我构建了一个新的 CentOS 6.5 vagrant box,在配置后,SSH 连接不断超时。我尝试了Vagrant ssh 在 VirtualBox 上失败但我收到错误(见下文)。我最初以为可能是我的 /etc/hosts 出了问题,但在注释掉任何潜在冲突后,我仍然遇到同样的问题;因此,我创建了一个 Ubuntu 14.04 vagrant box,该机器启动完美。两台机器的 Vagrantfiles / config.yaml 都是使用 PuPHPet.com 构建的。
主人详细信息:
Host OS: Kubuntu 14.04 (3.13.0-29-generic)
Virtualbox: 4.3.12 r93733
Vagrant: 1.6.0
Basebox: puphpet/centos65-x64 (virtualbox, 1.0.1)
编辑我的 Vagrantfile 以包含启用 GUI 和将最大重试次数设置为 150 的指令(根据上述线程)后,我收到以下错误消息:
$ vagrant up
Bringing machine 'default' up with 'virtualbox' provider...
There are errors in the configuration of this machine. Please fix
the following errors and try again:
SSH:
* The following settings shouldn't exist: max_tries
vm:
* The following settings shouldn't exist: boot_mode
所以,我后来就把它们删掉了。我用 VirtualBox 启动了机器,一切顺利。
分配的 IP:192.168.56.101
/etc/sysconfig/network-scripts/ifcfg-eth1 具有以下配置集:
DEVICE="eth1"
BOOTPROTO="none"
IPV6INIT="yes"
MTU="1500"
NM_CONTROLLER="yes"
ONBOOT="yes"
TYPE="Ethernet"
#VAGRANT-BEGIN
NM_CONTROLLER=no
BOOTPROTO=none
ONBOOT=yes
IPADDR=192.168.56.101
NETMASK=255.255.255.0
DEVICE=eth1
PEERDNS=no
#VAGRANT-END
[旁白] 当我输入这段内容时(遗憾的是我无法从 VM CLI 复制/粘贴),我注意到有第二个声明NM_CONTROLLED,因此我要注释掉NM_CONTROLLED="yes"现在以清理它。[/旁白]
继续前进...我能够从主机 ping 客户机;并且,我尝试使用标准方式 (ssh[电子邮件保护]),但收到一条错误提示No route to host。
$ ping 192.168.56.101
PING 192.168.56.101 (192.168.56.101) 56(84) bytes of data.
64 bytes from 192.168.56.101: icmp_seq=1 ttl=64 time=1.94 ms
64 bytes from 192.168.56.101: icmp_seq=2 ttl=64 time=0.430 ms
^C
--- 192.168.56.101 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.430/1.187/1.945/0.758 ms
[03:03 PM]-[josej@josej-desktop]-[~/Projects/CentOS-6.5]
$ ssh [email protected]
ssh: connect to host 192.168.56.101 port 22: No route to host
显然,有一条到主机的路由,因为我可以 ping 它 ;)。因此,我认为 sshd 没有运行,但正如我们在下面看到的,它正在运行:
[vagrant@localhost ~]$ ps aux | grep sshd
root 1321 0.0 0.1 66608 1200 ? Ss 20:02 0:00 /usr/sbin/sshd
由于我没有传递 SSH 密钥,我原本以为它会拒绝连接,但事实并非如此,而且 sshd 正在运行。
因此,接下来我测试了客户机是否可以 ping Google,但失败了。因此,检查后route我们看到:
[vagrant@localhost ~]$ route
Kernel IP routing table
Destination Gateway Genmask ... Iface
10.0.2.0 * 255.255.255.0 ... eth0
192.168.56.0 * 255.255.255.0 ... eth1
因此,我最好的猜测是某个地方存在网络问题。由于主机可以 ping 通客户机,而客户机也可以 ping 通主机(ping 192.168.56.1有效),所以在我看来,路由文件看起来不错,网络配置也正确,但客户机无法到达网关以外的任何目的地……我现在很困惑。
我将检查 iptables 并暂时禁用 SELinux。希望这能帮助解决问题。无论如何,我愿意听取任何建议,因为我已经为此挣扎了两天,但一直都是原地踏步。
最后,这是 Vagrantfile 和 puphpet/config.yaml:
require 'yaml'
dir = File.dirname(File.expand_path(__FILE__))
configValues = YAML.load_file("#{dir}/puphpet/config.yaml")
data = configValues['vagrantfile-local']
Vagrant.configure("2") do |config|
config.vm.box = "#{data['vm']['box']}"
config.vm.box_url = "#{data['vm']['box_url']}"
if data['vm']['hostname'].to_s.strip.length != 0
config.vm.hostname = "#{data['vm']['hostname']}"
end
if data['vm']['network']['private_network'].to_s != ''
config.vm.network "private_network", ip: "#{data['vm']['network']['private_network']}"
end
data['vm']['network']['forwarded_port'].each do |i, port|
if port['guest'] != '' && port['host'] != ''
config.vm.network :forwarded_port, guest: port['guest'].to_i, host: port['host'].to_i
end
end
data['vm']['synced_folder'].each do |i, folder|
if folder['source'] != '' && folder['target'] != ''
nfs = (folder['nfs'] == "true") ? "nfs" : nil
if nfs == "nfs"
config.vm.synced_folder "#{folder['source']}", "#{folder['target']}", id: "#{i}", type: nfs
else
config.vm.synced_folder "#{folder['source']}", "#{folder['target']}", id: "#{i}", type: nfs,
group: 'www-data', owner: 'www-data', mount_options: ["dmode=775", "fmode=764"]
end
end
end
config.vm.usable_port_range = (10200..10500)
if data['vm']['chosen_provider'].empty? || data['vm']['chosen_provider'] == "virtualbox"
ENV['VAGRANT_DEFAULT_PROVIDER'] = 'virtualbox'
config.vm.provider :virtualbox do |virtualbox|
data['vm']['provider']['virtualbox']['modifyvm'].each do |key, value|
if key == "memory"
next
end
if key == "natdnshostresolver1"
value = value ? "on" : "off"
end
virtualbox.customize ["modifyvm", :id, "--#{key}", "#{value}"]
end
virtualbox.customize ["modifyvm", :id, "--memory", "#{data['vm']['memory']}"]
if data['vm']['hostname'].to_s.strip.length != 0
virtualbox.customize ["modifyvm", :id, "--name", config.vm.hostname]
end
end
end
if data['vm']['chosen_provider'] == "vmware_fusion" || data['vm']['chosen_provider'] == "vmware_workstation"
ENV['VAGRANT_DEFAULT_PROVIDER'] = (data['vm']['chosen_provider'] == "vmware_fusion") ? "vmware_fusion" : "vmware_workstation"
config.vm.provider "vmware_fusion" do |v|
data['vm']['provider']['vmware'].each do |key, value|
if key == "memsize"
next
end
v.vmx["#{key}"] = "#{value}"
end
v.vmx["memsize"] = "#{data['vm']['memory']}"
if data['vm']['hostname'].to_s.strip.length != 0
v.vmx["displayName"] = config.vm.hostname
end
end
end
if data['vm']['chosen_provider'] == "parallels"
ENV['VAGRANT_DEFAULT_PROVIDER'] = "parallels"
config.vm.provider "parallels" do |v|
data['vm']['provider']['parallels'].each do |key, value|
if key == "memsize"
next
end
v.customize ["set", :id, "--#{key}", "#{value}"]
end
v.memory = "#{data['vm']['memory']}"
if data['vm']['hostname'].to_s.strip.length != 0
v.name = config.vm.hostname
end
end
end
ssh_username = !data['ssh']['username'].nil? ? data['ssh']['username'] : "vagrant"
config.vm.provision "shell" do |s|
s.path = "puphpet/shell/initial-setup.sh"
s.args = "/vagrant/puphpet"
end
config.vm.provision "shell" do |kg|
kg.path = "puphpet/shell/ssh-keygen.sh"
kg.args = "#{ssh_username}"
end
config.vm.provision :shell, :path => "puphpet/shell/update-puppet.sh"
config.vm.provision :puppet do |puppet|
puppet.facter = {
"ssh_username" => "#{ssh_username}",
"provisioner_type" => ENV['VAGRANT_DEFAULT_PROVIDER'],
"vm_target_key" => 'vagrantfile-local',
}
puppet.manifests_path = "#{data['vm']['provision']['puppet']['manifests_path']}"
puppet.manifest_file = "#{data['vm']['provision']['puppet']['manifest_file']}"
puppet.module_path = "#{data['vm']['provision']['puppet']['module_path']}"
if !data['vm']['provision']['puppet']['options'].empty?
puppet.options = data['vm']['provision']['puppet']['options']
end
end
config.vm.provision :shell do |s|
s.path = "puphpet/shell/execute-files.sh"
s.args = ["exec-once", "exec-always"]
end
config.vm.provision :shell, run: "always" do |s|
s.path = "puphpet/shell/execute-files.sh"
s.args = ["startup-once", "startup-always"]
end
config.vm.provision :shell, :path => "puphpet/shell/important-notices.sh"
if File.file?("#{dir}/puphpet/files/dot/ssh/id_rsa")
config.ssh.private_key_path = [
"#{dir}/puphpet/files/dot/ssh/id_rsa",
"#{dir}/puphpet/files/dot/ssh/insecure_private_key"
]
end
if !data['ssh']['host'].nil?
config.ssh.host = "#{data['ssh']['host']}"
end
if !data['ssh']['port'].nil?
config.ssh.port = "#{data['ssh']['port']}"
end
if !data['ssh']['username'].nil?
config.ssh.username = "#{data['ssh']['username']}"
end
if !data['ssh']['guest_port'].nil?
config.ssh.guest_port = data['ssh']['guest_port']
end
if !data['ssh']['shell'].nil?
config.ssh.shell = "#{data['ssh']['shell']}"
end
if !data['ssh']['keep_alive'].nil?
config.ssh.keep_alive = data['ssh']['keep_alive']
end
if !data['ssh']['forward_agent'].nil?
config.ssh.forward_agent = data['ssh']['forward_agent']
end
if !data['ssh']['forward_x11'].nil?
config.ssh.forward_x11 = data['ssh']['forward_x11']
end
if !data['vagrant']['host'].nil?
config.vagrant.host = data['vagrant']['host'].gsub(":", "").intern
end
end
配置.yaml
---
vagrantfile-local:
vm:
box: puphpet/centos65-x64
box_url: puphpet/centos65-x64
hostname: null
memory: '1024'
chosen_provider: virtualbox
network:
private_network: 192.168.56.101
forwarded_port:
RVPy8vdfEyb4:
host: '5329'
guest: '22'
provider:
virtualbox:
modifyvm:
natdnshostresolver1: on
setextradata:
VBoxInternal2/SharedFoldersEnableSymlinksCreate/v-root: 1
vmware:
numvcpus: 1
parallels:
cpus: 1
provision:
puppet:
manifests_path: puphpet/puppet
manifest_file: manifest.pp
module_path: puphpet/puppet/modules
options:
- '--verbose'
- '--hiera_config /vagrant/puphpet/puppet/hiera.yaml'
- '--parser future'
synced_folder:
Fmuml1NNvztV:
source: ./
target: /var/www
nfs: 'true'
usable_port_range: 2200..2250
ssh:
host: null
port: null
private_key_path: null
username: vagrant
guest_port: null
keep_alive: true
forward_agent: false
forward_x11: false
shell: 'bash -l'
vagrant:
host: detect
server:
packages:
- vim-common
dot_files:
-
bash_aliases: null
_prevent_empty: ''
mailcatcher:
install: '1'
settings:
smtp_ip: 0.0.0.0
smtp_port: 1025
http_ip: 0.0.0.0
http_port: '1080'
mailcatcher_path: /usr/local/bin
log_path: /var/log/mailcatcher/mailcatcher.log
firewall:
install: '1'
rules:
IzA1MvHnvQ4g:
port: '10000'
priority: '100'
proto: tcp
action: accept
apache:
install: '1'
settings:
user: www-data
group: www-data
default_vhost: true
manage_user: false
manage_group: false
sendfile: 0
modules:
- php
- rewrite
vhosts:
jeFgLNotkCuO:
servername: awesome.dev
serveraliases:
- www.awesome.dev
docroot: /var/www/awesome
port: '80'
setenv:
- 'APP_ENV dev'
override:
- All
options:
- Indexes
- FollowSymLinks
- MultiViews
custom_fragment: ''
ssl_cert: ''
ssl_key: ''
ssl_chain: ''
ssl_certs_dir: ''
mod_pagespeed: 0
mod_spdy: 0
nginx:
install: 0
vhosts:
ejsUD06Uwceq:
server_name: awesome.dev
server_aliases:
- www.awesome.dev
www_root: /var/www/awesome.dev
listen_port: '80'
index_files:
- index.html
- index.htm
- index.php
envvars:
- 'APP_ENV dev'
ssl_cert: ''
ssl_key: ''
php:
install: '1'
version: '55'
composer: '1'
composer_home: ''
modules:
php:
- cli
- intl
- mcrypt
pear: { }
pecl:
- pecl_http
ini:
display_errors: On
error_reporting: '-1'
session.save_path: /var/lib/php/session
timezone: America/Chicago
xdebug:
install: '1'
settings:
xdebug.default_enable: '1'
xdebug.remote_autostart: '0'
xdebug.remote_connect_back: '1'
xdebug.remote_enable: '1'
xdebug.remote_handler: dbgp
xdebug.remote_port: '9000'
drush:
install: 0
settings:
drush.tag_branch: 6.x
mysql:
install: '1'
root_password: '123'
adminer: 0
databases:
JibsW5qqEtvE:
grant:
- ALL
name: REDACTED
host: localhost
user: REDACTED
password: '123'
sql_file: ''
TUQ8E8xUDyFi:
grant:
- ALL
name: REDACTED
host: localhost
user: REDACTED
password: '123'
sql_file: ''
postgresql:
install: '1'
settings:
root_password: '123'
user_group: postgres
encoding: UTF8
version: '9.3'
databases: { }
adminer: 0
mariadb:
install: 0
root_password: '123'
adminer: 0
databases: { }
version: '10.0'
mongodb:
install: '1'
settings:
auth: 1
port: '27017'
databases: { }
redis:
install: '1'
settings:
conf_port: '6379'
beanstalkd:
install: '1'
settings:
listenaddress: 0.0.0.0
listenport: '13000'
maxjobsize: '65535'
maxconnections: '1024'
binlogdir: /var/lib/beanstalkd/binlog
binlogfsync: null
binlogsize: '10485760'
beanstalk_console: '1'
binlogdir: /var/lib/beanstalkd/binlog
rabbitmq:
install: 0
settings:
port: '5672'
elastic_search:
install: '1'
settings:
java_install: true
autoupgrade: true
答案1
问题是 PuPHPet.com 的 CentOS vagrant boxes 不再带有一组默认的防火墙规则。因此,为了解决这个问题,请使用 VirtualBox(或您正在使用的任何虚拟机管理程序)启动虚拟机,然后修改并保存/etc/sysconfig/ptables以允许您所需的服务。
我个人认为,编辑 iptables 规则的最佳方法是使用 CLI 工具,该工具可以通过 yum: 轻松安装sudo yum install -y system-config-frewall-tui。此基于文本的用户界面允许您使用向导轻松启用/禁用标准服务(httpd、bind、postfix、nfs 等),以及为非标准端口/服务(例如 Webmin 的端口 10000)创建自定义规则。此工具确实可以节省时间。
如果这不能解决您的连接问题,为了排除它是否与防火墙相关,请sudo service iptables off在客户机上运行并尝试从主机进行 SSH 访问(ssh vagrant@my-host-name-or-ip)。
如果你现在有 SSH 访问权限,那么问题可能是 FW 问题,你需要仔细检查你的 iptables(你保存了你的更改吗?)。如果仍然无法获得 SSH 访问权限,那么很可能是网络问题,应进行相应的故障排除(检查ifconfig、route从主机到客户机的 ping 操作以及反之亦然,等等)。
嗨嗨。