openstack中ping不通vm

本文主要是介绍openstack中ping不通vm，希望对大家解决编程问题提供一定的参考价值，需要的开发者们随着小编来一起学习吧！

ping不通vm的问题解决

ping不通vm，首先应考虑安全组规则的问题，查看安全组中是否有ICMP规则。

Even pinging the instance is not possible without an ICMP rule configured.

1 查看安全组及其规则

[root@-ctl ~]# nova secgroup-list
+--------------------------------------+---------+------------------------+
| Id                                   | Name    | Description            |
+--------------------------------------+---------+------------------------+
| 262b13a5-5c70-448f-9bfe-6f0c397feaff | default | Default security group |
+--------------------------------------+---------+------------------------+
[root@-ctl ~]# . zzz/openrc_user1
[root@-ctl ~]# nova secgroup-list-rules default
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range  | Source Group |
+-------------+-----------+---------+-----------+--------------+
| tcp         | 9903      | 9903    | 0.0.0.0/0 |              |
| tcp         | 22        | 22      | 0.0.0.0/0 |              |
| tcp         | 5813      | 5813    | 0.0.0.0/0 |              |
|             |           |         |           | default      |
|             |           |         |           | default      |
+-------------+-----------+---------+-----------+--------------+

可看出规则中没有ICMP规则

2 添加ICMP规则

[root@-ctl ~]# nova help secgroup-add-rule
usage: nova secgroup-add-rule <secgroup> <ip-proto> <from-port> <to-port><cidr>Add a rule to a security group.Positional arguments:<secgroup>   ID or name of security group.<ip-proto>   IP protocol (icmp, tcp, udp).<from-port>  Port at start of range.<to-port>    Port at end of range.<cidr>       CIDR for address range.
[root@-ctl ~]#  nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range  | Source Group |
+-------------+-----------+---------+-----------+--------------+
| icmp        | -1        | -1      | 0.0.0.0/0 |              |
+-------------+-----------+---------+-----------+--------------+
[root@-ctl ~]# nova secgroup-list-rules default
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range  | Source Group |
+-------------+-----------+---------+-----------+--------------+
| tcp         | 9903      | 9903    | 0.0.0.0/0 |              |
| tcp         | 22        | 22      | 0.0.0.0/0 |              |
| tcp         | 5813      | 5813    | 0.0.0.0/0 |              |
|             |           |         |           | default      |
|             |           |         |           | default      |
| icmp        | -1        | -1      | 0.0.0.0/0 |              |
+-------------+-----------+---------+-----------+--------------+

ICMP规则已经添加进default安全组

3 ping虚拟机

[root@-ctl ~]# ping 172.21.0.65
PING 172.21.0.65 (172.21.0.65) 56(84) bytes of data.
64 bytes from 172.21.0.65: icmp_seq=1 ttl=63 time=18.9 ms
64 bytes from 172.21.0.65: icmp_seq=2 ttl=63 time=1.26 ms
^C
--- 172.21.0.65 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 1.261/10.080/18.900/8.820 ms

这篇关于openstack中ping不通vm的文章就介绍到这儿，希望我们推荐的文章对编程师们有所帮助！

---