[Openstack-operators] [Openstack] Connect VM network to exists VLAN network

Andreas Scheuring scheuran at linux.vnet.ibm.com
Mon Aug 18 15:52:24 UTC 2014


Hi Marouen, 

interesting setup that you're driving. 
Not sure if I can help you out but let's try.

You're able to ping both feets of your router from within your vm -
that's great!
But you cannot ping the routers feets from your hypervisor, right?

--> That makes sense to me. 
In general you will never be able to ping your instances private ip from
the controller or from the hypervisor (this might change with dvr, but
that's not yet released I guess). Cause neither the hypevisor nor the
controller has a foot into the real tenant network (vlan or whatever). 

The only chance is via the network node, where the virtual router sits.
Only there you can enter the tenant network. But this will not work
while just pinging the guest. Let me tell you why:

Routers are realized in network namespaces. So what you have to do is to
switch to the network namespace and ping from there
# ip netns show
--> shows all network namespaces. There should be one with qrouter.xxxx
# ip netns exec qrouter-xxxx ip a
--> list all interfaces in that namespace. Here you should see 2 devices
with your routers ip addresses
# ip netns exec qrouter-xxxx ping <instance-ip>
--> ping should be possible.


Then you also tried out with floating ip and SSH to the floating ip
works from a remote host, but not from your openstack nodes, right?
And from your openstack nodes you can also ping the instance, so
connection might be there.
I have no clue what this might be. Somehting with iptables? Floating IPs
are realized with NAT. Maybe that gives you a hint where to debug...


Regards
Andreas





On Fri, 2014-08-15 at 16:55 +0200, Marouen Mechtri wrote:
> Another detail that can be useful.
> I can ping the floating IP of my instance and I can telnet the port
> 22  from the controller, compute and network nodes
> 
> 
> Trying 192.168.100.121...
> Connected to 192.168.100.121.
> Escape character is '^]'.
> SSH-2.0-dropbear_2012.55
> 
> 
> but I can not ssh from the controller, compute and network nodes.
> From an external host I can ssh my instance.
> 
> 
> 
> 
> Thank you in advance.
> 
> 
> Best regards,
> Marouen
> 
> 
> 2014-08-15 16:17 GMT+02:00 Marouen Mechtri <mechtri.marwen at gmail.com>:
>         Hi Andreas,
>         
>         
>         I setup OpenStack on multinode (like the picture you
>         sent http://docs.openstack.org/havana/install-guide/install/apt/content/figures/3/a/common/figures/Neutron-PhysNet-Diagram.png)
>         and I'm using Icehouse release with openvswitch and GRE
>         tunnel.
>         For more detail about the network configuration:
>         https://raw.githubusercontent.com/ChaimaGhribi/OpenStack-Icehouse-Installation/master/images/network-topo.jpg
>         
>         
>         
>         I'm running the controller and network nodes on VMs (in the
>         compute node)  and the compute node is my physical host.
>         
>         
>         Evry things are OK and I'm able to deploy instances and I can
>         ping from my instance the router gateways (connected to tenant
>         network and to the extenal nework)
>         
>         
>         The only issue I have I can not ping the tenant address of my
>         instance and the address of the tenant gateway from the
>         controller, network and compute nodes.
>         I can not also ping the controller node from my instance.
>         
>         
>         Could you please help me to solve this issue.
>         
>         
>         Thank you in advance.
>         Best regards,
>         Marouen
>         
>         
>         2014-08-15 13:36 GMT+02:00 Andreas Scheuring
>         <scheuran at linux.vnet.ibm.com>:
>         
>                 Hi,
>                 just that we're on the same page. Please have a look
>                 at this picture:
>                 http://docs.openstack.org/havana/install-guide/install/apt/content/figures/3/a/common/figures/Neutron-PhysNet-Diagram.png
>                 
>                 With the provider network you create a network that
>                 matches the green
>                 External & the purple api network (as you have a
>                 combined controller +
>                 network node). This is where you already have vlan,
>                 right?
>                 
>                 And on the green data network you try to use gre,
>                 right?
>                 
>                 Or does you controller only have one physical nic for
>                 all kind of
>                 traffic?
>                 
>                 
>                 I'm sorry but I do not yet understand your setup and
>                 what you're trying
>                 to achieve.
>                 
>                 Please keep always the mailing lists on cc, as others
>                 might also be
>                 interested.
>                 
>                 
>                 
>                 Regards,
>                 Andreas
>                 
>                 
>                 
>                 On Fri, 2014-08-15 at 14:21 +0700, Nhan Cao wrote:
>                 > hi,
>                 > i deploy on multinode with neutron and openvswitch.
>                 > My Infrastructure has a exists VLAN, now, i'm using
>                 GRE type network.
>                 > I found a article about that
>                 >
>                 http://trickycloud.wordpress.com/2013/11/12/setting-up-a-flat-network-with-neutron/
>                 > Could you give me a advice? i should choose VLAN or
>                 GRE for best?
>                 > Thanks
>                 >
>                 >
>                 >
>                 >
>                 >
>                 >
>                 > 2014-08-15 13:46 GMT+07:00 Andreas Scheuring
>                 > <scheuran at linux.vnet.ibm.com>:
>                 >         Hi Nhan,
>                 >         I guess more information is required to help
>                 you out there.
>                 >
>                 >         It would be helpful to know which setup
>                 you're using, e.g. a
>                 >         singlenode
>                 >         or multinode setup, openvswitch for network
>                 virtualiation or
>                 >         something
>                 >         else? Are you using nova network or neutron
>                 networking?
>                 >
>                 >         If I got it right you created a tenant
>                 network in openstack
>                 >         (in your
>                 >         case vm network). In addition your host
>                 (hypervisor) has a an
>                 >         eth
>                 >         interface into the physical network, right?
>                 >
>                 >         You also mentioned that your physical
>                 network is a vlan
>                 >         network. Is your
>                 >         hypervisor aware of this vlan tagging or is
>                 this done by a
>                 >         access port
>                 >         config in your switch?
>                 >
>                 >
>                 >         And what you want to achieve is to connect a
>                 vm attached to
>                 >         the
>                 >         openstack vm network to your physical vlan
>                 network. Did I get
>                 >         you right?
>                 >
>                 >         Basically you would create a so called
>                 "provider network" that
>                 >         represents your physical network and connect
>                 this provider
>                 >         network via a
>                 >         virtual router to your vm network.
>                 >
>                 >         More information you can find here:
>                 >
>                  http://docs.openstack.org/admin-guide-cloud/content/under_the_hood_openvswitch.html#under_the_hood_openvswitch_scenario1
>                 >
>                 >
>                 >         Regards,
>                 >         Andreas
>                 >
>                 >
>                 >
>                 >         On Fri, 2014-08-15 at 00:00 +0700, Nhan Cao
>                 wrote:
>                 >         > Hi
>                 >         > I have to network:
>                 >         > vm network: 10.2.21.0/24
>                 >         > exist VLAN network: 192.168.1.0/24
>                 >         > I want to connect from my VM network to
>                 physic VLAN network.
>                 >         >
>                 >         > How i config to connect?
>                 >         >
>                 >         >
>                 >         >
>                 >         > Thanks :)
>                 >         >
>                 >         >
>                 >
>                 >         >
>                 _______________________________________________
>                 >         > Mailing list:
>                 >
>                  http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>                 >         > Post to     :
>                 openstack at lists.openstack.org
>                 >         > Unsubscribe :
>                 >
>                  http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>                 >
>                 >
>                 >
>                 >
>                  _______________________________________________
>                 
>                 >         OpenStack-operators mailing list
>                 >         OpenStack-operators at lists.openstack.org
>                 >
>                  http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>                 >
>                 >
>                 
>                 
>                 
>                 _______________________________________________
>                 Mailing list:
>                 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>                 Post to     : openstack at lists.openstack.org
>                 Unsubscribe :
>                 http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>                 
>         
>         
> 
> 





More information about the OpenStack-operators mailing list