[openstack-dev] [Containers][docker] Networking problem

Jay Lau jay.lau.513 at gmail.com
Mon Dec 29 06:04:09 UTC 2014 

There is no problem for your cluster, it is working well. With nova docker
driver, you need to use namespace to check the network as you did:

# ip netns exec 89b59bf9f442a0d468d9d4d8c9370c
53f8e4a3ba4d8affcd6be8b2dde84fff64 ifconfig
lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

nsbbe59188-ab: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.135  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::f816:3eff:fe1c:46a  prefixlen 64  scopeid 0x20<link>
        ether fa:16:3e:1c:04:6a  txqueuelen 1000  (Ethernet)
        RX packets 8  bytes 648 (648.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 8  bytes 648 (648.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

nova docker driver is using following mode to set up the network:
https://github.com/stackforge/nova-docker/blob/master/novadocker/virt/docker/driver.py#L419

You can try following attached image to set up your network, this logic was
used in nova docker driver.


2014-12-29 13:49 GMT+08:00 Jay Lau <jay.lau.513 at gmail.com>:

> There is no problem for your cluster, it is working well. With nova docker
> driver, you need to use namespace to check the network as you did:
>
>
> 2014-12-29 13:15 GMT+08:00 Iván Chavero <ichavero at chavero.com.mx>:
>
>> Hello,
>>
>> I've installed OpenStack with Docker as hypervisor on a cubietruck,
>> everything
>> seems to work ok but the container ip does not respond to pings nor
>> respond to
>> the service i'm running inside the container (nginx por 80).
>>
>> I checked how nova created the container and it looks like everything is
>> in place:
>>
>> # nova list
>> +--------------------------------------+---------------+----
>> ----+------------+-------------+----------------------+
>> | ID                                   | Name          | Status | Task
>> State | Power State | Networks             |
>> +--------------------------------------+---------------+----
>> ----+------------+-------------+----------------------+
>> | 249df778-b2b6-490c-9dce-1126f8f337f3 | test_nginx_13 | ACTIVE | -
>>     | Running     | public=192.168.1.135 |
>> +--------------------------------------+---------------+----
>> ----+------------+-------------+----------------------+
>>
>>
>> # docker ps
>> CONTAINER ID        IMAGE COMMAND             CREATED             STATUS
>> PORTS                  NAMES
>> 89b59bf9f442        sotolitolabs/nginx_arm:latest "/usr/sbin/nginx"   6
>> hours ago         Up 6 hours nova-249df778-b2b6-490c-9dce-1126f8f337f3
>>
>>
>> A funny thing that i noticed but i'm not really sure it's relevant, the
>> docker container
>> does not show network info when created by nova:
>>
>> # docker inspect 89b59bf9f442
>>
>> .... unnecesary output....
>>
>> "NetworkSettings": {
>>         "Bridge": "",
>>         "Gateway": "",
>>         "IPAddress": "",
>>         "IPPrefixLen": 0,
>>         "PortMapping": null,
>>         "Ports": null
>>     },
>>
>>
>>
>>
>> # neutron router-list
>> +--------------------------------------+---------+----------
>> ------------------------------------------------------------
>> ------------------------------------------------------------
>> ---------------------------------------------------------+--
>> -----------+-------+
>> | id                                   | name    | external_gateway_info
>> | distributed | ha    |
>> +--------------------------------------+---------+----------
>> ------------------------------------------------------------
>> ------------------------------------------------------------
>> ---------------------------------------------------------+--
>> -----------+-------+
>> | f8dc7e15-1087-4681-b495-217ecfa95189 | router1 | {"network_id":
>> "160add9a-2d2e-45ab-8045-68b334d29418", "enable_snat": true,
>> "external_fixed_ips": [{"subnet_id": "1ae33c0b-a04e-47b6-bdba-bbdf9a3ef14d",
>> "ip_address": "192.168.1.120"}]} | False       | False |
>> +--------------------------------------+---------+----------
>> ------------------------------------------------------------
>> ------------------------------------------------------------
>> ---------------------------------------------------------+--
>> -----------+-------+
>>
>>
>> # neutron subnet-list
>> +--------------------------------------+----------------+---
>> -------------+----------------------------------------------------+
>> | id                                   | name           | cidr
>>  | allocation_pools |
>> +--------------------------------------+----------------+---
>> -------------+----------------------------------------------------+
>> | 34995548-bc2b-4d33-bdb2-27443c01e483 | private_subnet | 10.0.0.0/24
>> | {"start": "10.0.0.2", "end": "10.0.0.254"} |
>> | 1ae33c0b-a04e-47b6-bdba-bbdf9a3ef14d | public_subnet  | 192.168.1.0/24
>> | {"start": "192.168.1.120", "end": "192.168.1.200"} |
>> +--------------------------------------+----------------+---
>> -------------+----------------------------------------------------+
>>
>>
>>
>>
>> # neutron port-list
>> +--------------------------------------+------+-------------
>> ------+-----------------------------------------------------
>> ---------------------------------+
>> | id                                   | name | mac_address       |
>> fixed_ips |
>> +--------------------------------------+------+-------------
>> ------+-----------------------------------------------------
>> ---------------------------------+
>> | 863eb9a3-461c-4016-9bd1-7c4c7210db98 |      | fa:16:3e:24:7b:2c |
>> {"subnet_id": "34995548-bc2b-4d33-bdb2-27443c01e483", "ip_address":
>> "10.0.0.2"}      |
>> | bbe59188-ab4e-4b92-a578-bbc2d6759295 |      | fa:16:3e:1c:04:6a |
>> {"subnet_id": "1ae33c0b-a04e-47b6-bdba-bbdf9a3ef14d", "ip_address":
>> "192.168.1.135"} |
>> | c8b94a90-c7d1-44fc-a582-3370f5486d26 |      | fa:16:3e:6f:69:71 |
>> {"subnet_id": "34995548-bc2b-4d33-bdb2-27443c01e483", "ip_address":
>> "10.0.0.1"}      |
>> | f108b583-0d54-4388-bcc0-f8d1cbe6efd4 |      | fa:16:3e:bb:3a:1b |
>> {"subnet_id": "1ae33c0b-a04e-47b6-bdba-bbdf9a3ef14d", "ip_address":
>> "192.168.1.120"} |
>> +--------------------------------------+------+-------------
>> ------+-----------------------------------------------------
>> ---------------------------------+
>>
>>
>>
>> the network namespace is being created:
>>
>> # ip netns exec 89b59bf9f442a0d468d9d4d8c9370c
>> 53f8e4a3ba4d8affcd6be8b2dde84fff64 ifconfig
>> lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
>>         inet 127.0.0.1  netmask 255.0.0.0
>>         inet6 ::1  prefixlen 128  scopeid 0x10<host>
>>         loop  txqueuelen 0  (Local Loopback)
>>         RX packets 0  bytes 0 (0.0 B)
>>         RX errors 0  dropped 0  overruns 0  frame 0
>>         TX packets 0  bytes 0 (0.0 B)
>>         TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
>>
>> nsbbe59188-ab: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
>>         inet 192.168.1.135  netmask 255.255.255.0  broadcast 192.168.1.255
>>         inet6 fe80::f816:3eff:fe1c:46a  prefixlen 64  scopeid 0x20<link>
>>         ether fa:16:3e:1c:04:6a  txqueuelen 1000  (Ethernet)
>>         RX packets 8  bytes 648 (648.0 B)
>>         RX errors 0  dropped 0  overruns 0  frame 0
>>         TX packets 8  bytes 648 (648.0 B)
>>         TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
>>
>>
>> when i try a ping it does not return:
>>
>> # ping -c3 192.168.1.135
>> PING 192.168.1.135 (192.168.1.135) 56(84) bytes of data.
>> From 192.168.1.65 icmp_seq=1 Destination Host Unreachable
>> From 192.168.1.65 icmp_seq=2 Destination Host Unreachable
>> From 192.168.1.65 icmp_seq=3 Destination Host Unreachable
>>
>> --- 192.168.1.135 ping statistics ---
>> 3 packets transmitted, 0 received, +3 errors, 100% packet loss, time
>> 2008ms
>>
>>
>> i tried adding the interface to the bridge br-ex but it didn's work
>> either:
>>
>> # ip netns exec 89b59bf9f442a0d468d9d4d8c9370c
>> 53f8e4a3ba4d8affcd6be8b2dde84fff64 ovs-vsctl add-port br-ex nsbbe59188-ab
>>
>> relevant log extract:
>>
>> 2014-12-28T22:57:59.577Z|00700|bridge|WARN|could not open network device
>> nsbbe59188-ab (No such
>>
>>
>> even with error it appears
>>
>> # ovs-vsctl list-ports br-ex
>> eth0
>> nsbbe59188-ab
>>
>>
>> i think this is a bridging problem but i'm not sure. can somebody give me
>> a hint?
>>
>> Thanks
>> Ivan
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> --
>> Iván Chavero
>> Hacker
>>
>>
>> _______________________________________________
>> OpenStack-dev mailing list
>> OpenStack-dev at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>
>
>
>
> --
> Thanks,
>
> Jay
>



-- 
Thanks,

Jay
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20141229/419496ea/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: networkNone.jpg
Type: image/jpeg
Size: 210407 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20141229/419496ea/attachment-0001.jpg>

More information about the OpenStack-dev mailing list