[Openstack] [Openstack-operators] Connect VM network to exists VLAN network
Marouen Mechtri
mechtri.marwen at gmail.com
Wed Aug 20 13:05:58 UTC 2014
Hi Andreas,
Thank you for your response.
I think that the flat networking configuration is more appropriate when we
need to enable the access from the controller to the VM and vice versa.
Best regards,
Marouen
2014-08-18 17:52 GMT+02:00 Andreas Scheuring <scheuran at linux.vnet.ibm.com>:
> Hi Marouen,
>
> interesting setup that you're driving.
> Not sure if I can help you out but let's try.
>
> You're able to ping both feets of your router from within your vm -
> that's great!
> But you cannot ping the routers feets from your hypervisor, right?
>
> --> That makes sense to me.
> In general you will never be able to ping your instances private ip from
> the controller or from the hypervisor (this might change with dvr, but
> that's not yet released I guess). Cause neither the hypevisor nor the
> controller has a foot into the real tenant network (vlan or whatever).
>
> The only chance is via the network node, where the virtual router sits.
> Only there you can enter the tenant network. But this will not work
> while just pinging the guest. Let me tell you why:
>
> Routers are realized in network namespaces. So what you have to do is to
> switch to the network namespace and ping from there
> # ip netns show
> --> shows all network namespaces. There should be one with qrouter.xxxx
> # ip netns exec qrouter-xxxx ip a
> --> list all interfaces in that namespace. Here you should see 2 devices
> with your routers ip addresses
> # ip netns exec qrouter-xxxx ping <instance-ip>
> --> ping should be possible.
>
>
> Then you also tried out with floating ip and SSH to the floating ip
> works from a remote host, but not from your openstack nodes, right?
> And from your openstack nodes you can also ping the instance, so
> connection might be there.
> I have no clue what this might be. Somehting with iptables? Floating IPs
> are realized with NAT. Maybe that gives you a hint where to debug...
>
>
> Regards
> Andreas
>
>
>
>
>
> On Fri, 2014-08-15 at 16:55 +0200, Marouen Mechtri wrote:
> > Another detail that can be useful.
> > I can ping the floating IP of my instance and I can telnet the port
> > 22 from the controller, compute and network nodes
> >
> >
> > Trying 192.168.100.121...
> > Connected to 192.168.100.121.
> > Escape character is '^]'.
> > SSH-2.0-dropbear_2012.55
> >
> >
> > but I can not ssh from the controller, compute and network nodes.
> > From an external host I can ssh my instance.
> >
> >
> >
> >
> > Thank you in advance.
> >
> >
> > Best regards,
> > Marouen
> >
> >
> > 2014-08-15 16:17 GMT+02:00 Marouen Mechtri <mechtri.marwen at gmail.com>:
> > Hi Andreas,
> >
> >
> > I setup OpenStack on multinode (like the picture you
> > sent
> http://docs.openstack.org/havana/install-guide/install/apt/content/figures/3/a/common/figures/Neutron-PhysNet-Diagram.png
> )
> > and I'm using Icehouse release with openvswitch and GRE
> > tunnel.
> > For more detail about the network configuration:
> >
> https://raw.githubusercontent.com/ChaimaGhribi/OpenStack-Icehouse-Installation/master/images/network-topo.jpg
> >
> >
> >
> > I'm running the controller and network nodes on VMs (in the
> > compute node) and the compute node is my physical host.
> >
> >
> > Evry things are OK and I'm able to deploy instances and I can
> > ping from my instance the router gateways (connected to tenant
> > network and to the extenal nework)
> >
> >
> > The only issue I have I can not ping the tenant address of my
> > instance and the address of the tenant gateway from the
> > controller, network and compute nodes.
> > I can not also ping the controller node from my instance.
> >
> >
> > Could you please help me to solve this issue.
> >
> >
> > Thank you in advance.
> > Best regards,
> > Marouen
> >
> >
> > 2014-08-15 13:36 GMT+02:00 Andreas Scheuring
> > <scheuran at linux.vnet.ibm.com>:
> >
> > Hi,
> > just that we're on the same page. Please have a look
> > at this picture:
> >
> http://docs.openstack.org/havana/install-guide/install/apt/content/figures/3/a/common/figures/Neutron-PhysNet-Diagram.png
> >
> > With the provider network you create a network that
> > matches the green
> > External & the purple api network (as you have a
> > combined controller +
> > network node). This is where you already have vlan,
> > right?
> >
> > And on the green data network you try to use gre,
> > right?
> >
> > Or does you controller only have one physical nic for
> > all kind of
> > traffic?
> >
> >
> > I'm sorry but I do not yet understand your setup and
> > what you're trying
> > to achieve.
> >
> > Please keep always the mailing lists on cc, as others
> > might also be
> > interested.
> >
> >
> >
> > Regards,
> > Andreas
> >
> >
> >
> > On Fri, 2014-08-15 at 14:21 +0700, Nhan Cao wrote:
> > > hi,
> > > i deploy on multinode with neutron and openvswitch.
> > > My Infrastructure has a exists VLAN, now, i'm using
> > GRE type network.
> > > I found a article about that
> > >
> >
> http://trickycloud.wordpress.com/2013/11/12/setting-up-a-flat-network-with-neutron/
> > > Could you give me a advice? i should choose VLAN or
> > GRE for best?
> > > Thanks
> > >
> > >
> > >
> > >
> > >
> > >
> > > 2014-08-15 13:46 GMT+07:00 Andreas Scheuring
> > > <scheuran at linux.vnet.ibm.com>:
> > > Hi Nhan,
> > > I guess more information is required to help
> > you out there.
> > >
> > > It would be helpful to know which setup
> > you're using, e.g. a
> > > singlenode
> > > or multinode setup, openvswitch for network
> > virtualiation or
> > > something
> > > else? Are you using nova network or neutron
> > networking?
> > >
> > > If I got it right you created a tenant
> > network in openstack
> > > (in your
> > > case vm network). In addition your host
> > (hypervisor) has a an
> > > eth
> > > interface into the physical network, right?
> > >
> > > You also mentioned that your physical
> > network is a vlan
> > > network. Is your
> > > hypervisor aware of this vlan tagging or is
> > this done by a
> > > access port
> > > config in your switch?
> > >
> > >
> > > And what you want to achieve is to connect a
> > vm attached to
> > > the
> > > openstack vm network to your physical vlan
> > network. Did I get
> > > you right?
> > >
> > > Basically you would create a so called
> > "provider network" that
> > > represents your physical network and connect
> > this provider
> > > network via a
> > > virtual router to your vm network.
> > >
> > > More information you can find here:
> > >
> >
> http://docs.openstack.org/admin-guide-cloud/content/under_the_hood_openvswitch.html#under_the_hood_openvswitch_scenario1
> > >
> > >
> > > Regards,
> > > Andreas
> > >
> > >
> > >
> > > On Fri, 2014-08-15 at 00:00 +0700, Nhan Cao
> > wrote:
> > > > Hi
> > > > I have to network:
> > > > vm network: 10.2.21.0/24
> > > > exist VLAN network: 192.168.1.0/24
> > > > I want to connect from my VM network to
> > physic VLAN network.
> > > >
> > > > How i config to connect?
> > > >
> > > >
> > > >
> > > > Thanks :)
> > > >
> > > >
> > >
> > > >
> > _______________________________________________
> > > > Mailing list:
> > >
> >
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> > > > Post to :
> > openstack at lists.openstack.org
> > > > Unsubscribe :
> > >
> >
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> > >
> > >
> > >
> > >
> > _______________________________________________
> >
> > > OpenStack-operators mailing list
> > > OpenStack-operators at lists.openstack.org
> > >
> >
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
> > >
> > >
> >
> >
> >
> > _______________________________________________
> > Mailing list:
> >
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> > Post to : openstack at lists.openstack.org
> > Unsubscribe :
> >
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> >
> >
> >
> >
> >
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140820/ac77136d/attachment.html>
More information about the Openstack
mailing list
