<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
I had added the icmp and ssh groups as admin, but had to do it as
well as the tenant user. The docs don't seem to speak to the need
to do things as admin or tenant much, but I had to run both commands
to set up the security group rules for icmp and ssh as both admin
and tenant user.<br>
<br>
<br>
<div class="moz-cite-prefix">On 6/11/14, 12:45 PM, Deepak Shetty
wrote:<br>
</div>
<blockquote
cite="mid:CAOXiiMkk0zO--hpkBpnbL357YCS40JPfk9wJpD+M_9A=kGJKdQ@mail.gmail.com"
type="cite">
<div dir="ltr">Just to be clear.. I have added sec-group rule for
ssh, icmp into the default secgroup<br>
and using the default secgroup while creating the instance.. and
yet I am unable to ping and/or ssh the instance from my devstack
host!<br>
</div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Wed, Jun 11, 2014 at 10:15 PM,
Deepak Shetty <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:dpkshetty@gmail.com" target="_blank">dpkshetty@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">
<div>
<div>
<div>I am actually hitting a similar issue with
devstack setup on F20<br>
</div>
I am able to spawn Nova instances and have setup
keypair and sec-groups and using those key and
secgroup while spawning the instance<br>
<br>
</div>
My instance boots up fine and has a 10.x.x.x IP.. I can
get into the instance usign VNC.. but cannot ping my
host (On which VM is created) from inside the instnace
and vice versa. I see that sshd is running inside the
instnace and doing ssh root@localhost in the instnace
works<br>
<br>
</div>
So what else am I missing for the networking NOT to work ?
ANy body has any suggestions ?<br>
</div>
<div class="HOEnZb">
<div class="h5">
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">On Wed, Jun 11, 2014 at 7:42
PM, Eric Berg <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:eberg@rubensteintech.com"
target="_blank">eberg@rubensteintech.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">please
excuse my stupidity, but this is the fiftieth time
I've done an install and I had left out the
secgroup-add-rule's for icmp and ssh.<br>
<br>
I'm good now!!<br>
<br>
I certainly appreciate your help, Yugang.
<div>
<div><br>
<br>
On Wed Jun 11 01:52:20 2014, Yugang LIU wrote:<br>
<blockquote class="gmail_quote"
style="margin:0 0 0 .8ex;border-left:1px
#ccc solid;padding-left:1ex">
Hi,<br>
<br>
For Nova-network, You can<br>
<br>
ping from vm to vm.<br>
ping from vm to internet<br>
<br>
You can not<br>
ping from any host to vm exclude host owned
vm<br>
<br>
You need assign a floating ip to VM.<br>
<br>
<br>
Best regards<br>
<br>
Yugang LIU<br>
<br>
Keep It Simple, Stupid<br>
<br>
On 06/11/2014 08:36 AM, Eric Berg wrote:<br>
<blockquote class="gmail_quote"
style="margin:0 0 0 .8ex;border-left:1px
#ccc solid;padding-left:1ex">
Update. I've done a fresh install and am
successfully running<br>
instances on my compute host, but, while I
can connect out of my<br>
instances just fine, I can't get into them
from any host but my<br>
compute host.<br>
<br>
I thought that RDO was going to set me up
so that each compute host<br>
handled the routing directly, but it
appears that all of my instance's<br>
traffic is routing through a bridge to my
control host.<br>
<br>
My compute and control hosts are on a <a
moz-do-not-send="true"
href="http://192.168.0.0/16"
target="_blank">192.168.0.0/16</a>
network and are<br>
using <a moz-do-not-send="true"
href="http://192.168.20.0/24"
target="_blank">192.168.20.0/24</a> for
the instances.<br>
<br>
How do I get traffic routing into my
instance hosts on <a
moz-do-not-send="true"
href="http://192.168.20.0/24"
target="_blank">192.168.20.0/24</a><br>
on each compute host? (I only have one
now, but will be deploying 2<br>
more once I have OpenStack set up.<br>
<br>
Eric<br>
<br>
<br>
<br>
On 6/10/14, 4:53 PM, Eric Berg wrote:<br>
<blockquote class="gmail_quote"
style="margin:0 0 0 .8ex;border-left:1px
#ccc solid;padding-left:1ex">
I need some help setting up my network
before doing an install of RDO<br>
using nova-networking. I've got 2 hosts
-- one is a control and one<br>
is a compute host. Each has 2 NICs.<br>
<br>
It's my understanding that I need to
configure the network before<br>
doing the install, but I can't find any
good docs on just what I have<br>
to do.<br>
<br>
My initial install allowed me to create
instances that I could get<br>
into and out of via ssh, ping, etc., but
when I created a new tenant<br>
and a network for that tenant, the
networking stopped working.<br>
<br>
I used this command to create the
network:<br>
<br>
"nova network-create ruby-net --bridge
br100 --multi-host T<br>
--fixed-range-v4 <a
moz-do-not-send="true"
href="http://192.168.20.0/24"
target="_blank">192.168.20.0/24</a>"<br>
<br>
While I found more documentation for
neutron, I'm not finding much<br>
for nova. I have the following
questions:<br>
<br>
1) how should I set up my network
interfaces on the control and<br>
compute host for a nova-networking
installation?<br>
2) where are the docs for installation
(including such prep as<br>
above), as well as post-install tenant
set-up for this type of network?<br>
<br>
Thanks for your consideration.<br>
<br>
Eric<br>
<br>
</blockquote>
<br>
</blockquote>
<br>
<br>
_______________________________________________<br>
Mailing list: <a moz-do-not-send="true"
href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack"
target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a><br>
Post to : <a moz-do-not-send="true"
href="mailto:openstack@lists.openstack.org"
target="_blank">openstack@lists.openstack.org</a><br>
Unsubscribe : <a moz-do-not-send="true"
href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack"
target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a><br>
</blockquote>
<br>
</div>
</div>
<div>
--<br>
Eric Berg<br>
Sr. Software Engineer<br>
Rubenstein Technology Group<br>
55 Broad Street, 14th Floor<br>
New York, NY 10004-2501<br>
<br>
(212) 518-6400<br>
(212) 518-6467 fax<br>
<a moz-do-not-send="true"
href="mailto:eberg@rubensteintech.com"
target="_blank">eberg@rubensteintech.com</a><br>
<a moz-do-not-send="true"
href="http://www.rubensteintech.com"
target="_blank">www.rubensteintech.com</a><br>
<br>
</div>
<div>
<div>
_______________________________________________<br>
Mailing list: <a moz-do-not-send="true"
href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack"
target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a><br>
Post to : <a moz-do-not-send="true"
href="mailto:openstack@lists.openstack.org"
target="_blank">openstack@lists.openstack.org</a><br>
Unsubscribe : <a moz-do-not-send="true"
href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack"
target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a><br>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Eric Berg
Sr. Software Engineer
Rubenstein Technology Group
55 Broad Street, 14th Floor
New York, NY 10004-2501
(212) 518-6400
(212) 518-6467 fax
<a class="moz-txt-link-abbreviated" href="mailto:eberg@rubensteintech.com">eberg@rubensteintech.com</a>
<a class="moz-txt-link-abbreviated" href="http://www.rubensteintech.com">www.rubensteintech.com</a></pre>
</body>
</html>