[Openstack] (no subject)
Albert Vonpupp
vonpupp at gmail.com
Wed Sep 25 21:48:15 UTC 2013
Thanks for your answer Calvin,
It seems ok for me, what do you think?
[stack@*controller* ~]$ ps aux | grep dnsmasq
nobody 24107 0.0 0.0 13160 688 ? S 11:55 0:00
/sbin/dnsmasq --strict-order --bind-interfaces --conf-file=
--pid-file=/opt/stack/data/nova/networks/nova-br100.pid
--listen-address=10.0.0.1 --except-interface=lo
--dhcp-range=set:private,10.0.0.2,static,255.255.255.0,120s
--dhcp-lease-max=256
--dhcp-hostsfile=/opt/stack/data/nova/networks/nova-br100.conf
--dhcp-script=/usr/bin/nova-dhcpbridge --leasefile-ro --domain=novalocal
root 24108 0.0 0.0 13160 324 ? S 11:55 0:00
/sbin/dnsmasq --strict-order --bind-interfaces --conf-file=
--pid-file=/opt/stack/data/nova/networks/nova-br100.pid
--listen-address=10.0.0.1 --except-interface=lo
--dhcp-range=set:private,10.0.0.2,static,255.255.255.0,120s
--dhcp-lease-max=256
--dhcp-hostsfile=/opt/stack/data/nova/networks/nova-br100.conf
--dhcp-script=/usr/bin/nova-dhcpbridge --leasefile-ro --domain=novalocal
stack 24247 0.0 0.0 109404 912 tty1 S+ 12:01 0:00 grep
--color=auto dnsmasq
Regards.
On Wed, Sep 25, 2013 at 6:33 PM, Calvin Austin <caustin at bitglass.com> wrote:
> It is also worth looking to see what dnsmasq processes you have (ps -ef|
> grep dnsmasq)
> 2 (and only 2) dnsmasq processes are configured/launched by nova-network
> to a listen address which should be the ip address of the br100 bridge eg
> 192.168.0.1 . the only interface it explicits excludes is lo (loopback)
>
> The suspicious thing for me is that the server also did an ack for
> 192.168.20.* and 192.168.30.* as well as the 10 network.
>
> regards
> calvin
>
>
>
>
> On Wed, Sep 25, 2013 at 1:46 PM, Albert Vonpupp <vonpupp at gmail.com> wrote:
>
>> Thanks Aaron and John for your fast answers.
>>
>> Unfortunatelly I forgot to include the subject on this message.
>>
>> To be honest I'm not totally sure what is going on, but what I notice is
>> that when I do start a VM on top of OpenStack, after the bridge br100 is
>> created, I cannot login the rest of the machines on the lab (those which
>> are not related to the OpenStack tests, but on the same physical network)
>>
>> *Here is a cat of my /var/log/messages on the controller node*
>>
>> [root@*controller* ~]# *tail -20 /var/log*/messages
>>
>> Sep 25 16:51:40 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
>> e0:b9:ba:ae:78:dd no address
>> available
>>
>> Sep 25 16:51:41 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
>> 4c:bc:a5:92:e1:c7 no address
>> available
>>
>> Sep 25 16:51:42 controller dnsmasq-dhcp[5860]: DHCPINFORM(br100)
>> 192.168.30.52
>> 00:1b:b1:28:64:ae
>>
>> Sep 25 16:51:42 controller dnsmasq-dhcp[5860]: DHCPACK(br100)
>> 192.168.30.52 00:1b:b1:28:64:ae
>> Leliane-NB
>>
>> Sep 25 16:51:42 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
>> 30:39:26:83:7c:6a no address
>> available
>>
>> Sep 25 16:51:42 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
>> 84:8f:69:c7:45:26 no address
>> available
>>
>> Sep 25 16:51:44 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
>> 4c:b1:99:83:77:82 no address available
>> Sep 25 16:51:45 controller dnsmasq-dhcp[5860]: BOOTP(br100)
>> 14:5a:05:1e:43:1a no address available
>> Sep 25 16:51:48 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
>> 18:3f:47:ba:0b:a8 no address available
>> Sep 25 16:51:48 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
>> e0:b9:ba:ae:78:dd no address available
>> Sep 25 16:51:48 controller dnsmasq-dhcp[5860]: DHCPREQUEST(br100)
>> 10.0.0.2 fa:16:3e:64:cd:82
>> Sep 25 16:51:48 controller dnsmasq-dhcp[5860]: DHCPACK(br100) 10.0.0.2
>> fa:16:3e:64:cd:82 ubuntu01
>> Sep 25 16:51:50 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
>> 30:39:26:83:7c:6a no address available
>> Sep 25 16:51:51 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
>> 84:8f:69:c7:45:26 no address available
>> Sep 25 16:51:52 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
>> 7c:c3:a1:ac:a1:ed no address available
>> Sep 25 16:51:53 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
>> 4c:b1:99:83:77:82 no address available
>> Sep 25 16:51:53 controller dnsmasq-dhcp[5860]: DHCPINFORM(br100)
>> 192.168.60.2 00:25:11:cf:f0:54
>> Sep 25 16:51:53 controller dnsmasq-dhcp[5860]: DHCPACK(br100)
>> 192.168.60.2 00:25:11:cf:f0:54 sed06
>> Sep 25 16:51:53 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
>> 7c:c3:a1:ac:a1:ed no address available
>> Sep 25 16:51:55 controller dnsmasq-dhcp[5860]: DHCPDISCOVER(br100)
>> 7c:c3:a1:ac:a1:ed no address available
>>
>> I don't think I'm using neutron, as far as I know I'm using nova-network.
>> On the example I booted an ubuntu VM and it got the IP 10.0.0.2, and then I
>> cound't logon on another computer from the lab.
>>
>> *Here are some lines from dmesg from a regular workstation that was
>> already logged in while DevStack has a running VM:*
>>
>> albert ~ $ dmesg
>> [23898.208033] lockd: server lua.eclipse.ime.usp.br not responding,
>> still trying
>> [23898.212053] lockd: server lua.eclipse.ime.usp.br not responding,
>> still trying
>> [23907.504018] lockd: server lua.eclipse.ime.usp.br not responding,
>> still trying
>> [23907.504038] lockd: server lua.eclipse.ime.usp.br not responding,
>> still trying
>> [23907.504041] lockd: server lua.eclipse.ime.usp.br not responding,
>> still trying
>> [23921.824036] lockd: server lua.eclipse.ime.usp.br not responding,
>> still trying
>> [24041.754304] lockd: server lua.eclipse.ime.usp.br OK
>> [24041.754316] lockd: server lua.eclipse.ime.usp.br OK
>> [24101.753756] lockd: server lua.eclipse.ime.usp.br OK
>> [24161.753178] lockd: server lua.eclipse.ime.usp.br OK
>> [24161.808018] lockd: server lua.eclipse.ime.usp.br not responding,
>> still trying
>>
>> *Here is my localrc (controller)*
>>
>> [stack@*controller* ~]$ *cat devstack/localrc*
>> #VIRT_DRIVER=docker
>>
>> #SERVICE_HOST=10.11.0.40 # REMOVE THIS LINE FOR THE CONTROLLER
>> # Stop DevStack polluting /opt/stack
>> DESTDIR=/opt/stack/src/openstack
>>
>> # Switch to use QPid instead of RabbitMQ
>> disable_service rabbit
>> disable_service n-cpu
>> enable_service qpid
>> #enable_service qpid, n-cpu,n-net,n-api,n-vol
>>
>> # Replace with your primary interface name
>> HOST_IP_IFACE=em1
>> PUBLIC_INTERFACE=em1
>> VLAN_INTERFACE=em1
>> FLAT_INTERFACE=em1
>>
>> # Replace with whatever password you wish to use
>> MYSQL_PASSWORD=badpassword
>> SERVICE_TOKEN=badpassword
>> SERVICE_PASSWORD=badpassword
>> ADMIN_PASSWORD=badpassword
>>
>> # Pre-populate glance with a minimal image and a Fedora 17 image
>> IMAGE_URLS="
>> http://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-uec.tar.gz#,
>> http://berrange.fedorapeople.org/images/2012-11-15/f17-x86_64-openstack-sda.qcow2
>> "
>>
>> #ENABLED_SERVICES=n-cpu,n-net,n-api,n-vol # REMOVE THIS LINE FOR THE
>> CONTROLLER
>>
>> *Here is my localrc on any compute node:*
>>
>> [stack@*compute02* ~]$ cat *devstack/localrc*
>> #SERVICE_HOST=10.7.22.7 # REMOVE THIS LINE FOR THE CONTROLLER
>> SERVICE_HOST=marte.eclipse.ime.usp.br # REMOVE THIS LINE FOR THE
>> CONTROLLER
>> # Stop DevStack polluting /opt/stack
>> DESTDIR=/opt/stack/src/openstack
>>
>>
>>
>> # Switch to use QPid instead of
>> RabbitMQ
>>
>> ##disable_service rabbit c-sch c-api
>> c-vol
>>
>> disable_service
>> c-vol
>>
>> #disable_service
>> g-api
>>
>> #disable_service
>> g-reg
>>
>> disable_service key
>> disable_service n-crt
>> disable_service n-obj
>> disable_service n-cond
>> disable_service cinder
>> disable_service c-sch
>> disable_service c-api
>> disable_service c-vol
>> disable_service c-sch
>> disable_service n-novnc
>> disable_service n-xvnc
>> disable_service n-cauth
>> disable_service horizon
>> disable_service rabbit
>> disable_service tempest
>> ##disable_service mysql
>> ##enable_service qpid
>> #enable_service n-cpu,n-net,n-api,n-vol
>> #
>> g-api,g-reg,key,n-api,n-crt,n-obj,n-cpu,n-net,n-cond,cinder,c-sch,c-api,c-vol,n-sch,n-novnc,n-xvnc,n-cauth,horizon,rabbit,tempest,mysql,n-cpu,n-net,n-api,n-vol
>>
>> disable_all_services
>> enable_service qpid n-cpu n-net n-api n-vol
>>
>>
>> # Replace with your primary interface name
>> HOST_IP_IFACE=em1
>> PUBLIC_INTERFACE=em1
>> VLAN_INTERFACE=em1
>> FLAT_INTERFACE=em1
>>
>> # Replace with whatever password you wish to use
>> MYSQL_PASSWORD=badpassword
>> SERVICE_TOKEN=badpassword
>> SERVICE_PASSWORD=badpassword
>> ADMIN_PASSWORD=badpassword
>>
>> # Pre-populate glance with a minimal image and a Fedora 17 image
>> IMAGE_URLS="
>> http://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-uec.tar.gz,http://berrange.fedorapeople.org/images/2012-11-15/f17-x86_64-openstack-sda.qcow2
>> "
>>
>> #ENABLED_SERVICES=n-cpu,n-net,n-api,n-vol # REMOVE THIS LINE FOR THE
>> CONTROLLER
>> #RABBIT_PASSWORD=d83acc200f2fa34b127a
>>
>> MYSQL_HOST=$SERVICE_HOST
>> RABBIT_HOST=$SERVICE_HOST
>> GLANCE_HOSTPORT=$SERVICE_HOST:9292
>> Q_HOST=$SERVICE_HOST
>>
>> *Here is my hosts file (all nodes):*
>>
>> [stack@*controller* ~]$ cat */etc/hosts*
>> 127.0.0.1 localhost localhost.localdomain localhost4
>> localhost4.localdomain4
>> ::1 localhost localhost.localdomain localhost6
>> localhost6.localdomain6
>> 143.107.45.200 marte.eclipse.ime.usp.br marte controller
>> 143.107.45.201 jupiter.eclipse.ime.usp.br jupiter compute01 c01
>> 143.107.45.202 saturno.eclipse.ime.usp.br saturno compute02 c02
>> 143.107.45.193 venus.eclipse.ime.usp.br venus compute03 c03
>>
>> All of the IPs are public. I didn't understand about the FlatDHCP to be
>> honest, I will research about it.
>>
>> Any ideas?
>>
>> Many thanks!
>>
>> Regards,
>> Albert.
>>
>>
>> On Wed, Sep 25, 2013 at 4:55 PM, John Griffith <
>> john.griffith at solidfire.com> wrote:
>>
>>>
>>>
>>>
>>> On Wed, Sep 25, 2013 at 1:26 PM, Aaron Rosen <arosen at nicira.com> wrote:
>>>
>>>> Hi Albert,
>>>>
>>>> Are you sure this is happening. I'm positive that neutron's dhcp agent
>>>> will only hand out ip addresses for ports that it knows about and I'm sure
>>>> nova-network does the same as well.
>>>>
>>>> Aaron
>>>>
>>>> On Wed, Sep 25, 2013 at 12:17 PM, Albert Vonpupp <vonpupp at gmail.com>wrote:
>>>>
>>>>> Hello,
>>>>>
>>>>> I'm trying DevStack at the university lab. When I tried to deploy a VM
>>>>> I noticed that all the machines from the lab started renewing their leases
>>>>> with the DevStack DHCP server. That is inconvenient for me since I'm not
>>>>> the only user of this lab and it could cause troubles. I thought that
>>>>> perhaps changing the default port on the controller as on the compute nodes
>>>>> would work, but I don't know how to do that.
>>>>>
>>>>> How can I change the dnsmasq DHCP port on DevStack? (controller and
>>>>> compute nodes)
>>>>>
>>>>> Thanks a lot!
>>>>>
>>>>> Albert.
>>>>>
>>>>> _______________________________________________
>>>>> Mailing list:
>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>>>> Post to : openstack at lists.openstack.org
>>>>> Unsubscribe :
>>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> Mailing list:
>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>>> Post to : openstack at lists.openstack.org
>>>> Unsubscribe :
>>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>>>
>>>> Hi Albert,
>>>
>>> I inadvertently did this once in our lab. The issue I believe (if my
>>> memory is correct) you're probably using nova-networking and you've
>>> configured FlatDHCP. The problem is that you're that your public network
>>> is accessing your internal/private network (check your bridge setting) so
>>> the result is that external DHCP requests can be received from your
>>> OpenStack private network.
>>>
>>> It might be helpful if you include your localrc file and some info
>>> regarding your systems nics and how they're configured.
>>>
>>> John
>>>
>>>
>>>
>>>
>>
>>
>> --
>>
>> Albert.
>>
>> http://www.albertdelafuente.com
>>
>> _______________________________________________
>> Mailing list:
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>> Post to : openstack at lists.openstack.org
>> Unsubscribe :
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>
>>
>
--
Albert.
http://www.albertdelafuente.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20130925/3de40ea6/attachment.html>
More information about the Openstack
mailing list