next up previous contents
Next: 問題四 Up: 除錯 Previous: 問題二   Contents

問題三

  1. instance 無法 ssh 連線。
    [root@kvm4 ~(keystone_myuser)]# ssh -i key1.pem 192.168.122.11
    ssh: connect to host 192.168.122.11 port 22: No route to host
    
  2. 檢查使用的安全群組 mysecgroup 有沒有開啟 22 port,看來是有,但沒有指定適用 IP 範圍。
    [root@kvm4 ~(keystone_myuser)]# nova secgroup-list
    +------------+-------------+
    | Name       | Description |
    +------------+-------------+
    | default    | default     |
    | mysecgroup | SSH         |
    +------------+-------------+
    [root@kvm4 ~(keystone_myuser)]# nova secgroup-list-rules mysecgroup
    +-------------+-----------+---------+----------+--------------+
    | IP Protocol | From Port | To Port | IP Range | Source Group |
    +-------------+-----------+---------+----------+--------------+
    | tcp         | 22        | 22      |          | mysecgroup   |
    +-------------+-----------+---------+----------+--------------+
    
  3. 解決方式:在 mysecgroup 再增加一項規則,對所有 IP 開放 22 port。
    [root@kvm4 ~(keystone_myuser)]# nova secgroup-add-rule  mysecgroup tcp 22 22 0.0.0.0/0
    +-------------+-----------+---------+-----------+--------------+
    | IP Protocol | From Port | To Port | IP Range  | Source Group |
    +-------------+-----------+---------+-----------+--------------+
    | tcp         | 22        | 22      | 0.0.0.0/0 |              |
    +-------------+-----------+---------+-----------+--------------+
    [root@kvm4 ~(keystone_myuser)]# nova secgroup-list-rules mysecgroup
    +-------------+-----------+---------+-----------+--------------+
    | IP Protocol | From Port | To Port | IP Range  | Source Group |
    +-------------+-----------+---------+-----------+--------------+
    | tcp         | 22        | 22      |           | mysecgroup   |
    | tcp         | 22        | 22      | 0.0.0.0/0 |              |
    +-------------+-----------+---------+-----------+--------------+
    
  4. 再次嘗試登入成功。
    [root@kvm4 ~(keystone_myuser)]# ssh 192.168.122.11
    root@192.168.122.11's password: 
    Last login: Sun Apr 12 16:40:03 2015 from 192.168.122.4
    [root@minkvm ~]#
    



2015-12-29