一、现象描述

　　openstack平台中创建虚拟机后，虚拟机在web页面中显示获取到了ip，但是打开虚拟机控制台后查看网络状态，虚拟机没有ip地址，下图为故障截图：

二、分析

1、查看neutron服务状态，确保DHCP服务正常运行

[root@ren3 ~]# neutron agent-list
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
+----------+------------+------+-------------------+-------+----------------+-----------+
| id | agent_type | host | availability_zone | alive | admin_state_up | binary |
+----------+------------+------+-------------------+-------+----------------+-----------+
| 8279aaae | Open | ren3 | | :-) | True | neutron-o |
| -eb89-4c | vSwitch | | | | | penvswitc |
| 71-bbae- | agent | | | | | h-agent |
| 009971a6 | | | | | | |
| 97e3 | | | | | | |
| 954aaea4 | L3 agent | ren3 | nova | :-) | True | neutron-l |
| -b4c3-4d | | | | | | 3-agent |
| bc-b104- | | | | | | |
| 76917908 | | | | | | |
| 7cd0 | | | | | | |
| a1b7aee2 | Metadata | ren3 | | :-) | True | neutron- |
| -2881-4d | agent | | | | | metadata- |
| 85-b119- | | | | | | agent |
| 1bf8195f | | | | | | |
| 66fc | | | | | | |
| e67163c1 | DHCP agent | ren3 | nova | :-) | True | neutron- |
| -8513-4f | | | | | | dhcp- |
| d7-be6a- | | | | | | agent |
| ae8e0acf | | | | | | |
| 83ce | | | | | | |
| ed288124 | Open | ren4 | | :-) | True | neutron-o |
| -f0ab- | vSwitch | | | | | penvswitc |
| 4a63 | agent | | | | | h-agent |
| -aa4e-a2 | | | | | | |
| 04051ef8 | | | | | | |
| b8 | | | | | | |
+----------+------------+------+-------------------+-------+----------------+-----------+

2、查看dnsmasq进程是否正常

[root@ren3 ~]# ps aux |grep dnsmasq
nobody 33180 0.0 0.0 53900 1124 ? S 15:40 0:00 dnsmasq --no-hosts --no-resolv --strict-order --except-interface=lo --pid-file=/var/lib/neutron/dhcp/062d2b07-339e-4d54-aaca-6b9169d17f6c/pid --dhcp-hostsfile=/var/lib/neutron/dhcp/062d2b07-339e-4d54-aaca-6b9169d17f6c/host --addn-hosts=/var/lib/neutron/dhcp/062d2b07-339e-4d54-aaca-6b9169d17f6c/addn_hosts --dhcp-optsfile=/var/lib/neutron/dhcp/062d2b07-339e-4d54-aaca-6b9169d17f6c/opts --dhcp-leasefile=/var/lib/neutron/dhcp/062d2b07-339e-4d54-aaca-6b9169d17f6c/leases --dhcp-match=set:ipxe,175 --bind-interfaces --interface=tap3ca314b5-43 --dhcp-range=set:tag0,12.12.12.0,static,86400s --dhcp-option-force=option:mtu,1450 --dhcp-lease-max=256 --conf-file= --domain=openstacklocal
nobody 33556 0.0 0.0 53900 1124 ? S 15:49 0:00 dnsmasq --no-hosts --no-resolv --strict-order --except-interface=lo --pid-file=/var/lib/neutron/dhcp/d97c8576-1990-4920-adea-98589cc816ab/pid --dhcp-hostsfile=/var/lib/neutron/dhcp/d97c8576-1990-4920-adea-98589cc816ab/host --addn-hosts=/var/lib/neutron/dhcp/d97c8576-1990-4920-adea-98589cc816ab/addn_hosts --dhcp-optsfile=/var/lib/neutron/dhcp/d97c8576-1990-4920-adea-98589cc816ab/opts --dhcp-leasefile=/var/lib/neutron/dhcp/d97c8576-1990-4920-adea-98589cc816ab/leases --dhcp-match=set:ipxe,175 --bind-interfaces --interface=tap555b8d55-16 --dhcp-range=set:tag0,192.168.11.0,static,86400s --dhcp-option-force=option:mtu,1450 --dhcp-lease-max=256 --conf-file= --domain=openstacklocal
root 34383 0.0 0.0 112728 976 pts/0 R+ 16:22 0:00 grep --color=auto dnsmasq

3、检查ovs网桥中的br-int集成网桥是否有tap设备连接到了dhcp-agent的namespace上

[root@ren3 ~]# ovs-vsctl show
3cbc68ee-1b32-41ae-84a9-f78570fa3259
Manager "ptcp:6640:127.0.0.1"
is_connected: true
Bridge br-ex
Port br-ex
Interface br-ex
type: internal
Port "qg-f801c87d-7f"
Interface "qg-f801c87d-7f"
type: internal
Port "ens38"
Interface "ens38"
Bridge br-tun
Controller "tcp:127.0.0.1:6633"
is_connected: true
fail_mode: secure
Port patch-int
Interface patch-int
type: patch
options: {peer=patch-tun}
Port br-tun
Interface br-tun
type: internal
Port "vxlan-c0a80687"
Interface "vxlan-c0a80687"
type: vxlan
options: {df_default="true", in_key=flow, local_ip="192.168.6.134", out_key=flow, remote_ip="192.168.6.135"}
Bridge br-int
Controller "tcp:127.0.0.1:6633"
is_connected: true
fail_mode: secure
Port patch-tun
Interface patch-tun
type: patch
options: {peer=patch-int}
Port "qr-9c86abfa-c5"
tag: 2
Interface "qr-9c86abfa-c5"
type: internal
Port "tap555b8d55-16"
tag: 3
Interface "tap555b8d55-16"
type: internal
Port br-int
Interface br-int
type: internal
Port "tap3ca314b5-43"
tag: 2
Interface "tap3ca314b5-43"
type: internal
ovs_version: "2.9.0"

　　在dhcp命名空间中找到对应网络的namespace中br-int网桥上对应的tap设备，然后查看ip配置：

[root@ren3 ~]# ip netns show
qdhcp-d97c8576-1990-4920-adea-98589cc816ab (id: 2)
qrouter-84d406c2-3923-4a52-9368-9e310a40edb9 (id: 1)
qdhcp-062d2b07-339e-4d54-aaca-6b9169d17f6c (id: 0)
[root@ren3 ~]# ip netns exec qdhcp-062d2b07-339e-4d54-aaca-6b9169d17f6c ip a
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
16: tap3ca314b5-43: mtu 1450 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether fa:16:3e:8f:fd:0e brd ff:ff:ff:ff:ff:ff
inet 12.12.12.10/24 brd 12.12.12.255 scope global tap3ca314b5-43
valid_lft forever preferred_lft forever
inet 169.254.169.254/16 brd 169.254.255.255 scope global tap3ca314b5-43
valid_lft forever preferred_lft forever
inet6 fe80::f816:3eff:fe8f:fd0e/64 scope link
valid_lft forever preferred_lft forever
[root@ren3 ~]# ip netns exec qdhcp-d97c8576-1990-4920-adea-98589cc816ab ip a
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
18: tap555b8d55-16: mtu 1450 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether fa:16:3e:21:c9:25 brd ff:ff:ff:ff:ff:ff
inet 192.168.11.100/24 brd 192.168.11.255 scope global tap555b8d55-16
valid_lft forever preferred_lft forever
inet 169.254.169.254/16 brd 169.254.255.255 scope global tap555b8d55-16
valid_lft forever preferred_lft forever
inet6 fe80::f816:3eff:fe21:c925/64 scope link
valid_lft forever preferred_lft forever

　　dhcp已启用（在创建虚拟机发请求后，dnsmasq进程会给虚拟机分配好mac地址和ip地址，并写入到/var/lib/neutron/dhcp/network-id 目录下的host文件中。虚拟机在内网中发送广播来获取ip的过程中，dnsmasq 会监听到然后将host文件中的对应ip通过dchp-namespace分配给虚拟机。）

4、查看环境

防火墙开着（我是开着防火墙操作的，但是添加了没有服务的端口规则，可还是没有ip），但关闭防火墙之后重启虚机就有IP了。

5、在差错过程中，还可以查看dhcp-agent日志，若报错" Stderr: 'Object "netns" is unknwn "

可在网络节点中安装iproute软件包

yum -y install iproute

三、openstack安装过程的一些错误

1、错误

ERROR nova.compute.manager ResourceProviderRetrievalFailed: Failed to get resource provider with UUID dd4a5198-e199-45fe-99a2-00110fea1f57

解决

在controller查看[root@controller ~]# openstack compute service list --service nova-compute 发现为空
重启compute的nova服务：systemctl restart  openstack-nova-compute.service
在控制节点同步数据库：
su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
openstack compute service list --service nova-compute

2、错误1006

查看日志/var/log/nova/nova-novncproxy.log

2019-04-03 16:07:16.900 27138 INFO nova.console.websocketproxy [req-a97f2f1a-0aa5-4976-aadf-c3160007da0d - - - - -] handler exception: [Errno 113] EHOSTUNREACH

提示链接不可达

解决：关闭防火墙或者添加5900/tcp规则