短的:让两个虚拟机在同一个虚拟机管理程序上相互通信。
我有两个在 KVM 下运行的虚拟机,我正尝试通过 Cockpit 来管理它们。
虚拟机管理程序和虚拟机正在运行 Ubuntu 20.04。
VM 使用指向 enp2s0 的 br0(192.168.1.248/24)进行配置。
它们获得自己的本地 LAN IP,例如:192.168.1.152 192.168.1.220
在本地局域网上可以看到并 ping 通这些设备。但它们之间无法 ping 通或看到对方。
我怎样才能连接它们?
细节:
它们不一定非要通过 192.168.* 相互连接,可以通过 KVM 主机上的虚拟网络。但它们必须在局域网上保持可访问。我尝试通过 Cockpit 界面创建虚拟网络
尝试过: 通过虚拟机接口创建虚拟网络,但虚拟机似乎没有通过 ifconfig 显示虚拟接口——只有本地和 enp1so
更新:
不确定这是否相关(当我尝试创建虚拟网络时,我在 Cockpit 界面也被这个问题阻止了)。
sudo systemctl status libvirtd
● libvirtd.service - Virtualization daemon
Loaded: loaded (/lib/systemd/system/libvirtd.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2021-08-29 13:46:24 PDT; 6h ago
TriggeredBy: ● libvirtd.socket
● libvirtd-admin.socket
● libvirtd-ro.socket
Docs: man:libvirtd(8)
https://libvirt.org
Main PID: 1068 (libvirtd)
Tasks: 20 (limit: 32768)
Memory: 32.0M
CGroup: /system.slice/libvirtd.service
├─ 1068 /usr/sbin/libvirtd
├─ 52826 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/virtual0.conf --leasefile-ro --dhcp-script=/usr/lib/libv>
└─182682 /usr/sbin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/virtual1.conf --leasefile-ro --dhcp-script=/usr/lib/libv>
Aug 29 19:45:25 dio libvirtd[1068]: internal error: No more available PCI slots
Aug 29 19:45:25 dio libvirtd[1068]: internal error: No more available PCI slots
Aug 29 19:45:32 dio libvirtd[1068]: internal error: No more available PCI slots
Aug 29 19:45:33 dio libvirtd[1068]: internal error: No more available PCI slots
Aug 29 19:45:33 dio libvirtd[1068]: internal error: No more available PCI slots
Aug 29 19:45:33 dio libvirtd[1068]: internal error: No more available PCI slots
Aug 29 19:45:39 dio libvirtd[1068]: internal error: No more available PCI slots
Aug 29 19:45:40 dio libvirtd[1068]: internal error: No more available PCI slots
Aug 29 19:45:40 dio libvirtd[1068]: internal error: No more available PCI slots
Aug 29 19:45:40 dio libvirtd[1068]: internal error: No more available PCI slots
~
~
讨论:
在虚拟机和主机上运行此程序
sudo ebtables-save
*filter
:INPUT ACCEPT
:FORWARD ACCEPT
:OUTPUT ACCEPT
sudo nft list ruleset
table bridge filter {
chain INPUT {
type filter hook input priority filter; policy accept;
}
chain FORWARD {
type filter hook forward priority filter; policy accept;
}
chain OUTPUT {
type filter hook output priority filter; policy accept;
}
}
ip -d link
对于 br0
4: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
link/ether 4c:cc:6a:06:f3:8b brd ff:ff:ff:ff:ff:ff promiscuity 1 minmtu 68 maxmtu 65535
bridge forward_delay 1500 hello_time 200 max_age 2000 ageing_time 30000 stp_state 0 priority 32768 vlan_filtering 0 vlan_protocol 802.1Q bridge_id 8000.4c:cc:6a:6:f3:8b designated_root 8000.4c:cc:6a:6:f3:8b root_port 0 root_path_cost 0 topology_change 0 topology_change_detected 0 hello_timer 0.00 tcn_timer 0.00 topology_change_timer 0.00 gc_timer 280.62 vlan_default_pvid 1 vlan_stats_enabled 0 vlan_stats_per_port 0 group_fwd_mask 0 group_address 01:80:c2:00:00:00 mcast_snooping 1 mcast_router 1 mcast_query_use_ifaddr 0 mcast_querier 0 mcast_hash_elasticity 16 mcast_hash_max 4096 mcast_last_member_count 2 mcast_startup_query_count 2 mcast_last_member_interval 100 mcast_membership_interval 26000 mcast_querier_interval 25500 mcast_query_interval 12500 mcast_query_response_interval 1000 mcast_startup_query_interval 3124 mcast_stats_enabled 0 mcast_igmp_version 2 mcast_mld_version 1 nf_call_iptables 0 nf_call_ip6tables 0 nf_call_arptables 0 addrgenmode none numtxqueues 1 numrxqueues 1 gso_max_size 64000 gso_max_segs 64
解决方案: 这最终导致 Docker 在系统上并行运行。确保在安装 KVM 时没有运行 Docker - 因为它会阻止虚拟主机之间的所有通信。