Open Stack

Hi all,

I have followed the guide "OpenStack Installation Guide for Red Hat Enterprise Linux, CentOS, and Fedora  - havana" with 3 nodes, one controller, one networker and one compute. I am using neutron and not nova-network.
I have launched instances in a following topology:

ext-net  
   |
ext-to-int (router - 10.5.5.1)
   |
demo-net 
   |
-----------------------------------------------                                                
|                                             |
demo1 (instance - 10.5.5.4)     demo2 (instance - 10.5.5.5)


The instances are booted in a security group with "opened" rules:
+--------------------------------------+----------------+-----------+----------+------------------+--------------+
| id                                   | security_group | direction | protocol | remote_ip_prefix | remote_group |
+--------------------------------------+----------------+-----------+----------+------------------+--------------+
| 091faae9-5791-434e-91b9-f787cae5f9ef | demo_open      | ingress   | icmp     |                  |              |
| 444589a1-33b6-43e0-b53d-a1850cd8b646 | demo_open      | ingress   | tcp      | 0.0.0.0/0        |              |
| d299d8b0-4315-40fd-80db-1bb8678b5420 | demo_open      | egress    |          |                  |              |
| dea3b8c3-ee1e-41de-aedc-440587b4396c | demo_open      | egress    |          |                  |              |
+--------------------------------------+----------------+-----------+----------+------------------+--------------+

On networker, the ovs-vsctl show command gives:
566dca7e-e1da-40fc-93cb-3f077cd7b7e2
    Bridge br-int
        Port br-int
            Interface br-int
                type: internal
        Port "tap4a791b41-d8"
            tag: 1
            Interface "tap4a791b41-d8"
        Port "int-br-eth2"
            Interface "int-br-eth2"
        Port "tapebae8a27-f3"
            tag: 1
            Interface "tapebae8a27-f3"
    Bridge br-ex   
        Port "eth1"
            Interface "eth1"
        Port br-ex
            Interface br-ex
                type: internal
    Bridge "br-eth2"
        Port "eth2"
            Interface "eth2"
        Port "phy-br-eth2"
            Interface "phy-br-eth2"
        Port "br-eth2"
            Interface "br-eth2"
                type: internal
    ovs_version: "1.11.0"


On compute node, the ovs-vsctl show command gives
ddb0b9e5-3112-40d9-8f40-e4619c957e06
    Bridge "br-eth1"
        Port "br-eth1"
            Interface "br-eth1"
                type: internal
        Port "eth1"
            Interface "eth1"
        Port "phy-br-eth1"
            Interface "phy-br-eth1"
    Bridge br-int
        Port br-int
            Interface br-int
                type: internal
        Port "int-br-eth1"
            Interface "int-br-eth1"
        Port "tap958bfd54-e4"
            tag: 1
            Interface "tap958bfd54-e4"
        Port "tap35fe7833-06"
            tag: 1
            Interface "tap35fe7833-06"
    ovs_version: "1.11.0"

I can ping/ssh the instances with the command from the networker:
ip netns exec qrouter-9e20c425-3066-41f0-9d6a-a69308daee3a ssh cirros at 10.5.5.4
ip netns exec qrouter-9e20c425-3066-41f0-9d6a-a69308daee3a ping 10.5.5.4

However, I cannot access the instances without specifying the router (access vm directly), nor from an external computer.
And, I am not able to access the external network from the instances.
How can I do that? 

Thanks,
Anne-Claire
This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message.