[Openstack] Neutron (Havana) configuration on Ubuntu
sylecn
sylecn at gmail.com
Tue Feb 11 01:58:21 UTC 2014
Hi Ross,
1. Make sure you have enabled ping (ICMP) in security groups.
The default security groups does not allow ping.
neutron security-group-rule-create --direction ingress --protocol icmp
$SG_ID
I suggest you explicitly create security group and use that when you
boot instance. In this case, I see two security groups named
"default". Better add that rule for both.
2. Check whether you can ping the fixed ip.
Run on the neutron node:
sudo ip netns exec qrouter-43c596c4-65fe-4c22-a48a-0a6e200abf78 ping -c
4 10.0.1.2
3. Check console log of the vm. Did it boot correctly? Did it get IP from
DHCP?
nova console-log tvm1
Thanks,
Yuanle
On Tue, Feb 11, 2014 at 8:52 AM, Lillie Ross-CDSR11 <
Ross.Lillie at motorolasolutions.com> wrote:
> If this issue has already been discussed, please excuse.
>
> I'm somewhat confused about neutron configuration and tenancy. Correct me
> if I'm wrong.
>
> First, I've create a private network under the 'admin' tenant named
> 'admin-net'. I've associated a subnet named admin-net.1 with the admin-net
> with a CIDR of 10.0.1.0/24.
>
> Next, I created a network with router:external set to True associated with
> our campus network named 'campus-net'. This network was created under the
> 'service' tenant'. I also create a router named 'campus-gw' under the
> 'service' tenant and set it's gateway to be the 'campus-net' network.
>
> Finally, I create a floating address pool under the 'admin' tenant named
> 'admin-net.float', and add it as an interface to the 'campus-gw' router. I
> also create a default security group under the 'admin' tenant to allow SSH
> and ICMP access.
>
> When I boot an image, as a member of the admin tenant, the instance is
> correctly assigned an IP address from the admin tenant's private network.
> I next allocate (nova floating-ip-create admin-net.float) a floating IP
> address and associated it my running instance.
>
> However, I'm unable to ping the running instance, and I see no indication
> of the end of the tunnel being established on the network/controller node.
>
> I'm not that well versed with network namespaces nor the openvswitch
> commands.
>
> 2 questions. Does my overall configuration sound correct? And how best to
> diagnose what's going on here? Any pointers would be helpful. Additional
> details can be provided as needed. Thanks loads in advance.
>
> Regards,
> /ross
>
> --
>
> (neutron) net-list
>
> +--------------------------------------+------------+----------------------------------------------------+
> | id | name | subnets
> |
>
> +--------------------------------------+------------+----------------------------------------------------+
> | 2426f4d8-a983-4f50-ab5a-fd2a37e5cd94 | campus-net |
> a948538d-c2c2-4c02-9116-b89a79f0c73a 173.23.0.0/16 |
> | e6984375-f35b-4636-a293-43d0d296e0ff | admin-net |
> 2ced890b-944f-4f6e-8f7a-3f5a4d07c2bb 10.0.1.0/24 |
>
> +--------------------------------------+------------+----------------------------------------------------+
> (neutron) subnet-list
>
> +--------------------------------------+--------------------+---------------+---------------------------------------------------+
> | id | name | cidr
> | allocation_pools |
>
> +--------------------------------------+--------------------+---------------+---------------------------------------------------+
> | 2ced890b-944f-4f6e-8f7a-3f5a4d07c2bb | admin-net.1 | 10.0.1.0/24 |
> {"start": "10.0.1.2", "end": "10.0.1.254"} |
> | a948538d-c2c2-4c02-9116-b89a79f0c73a | admin-net.floating |
> 173.23.0.0/16 | {"start": "173.23.182.2", "end": "173.23.182.15"} |
>
> +--------------------------------------+--------------------+---------------+---------------------------------------------------+
> (neutron) router-list
>
> +--------------------------------------+-----------+-----------------------------------------------------------------------------+
> | id | name |
> external_gateway_info
> |
>
> +--------------------------------------+-----------+-----------------------------------------------------------------------------+
> | 43c596c4-65fe-4c22-a48a-0a6e200abf78 | campus-gw | {"network_id":
> "2426f4d8-a983-4f50-ab5a-fd2a37e5cd94", "enable_snat": true} |
>
> +--------------------------------------+-----------+-----------------------------------------------------------------------------+
> (neutron) router-show campus-gw
>
> +-----------------------+-----------------------------------------------------------------------------+
> | Field | Value
> |
>
> +-----------------------+-----------------------------------------------------------------------------+
> | admin_state_up | True
> |
> | external_gateway_info | {"network_id":
> "2426f4d8-a983-4f50-ab5a-fd2a37e5cd94", "enable_snat": true} |
> | id | 43c596c4-65fe-4c22-a48a-0a6e200abf78
> |
> | name | campus-gw
> |
> | routes |
> |
> | status | ACTIVE
> |
> | tenant_id | service
> |
>
> +-----------------------+-----------------------------------------------------------------------------+
> (neutron) security-group-list
> +--------------------------------------+---------+-------------+
> | id | name | description |
> +--------------------------------------+---------+-------------+
> | 0d66a3e2-7a0f-4caf-8b63-c3c8f3106242 | default | default |
> | c87230fa-9193-47a7-8ade-cec5f7f6b958 | default | default |
> +--------------------------------------+---------+-------------+
> (neutron)
> root at cirrus3:/var/log/neutron# nova list
>
> +--------------------------------------+------+--------+------------+-------------+----------------------------------+
> | ID | Name | Status | Task State |
> Power State | Networks |
>
> +--------------------------------------+------+--------+------------+-------------+----------------------------------+
> | ccdf7541-3a74-4289-a8ce-9fe5cffe9dbd | tvm1 | ACTIVE | None |
> Running | admin-net=10.0.1.2, 173.23.182.3 |
>
> +--------------------------------------+------+--------+------------+-------------+----------------------------------+
> root at cirrus3:/var/log/neutron# nova show tvm1
>
> +--------------------------------------+----------------------------------------------------------+
> | Property | Value
> |
>
> +--------------------------------------+----------------------------------------------------------+
> | status | ACTIVE
> |
> | updated | 2014-02-11T00:03:25Z
> |
> | OS-EXT-STS:task_state | None
> |
> | OS-EXT-SRV-ATTR:host | cn1
> |
> | key_name | root
> |
> | image | cirros
> (57a9f5d6-8b07-4bdb-b8a0-900de339d804) |
> | admin-net network | 10.0.1.2, 173.23.182.3
> |
> | hostId |
> 982cd20cde9c5f8514c95b5ca8530258fa9454cdc988a8b007a6d20b |
> | OS-EXT-STS:vm_state | active
> |
> | OS-EXT-SRV-ATTR:instance_name | instance-00000021
> |
> | OS-SRV-USG:launched_at | 2014-02-11T00:03:25.000000
> |
> | OS-EXT-SRV-ATTR:hypervisor_hostname | cn1
> |
> | flavor | m1.tiny (1)
> |
> | id |
> ccdf7541-3a74-4289-a8ce-9fe5cffe9dbd |
> | security_groups | [{u'name': u'default'}]
> |
> | OS-SRV-USG:terminated_at | None
> |
> | user_id | 090a2de6e74b4573bd29318d4f494191
> |
> | name | tvm1
> |
> | created | 2014-02-11T00:02:47Z
> |
> | tenant_id | ec54b7cadcab4620bbb6d568be7bd4a8
> |
> | OS-DCF:diskConfig | MANUAL
> |
> | metadata | {}
> |
> | os-extended-volumes:volumes_attached | []
> |
> | accessIPv4 |
> |
> | accessIPv6 |
> |
> | progress | 0
> |
> | OS-EXT-STS:power_state | 1
> |
> | OS-EXT-AZ:availability_zone | nova
> |
> | config_drive |
> |
>
> +--------------------------------------+----------------------------------------------------------+
> root at cirrus3:/var/log/neutron#
>
> --
> Ross Lillie
> Distinguished Member of Technical Staff
> Motorola Solutions, Inc.
>
> motorolasolutions.com
> O: +1.847.576.0012
> M: +1.847.980.2241
> E: ross.lillie at motorolasolutions.com
>
>
>
>
>
> _______________________________________________
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack at lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140211/ad98e365/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: MSI-Email-Identity-sm.png
Type: image/png
Size: 10441 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140211/ad98e365/attachment.png>
More information about the Openstack
mailing list
