.8.8.40
PREFIX=22
GATEWAY=10.8.15.254

systemctl restart network

ovs-vsctl del-br br-int
ovs-vsctl del-br br-tun
ovs-vsctl del-br br-em
ovs-vsctl add-br br-em
ovs-vsctl add-port br-em bond0.150

mkdir bak
mv ifcfg-storage_* bak/