Re: Enabling external connectivity to VMs

29 Feb 2024

      Please don't drop the list from your response.

I'm not very familiar with kolla, but if you're able to ping the  
instance via floating IP it seems okayish. Maybe you need to set  
neutron_external_interface to ens192 instead? Someone with more kolla  
experience will probably correct me here, so don't rely on my response.

Zitat von KK CHN <kkchn.in@gmail.com>:
...
Hi Eugen,
I have followed the
https://docs.openstack.org/kolla-ansible/latest/reference/networking/neutron...
But mistakenly I have configured ens160 as neurton_external_interface:
"ens160" as the docs says an interface without IP address needed so I
create a vNIC  ens160 without IP and used this  without knowing What I am
doing..!!!!
The issue is   tenant VMs don't get Internet.  also tenant VMs cant ping
base VM(Ubuntu 22.04  IP 10.220.0.51, or 10.176.16.128 .. )  totally
confused.
Could you help me to understand  what I am doing wrong here ?
Greetings
Krish.
*For more info what I have done so far :   * Please   refer to
the following...
In the  Base VM, I created 3 vNICs.
1. ens192 with my Org's dhcp LAN IP  10.176.16.128 which has the internet.
2. ens224 with 10.220.0.51 IP which is a VLAN IP of (10.220.0.0/24) which
is created for testing purposes internally by N/W guy.   This doesn't have
the internet..
3.  ens160 up active without IP address. ( Wrongly I specified this as the
e neutron_external_interface in globals.yml)
*I have deployed the openstack..Everything up and running .. *
I am able to create  Routers, Network and subnets and able to create
instances(all VMs spawning with 10.0.0.0/24 IPs)
I created the networks(external with subnet 10.220.0.0/24 with
start=10.220.0.30 to end=10.220.0.50) and internal Network(with subnet
named demo-net 10.0.0.0/24 for tenants)
I am able to associate the VMs with 10.0.0.0/24 IPs  to Floating IPs from
10.220.0.0/24
and from my Base(host) VM(Ubuntu22.04 with ens224 10.220.0.51)  I am able
to ping the 10.0.0.28 tenant VM IP through the associated floating IPs as
$ ip netns   ( On  base (host) VM)  dsplays the router
(kolla_ansible_venv3) ubuntu@ubuntu-VM:~$ ip netns
qrouter-ecc6fe39-a733-4f30-bf67-ac42407227f8 (id: 1)
qdhcp-c29f26ac-3594-4c40-bf20-f2d5ba7d6eea (id: 0)
$(kolla_ansible_venv3) ubuntu@ubuntu-VM:~$ sudo ip netns exec
qrouter-ecc6fe39-a733-4f30-bf67-ac42407227f8 ping 10.0.0.28  ( the VM
tenant IP address)
PING 10.0.0.28 (10.0.0.28) 56(84) bytes of data.
64 bytes from 10.0.0.28: icmp_seq=1 ttl=64 time=0.972 ms
(kolla_ansible_venv3) ubuntu@ubuntu-VM:~$ sudo ip netns exec
qrouter-ecc6fe39-a733-4f30-bf67-ac42407227f8 ping 10.220.0.44 ( the
Floating IP associated to 10.0.0.28 VM)
PING 10.220.0.44 (10.220.0.44) 56(84) bytes of data.
64 bytes from 10.220.0.44: icmp_seq=1 ttl=64 time=0.840 ms
64 bytes from 10.220.0.44: icmp_seq=2 ttl=64 time=0.599 ms
(kolla_ansible_venv3) ubuntu@ubuntu-VM:~$ sudo ip netns exec
qrouter-ecc6fe39-a733-4f30-bf67-ac42407227f8 ping 10.220.0.33  ( The router
IP through which  connects floating ip 10.220.0.44 and then to tenant VM ip
10.0.0.28 )
PING 10.220.0.33 (10.220.0.33) 56(84) bytes of data.
64 bytes from 10.220.0.33: icmp_seq=1 ttl=64 time=0.038 ms
*Hence it works somehow.  *     But ens224 10.220.0.51 doesn't have
internet on the base VM.  But only ens192->10.170.16.128 IP has..
How can I provide the internet connectivity of ens192  to ens224 Is this
possible or Am I doing some dump here.?  What is the other way / best way
to do this ..
 I am beginning my journey with OpensStack but stuck here without much
progress..
(kolla_ansible_venv3) ubuntu@ubuntu-VM:~$ grep ^[^#] /etc/kolla/globals.yml
---
workaround_ansible_issue_8743: yes
config_strategy: "COPY_ALWAYS"
kolla_base_distro: "ubuntu"
openstack_release: "2023.1"
kolla_internal_vip_address: "10.220.0.24"
kolla_external_vip_address: "{{ kolla_internal_vip_address }}"
kolla_container_engine: docker
network_interface: "ens224"
neutron_external_interface: "ens160"
neutron_plugin_agent: "openvswitch"
nova_compute_virt_type: "qemu"
(kolla_ansible_venv3) ubuntu@ubuntu-VM:~$
The following screenshot shown the  tenant VM console(tty) where I am able
to ping floating IP(10.220.0.44 and  its router  ip 10.220.0.33 ) but
neither 10.220.0.51 the base VM  ens224 IP  nor ens192 10.17.16.128
[image: image.png]
krish
On Tue, Feb 27, 2024 at 11:09 PM Eugen Block <eblock@nde.ag> wrote:
...
Hi,
Check out this page:
https://docs.openstack.org/kolla-ansible/latest/reference/networking/neutron...
You need some sort of external network to provide connectivity for
instances.
Zitat von KK CHN <kkchn.in@gmail.com>:
...
List,
I am a bit confused with the OpenStack  Networking configuration for
Created virtual machines on a  (Kolla-ansible all-in-one   on an Ubuntu
22.04 VM ) openstack installation.
I am able to create virtual machines through the dashboard as well as
CLI.
I have used the default  network/cirros images created from init-runonce
script.
But Real time, how can I configure these new VMs to communicate with Base
VM or external world by ping, ssh or make internet connection etc.
Base VM is Ubuntu22.04 - with  IPs ens192=>10.170.16.128(with Internet),
 second interface => ens224 => 10.220.0.51   and ens160 up and running
without IP address for  neutron_external_interface:
All the VMs which I created  getting IP addresses in series (10.0.0.X).
But How to allocate Internet and make external world communication  to
and
from these VMs ?
Any hints/directions towards this much appreciated.
Greetings,
Krish
If required more inputs here follows the additional information.
(kolla_ansible_venv3) ubuntu@ubuntu-VM:~$ grep ^[^#]
/etc/kolla/globals.yml
---
workaround_ansible_issue_8743: yes
config_strategy: "COPY_ALWAYS"
kolla_base_distro: "ubuntu"
openstack_release: "2023.1"
kolla_internal_vip_address: "10.220.0.24"
kolla_external_vip_address: "{{ kolla_internal_vip_address }}"
kolla_container_engine: docker
network_interface: "ens224"
neutron_external_interface: "ens160"
neutron_plugin_agent: "openvswitch"
nova_compute_virt_type: "qemu"
(kolla_ansible_venv3) ubuntu@ubuntu-VM:~$
Additional inputs:
There are  3 virtual interfaces on the base Ubuntu22.04 Virtual Machine.
 ens192->10.170.16.128  with internet, ens224->10.220.0.51 , ens160 up
without IP
1. First Interface contain IP address from My organizations DHCP lease
from
LAN(10.16.16.0)  Which has Internet connectivity.
ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP
group
default qlen 1000    link/ether 00:0c:29:33:18:3c brd ff:ff:ff:ff:ff:ff
altname enp11s0
inet 10.170.16.128/23 brd 10.170.17.255 scope global dynamic
noprefixroute
ens192
valid_lft 786963sec preferred_lft 786963sec
inet6 fe80::cd1a:bc6c:b129:f91f/64 scope link noprefixroute
valid_lft forever preferred_lft forever3
2. Interface  I have  10.220.0.51
ens224: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP
group
default qlen 1000
link/ether 00:0c:29:33:18:46 brd ff:ff:ff:ff:ff:ff
    altname enp19s0
    inet 10.220.0.51/24 brd 10.220.0.255 scope global noprefixroute
ens224
valid_lft forever preferred_lft forever
    inet 10.220.0.24/32 scope global ens224
valid_lft forever preferred_lft forever
inet6 fe80::a8b6:f094:c47:8282/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3.  ens160 without any IP address which is up and running  configured for
Kolla  neutron_external_interface: "ens160"
ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master
ovs-system state UP group default qlen 1000
link/ether 00:0c:29:33:18:32 brd ff:ff:ff:ff:ff:ff
altname enp3s0
1. What networks need to be created  additionally ?
2. Bridges and bonds required here or not ?
3. To enable these New VMs to talk to external world( ssh, ping, internet
connection to all these VMs ) what all the steps need to be performed or
I
left out ?

Eugen Block

tags

participants (1)