我的节点服务器上有 Proxmox,其 ip 为:5.189.190.*,我在 ip 为 213.136.87.* 上创建了 openvz 容器,并在其上安装了 centos 6
问题:无法直接连接到容器 ssh 无法打开 apache 服务器 centos 欢迎页面当我从节点进入容器时无法 ping 任何站点或 wget 任何 url 但我可以连接 127.0.0.1 和主节点 ip
我的配置:容器 /etc/resolv.conf
nameserver 8.8.8.8
nameserver 8.8.4.4
容器 /etc/sysconfig/network-scripts/ifcfg-venet0
DEVICE=venet0
BOOTPROTO=static
ONBOOT=yes
IPADDR=213.136.87.*
NETMASK=255.255.255.0
BROADCAST=213.136.87.*
IPV6INIT="yes"
容器 /etc/sysconfig/network-scripts/ifcfg-venet0
DEVICE=venet0:0
ONBOOT=yes
IPADDR=213.136.87.*
NETMASK=255.255.255.0
节点 /etc/network/interfaces
# network interface settings
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet manual
auto vmbr0
iface vmbr0 inet static
address 5.189.190.*
netmask 255.255.255.0
gateway 5.189.190.*
bridge_ports eth0
bridge_stp off
bridge_fd 0
节点 /etc/resolv.conf 正确具有 DC 名称服务器
容器 ping 结果:
# ping google.com -c 3
ping: unknown host google.com
容器traceroute结果:
# traceroute google.com
google.com: Temporary failure in name resolution
Cannot handle "host" cmdline arg `google.com' on position 1 (argc 1)
节点ping结果:
# ping google.com -c 3
PING google.com (74.125.29.139) 56(84) bytes of data.
64 bytes from qg-in-f139.1e100.net (74.125.29.139): icmp_req=1 ttl=41 time=110 ms
64 bytes from qg-in-f139.1e100.net (74.125.29.139): icmp_req=2 ttl=41 time=110 ms
64 bytes from qg-in-f139.1e100.net (74.125.29.139): icmp_req=3 ttl=41 time=110 ms
--- google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 110.450/110.462/110.474/0.383 ms
节点跟踪路由结果:
# traceroute google.com
traceroute to google.com (74.125.29.139), 30 hops max, 60 byte packets
1 ip-1-90-136-213.static.contabo.net (213.136.90.1) 0.506 ms 0.517 ms 0.513 ms
2 ffm-b11-link.telia.net (62.115.36.237) 0.493 ms 0.491 ms 0.484 ms
3 hbg-b1-link.telia.net (62.115.139.164) 15.379 ms 15.393 ms 15.384 ms
4 hbg-bb4-link.telia.net (213.155.135.88) 16.048 ms hbg-bb4-link.telia.net (213.155.135.86) 15.419 ms hbg-bb4-link.telia.net (213.155.135.84) 15.456 ms
5 nyk-bb1-link.telia.net (80.91.247.127) 96.568 ms nyk-bb2-link.telia.net (80.91.247.123) 107.638 ms nyk-bb1-link.telia.net (80.91.247.129) 96.582 ms
6 nyk-b6-link.telia.net (213.155.130.251) 105.478 ms 105.470 ms nyk-b6-link.telia.net (80.91.254.32) 101.005 ms
7 google-ic-303645-nyk-b6.c.telia.net (213.248.78.250) 101.235 ms 105.746 ms 105.719 ms
8 209.85.248.242 (209.85.248.242) 101.694 ms 106.213 ms 106.250 ms
9 209.85.249.212 (209.85.249.212) 101.225 ms 209.85.246.4 (209.85.246.4) 101.597 ms 209.85.252.242 (209.85.252.242) 101.179 ms
10 209.85.249.11 (209.85.249.11) 102.247 ms 112.917 ms 72.14.239.93 (72.14.239.93) 97.931 ms
11 64.233.174.9 (64.233.174.9) 104.733 ms 66.249.95.229 (66.249.95.229) 109.232 ms 66.249.95.231 (66.249.95.231) 106.086 ms
12 72.14.234.53 (72.14.234.53) 106.179 ms 72.14.238.73 (72.14.238.73) 110.471 ms 72.14.234.53 (72.14.234.53) 106.170 ms
13 * * *
14 qg-in-f139.1e100.net (74.125.29.139) 110.479 ms 110.656 ms 106.154 ms
欢迎任何想法
谢谢
答案1
尝试类似这样的操作。在节点上为容器 IP 地址添加静态路由。编辑 /etc/network/interfaces 并添加 vmbr0 接口:
post-up route add -host $containerIP gw $nodeIP
pre-down route del -host $containerIP gw $nodeIP
在容器上,将以下行添加到 /etc/sysconfig/network-scripts/ifcfg-venet0
GATEWAY=$nodeIP
SCOPE="peer $nodeIP"
还创建文件 /etc/sysconfig/network-scripts/route-venet0,内容如下:
0.0.0.0/0 via $nodeIP
在节点和容器上重新启动网络,检查其是否正常工作。
我对我的几个 KVM 主机和虚拟机使用了上述配置,其中虚拟机上的 IP 与节点的 IP 位于不同的子网中。