怪异问题列表

image.png

1. csi-cinder-controllerplugin 无法启动的问题，无法向keystone 发送POST请求。
   容器log显示 Post "http://10.120.10.251:35357/v3/auth/tokens": read tcp 10.233.70.2:55024->10.120.10.251:35357: read: connection reset by peer
   keystone log 显示该post请求状态码是201，但是回包的时候，出现了问题。
   绑定浮动ip时，一切正常，没有绑定时感觉是没有回复finish ack的包，最终连接RESET

2. tcpdump抓包显示ping 100% 正常，但是ping的结果是卡住，看不到包

image.png image.png

原因:
https://stackoverflow.com/questions/32100506/icmp-replies-seen-by-tcpdump-but-ping-100-fails

解决:

sysctl -w net.ipv4.conf.all.rp_filter=0

涉及配置项:
[root@control1051 ~]# grep rp_filter -r /usr/
/usr/lib/sysctl.d/50-default.conf:net.ipv4.conf.all.rp_filter = 1

/usr/local/share/kolla-ansible/ansible/roles/neutron/defaults/main.yml:neutron_l3_agent_host_rp_filter_mode: 0
/usr/local/share/kolla-ansible/ansible/roles/neutron/tasks/config-host.yml: - { name: "net.ipv4.conf.all.rp_filter", value: "{{ neutron_l3_agent_host_rp_filter_mode }}"}
/usr/local/share/kolla-ansible/ansible/roles/neutron/tasks/config-host.yml: - { name: "net.ipv4.conf.default.rp_filter", value: "{{ neutron_l3_agent_host_rp_filter_mode }}"}
/usr/local/share/kolla-ansible/ansible/roles/nova-cell/defaults/main.yml:nova_compute_host_rp_filter_mode: 0
/usr/local/share/kolla-ansible/ansible/roles/nova-cell/tasks/config-host.yml: - { name: "net.ipv4.conf.all.rp_filter", value: "{{ nova_compute_host_rp_filter_mode }}"}
/usr/local/share/kolla-ansible/ansible/roles/nova-cell/tasks/config-host.yml: - { name: "net.ipv4.conf.default.rp_filter", value: "{{ nova_compute_host_rp_filter_mode }}"}

可以看到kolla-ansible有更新这个值，但是竟然没有生效