[Openstack] Private instances can't access Internet

Gui Maluf guimalufb at gmail.com
Tue Sep 11 17:31:27 UTC 2012


I'm facing the same problem and I can't solve it!
Please, someone help us!
Instances from cc-node can reach Internet, but the node instances can't!

CC-node configs: http://paste.openstack.org/show/20861/
Node configs: http://paste.openstack.org/show/20862/

ps: i'm not using multi_host

I've tried many things, but I can't make my instance on node reach internet.


Dave Pigott
> Mon, 10 Sep 2012 03:09:34 -0700
>
> Hi Jason,
>
> Try setting --multi_host in nova.conf
>
> Dave
>
> Sent from my Aldis Lamp
>
> On 7 Sep 2012, at 20:50, Jason Cooper <ja... at presdo.com> wrote:
>
> > Hi Everyone. I just completed the steps in the OpenStack Compute Starter
> > Guide to get OpenStack up and running on my server, and everything is
> working
> > wonderfully except that my private instances cannot access the public
> > Internet.
> >
> > I have configured the physical server on which OpenStack is running to
> access
> > the public Internet over eth0. I have also set up an internal network on
> eth1
> > with a bridge so the instances, which all have fixed private IP
> addresses
> > (e.g. 192.168.4.x) should be able to ping the public Internet through
> this
> > bridge. However, this isn't working, and I'm hoping you can help explain
> what
> > I'm doing wrong.
> >
> > I have already tried to setup IP forwarding by following the
> instructions at
> > https://lists.launchpad.net/openstack/msg15559.html, but this did not
> help.
> >
> > Here is my /etc/network/interfaces:
> >
> > # The loopback network interface
> > auto lo
> > iface lo inet loopback
> >
> > # The primary network interface
> > auto eth0
> > iface eth0 inet static
> >   address 10.0.1.130
> >   netmask 255.255.0.0
> >   broadcast 10.0.1.255
> >   gateway 10.0.0.1
> >   dns-nameservers 8.8.8.8
> >
> > auto eth1
> > iface eth1 inet static
> >   address 192.168.3.1
> >   netmask 255.255.255.0
> >   network 192.168.3.0
> >   broadcast 192.168.3.255
> >
> >
> > And here is my /etc/nova/nova.conf:
> >
> > --dhcpbridge_flagfile=/etc/nova/nova.conf
> > --dhcpbridge=/usr/bin/nova-dhcpbridge
> > --logdir=/var/log/nova
> > --state_path=/var/lib/nova
> > --lock_path=/var/lock/nova
> > --allow_admin_api=true
> > --use_deprecated_auth=false
> > --auth_strategy=keystone
> > --scheduler_driver=nova.scheduler.simple.SimpleScheduler
> > --s3_host=10.0.1.130
> > --ec2_host=10.0.1.130
> > --rabbit_host=10.0.1.130
> > --cc_host=10.0.1.130
> > --nova_url=http://10.0.1.130:8774/v1.1/
> > --routing_source_ip=10.0.1.130
> > --glance_api_servers=10.0.1.130:9292
> > --image_service=nova.image.glance.GlanceImageService
> > --iscsi_ip_prefix=192.168.4
> > --sql_connection=mysql://novadbadmin:novasecret@10.0.1.130/nova
> > --ec2_url=http://10.0.1.130:8773/services/Cloud
> > --keystone_ec2_url=http://10.0.1.130:5000/v2.0/ec2tokens
> > --api_paste_config=/etc/nova/api-paste.ini
> > --libvirt_type=kvm
> > --libvirt_use_virtio_for_bridges=true
> > --start_guests_on_host_boot=true
> > --resume_guests_state_on_host_boot=true
> > # vnc specific configuration
> > --novnc_enabled=true
> > --novncproxy_base_url=http://10.0.1.130:6080/vnc_auto.html
> > --vncserver_proxyclient_address=10.0.1.130
> > --vncserver_listen=10.0.1.130
> > # network specific settings
> > --network_manager=nova.network.manager.FlatDHCPManager
> > --public_interface=eth0
> > --flat_interface=eth1
> > --flat_network_bridge=br100
> > --fixed_range=192.168.4.1/27
> > #--floating_range=10.10.10.2/27
> > --network_size=32
> > --flat_network_dhcp_start=192.168.4.33
> > --flat_injected=False
> > --force_dhcp_release
> > --iscsi_helper=tgtadm
> > --connection_type=libvirt
> > --root_helper=sudo nova-rootwrap
> > --verbose
> >
> >
> > Lastly, here is the command I used to create the network:
> >
> > sudo nova-manage network create private --fixed_range_v4=192.168.4.32/27
> > --num_networks=1 --bridge=br100 --bridge_interface=eth1 --network_size=32
> >
> >
> > You can see that I'm not using a floating IP range. My instances are
> able to
> > access the public Internet if I change my configuration to use a
> floating
> > range, but I prefer to find a solution that allows me to assign an
> internal
> > IP to my instances and use the specified bridge to contact the outside
> world.
> >
> > Any help is appreciated, and many thanks in advance.
> > - Jason
> > _______________________________________________
> > Mailing list: https://launchpad.net/~openstack
> > Post to     : openstack at lists.launchpad.net
> > Unsubscribe : https://launchpad.net/~openstack
> > More help   : https://help.launchpad.net/ListHelp
>
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack at lists.launchpad.net
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp
>


-- 
guilherme \n
\tab maluf

"Dominar-se a si próprio é uma vitória maior do que vencer a milhares em
uma batalha." Sakyamuni
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20120911/cdfa9087/attachment.html>


More information about the Openstack mailing list