[Openstack] Trouble connecting to a new VM

James Denton james.denton at rackspace.com
Tue Nov 17 20:58:20 UTC 2015 

Hi Tyler,

You might try verifying that the instance properly received its IP address. You can try using ‘nova console-log <id>’ to view the console log of the instance. Look for the cloud-init info. Also, take a look at the syslog of the network node to see if the DHCP request made it and was acknowledged. If it looks like it got its IP, try hitting the instance from within the DHCP or router namespace to see if you can hit the fixed IP from something in the same network before trying to hit the floating IP. You may also want to run some packet captures on the respective qbr bridge and physical interfaces while doing these tests to see if/where traffic is getting dropped.

James

> On Nov 17, 2015, at 11:31 AM, Tyler Couto <tcouto at certain.com> wrote:
> 
> Thanks Andreas. My security groups do allow icmp traffic.
> +---------+----------------------------------------------------------------
> ------+
> | name    | security_group_rules
>      |
> +---------+----------------------------------------------------------------
> ------+
> | default | egress, IPv4
>      |
> |         | egress, IPv6
>      |
> |         | ingress, IPv4, 22/tcp, remote_ip_prefix: 0.0.0.0/0
>      |
> |         | ingress, IPv4, icmp, remote_ip_prefix: 0.0.0.0/0
>      |
> |         | ingress, IPv4, remote_group_id:
> d404679b-aeed-4d2f-bea9-2c7d19ff3fb1 |
> |         | ingress, IPv6, remote_group_id:
> d404679b-aeed-4d2f-bea9-2c7d19ff3fb1 |
> +---------+‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹+
> 
> I can¹t access my VM¹s console, so I do not know whether I can ping from
> my VM. I figured this might be a related issue. I receive this error on
> when trying to access the noVNC console:
> Failed to connect to server (code: 1006)
> 
> 
> This is a two node setup. I have one controller/neutron-network node.
> Here¹s the output of 'ovs-vsctl show¹:
> 
> Bridge br-tun
>  fail_mode: secure
>    Port "gre-ac10183d"
>      Interface "gre-ac10183d"
>        type: gre
>        options: {df_default="true", in_key=flow, local_ip="172.16.24.60",
> out_key=flow, remote_ip="172.16.24.61"}
>    Port gre-mirror
>      Interface gre-mirror
>    Port br-tun
>      Interface br-tun
>        type: internal
>    Port patch-int
>      Interface patch-int
>        type: patch
>        options: {peer=patch-tun}
>    Bridge br-ex
>    Port "enp4s0f0"
>      Interface "enp4s0f0"
>    Port phy-br-ex
>      Interface phy-br-ex
>        type: patch
>        options: {peer=int-br-ex}
>    Port br-ex
>      Interface br-ex
>        type: internal
>    Port "enp4s0f1"
>      Interface "enp4s0f1"
>    Bridge br-int
>  fail_mode: secure
>    Port "qr-a81f0614-0e"
>      tag: 2
>      Interface "qr-a81f0614-0e"
>        type: internal
>    Port "qg-289ea4d2-29"
>      tag: 5
>      Interface "qg-289ea4d2-29"
>        type: internal
>    Port br-int
>      Interface br-int
>        type: internal
>    Port patch-tun
>      Interface patch-tun
>        type: patch
>        options: {peer=patch-int}
>    Port int-br-ex
>      Interface int-br-ex
>        type: patch
>        options: {peer=phy-br-ex}
>    Port "tap468d3ee4-c0"
>      tag: 4095
>      Interface "tap468d3ee4-c0"
>        type: internal
>    ovs_version: "2.3.1"
> 
> 
> I have on compute node. Here¹s the output of 'ovs-vsctl show':
> 
> Bridge br-int
>  fail_mode: secure
>    Port "qvoc6d01e4b-1d"
>      tag: 1
>      Interface "qvoc6d01e4b-1d"
>    Port br-int
>      Interface br-int
>        type: internal
>    Port patch-tun
>      Interface patch-tun
>        type: patch
>        options: {peer=patch-int}
> Bridge br-tun
>  fail_mode: secure
>    Port br-tun
>      Interface br-tun
>        type: internal
>    Port patch-int
>      Interface patch-int
>        type: patch
>        options: {peer=patch-tun}
>    Port "gre-ac10183c"
>      Interface "gre-ac10183c"
>        type: gre
>        options: {df_default="true", in_key=flow, local_ip="172.16.24.61",
> out_key=flow, remote_ip="172.16.24.60"}
>    Port gre-mirror
>      Interface gre-mirror
>    Port "tap0"
>      Interface "tap0"
>    ovs_version: "2.3.1"
> 
> 
> I also have a laptop on the same network as the openstack machines. I can
> successfully ping the interface of the neutron router from my laptop.
> 
> As far as the physical interfaces, I am only using one physical interface
> on each openstack machine. I know this is not the recommended setup, but
> since this is only a POC, I wanted to keep it simple.
> 
> -Tyler
> 
> 
> 
> On 11/17/15, 12:48 AM, "Andreas Scheuring" <scheuran at linux.vnet.ibm.com>
> wrote:
> 
>> ease check your Security Groups first.
> 
> 
> _______________________________________________
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to     : openstack at lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20151117/432864c0/attachment.sig>

More information about the Openstack mailing list