您的位置:首页 > 运维架构

openstack中ping不通vm

2015-11-25 17:13 351 查看
ping不通vm的问题解决

ping不通vm,首先应考虑安全组规则的问题,查看安全组中是否有ICMP规则。

Even pinging the instance is not possible without an ICMP rule configured.

1 查看安全组及其规则

[root@-ctl ~]# nova secgroup-list
+--------------------------------------+---------+------------------------+
| Id | Name | Description |
+--------------------------------------+---------+------------------------+
| 262b13a5-5c70-448f-9bfe-6f0c397feaff | default | Default security group |
+--------------------------------------+---------+------------------------+
[root@-ctl ~]# . zzz/openrc_user1
[root@-ctl ~]# nova secgroup-list-rules default
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| tcp | 9903 | 9903 | 0.0.0.0/0 | |
| tcp | 22 | 22 | 0.0.0.0/0 | |
| tcp | 5813 | 5813 | 0.0.0.0/0 | |
| | | | | default |
| | | | | default |
+-------------+-----------+---------+-----------+--------------+可看出规则中没有ICMP规则
2 添加ICMP规则

[root@-ctl ~]# nova help secgroup-add-rule
usage: nova secgroup-add-rule <secgroup> <ip-proto> <from-port> <to-port>
<cidr>

Add a rule to a security group.

Positional arguments:
<secgroup> ID or name of security group.
<ip-proto> IP protocol (icmp, tcp, udp).
<from-port> Port at start of range.
<to-port> Port at end of range.
<cidr> CIDR for address range.
[root@-ctl ~]# nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| icmp | -1 | -1 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
[root@-ctl ~]# nova secgroup-list-rules default
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| tcp | 9903 | 9903 | 0.0.0.0/0 | |
| tcp | 22 | 22 | 0.0.0.0/0 | |
| tcp | 5813 | 5813 | 0.0.0.0/0 | |
| | | | | default |
| | | | | default |
| icmp | -1 | -1 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+ICMP规则已经添加进default安全组
3 ping虚拟机

[root@-ctl ~]# ping 172.21.0.65
PING 172.21.0.65 (172.21.0.65) 56(84) bytes of data.
64 bytes from 172.21.0.65: icmp_seq=1 ttl=63 time=18.9 ms
64 bytes from 172.21.0.65: icmp_seq=2 ttl=63 time=1.26 ms
^C
--- 172.21.0.65 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 1.261/10.080/18.900/8.820 ms
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签: 
相关文章推荐
新的分享
章节导航