Open Stack

It is also worth looking to see what dnsmasq processes you have (ps -ef|
grep dnsmasq)
2 (and only 2) dnsmasq processes are  configured/launched by nova-network
to a listen address which should be the ip address of the br100 bridge eg
192.168.0.1 . the only interface it explicits excludes is lo (loopback)

The suspicious thing for me is that the server also did an ack for
192.168.20.* and 192.168.30.* as well as the 10 network.

regards
calvin




On Wed, Sep 25, 2013 at 1:46 PM, Albert Vonpupp <vonpupp at gmail.com> wrote:

> Thanks Aaron and John for your fast answers.
>
> Unfortunatelly I forgot to include the subject on this message.
>
> To be honest I'm not totally sure what is going on, but what I notice is
> that when I do start a VM on top of OpenStack, after the bridge br100 is
> created, I cannot login the rest of the machines on the lab (those which
> are not related to the OpenStack tests, but on the same physical network)
>
> *Here is a cat of my /var/log/messages on the controller node*
>
> [root@*controller* ~]# *tail -20 /var/log*/messages
>
> Sep 25 16:51:40 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
> e0:b9:ba:ae:78:dd no address
> available
>
> Sep 25 16:51:41 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
> 4c:bc:a5:92:e1:c7 no address
> available
>
> Sep 25 16:51:42 controller dnsmasq-dhcp[5860]: DHCPINFORM(br100)
> 192.168.30.52
> 00:1b:b1:28:64:ae
>
> Sep 25 16:51:42 controller dnsmasq-dhcp[5860]: DHCPACK(br100)
> 192.168.30.52 00:1b:b1:28:64:ae
> Leliane-NB
>
> Sep 25 16:51:42 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
> 30:39:26:83:7c:6a no address
> available
>
> Sep 25 16:51:42 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
> 84:8f:69:c7:45:26 no address
> available
>
> Sep 25 16:51:44 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
> 4c:b1:99:83:77:82 no address available
> Sep 25 16:51:45 controller dnsmasq-dhcp[5860]: BOOTP(br100)
> 14:5a:05:1e:43:1a no address available
> Sep 25 16:51:48 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
> 18:3f:47:ba:0b:a8 no address available
> Sep 25 16:51:48 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
> e0:b9:ba:ae:78:dd no address available
> Sep 25 16:51:48 controller dnsmasq-dhcp[5860]: DHCPREQUEST(br100) 10.0.0.2
> fa:16:3e:64:cd:82
> Sep 25 16:51:48 controller dnsmasq-dhcp[5860]: DHCPACK(br100) 10.0.0.2
> fa:16:3e:64:cd:82 ubuntu01
> Sep 25 16:51:50 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
> 30:39:26:83:7c:6a no address available
> Sep 25 16:51:51 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
> 84:8f:69:c7:45:26 no address available
> Sep 25 16:51:52 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
> 7c:c3:a1:ac:a1:ed no address available
> Sep 25 16:51:53 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
> 4c:b1:99:83:77:82 no address available
> Sep 25 16:51:53 controller dnsmasq-dhcp[5860]: DHCPINFORM(br100)
> 192.168.60.2 00:25:11:cf:f0:54
> Sep 25 16:51:53 controller dnsmasq-dhcp[5860]: DHCPACK(br100) 192.168.60.2
> 00:25:11:cf:f0:54 sed06
> Sep 25 16:51:53 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
> 7c:c3:a1:ac:a1:ed no address available
> Sep 25 16:51:55 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
> 7c:c3:a1:ac:a1:ed no address available
>
> I don't think I'm using neutron, as far as I know I'm using nova-network.
> On the example I booted an ubuntu VM and it got the IP 10.0.0.2, and then I
> cound't logon on another computer from the lab.
>
> *Here are some lines from dmesg from a regular workstation that was
> already logged in while DevStack has a running VM:*
>
> albert ~ $ dmesg
> [23898.208033] lockd: server lua.eclipse.ime.usp.br not responding, still
> trying
> [23898.212053] lockd: server lua.eclipse.ime.usp.br not responding, still
> trying
> [23907.504018] lockd: server lua.eclipse.ime.usp.br not responding, still
> trying
> [23907.504038] lockd: server lua.eclipse.ime.usp.br not responding, still
> trying
> [23907.504041] lockd: server lua.eclipse.ime.usp.br not responding, still
> trying
> [23921.824036] lockd: server lua.eclipse.ime.usp.br not responding, still
> trying
> [24041.754304] lockd: server lua.eclipse.ime.usp.br OK
> [24041.754316] lockd: server lua.eclipse.ime.usp.br OK
> [24101.753756] lockd: server lua.eclipse.ime.usp.br OK
> [24161.753178] lockd: server lua.eclipse.ime.usp.br OK
> [24161.808018] lockd: server lua.eclipse.ime.usp.br not responding, still
> trying
>
> *Here is my localrc (controller)*
>
> [stack@*controller* ~]$ *cat devstack/localrc*
> #VIRT_DRIVER=docker
>
> #SERVICE_HOST=10.11.0.40 # REMOVE THIS LINE FOR THE CONTROLLER
> # Stop DevStack polluting /opt/stack
> DESTDIR=/opt/stack/src/openstack
>
> # Switch to use QPid instead of RabbitMQ
> disable_service rabbit
> disable_service n-cpu
> enable_service qpid
> #enable_service qpid, n-cpu,n-net,n-api,n-vol
>
> # Replace with your primary interface name
> HOST_IP_IFACE=em1
> PUBLIC_INTERFACE=em1
> VLAN_INTERFACE=em1
> FLAT_INTERFACE=em1
>
> # Replace with whatever password you wish to use
> MYSQL_PASSWORD=badpassword
> SERVICE_TOKEN=badpassword
> SERVICE_PASSWORD=badpassword
> ADMIN_PASSWORD=badpassword
>
> # Pre-populate glance with a minimal image and a Fedora 17 image
> IMAGE_URLS="
> http://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-uec.tar.gz#,
> http://berrange.fedorapeople.org/images/2012-11-15/f17-x86_64-openstack-sda.qcow2
> "
>
> #ENABLED_SERVICES=n-cpu,n-net,n-api,n-vol # REMOVE THIS LINE FOR THE
> CONTROLLER
>
> *Here is my localrc on any compute node:*
>
> [stack@*compute02* ~]$ cat *devstack/localrc*
> #SERVICE_HOST=10.7.22.7 # REMOVE THIS LINE FOR THE CONTROLLER
> SERVICE_HOST=marte.eclipse.ime.usp.br # REMOVE THIS LINE FOR THE
> CONTROLLER
> # Stop DevStack polluting /opt/stack
> DESTDIR=/opt/stack/src/openstack
>
>
>
> # Switch to use QPid instead of
> RabbitMQ
>
> ##disable_service rabbit c-sch c-api
> c-vol
>
> disable_service
> c-vol
>
> #disable_service
> g-api
>
> #disable_service
> g-reg
>
> disable_service key
> disable_service n-crt
> disable_service n-obj
> disable_service n-cond
> disable_service cinder
> disable_service c-sch
> disable_service c-api
> disable_service c-vol
> disable_service c-sch
> disable_service n-novnc
> disable_service n-xvnc
> disable_service n-cauth
> disable_service horizon
> disable_service rabbit
> disable_service tempest
> ##disable_service mysql
> ##enable_service qpid
> #enable_service n-cpu,n-net,n-api,n-vol
> #
> g-api,g-reg,key,n-api,n-crt,n-obj,n-cpu,n-net,n-cond,cinder,c-sch,c-api,c-vol,n-sch,n-novnc,n-xvnc,n-cauth,horizon,rabbit,tempest,mysql,n-cpu,n-net,n-api,n-vol
>
> disable_all_services
> enable_service qpid n-cpu n-net n-api n-vol
>
>
> # Replace with your primary interface name
> HOST_IP_IFACE=em1
> PUBLIC_INTERFACE=em1
> VLAN_INTERFACE=em1
> FLAT_INTERFACE=em1
>
> # Replace with whatever password you wish to use
> MYSQL_PASSWORD=badpassword
> SERVICE_TOKEN=badpassword
> SERVICE_PASSWORD=badpassword
> ADMIN_PASSWORD=badpassword
>
> # Pre-populate glance with a minimal image and a Fedora 17 image
> IMAGE_URLS="
> http://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-uec.tar.gz,http://berrange.fedorapeople.org/images/2012-11-15/f17-x86_64-openstack-sda.qcow2
> "
>
> #ENABLED_SERVICES=n-cpu,n-net,n-api,n-vol # REMOVE THIS LINE FOR THE
> CONTROLLER
> #RABBIT_PASSWORD=d83acc200f2fa34b127a
>
> MYSQL_HOST=$SERVICE_HOST
> RABBIT_HOST=$SERVICE_HOST
> GLANCE_HOSTPORT=$SERVICE_HOST:9292
> Q_HOST=$SERVICE_HOST
>
> *Here is my hosts file (all nodes):*
>
> [stack@*controller* ~]$ cat */etc/hosts*
> 127.0.0.1   localhost localhost.localdomain localhost4
> localhost4.localdomain4
> ::1         localhost localhost.localdomain localhost6
> localhost6.localdomain6
> 143.107.45.200  marte.eclipse.ime.usp.br marte controller
> 143.107.45.201  jupiter.eclipse.ime.usp.br jupiter compute01 c01
> 143.107.45.202  saturno.eclipse.ime.usp.br saturno compute02 c02
> 143.107.45.193  venus.eclipse.ime.usp.br venus compute03 c03
>
> All of the IPs are public. I didn't understand about the FlatDHCP to be
> honest, I will research about it.
>
> Any ideas?
>
> Many thanks!
>
> Regards,
> Albert.
>
>
> On Wed, Sep 25, 2013 at 4:55 PM, John Griffith <
> john.griffith at solidfire.com> wrote:
>
>>
>>
>>
>> On Wed, Sep 25, 2013 at 1:26 PM, Aaron Rosen <arosen at nicira.com> wrote:
>>
>>> Hi Albert,
>>>
>>> Are you sure this is happening. I'm positive that neutron's dhcp agent
>>> will only hand out ip addresses for ports that it knows about and I'm sure
>>> nova-network does the same as well.
>>>
>>> Aaron
>>>
>>> On Wed, Sep 25, 2013 at 12:17 PM, Albert Vonpupp <vonpupp at gmail.com>wrote:
>>>
>>>> Hello,
>>>>
>>>> I'm trying DevStack at the university lab. When I tried to deploy a VM
>>>> I noticed that all the machines from the lab started renewing their leases
>>>> with the DevStack DHCP server. That is inconvenient for me since I'm not
>>>> the only user of this lab and it could cause troubles. I thought that
>>>> perhaps changing the default port on the controller as on the compute nodes
>>>> would work, but I don't know how to do that.
>>>>
>>>> How can I change the dnsmasq DHCP port on DevStack? (controller and
>>>> compute nodes)
>>>>
>>>> Thanks a lot!
>>>>
>>>> Albert.
>>>>
>>>> _______________________________________________
>>>> Mailing list:
>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>>> Post to     : openstack at lists.openstack.org
>>>> Unsubscribe :
>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>>>
>>>>
>>>
>>> _______________________________________________
>>> Mailing list:
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>> Post to     : openstack at lists.openstack.org
>>> Unsubscribe :
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>>
>>> Hi Albert,
>>
>> I inadvertently did this once in our lab.  The issue I believe (if my
>> memory is correct) you're probably using nova-networking and you've
>> configured FlatDHCP.  The problem is that you're that your public network
>> is accessing your internal/private network (check your bridge setting) so
>> the result is that external DHCP requests can be received from your
>> OpenStack private network.
>>
>> It might be helpful if you include your localrc file and some info
>> regarding your systems nics and how they're configured.
>>
>> John
>>
>>
>>
>>
>
>
> --
>
> Albert.
>
> http://www.albertdelafuente.com
>
> _______________________________________________
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to     : openstack at lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20130925/8127daa9/attachment.html>