<font face="Default Sans Serif,Verdana,Arial,Helvetica,sans-serif" size="2"><p>HI Folks,</p><p><br></p><p>I have a multinode OpenStack kilo setup with a controller node, network node and 2 compute nodes. I followed all the steps (<a href="http://docs.openstack.org/kilo/install-guide/install/apt/content/ch_basic_environment.html">http://docs.openstack.org/kilo/instal...</a>)
given in the OpenStack kilo install guide. I am able to boot a VM and
it goes to active state but cannot ping it from Controller or any
external network.</p> <p>The external network interface (eth3) has a gateway of 192.168.56.105 and we can ping it from any external network.</p> <p>I have assigned a floting ip to the VM, and added the icmp and tcp rules to allow the ping and SSH but we can't ping to the VM.</p> <p>Moreover,
as per the install guide the VM should be able to ping “openstack.org”
to verify ext-net connectivity it is not doing that. The VM is able to
ping the tenant router gateway of the external network interface
“192.168.56.105”.</p> <p>How should we proceed further to enable the ping and SSH functionality.</p> <p>The setup details are listed as follows:</p><p><br></p><p>
</p><pre><code>**#Controller Node**
# The primary network interface - NAT connection
auto eth0
iface eth0 inet dhcp
# vboxnet0 - OpenStack management network
auto eth1
iface eth1 inet static
address 10.0.0.11
netmask 255.255.255.0
**#Network Node**
# vboxnet0 - OpenStack management network
auto eth1
iface eth1 inet static
address 10.0.0.21
netmask 255.255.255.0
# vboxnet2 - OpenStack data/communication network
auto eth2
iface eth2 inet static
address 10.0.1.21
netmask 255.255.255.0
#vboxnet0 - For exposing external network
auto eth3
iface eth3 inet manual
up ip link set dev $IFACE up
down ip link set dev $IFACE down
**#Compute Node**
# The primary network interface - NAT connection
auto eth0
iface eth0 inet dhcp
# vboxnet0 - OpenStack management network
auto eth1
iface eth1 inet static
address 10.0.0.31
netmask 255.255.255.0
# vboxnet2 - OpenStack VM data/communication network
auto eth2
iface eth2 inet static
address 10.0.1.31
netmask 255.255.255.0
**#Compute1 Node**
# The primary network interface - NAT connection
auto eth0
iface eth0 inet dhcp
# vboxnet0 - OpenStack management network
auto eth1
iface eth1 inet static
address 10.0.0.32
netmask 255.255.255.0
# vboxnet2 - OpenStack VM data/communication network
auto eth2
iface eth2 inet static
address 10.0.1.32
netmask 255.255.255.0
**#neutron net-list**
------------------------------------------+
| id | name | subnets |
+--------------------------------------+-----------+-----------------------------------------------------+
|
| 6c91a7e8-4182-4fb7-8d42-b83ca6775e57 | ext-net | c4dac528-3fa9-47db-a5c4-50590ed8edf5 |
| 314323cd-cbd1-43e9-a5f5-58213a6afdee | demo-net1 | 7412369e-a91f-4228-af55-2792fde85d3d 192.168.1.0/24 |
+--------------------------------------+-----------+-----------------------------------------------------+
**# neutron floatingip-list**
-----------------+--------------------------------------+
| id | fixed_ip_address | floating_ip_address | port_id |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| 65872868-6318-4eb3-bce4-6bd8922b90e1 | 192.168.1.3 | 192.168.56.109 | 3a2f47f7-cbc4-4558-b91c-2886de545cd7 |
+--------------------------------------+------------------+---------------------+--------------------------------------+
**# nova list**
------+-------------+---------------------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+-------+--------+------------+-------------+---------------------------------------+
| 1ebf21e7-3073-4d68-ae59-ec168c3e51c7 | vm786 | ACTIVE | - | Running | demo-net1=192.168.1.3, 192.168.56.109 |
**Added the rules to the default security group:**
a. Permit ICMP (ping):
$ nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| icmp | -1 | -1 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
b. Permit secure shell (SSH) access:
$ nova secgroup-add-rule default tcp 22 22 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| tcp | 22 | 22 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
# ovs-vsctl show
ebc068e7-0b6d-45c7-9408-87e2af9af64a
Bridge br-tun
fail_mode: secure
Port patch-int
Interface patch-int
type: patch
options: {peer=patch-tun}
Port "gre-0a00011f"
Interface "gre-0a00011f"
type: gre
options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.31"}
Port "gre-0a000120"
Interface "gre-0a000120"
type: gre
options: {df_default="true", in_key=flow, local_ip="10.0.1.21", out_key=flow, remote_ip="10.0.1.32"}
Port br-tun
Interface br-tun
type: internal
Bridge br-int
fail_mode: secure
Port "qr-b1bbd942-2e"
tag: 3
Interface "qr-b1bbd942-2e"
type: internal
Port "qg-d104c0f4-62"
tag: 2
Interface "qg-d104c0f4-62"
type: internal
Port "qr-f5934280-24"
tag: 1
Interface "qr-f5934280-24"
type: internal
Port patch-tun
Interface patch-tun
type: patch
options: {peer=patch-int}
Port "tap5cc41425-9c"
tag: 1
Interface "tap5cc41425-9c"
type: internal
Port "qr-565908b5-18"
tag: 1
Interface "qr-565908b5-18"
type: internal
Port "qg-1ac2537b-9d"
tag: 2
Interface "qg-1ac2537b-9d"
type: internal
Port "qg-a0ff0263-ca"
tag: 2
Interface "qg-a0ff0263-ca"
type: internal
Port br-int
Interface br-int
type: internal
Port "tap333dbc90-e6"
tag: 3
Interface "tap333dbc90-e6"
type: internal
Port int-br-ex
Interface int-br-ex
type: patch
options: {peer=phy-br-ex}
Bridge br-ex
Port "eth3"
Interface "eth3"
Port br-ex
Interface br-ex
type: internal
Port phy-br-ex
Interface phy-br-ex
type: patch
options: {peer=int-br-ex}
ovs_version: "2.3.1"
<br><br>Kindly check my setup and please provide some inputs how can I proceed further.<br><br><br>Thanks and Regards<br>Abhishek Talwar<br></code></pre><div></div></font>
<p>=====-----=====-----=====<br>
Notice: The information contained in this e-mail<br>
message and/or attachments to it may contain <br>
confidential or privileged information. If you are <br>
not the intended recipient, any dissemination, use, <br>
review, distribution, printing or copying of the <br>
information contained in this e-mail message <br>
and/or attachments to it are strictly prohibited. If <br>
you have received this communication in error, <br>
please notify us by reply e-mail or telephone and <br>
immediately and permanently delete the message <br>
and any attachments. Thank you</p>
<p></p>