金鱼哥RHCA回忆录:CL210OpenStack操作的故障排除--章节实验

举报
金鱼哥 发表于 2022/08/10 19:35:51 2022/08/10
【摘要】 第九章 OpenStack操作的故障排除--章节实验

🎹 个人简介:大家好,我是 金鱼哥,CSDN运维领域新星创作者,华为云·云享专家,阿里云社区·专家博主
📚个人资质:CCNA、HCNP、CSNA(网络分析师),软考初级、中级网络工程师、RHCSA、RHCE、RHCA、RHCI、ITIL😜
💬格言:努力不一定成功,但要想成功就必须努力🔥

🎈支持我:可点赞👍、可收藏⭐️、可留言📝


  • 解决OpenStack中的身份验证问题

  • 搜索日志文件以帮助描述问题的性质

  • 解决OpenStack中的消息传递问题

  • 解决OpenStack内的网络问题

[student@workstation ~]$ lab troubleshooting-review setup 
Setting up workstation for lab exercise work:

 • Verifying project: production...............................  SUCCESS
 • Creating user env file: operator1-production-rc.............  SUCCESS
 • Creating user env file: architect1-production-rc............  SUCCESS
 • Creating keypair: example-keypair...........................  SUCCESS
 . Creating flavor: default....................................  SUCCESS
 . Creating image: rhel7.......................................  SUCCESS
 . Creating image: production-rhel7............................  SUCCESS
 . Creating internal network: production-network1..............  SUCCESS
 . Creating subnet: production-subnet1.........................  SUCCESS
 . Creating external network: provider-datacentre..............  SUCCESS
 . Creating router: production-router1.........................  SUCCESS
 . Deleting security group: production-web.....................  SUCCESS
 . Creating security group: production-web.....................  SUCCESS
 . Cleanup volumes: ...........................................  SUCCESS

📜1. 作为production项目中的operator1用户,删除名为production-rhel7的现有镜像。

解决任何问题。

[student@workstation ~]$ source operator1-production-rc 
[student@workstation ~(operator1-production)]$ openstack image list
+--------------------------------------+------------------+--------+
| ID                                   | Name             | Status |
+--------------------------------------+------------------+--------+
| bf6275ee-3fba-4a92-bb15-dfa7ac8b296b | hci-image        | active |
| ec9473de-4048-4ebb-b08a-a9be619477ac | octavia-amphora  | active |
| 158a6eb6-ee7e-41bc-896f-f5a7e5c09091 | production-rhel7 | active |
| 6b0128a9-4481-4ceb-b34e-ffe92e0dcfdd | rhel7            | active |
| 5f7f8208-33b5-4f17-8297-588f938182c0 | rhel7-db         | active |
| 14b7e8b2-7c6d-4bcf-b159-1e4e7582107c | rhel7-web        | active |
+--------------------------------------+------------------+--------+
[student@workstation ~(operator1-production)]$ openstack image delete production-rhel7
Failed to delete image with name or ID 'production-rhel7': 403 Forbidden: Image 158a6eb6-ee7e-41bc-896f-f5a7e5c09091 is protected and cannot be deleted. (HTTP 403)
Failed to delete 1 of 1 images.
[student@workstation ~(operator1-production)]$ openstack image set --unprotected production-rhel7
[student@workstation ~(operator1-production)]$ openstack image delete production-rhel7

📜2. 加载/home/student/architect1-production-rc环境文件。运行lab troubleshooting-review break命令来设置实验练习的下一部分。

[student@workstation ~(operator1-production)]$ source architect1-production-rc 
[student@workstation ~(architect1-production)]$ lab troubleshooting-review break
Breaking the environment:

 . lab exercise part 1: .......................................  SUCCESS
 . lab exercise part 2: .......................................  SUCCESS
 . lab exercise part 3: .......................................  SUCCESS
 . lab exercise part 4: .......................................  SUCCESS

📜3. 加载/home/student/operator1-production-rc环境文件,然后列出所有OpenStack镜像。解决任何问题。

[student@workstation ~(architect1-production)]$ source operator1-production-rc 
[student@workstation ~(operator1-production)]$ openstack image list
Failed to discover available identity versions when contacting http://172.25.251.50:5000/v3. Attempting to parse version from URL.
Unable to establish connection to http://172.25.251.50:5000/v3/auth/tokens: HTTPConnectionPool(host='172.25.251.50', port=5000): Max retries exceeded with url: /v3/auth/tokens (Caused by NewConnectionError('<requests.packages.urllib3.connection.HTTPConnection object at 0x7f1a5b67c410>: Failed to establish a new connection: [Errno 101] Network is unreachable',))

📑3.2 发生此错误是因为OpenStack无法对operator1用户进行身份验证。

当用户的环境文件包含不正确的信息时,就会发生这种情况。登录到controller0。在/var/lib/config-data/puppet-generated/haproxy/etc/haproxy/haproxy.cfg中搜索listen keystone_public。第二个IP地址必须在环境文件中使用。完成后,从控制器节点注销。

[heat-admin@controller0 ~]$ sudo cat /var/lib/config-data/puppet-generated/haproxy/etc/haproxy/haproxy.cfg | grep keystone
listen keystone_admin
listen keystone_public
[heat-admin@controller0 ~]$ sudo cat /var/lib/config-data/puppet-generated/haproxy/etc/haproxy/haproxy.cfg | grep keystone_public -A 5
listen keystone_public
  bind 172.24.1.50:5000 transparent
  bind 172.25.250.50:5000 transparent
  mode http
  http-request set-header X-Forwarded-Proto https if { ssl_fc }
  http-request set-header X-Forwarded-Proto http if !{ ssl_fc }

📑3.3 将HAProxy中的IP地址与环境文件中的OS_AUTH URL变量进行比较。

如果需要,更新环境文件以匹配。

[student@workstation ~(operator1-production)]$ cat operator1-production-rc
unset OS_SERVICE_TOKEN
export OS_AUTH_URL=http://172.25.251.50:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_PASSWORD=redhat
export OS_PROJECT_DOMAIN_NAME=Default
export OS_PROJECT_NAME=production
export OS_REGION_NAME=regionOne
export OS_USERNAME=operator1
export OS_USER_DOMAIN_NAME=Example
export PS1='[\u@\h \W(operator1-production)]\$ '
[student@workstation ~(operator1-production)]$ vim operator1-production-rc 
[student@workstation ~(operator1-production)]$ cat operator1-production-rc
unset OS_SERVICE_TOKEN
export OS_AUTH_URL=http://172.25.250.50:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_PASSWORD=redhat
export OS_PROJECT_DOMAIN_NAME=Default
export OS_PROJECT_NAME=production
export OS_REGION_NAME=regionOne
export OS_USERNAME=operator1
export OS_USER_DOMAIN_NAME=Example
export PS1='[\u@\h \W(operator1-production)]\$ '

📑3.4 加载/home/student/operator1-production-rc文件。使用openstack image list命令来确保OS_AUTH_URL选项是正确的。

[student@workstation ~(operator1-production)]$ source operator1-production-rc 
[student@workstation ~(operator1-production)]$ openstack image list
+--------------------------------------+-----------------+--------+
| ID                                   | Name            | Status |
+--------------------------------------+-----------------+--------+
| bf6275ee-3fba-4a92-bb15-dfa7ac8b296b | hci-image       | active |
| ec9473de-4048-4ebb-b08a-a9be619477ac | octavia-amphora | active |
| 6b0128a9-4481-4ceb-b34e-ffe92e0dcfdd | rhel7           | active |
| 5f7f8208-33b5-4f17-8297-588f938182c0 | rhel7-db        | active |
| 14b7e8b2-7c6d-4bcf-b159-1e4e7582107c | rhel7-web       | active |
+--------------------------------------+-----------------+--------+

📜4. 使用下表中的设置创建一个名为production-web1的新服务器实例。此操作将失败。解决任何问题。

在这里插入图片描述


📑4.1 创建一个新的服务器实例。

[student@workstation ~(operator1-production)]$ openstack server create --flavor default --image rhel7 --key-name example-keypair --nic net-id=production-network1 --security-group production-web --wait production-web1
Error creating server: production-web1
Error creating server

📑4.2 此错误是由计算服务的问题造成的。列出计算服务。

首先获取/home/student/architect1-production-rc环境文件。因为operator1没有直接与计算服务交互的权限。

[student@workstation ~(operator1-production)]$ source architect1-production-rc 
[student@workstation ~(architect1-production)]$ openstack compute service list -c Binary -c Host -c Status
+------------------+-----------------------------------+----------+
| Binary           | Host                              | Status   |
+------------------+-----------------------------------+----------+
| nova-conductor   | controller0.overcloud.example.com | enabled  |
| nova-compute     | compute1.overcloud.example.com    | disabled |
| nova-compute     | computehci0.overcloud.example.com | enabled  |
| nova-compute     | compute0.overcloud.example.com    | disabled |
| nova-consoleauth | controller0.overcloud.example.com | enabled  |
| nova-scheduler   | controller0.overcloud.example.com | enabled  |
+------------------+-----------------------------------+----------+

📑4.3 在compute0和compute1上启用nova-compute服务。

[student@workstation ~(architect1-production)]$ openstack compute service set --enable compute0.overcloud.example.com nova-compute
[student@workstation ~(architect1-production)]$ openstack compute service set --enable compute1.overcloud.example.com nova-compute

📑4.4 验证nova-compute服务的状态。

[student@workstation ~(architect1-production)]$ openstack compute service list -c Binary -c Host -c Status
+------------------+-----------------------------------+---------+
| Binary           | Host                              | Status  |
+------------------+-----------------------------------+---------+
| nova-conductor   | controller0.overcloud.example.com | enabled |
| nova-compute     | compute1.overcloud.example.com    | enabled |
| nova-compute     | computehci0.overcloud.example.com | enabled |
| nova-compute     | compute0.overcloud.example.com    | enabled |
| nova-consoleauth | controller0.overcloud.example.com | enabled |
| nova-scheduler   | controller0.overcloud.example.com | enabled |
+------------------+-----------------------------------+---------+

📑4.5 加载/home/student/operator1-production-rc环境文件,删除失败的实例,然后尝试再次创建实例。

[student@workstation ~(architect1-production)]$ source operator1-production-rc 
[student@workstation ~(operator1-production)]$ openstack server delete production-web1
[student@workstation ~(operator1-production)]$ openstack server list

[student@workstation ~(operator1-production)]$ openstack server create --flavor default --image rhel7 --key-name example-keypair --nic net-id=production-network1 --security-group production-web --wait production-web1

📜5. 创建一个浮动IP地址并将其分配给实例。解决任何问题。

📑5.1 创建一个浮动IP地址。

[student@workstation ~(operator1-production)]$ openstack network list
+--------------------------------------+---------------------+--------------------------+
| ID                                   | Name                | Subnets
+--------------------------------------+---------------------+--------------------------+
| 4e13e6cd-d6fe-4112-b661-3bd55601437b | provider1-104       | 9b3d6f10-9822-4b14-adf6-428743c5fe93 |
| d454dc07-a0ee-420f-a83b-abf21f16ee47 | provider2-104       | 5d1965cf-60ea-4a7a-9043-c3023eccaecb |
| d55f6d1e-c29e-4825-8de4-01dd95f8a220 | provider-storage    | 6e5af9b0-67ef-4e1e-9eda-7d6633091d11 |
| e14d713e-c1f5-4800-8543-713563d7e82e | production-network1 | f0c54c6a-5094-4386-9e97-b8564ba31a93 |
| e3cdf977-8faf-43cd-bc31-a854d6f4772d | provider1-103       | c241052b-3b4b-457e-ab20-9f08dfb3fddd |
| fc5472ee-98d9-4f6b-9bc9-544ca18aefb3 | provider-datacentre | 30c03fa5-0897-426a-8c81-75cf9cc333f1 |
+--------------------------------------+---------------------+--------------------------+

[student@workstation ~(operator1-production)]$ openstack floating ip create provider-datacentre
+---------------------+--------------------------------------+
| Field               | Value                                |
+---------------------+--------------------------------------+
| created_at          | 2020-11-06T15:51:00Z                 |
| description         |                                      |
| fixed_ip_address    | None                                 |
| floating_ip_address | 172.25.250.104                       |
| floating_network_id | fc5472ee-98d9-4f6b-9bc9-544ca18aefb3 |
| id                  | b89de633-8085-4c41-9e32-1f752482fdea |
| name                | 172.25.250.104                       |
| port_id             | None                                 |
| project_id          | 294ad7735e6646d7bb908e32de8582c3     |
| qos_policy_id       | None                                 |
| revision_number     | 0                                    |
| router_id           | None                                 |
| status              | DOWN                                 |
| subnet_id           | None                                 |
| updated_at          | 2020-11-06T15:51:00Z                 |
+---------------------+--------------------------------------+

[student@workstation ~(operator1-production)]$ openstack server add floating ip production-web1 172.25.250.104
Unable to associate floating IP 172.25.250.104 to fixed IP 192.168.1.7 for instance 46f2361a-0125-4faa-bede-9965e320ac17. Error: External network fc5472ee-98d9-4f6b-9bc9-544ca18aefb3 is not reachable from subnet f0c54c6a-5094-4386-9e97-b8564ba31a93.  Therefore, cannot associate Port 2288555a-a593-448e-be8c-933f3872c336 with a Floating IP.
Neutron server returns request_ids: ['req-3b63220b-3169-4c4a-a6bc-bbc641806a73'] (HTTP 400) (Request-ID: req-d28d8344-6d53-494b-bc20-19e33f0aa5d8)

发生此错误消息的原因是外部网络没有连接到作为production-network1网络的网关的路由器。


📑5.2 将production-router1连接到provider-datacentre外部网络。

[student@workstation ~(operator1-production)]$ openstack router list 
+--------------------------------------+--------------------+--------+-------+-------------+-------+----------------------------------+
| ID                                   | Name               | Status | State | Distributed | HA    | Project                          |
+--------------------------------------+--------------------+--------+-------+-------------+-------+----------------------------------+
| 6eb09139-5ea4-4e92-96e9-21db11b5c13d | production-router1 | ACTIVE | UP    | False       | False | 294ad7735e6646d7bb908e32de8582c3 |
+--------------------------------------+--------------------+--------+-------+-------------+-------+----------------------------------+

[student@workstation ~(operator1-production)]$ openstack router set --external-gateway provider-datacentre production-router1
[student@workstation ~(operator1-production)]$ openstack router show production-router1 --max-width 80
+-------------------------+----------------------------------------------------+
| Field                   | Value                                              |
+-------------------------+----------------------------------------------------+
| admin_state_up          | UP                                                 |
| availability_zone_hints | None                                               |
| availability_zones      | None                                               |
| created_at              | 2020-10-30T01:51:35Z                               |
| description             |                                                    |
| distributed             | False                                              |
| external_gateway_info   | {"network_id": "fc5472ee-98d9-4f6b-                |
|                         | 9bc9-544ca18aefb3", "enable_snat": true,           |
|                         | "external_fixed_ips": [{"subnet_id":               |
|                         | "30c03fa5-0897-426a-8c81-75cf9cc333f1",            |
|                         | "ip_address": "172.25.250.103"}]}                  |
| flavor_id               | None                                               |
| ha                      | False                                              |
| id                      | 6eb09139-5ea4-4e92-96e9-21db11b5c13d               |
| interfaces_info         | [{"subnet_id":                                     |
|                         | "f0c54c6a-5094-4386-9e97-b8564ba31a93",            |
|                         | "ip_address": "192.168.1.1", "port_id":            |
|                         | "dacde800-3401-4f16-a773-e10db1be46f2"}]           |
| name                    | production-router1                                 |
| project_id              | 294ad7735e6646d7bb908e32de8582c3                   |
| revision_number         | 8                                                  |
| routes                  |                                                    |
| status                  | ACTIVE                                             |
| tags                    |                                                    |
| updated_at              | 2020-11-06T15:57:25Z                               |
+-------------------------+----------------------------------------------------+

📑5.3 将浮动IP地址附加到实例。验证实例已被分配浮动IP地址。

[student@workstation ~(operator1-production)]$ openstack server add floating ip production-web1 172.25.250.104
[student@workstation ~(operator1-production)]$ openstack server list -c Name -c Networks
+-----------------+-------------------------------------------------+
| Name            | Networks                                        |
+-----------------+-------------------------------------------------+
| production-web1 | production-network1=192.168.1.7, 172.25.250.104 |
+-----------------+-------------------------------------------------+

📜6. 尝试使用SSH登录到production-web1。解决任何问题。

📑6.1 尝试使用SSH登录到实例。

[student@workstation ~(operator1-production)]$ ssh cloud-user@172.25.250.104
ssh: connect to host 172.25.250.104 port 22: Connection timed out

📑6.2 查明实例正在使用哪个安全组,然后列出该安全组中的规则。

[student@workstation ~(operator1-production)]$ openstack server show production-web1 --max-width 80
+-----------------------------+------------------------------------------------+
| Field                       | Value                                          |
+-----------------------------+------------------------------------------------+
…………
| security_groups             | name='production-web'
…………

[student@workstation ~(operator1-production)]$ openstack security group rule list production-web
+--------------------------------------+-------------+----------+------------+-----------------------+
| ID                                   | IP Protocol | IP Range | Port Range | Remote Security Group |
+--------------------------------------+-------------+----------+------------+-----------------------+
| 0240476d-364c-4824-b007-f41be9127050 | None        | None     |            | None                  |
| 69523104-6905-4bf2-a253-17f744e9c33a | None        | None     |            | None                  |
+--------------------------------------+-------------+----------+------------+-----------------------+

注意,没有规则允许SSH访问实例。


📑6.3 创建允许SSH访问的安全组规则。

[student@workstation ~(operator1-production)]$ openstack security group rule create --protocol tcp --dst-port 22:22 production-web
+-------------------+--------------------------------------+
| Field             | Value                                |
+-------------------+--------------------------------------+
| created_at        | 2020-11-06T16:08:55Z                 |
| description       |                                      |
| direction         | ingress                              |
| ether_type        | IPv4                                 |
| id                | a9c1c08f-e4a1-492b-a32b-5d32d03aa84f |
| name              | None                                 |
| port_range_max    | 22                                   |
| port_range_min    | 22                                   |
| project_id        | 294ad7735e6646d7bb908e32de8582c3     |
| protocol          | tcp                                  |
| remote_group_id   | None                                 |
| remote_ip_prefix  | 0.0.0.0/0                            |
| revision_number   | 0                                    |
| security_group_id | a4c22f79-381b-4f1e-ae0d-4d7d6b2b90f6 |
| updated_at        | 2020-11-06T16:08:55Z                 |
+-------------------+--------------------------------------+

📑6.4 再次尝试登录到实例。

[student@workstation ~(operator1-production)]$ ssh cloud-user@172.25.250.104
Warning: Permanently added '172.25.250.104' (ECDSA) to the list of known hosts.
[cloud-user@production-web1 ~]$

📜7. 创建一个1 GB的卷,名为production-volume1。验证卷状态。解决任何问题。

在/home/heat-admin/overcloudrc上的controller0上使用管理用户的环境文件。


📑7.1 创建卷。

[student@workstation ~(operator1-production)]$ openstack volume create --size 1 production-volume1
+---------------------+-----------------------------------------------------------------+
| Field               | Value
+---------------------+-----------------------------------------------------------------+
| attachments         | [] 
| availability_zone   | nova  
| bootable            | false 
| consistencygroup_id | None  
| created_at          | 2020-11-06T16:12:49.000000 
| description         | None
| encrypted           | False  
| id                  | 49c32962-43d9-4149-be11-c34db6ce80c1 
| multiattach         | False
| name                | production-volume1
| properties          |
| replication_status  | None 
| size                | 1  
| snapshot_id         | None
| source_volid        | None 
| status              | creating 
| type                | None
| updated_at          | None 
| user_id             | ac8f19029cdf35fa7083687862bf1235d5a10f5b98632be09d323616c640985e
+---------------------+-----------------------------------------------------------------+

📑7.2 确定production-volume1的状态。

[student@workstation ~(operator1-production)]$ openstack volume list
+--------------------------------------+--------------------+----------+------+-------------+
| ID                                   | Name               | Status   | Size | Attached to |
+--------------------------------------+--------------------+----------+------+-------------+
| 49c32962-43d9-4149-be11-c34db6ce80c1 | production-volume1 | creating |    1 |             |
+--------------------------------------+--------------------+----------+------+-------------+

📑7.3 作为heat-admin登录到controller0,然后检查块存储调度程序服务的日志文件。

[root@controller0 ~]# less /var/log/containers/cinder/cinder-scheduler.log
2020-11-06 15:31:19.445 1 ERROR oslo.messaging._drivers.impl_rabbit [req-c09dcb27-84dd-468d-add8-a83d1f773807 - - - - -] Unable to connect to AMQP server on controller0.internalapi.overcloud.example.com:5672 after None tries: (0, 0): (403) ACCESS_REFUSED - Login was refused using authentication mechanism AMQPLAIN. For details see the broker logfile.: AccessRefused: (0, 0): (403) ACCESS_REFUSED - Login was refused using authentication mechanism AMQPLAIN. For details see the broker logfile.
2020-11-06 15:31:19.446 1 ERROR oslo_service.service [req-c09dcb27-84dd-468d-add8-a83d1f773807 - - - - -] Error starting thread.: MessageDeliveryFailure: Unable to connect to AMQP server on controller0.internalapi.overcloud.example.com:5672 after None tries: (0, 0): (403) ACCESS_REFUSED - Login was refused using authentication mechanism AMQPLAIN. For details see the broker logfile.

以上重复的错误表明块存储调度程序服务无法验证到RabbitMQ


📑7.4 检查块存储卷服务日志文件是否有错误。

[root@controller0 ~]# less /var/log/containers/cinder/cinder-volume.log
2020-11-06 16:01:17.532 203970 ERROR oslo.messaging._drivers.impl_rabbit [req-e2acf449-17cc-4e9d-a79c-1ad2695a0876 - - - - -] Unable to connect to AMQP server on controller0.internalapi.overcloud.example.com:5672 after None tries: (0, 0): (403) ACCESS_REFUSED - Login was refused using authentication mechanism AMQPLAIN. For details see the broker logfile.: AccessRefused: (0, 0): (403) ACCESS_REFUSED - Login was refused using authentication mechanism AMQPLAIN. For details see the broker logfile.
2020-11-06 16:01:17.532 203970 ERROR oslo_service.service [req-e2acf449-17cc-4e9d-a79c-1ad2695a0876 - - - - -] Error starting thread.: MessageDeliveryFailure: Unable to connect to AMQP server on controller0.internalapi.overcloud.example.com:5672 after None tries: (0, 0): (403) ACCESS_REFUSED - Login was refused using authentication mechanism AMQPLAIN. For details see the broker logfile.

上面的错误表明卷服务也无法验证到RabbitMQ


📑7.5 加载/home/heat-admin/overcloudrc环境文件,然后确定卷服务的状态。

(overcloud) [heat-admin@controller0 ~]$ openstack volume service list -c Binary -c Host -c Status -c State
+------------------+------------------------+---------+-------+
| Binary           | Host                   | Status  | State |
+------------------+------------------------+---------+-------+
| cinder-scheduler | controller0            | enabled | down  |
| cinder-volume    | hostgroup@tripleo_ceph | enabled | down  |
+------------------+------------------------+---------+-------+

📑7.6 使用docker exec命令列出RabbitMQ用户。

[root@controller0 ~]# docker exec -it rabbitmq-bundle-docker-0 rabbitmqctl list_users
Listing users
guest	[administrator]

唯一的非管理用户是guest


📑7.7 研究块服务配置文件。定位transport_url选项。

[root@controller0 ~]# grep ^transport_url /var/lib/config-data/puppet-generated/cinder/etc/cinder/cinder.conf 
transport_url=rabbit://change_me:V6VpJgBNvThefbnRyE3xx9sag@controller0.internalapi.overcloud.example.com:5672/?ssl=0
transport_url=rabbit://change_me:V6VpJgBNvThefbnRyE3xx9sag@controller0.internalapi.overcloud.example.com:5672/?ssl=0

URL的用户部分设置为change_me,它不作为RabbitMQ用户存在。


📑7.8 将两个transport_url选项中的用户名更改为guest。

重新启动openstack-cinder-volume Pacemaker资源,以及cinder_scheduler容器服务。

[root@controller0 ~]# vim !$
vim /var/lib/config-data/puppet-generated/cinder/etc/cinder/cinder.conf
[root@controller0 ~]# grep ^transport_url /var/lib/config-data/puppet-generated/cinder/etc/cinder/cinder.conf 
transport_url=rabbit://guest:V6VpJgBNvThefbnRyE3xx9sag@controller0.internalapi.overcloud.example.com:5672/?ssl=0
transport_url=rabbit://guest:V6VpJgBNvThefbnRyE3xx9sag@controller0.internalapi.overcloud.example.com:5672/?ssl=0
[root@controller0 ~]# pcs resource restart openstack-cinder-volume
openstack-cinder-volume successfully restarted
[root@controller0 ~]# docker restart cinder_scheduler
cinder_scheduler

📑7.9 在workstation上,删除不正确的卷并重新创建它。验证它已被正确地创建。

[student@workstation ~(operator1-production)]$ openstack volume delete production-volume1
[student@workstation ~(operator1-production)]$ openstack volume create --size 1 production-volume1
+---------------------+-----------------------------------------------------------------+
| Field               | Value
+---------------------+-----------------------------------------------------------------+
| attachments         | [] 
| availability_zone   | nova                                                   
| bootable            | false 
| consistencygroup_id | None  
| created_at          | 2020-11-06T16:25:23.000000
| description         | None
| encrypted           | False 
| id                  | 4c1aa84c-9533-443c-9dc8-3f8bebe652d6 
| multiattach         | False 
| name                | production-volume1 
| properties          |  
| replication_status  | None
| size                | 1 
| snapshot_id         | None 
| source_volid        | None 
| status              | creating 
| type                | None 
| updated_at          | None 
| user_id             | ac8f19029cdf35fa7083687862bf1235d5a10f5b98632be09d323616c640985e
+---------------------+-----------------------------------------------------------------+

[student@workstation ~(operator1-production)]$ openstack volume list
+--------------------------------------+--------------------+-----------+------+-------------+
| ID                                   | Name               | Status    | Size | Attached to |
+--------------------------------------+--------------------+-----------+------+-------------+
| 4c1aa84c-9533-443c-9dc8-3f8bebe652d6 | production-volume1 | available |    1 |             |
+--------------------------------------+--------------------+-----------+------+-------------+

📜评分脚本

[student@workstation ~]$ lab troubleshooting-review grade 
Grading the student's work on workstation:

 . Confirming image has been deleted: production-rhel7.........  PASS
 . Checking /home/student/operator1-production-rc:.............  PASS
 . Confirming that production-router1 is properly configured: .  PASS
 . Confirming server exists: production-web1...................  PASS
 . Retrieving instance floating IP: ...........................  PASS
 . Checking whether ssh access to the instance works: .........  PASS
 . Ensuring volume has been created: production-volume1........  PASS

Overall lab grade..............................................  PASS

📜清除实验

[student@workstation ~]$ lab troubleshooting-review cleanup

💡总结

  • openstack客户端命令包括一个 --debug选项,它允许您查看请求和响应的有效负载。还可以使用–log-file选项将输出记录到文件中,以便稍后进行分析。

  • 网络问题可能需要在物理层或SDN层进行故障排除。用于网络故障诊断的常见命令包括ip link show、tcpdump和ovs-vsctl。

  • OVN使用OpenFlow规则实现其所有函数。这些规则可能很难驾驭; ovn-trace和ovs-appctl proto/trace命令允许管理员跟踪具有一组给定属性的包的路径。

  • 计算调度器组件根据算法选择计算节点。默认情况下,该算法通过一组过滤器传递所有节点列表,该过滤器删除无效节点,然后从剩余节点中进行选择。no valid host错误意味着计算调度器没有标识可以提供实例所需资源的计算节点。

  • 要使用浮动IP地址访问实例,必须使用路由器连接与该浮动IP地址相关联的外部网络和实例所连接的内部网络。

  • 镜像可以被保护,以防止意外删除。

  • 要在启动实例时排除故障,首先检查所需的用户和项目基础设施(如网络、路由器和密钥对)是否已经就绪。

  • OpenStack块存储服务要求OpenStack用户在Ceph中的卷和镜像池中具有读、写和执行能力。


RHCA认证需要经历5门的学习与考试,还是需要花不少时间去学习与备考的,好好加油,可以噶🤪。

以上就是【金鱼哥】对 第九章 OpenStack操作的故障排除–章节实验 的简述和讲解。希望能对看到此文章的小伙伴有所帮助。

💾红帽认证专栏系列:
RHCSA专栏:戏说 RHCSA 认证
RHCE专栏:戏说 RHCE 认证
此文章收录在RHCA专栏:RHCA 回忆录

如果这篇【文章】有帮助到你,希望可以给【金鱼哥】点个赞👍,创作不易,相比官方的陈述,我更喜欢用【通俗易懂】的文笔去讲解每一个知识点。

如果有对【运维技术】感兴趣,也欢迎关注❤️❤️❤️ 【金鱼哥】❤️❤️❤️,我将会给你带来巨大的【收获与惊喜】💕💕!

【版权声明】本文为华为云社区用户原创内容,转载时必须标注文章的来源(华为云社区)、文章链接、文章作者等基本信息, 否则作者和本社区有权追究责任。如果您发现本社区中有涉嫌抄袭的内容,欢迎发送邮件进行举报,并提供相关证据,一经查实,本社区将立刻删除涉嫌侵权内容,举报邮箱: cloudbbs@huaweicloud.com
  • 点赞
  • 收藏
  • 关注作者

评论(0

0/1000
抱歉,系统识别当前为高风险访问,暂不支持该操作

全部回复

上滑加载中

设置昵称

在此一键设置昵称,即可参与社区互动!

*长度不超过10个汉字或20个英文字符,设置后3个月内不可修改。

*长度不超过10个汉字或20个英文字符,设置后3个月内不可修改。