CL210OpenStack操作的故障排除--章节实验
🎹 个人简介:大家好,我是 金鱼哥,CSDN运维领域新星创作者,华为云·云享专家,阿里云社区·专家博主
📚个人资质: CCNA、HCNP、CSNA(网络分析师),软考初级、中级网络工程师、RHCSA、RHCE、RHCA、RHCI、ITIL😜
💬格言:努力不一定成功,但要想成功就必须努力🔥🎈支持我:可点赞👍、可收藏⭐️、可留言📝
- 解决OpenStack中的身份验证问题
- 搜索日志文件以帮助描述问题的性质
- 解决OpenStack中的消息传递问题
- 解决OpenStack内的网络问题
[student@workstation ~]$ lab troubleshooting-review setup
Setting up workstation for lab exercise work:
• Verifying project: production............................... SUCCESS
• Creating user env file: operator1-production-rc............. SUCCESS
• Creating user env file: architect1-production-rc............ SUCCESS
• Creating keypair: example-keypair........................... SUCCESS
. Creating flavor: default.................................... SUCCESS
. Creating image: rhel7....................................... SUCCESS
. Creating image: production-rhel7............................ SUCCESS
. Creating internal network: production-network1.............. SUCCESS
. Creating subnet: production-subnet1......................... SUCCESS
. Creating external network: provider-datacentre.............. SUCCESS
. Creating router: production-router1......................... SUCCESS
. Deleting security group: production-web..................... SUCCESS
. Creating security group: production-web..................... SUCCESS
. Cleanup volumes: ........................................... SUCCESS
📜1. 作为production项目中的operator1用户,删除名为production-rhel7的现有镜像。
解决任何问题。
[student@workstation ~]$ source operator1-production-rc
[student@workstation ~(operator1-production)]$ openstack image list
+--------------------------------------+------------------+--------+
| ID | Name | Status |
+--------------------------------------+------------------+--------+
| bf6275ee-3fba-4a92-bb15-dfa7ac8b296b | hci-image | active |
| ec9473de-4048-4ebb-b08a-a9be619477ac | octavia-amphora | active |
| 158a6eb6-ee7e-41bc-896f-f5a7e5c09091 | production-rhel7 | active |
| 6b0128a9-4481-4ceb-b34e-ffe92e0dcfdd | rhel7 | active |
| 5f7f8208-33b5-4f17-8297-588f938182c0 | rhel7-db | active |
| 14b7e8b2-7c6d-4bcf-b159-1e4e7582107c | rhel7-web | active |
+--------------------------------------+------------------+--------+
[student@workstation ~(operator1-production)]$ openstack image delete production-rhel7
Failed to delete image with name or ID 'production-rhel7': 403 Forbidden: Image 158a6eb6-ee7e-41bc-896f-f5a7e5c09091 is protected and cannot be deleted. (HTTP 403)
Failed to delete 1 of 1 images.
[student@workstation ~(operator1-production)]$ openstack image set --unprotected production-rhel7
[student@workstation ~(operator1-production)]$ openstack image delete production-rhel7
📜2. 加载/home/student/architect1-production-rc环境文件。运行lab troubleshooting-review break命令来设置实验练习的下一部分。
[student@workstation ~(operator1-production)]$ source architect1-production-rc
[student@workstation ~(architect1-production)]$ lab troubleshooting-review break
Breaking the environment:
. lab exercise part 1: ....................................... SUCCESS
. lab exercise part 2: ....................................... SUCCESS
. lab exercise part 3: ....................................... SUCCESS
. lab exercise part 4: ....................................... SUCCESS
📜3. 加载/home/student/operator1-production-rc环境文件,然后列出所有OpenStack镜像。解决任何问题。
[student@workstation ~(architect1-production)]$ source operator1-production-rc
[student@workstation ~(operator1-production)]$ openstack image list
Failed to discover available identity versions when contacting http://172.25.251.50:5000/v3. Attempting to parse version from URL.
Unable to establish connection to http://172.25.251.50:5000/v3/auth/tokens: HTTPConnectionPool(host='172.25.251.50', port=5000): Max retries exceeded with url: /v3/auth/tokens (Caused by NewConnectionError('<requests.packages.urllib3.connection.HTTPConnection object at 0x7f1a5b67c410>: Failed to establish a new connection: [Errno 101] Network is unreachable',))
📑3.2 发生此错误是因为OpenStack无法对operator1用户进行身份验证。
当用户的环境文件包含不正确的信息时,就会发生这种情况。登录到controller0。在/var/lib/config-data/puppet-generated/haproxy/etc/haproxy/haproxy.cfg中搜索listen keystone_public。第二个IP地址必须在环境文件中使用。完成后,从控制器节点注销。
[heat-admin@controller0 ~]$ sudo cat /var/lib/config-data/puppet-generated/haproxy/etc/haproxy/haproxy.cfg | grep keystone
listen keystone_admin
listen keystone_public
[heat-admin@controller0 ~]$ sudo cat /var/lib/config-data/puppet-generated/haproxy/etc/haproxy/haproxy.cfg | grep keystone_public -A 5
listen keystone_public
bind 172.24.1.50:5000 transparent
bind 172.25.250.50:5000 transparent
mode http
http-request set-header X-Forwarded-Proto https if { ssl_fc }
http-request set-header X-Forwarded-Proto http if !{ ssl_fc }
📑3.3 将HAProxy中的IP地址与环境文件中的OS_AUTH URL变量进行比较。
如果需要,更新环境文件以匹配。
[student@workstation ~(operator1-production)]$ cat operator1-production-rc
unset OS_SERVICE_TOKEN
export OS_AUTH_URL=http://172.25.251.50:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_PASSWORD=redhat
export OS_PROJECT_DOMAIN_NAME=Default
export OS_PROJECT_NAME=production
export OS_REGION_NAME=regionOne
export OS_USERNAME=operator1
export OS_USER_DOMAIN_NAME=Example
export PS1='[\u@\h \W(operator1-production)]\$ '
[student@workstation ~(operator1-production)]$ vim operator1-production-rc
[student@workstation ~(operator1-production)]$ cat operator1-production-rc
unset OS_SERVICE_TOKEN
export OS_AUTH_URL=http://172.25.250.50:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_PASSWORD=redhat
export OS_PROJECT_DOMAIN_NAME=Default
export OS_PROJECT_NAME=production
export OS_REGION_NAME=regionOne
export OS_USERNAME=operator1
export OS_USER_DOMAIN_NAME=Example
export PS1='[\u@\h \W(operator1-production)]\$ '
📑3.4 加载/home/student/operator1-production-rc文件。使用openstack image list命令来确保OS_AUTH_URL选项是正确的。
[student@workstation ~(operator1-production)]$ source operator1-production-rc
[student@workstation ~(operator1-production)]$ openstack image list
+--------------------------------------+-----------------+--------+
| ID | Name | Status |
+--------------------------------------+-----------------+--------+
| bf6275ee-3fba-4a92-bb15-dfa7ac8b296b | hci-image | active |
| ec9473de-4048-4ebb-b08a-a9be619477ac | octavia-amphora | active |
| 6b0128a9-4481-4ceb-b34e-ffe92e0dcfdd | rhel7 | active |
| 5f7f8208-33b5-4f17-8297-588f938182c0 | rhel7-db | active |
| 14b7e8b2-7c6d-4bcf-b159-1e4e7582107c | rhel7-web | active |
+--------------------------------------+-----------------+--------+
📜4. 使用下表中的设置创建一个名为production-web1的新服务器实例。此操作将失败。解决任何问题。
📑4.1 创建一个新的服务器实例。
[student@workstation ~(operator1-production)]$ openstack server create --flavor default --image rhel7 --key-name example-keypair --nic net-id=production-network1 --security-group production-web --wait production-web1
Error creating server: production-web1
Error creating server
📑4.2 此错误是由计算服务的问题造成的。列出计算服务。
首先获取/home/student/architect1-production-rc环境文件。因为operator1没有直接与计算服务交互的权限。
[student@workstation ~(operator1-production)]$ source architect1-production-rc
[student@workstation ~(architect1-production)]$ openstack compute service list -c Binary -c Host -c Status
+------------------+-----------------------------------+----------+
| Binary | Host | Status |
+------------------+-----------------------------------+----------+
| nova-conductor | controller0.overcloud.example.com | enabled |
| nova-compute | compute1.overcloud.example.com | disabled |
| nova-compute | computehci0.overcloud.example.com | enabled |
| nova-compute | compute0.overcloud.example.com | disabled |
| nova-consoleauth | controller0.overcloud.example.com | enabled |
| nova-scheduler | controller0.overcloud.example.com | enabled |
+------------------+-----------------------------------+----------+
📑4.3 在compute0和compute1上启用nova-compute服务。
[student@workstation ~(architect1-production)]$ openstack compute service set --enable compute0.overcloud.example.com nova-compute
[student@workstation ~(architect1-production)]$ openstack compute service set --enable compute1.overcloud.example.com nova-compute
📑4.4 验证nova-compute服务的状态。
[student@workstation ~(architect1-production)]$ openstack compute service list -c Binary -c Host -c Status
+------------------+-----------------------------------+---------+
| Binary | Host | Status |
+------------------+-----------------------------------+---------+
| nova-conductor | controller0.overcloud.example.com | enabled |
| nova-compute | compute1.overcloud.example.com | enabled |
| nova-compute | computehci0.overcloud.example.com | enabled |
| nova-compute | compute0.overcloud.example.com | enabled |
| nova-consoleauth | controller0.overcloud.example.com | enabled |
| nova-scheduler | controller0.overcloud.example.com | enabled |
+------------------+-----------------------------------+---------+
📑4.5 加载/home/student/operator1-production-rc环境文件,删除失败的实例,然后尝试再次创建实例。
[student@workstation ~(architect1-production)]$ source operator1-production-rc
[student@workstation ~(operator1-production)]$ openstack server delete production-web1
[student@workstation ~(operator1-production)]$ openstack server list
[student@workstation ~(operator1-production)]$ openstack server create --flavor default --image rhel7 --key-name example-keypair --nic net-id=production-network1 --security-group production-web --wait production-web1
📜5. 创建一个浮动IP地址并将其分配给实例。解决任何问题。
📑5.1 创建一个浮动IP地址。
[student@workstation ~(operator1-production)]$ openstack network list
+--------------------------------------+---------------------+--------------------------+
| ID | Name | Subnets
+--------------------------------------+---------------------+--------------------------+
| 4e13e6cd-d6fe-4112-b661-3bd55601437b | provider1-104 | 9b3d6f10-9822-4b14-adf6-428743c5fe93 |
| d454dc07-a0ee-420f-a83b-abf21f16ee47 | provider2-104 | 5d1965cf-60ea-4a7a-9043-c3023eccaecb |
| d55f6d1e-c29e-4825-8de4-01dd95f8a220 | provider-storage | 6e5af9b0-67ef-4e1e-9eda-7d6633091d11 |
| e14d713e-c1f5-4800-8543-713563d7e82e | production-network1 | f0c54c6a-5094-4386-9e97-b8564ba31a93 |
| e3cdf977-8faf-43cd-bc31-a854d6f4772d | provider1-103 | c241052b-3b4b-457e-ab20-9f08dfb3fddd |
| fc5472ee-98d9-4f6b-9bc9-544ca18aefb3 | provider-datacentre | 30c03fa5-0897-426a-8c81-75cf9cc333f1 |
+--------------------------------------+---------------------+--------------------------+
[student@workstation ~(operator1-production)]$ openstack floating ip create provider-datacentre
+---------------------+--------------------------------------+
| Field | Value |
+---------------------+--------------------------------------+
| created_at | 2020-11-06T15:51:00Z |
| description | |
| fixed_ip_address | None |
| floating_ip_address | 172.25.250.104 |
| floating_network_id | fc5472ee-98d9-4f6b-9bc9-544ca18aefb3 |
| id | b89de633-8085-4c41-9e32-1f752482fdea |
| name | 172.25.250.104 |
| port_id | None |
| project_id | 294ad7735e6646d7bb908e32de8582c3 |
| qos_policy_id | None |
| revision_number | 0 |
| router_id | None |
| status | DOWN |
| subnet_id | None |
| updated_at | 2020-11-06T15:51:00Z |
+---------------------+--------------------------------------+
[student@workstation ~(operator1-production)]$ openstack server add floating ip production-web1 172.25.250.104
Unable to associate floating IP 172.25.250.104 to fixed IP 192.168.1.7 for instance 46f2361a-0125-4faa-bede-9965e320ac17. Error: External network fc5472ee-98d9-4f6b-9bc9-544ca18aefb3 is not reachable from subnet f0c54c6a-5094-4386-9e97-b8564ba31a93. Therefore, cannot associate Port 2288555a-a593-448e-be8c-933f3872c336 with a Floating IP.
Neutron server returns request_ids: ['req-3b63220b-3169-4c4a-a6bc-bbc641806a73'] (HTTP 400) (Request-ID: req-d28d8344-6d53-494b-bc20-19e33f0aa5d8)
发生此错误消息的原因是外部网络没有连接到作为production-network1网络的网关的路由器。
📑5.2 将production-router1连接到provider-datacentre外部网络。
[student@workstation ~(operator1-production)]$ openstack router list
+--------------------------------------+--------------------+--------+-------+-------------+-------+----------------------------------+
| ID | Name | Status | State | Distributed | HA | Project |
+--------------------------------------+--------------------+--------+-------+-------------+-------+----------------------------------+
| 6eb09139-5ea4-4e92-96e9-21db11b5c13d | production-router1 | ACTIVE | UP | False | False | 294ad7735e6646d7bb908e32de8582c3 |
+--------------------------------------+--------------------+--------+-------+-------------+-------+----------------------------------+
[student@workstation ~(operator1-production)]$ openstack router set --external-gateway provider-datacentre production-router1
[student@workstation ~(operator1-production)]$ openstack router show production-router1 --max-width 80
+-------------------------+----------------------------------------------------+
| Field | Value |
+-------------------------+----------------------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | None |
| availability_zones | None |
| created_at | 2020-10-30T01:51:35Z |
| description | |
| distributed | False |
| external_gateway_info | {"network_id": "fc5472ee-98d9-4f6b- |
| | 9bc9-544ca18aefb3", "enable_snat": true, |
| | "external_fixed_ips": [{"subnet_id": |
| | "30c03fa5-0897-426a-8c81-75cf9cc333f1", |
| | "ip_address": "172.25.250.103"}]} |
| flavor_id | None |
| ha | False |
| id | 6eb09139-5ea4-4e92-96e9-21db11b5c13d |
| interfaces_info | [{"subnet_id": |
| | "f0c54c6a-5094-4386-9e97-b8564ba31a93", |
| | "ip_address": "192.168.1.1", "port_id": |
| | "dacde800-3401-4f16-a773-e10db1be46f2"}] |
| name | production-router1 |
| project_id | 294ad7735e6646d7bb908e32de8582c3 |
| revision_number | 8 |
| routes | |
| status | ACTIVE |
| tags | |
| updated_at | 2020-11-06T15:57:25Z |
+-------------------------+----------------------------------------------------+
📑5.3 将浮动IP地址附加到实例。验证实例已被分配浮动IP地址。
[student@workstation ~(operator1-production)]$ openstack server add floating ip production-web1 172.25.250.104
[student@workstation ~(operator1-production)]$ openstack server list -c Name -c Networks
+-----------------+-------------------------------------------------+
| Name | Networks |
+-----------------+-------------------------------------------------+
| production-web1 | production-network1=192.168.1.7, 172.25.250.104 |
+-----------------+-------------------------------------------------+
📜6. 尝试使用SSH登录到production-web1。解决任何问题。
📑6.1 尝试使用SSH登录到实例。
[student@workstation ~(operator1-production)]$ ssh cloud-user@172.25.250.104
ssh: connect to host 172.25.250.104 port 22: Connection timed out
📑6.2 查明实例正在使用哪个安全组,然后列出该安全组中的规则。
[student@workstation ~(operator1-production)]$ openstack server show production-web1 --max-width 80
+-----------------------------+------------------------------------------------+
| Field | Value |
+-----------------------------+------------------------------------------------+
…………
| security_groups | name='production-web'
…………
[student@workstation ~(operator1-production)]$ openstack security group rule list production-web
+--------------------------------------+-------------+----------+------------+-----------------------+
| ID | IP Protocol | IP Range | Port Range | Remote Security Group |
+--------------------------------------+-------------+----------+------------+-----------------------+
| 0240476d-364c-4824-b007-f41be9127050 | None | None | | None |
| 69523104-6905-4bf2-a253-17f744e9c33a | None | None | | None |
+--------------------------------------+-------------+----------+------------+-----------------------+
注意,没有规则允许SSH访问实例。
📑6.3 创建允许SSH访问的安全组规则。
[student@workstation ~(operator1-production)]$ openstack security group rule create --protocol tcp --dst-port 22:22 production-web
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| created_at | 2020-11-06T16:08:55Z |
| description | |
| direction | ingress |
| ether_type | IPv4 |
| id | a9c1c08f-e4a1-492b-a32b-5d32d03aa84f |
| name | None |
| port_range_max | 22 |
| port_range_min | 22 |
| project_id | 294ad7735e6646d7bb908e32de8582c3 |
| protocol | tcp |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 0 |
| security_group_id | a4c22f79-381b-4f1e-ae0d-4d7d6b2b90f6 |
| updated_at | 2020-11-06T16:08:55Z |
+-------------------+--------------------------------------+
📑6.4 再次尝试登录到实例。
[student@workstation ~(operator1-production)]$ ssh cloud-user@172.25.250.104
Warning: Permanently added '172.25.250.104' (ECDSA) to the list of known hosts.
[cloud-user@production-web1 ~]$
📜7. 创建一个1 GB的卷,名为production-volume1。验证卷状态。解决任何问题。
在/home/heat-admin/overcloudrc上的controller0上使用管理用户的环境文件。
📑7.1 创建卷。
[student@workstation ~(operator1-production)]$ openstack volume create --size 1 production-volume1
+---------------------+-----------------------------------------------------------------+
| Field | Value
+---------------------+-----------------------------------------------------------------+
| attachments | []
| availability_zone | nova
| bootable | false
| consistencygroup_id | None
| created_at | 2020-11-06T16:12:49.000000
| description | None
| encrypted | False
| id | 49c32962-43d9-4149-be11-c34db6ce80c1
| multiattach | False
| name | production-volume1
| properties |
| replication_status | None
| size | 1
| snapshot_id | None
| source_volid | None
| status | creating
| type | None
| updated_at | None
| user_id | ac8f19029cdf35fa7083687862bf1235d5a10f5b98632be09d323616c640985e
+---------------------+-----------------------------------------------------------------+
📑7.2 确定production-volume1的状态。
[student@workstation ~(operator1-production)]$ openstack volume list
+--------------------------------------+--------------------+----------+------+-------------+
| ID | Name | Status | Size | Attached to |
+--------------------------------------+--------------------+----------+------+-------------+
| 49c32962-43d9-4149-be11-c34db6ce80c1 | production-volume1 | creating | 1 | |
+--------------------------------------+--------------------+----------+------+-------------+
📑7.3 作为heat-admin登录到controller0,然后检查块存储调度程序服务的日志文件。
[root@controller0 ~]# less /var/log/containers/cinder/cinder-scheduler.log
2020-11-06 15:31:19.445 1 ERROR oslo.messaging._drivers.impl_rabbit [req-c09dcb27-84dd-468d-add8-a83d1f773807 - - - - -] Unable to connect to AMQP server on controller0.internalapi.overcloud.example.com:5672 after None tries: (0, 0): (403) ACCESS_REFUSED - Login was refused using authentication mechanism AMQPLAIN. For details see the broker logfile.: AccessRefused: (0, 0): (403) ACCESS_REFUSED - Login was refused using authentication mechanism AMQPLAIN. For details see the broker logfile.
2020-11-06 15:31:19.446 1 ERROR oslo_service.service [req-c09dcb27-84dd-468d-add8-a83d1f773807 - - - - -] Error starting thread.: MessageDeliveryFailure: Unable to connect to AMQP server on controller0.internalapi.overcloud.example.com:5672 after None tries: (0, 0): (403) ACCESS_REFUSED - Login was refused using authentication mechanism AMQPLAIN. For details see the broker logfile.
以上重复的错误表明块存储调度程序服务无法验证到RabbitMQ
📑7.4 检查块存储卷服务日志文件是否有错误。
[root@controller0 ~]# less /var/log/containers/cinder/cinder-volume.log
2020-11-06 16:01:17.532 203970 ERROR oslo.messaging._drivers.impl_rabbit [req-e2acf449-17cc-4e9d-a79c-1ad2695a0876 - - - - -] Unable to connect to AMQP server on controller0.internalapi.overcloud.example.com:5672 after None tries: (0, 0): (403) ACCESS_REFUSED - Login was refused using authentication mechanism AMQPLAIN. For details see the broker logfile.: AccessRefused: (0, 0): (403) ACCESS_REFUSED - Login was refused using authentication mechanism AMQPLAIN. For details see the broker logfile.
2020-11-06 16:01:17.532 203970 ERROR oslo_service.service [req-e2acf449-17cc-4e9d-a79c-1ad2695a0876 - - - - -] Error starting thread.: MessageDeliveryFailure: Unable to connect to AMQP server on controller0.internalapi.overcloud.example.com:5672 after None tries: (0, 0): (403) ACCESS_REFUSED - Login was refused using authentication mechanism AMQPLAIN. For details see the broker logfile.
上面的错误表明卷服务也无法验证到RabbitMQ
📑7.5 加载/home/heat-admin/overcloudrc环境文件,然后确定卷服务的状态。
(overcloud) [heat-admin@controller0 ~]$ openstack volume service list -c Binary -c Host -c Status -c State
+------------------+------------------------+---------+-------+
| Binary | Host | Status | State |
+------------------+------------------------+---------+-------+
| cinder-scheduler | controller0 | enabled | down |
| cinder-volume | hostgroup@tripleo_ceph | enabled | down |
+------------------+------------------------+---------+-------+
📑7.6 使用docker exec命令列出RabbitMQ用户。
[root@controller0 ~]# docker exec -it rabbitmq-bundle-docker-0 rabbitmqctl list_users
Listing users
guest [administrator]
唯一的非管理用户是guest
📑7.7 研究块服务配置文件。定位transport_url选项。
[root@controller0 ~]# grep ^transport_url /var/lib/config-data/puppet-generated/cinder/etc/cinder/cinder.conf
transport_url=rabbit://change_me:V6VpJgBNvThefbnRyE3xx9sag@controller0.internalapi.overcloud.example.com:5672/?ssl=0
transport_url=rabbit://change_me:V6VpJgBNvThefbnRyE3xx9sag@controller0.internalapi.overcloud.example.com:5672/?ssl=0
URL的用户部分设置为change_me,它不作为RabbitMQ用户存在。
📑7.8 将两个transport_url选项中的用户名更改为guest。
重新启动openstack-cinder-volume Pacemaker资源,以及cinder_scheduler容器服务。
[root@controller0 ~]# vim !$
vim /var/lib/config-data/puppet-generated/cinder/etc/cinder/cinder.conf
[root@controller0 ~]# grep ^transport_url /var/lib/config-data/puppet-generated/cinder/etc/cinder/cinder.conf
transport_url=rabbit://guest:V6VpJgBNvThefbnRyE3xx9sag@controller0.internalapi.overcloud.example.com:5672/?ssl=0
transport_url=rabbit://guest:V6VpJgBNvThefbnRyE3xx9sag@controller0.internalapi.overcloud.example.com:5672/?ssl=0
[root@controller0 ~]# pcs resource restart openstack-cinder-volume
openstack-cinder-volume successfully restarted
[root@controller0 ~]# docker restart cinder_scheduler
cinder_scheduler
📑7.9 在workstation上,删除不正确的卷并重新创建它。验证它已被正确地创建。
[student@workstation ~(operator1-production)]$ openstack volume delete production-volume1
[student@workstation ~(operator1-production)]$ openstack volume create --size 1 production-volume1
+---------------------+-----------------------------------------------------------------+
| Field | Value
+---------------------+-----------------------------------------------------------------+
| attachments | []
| availability_zone | nova
| bootable | false
| consistencygroup_id | None
| created_at | 2020-11-06T16:25:23.000000
| description | None
| encrypted | False
| id | 4c1aa84c-9533-443c-9dc8-3f8bebe652d6
| multiattach | False
| name | production-volume1
| properties |
| replication_status | None
| size | 1
| snapshot_id | None
| source_volid | None
| status | creating
| type | None
| updated_at | None
| user_id | ac8f19029cdf35fa7083687862bf1235d5a10f5b98632be09d323616c640985e
+---------------------+-----------------------------------------------------------------+
[student@workstation ~(operator1-production)]$ openstack volume list
+--------------------------------------+--------------------+-----------+------+-------------+
| ID | Name | Status | Size | Attached to |
+--------------------------------------+--------------------+-----------+------+-------------+
| 4c1aa84c-9533-443c-9dc8-3f8bebe652d6 | production-volume1 | available | 1 | |
+--------------------------------------+--------------------+-----------+------+-------------+
📜评分脚本
[student@workstation ~]$ lab troubleshooting-review grade
Grading the student's work on workstation:
. Confirming image has been deleted: production-rhel7......... PASS
. Checking /home/student/operator1-production-rc:............. PASS
. Confirming that production-router1 is properly configured: . PASS
. Confirming server exists: production-web1................... PASS
. Retrieving instance floating IP: ........................... PASS
. Checking whether ssh access to the instance works: ......... PASS
. Ensuring volume has been created: production-volume1........ PASS
Overall lab grade.............................................. PASS
📜清除实验
[student@workstation ~]$ lab troubleshooting-review cleanup
💡总结
- openstack客户端命令包括一个 --debug选项,它允许您查看请求和响应的有效负载。还可以使用--log-file选项将输出记录到文件中,以便稍后进行分析。
- 网络问题可能需要在物理层或SDN层进行故障排除。用于网络故障诊断的常见命令包括ip link show、tcpdump和ovs-vsctl。
- OVN使用OpenFlow规则实现其所有函数。这些规则可能很难驾驭; ovn-trace和ovs-appctl proto/trace命令允许管理员跟踪具有一组给定属性的包的路径。
- 计算调度器组件根据算法选择计算节点。默认情况下,该算法通过一组过滤器传递所有节点列表,该过滤器删除无效节点,然后从剩余节点中进行选择。no valid host错误意味着计算调度器没有标识可以提供实例所需资源的计算节点。
- 要使用浮动IP地址访问实例,必须使用路由器连接与该浮动IP地址相关联的外部网络和实例所连接的内部网络。
- 镜像可以被保护,以防止意外删除。
- 要在启动实例时排除故障,首先检查所需的用户和项目基础设施(如网络、路由器和密钥对)是否已经就绪。
- OpenStack块存储服务要求OpenStack用户在Ceph中的卷和镜像池中具有读、写和执行能力。
RHCA认证需要经历5门的学习与考试,还是需要花不少时间去学习与备考的,好好加油,可以噶🤪。
以上就是【金鱼哥】对 第九章 OpenStack操作的故障排除--章节实验 的简述和讲解。希望能对看到此文章的小伙伴有所帮助。
💾 红帽认证专栏系列:
RHCSA专栏: 戏说 RHCSA 认证
RHCE专栏: 戏说 RHCE 认证
此文章收录在RHCA专栏: RHCA 回忆录
如果这篇【文章】有帮助到你,希望可以给【金鱼哥】点个赞👍,创作不易,相比官方的陈述,我更喜欢用【通俗易懂】的文笔去讲解每一个知识点。
如果有对【运维技术】感兴趣,也欢迎关注❤️❤️❤️ 【金鱼哥】❤️❤️❤️,我将会给你带来巨大的【收获与惊喜】💕💕!