[Openstack] Need help setting up routing to my instances
Eric Berg
eberg at rubensteintech.com
Wed Jun 11 17:55:49 UTC 2014
What networking are you using? I found Neutron to be unmanageable and
fell back to nova, which worked with my small cloud implementation. I'm
using one control and one compute host, soon to be 3.
Can you ping out to local IPs or 8.8.8.8? I'd start with the interfaces
involved on your compute and control and network hosts. You have to see
where the first place you see packets is and then dump the traffic on
each of the ports going out from the instance in order to see where your
packets are getting stopped.
Are you getting DHCP addresses on your instances?
On 6/11/14, 1:39 PM, Deepak Shetty wrote:
> Yup, i did it for the tenant user and admin both, but it still didn't
> work :(
> I can boot my instance and get inside it via VNC console, but cannot
> ping the instance from devstack host and vice-versa
> I am assuming its something to do with the way devstack sets up
> networking thats probably not working correctly.. just a guess!
>
>
> On Wed, Jun 11, 2014 at 10:54 PM, Eric Berg <eberg at rubensteintech.com
> <mailto:eberg at rubensteintech.com>> wrote:
>
> I had added the icmp and ssh groups as admin, but had to do it as
> well as the tenant user. The docs don't seem to speak to the need
> to do things as admin or tenant much, but I had to run both
> commands to set up the security group rules for icmp and ssh as
> both admin and tenant user.
>
>
>
> On 6/11/14, 12:45 PM, Deepak Shetty wrote:
>> Just to be clear.. I have added sec-group rule for ssh, icmp into
>> the default secgroup
>> and using the default secgroup while creating the instance.. and
>> yet I am unable to ping and/or ssh the instance from my devstack
>> host!
>>
>>
>> On Wed, Jun 11, 2014 at 10:15 PM, Deepak Shetty
>> <dpkshetty at gmail.com <mailto:dpkshetty at gmail.com>> wrote:
>>
>> I am actually hitting a similar issue with devstack setup on F20
>> I am able to spawn Nova instances and have setup keypair and
>> sec-groups and using those key and secgroup while spawning
>> the instance
>>
>> My instance boots up fine and has a 10.x.x.x IP.. I can get
>> into the instance usign VNC.. but cannot ping my host (On
>> which VM is created) from inside the instnace and vice versa.
>> I see that sshd is running inside the instnace and doing ssh
>> root at localhost in the instnace works
>>
>> So what else am I missing for the networking NOT to work ?
>> ANy body has any suggestions ?
>>
>>
>> On Wed, Jun 11, 2014 at 7:42 PM, Eric Berg
>> <eberg at rubensteintech.com <mailto:eberg at rubensteintech.com>>
>> wrote:
>>
>> please excuse my stupidity, but this is the fiftieth time
>> I've done an install and I had left out the
>> secgroup-add-rule's for icmp and ssh.
>>
>> I'm good now!!
>>
>> I certainly appreciate your help, Yugang.
>>
>>
>> On Wed Jun 11 01:52:20 2014, Yugang LIU wrote:
>>
>> Hi,
>>
>> For Nova-network, You can
>>
>> ping from vm to vm.
>> ping from vm to internet
>>
>> You can not
>> ping from any host to vm exclude host owned vm
>>
>> You need assign a floating ip to VM.
>>
>>
>> Best regards
>>
>> Yugang LIU
>>
>> Keep It Simple, Stupid
>>
>> On 06/11/2014 08:36 AM, Eric Berg wrote:
>>
>> Update. I've done a fresh install and am
>> successfully running
>> instances on my compute host, but, while I can
>> connect out of my
>> instances just fine, I can't get into them from
>> any host but my
>> compute host.
>>
>> I thought that RDO was going to set me up so that
>> each compute host
>> handled the routing directly, but it appears that
>> all of my instance's
>> traffic is routing through a bridge to my control
>> host.
>>
>> My compute and control hosts are on a
>> 192.168.0.0/16 <http://192.168.0.0/16> network
>> and are
>> using 192.168.20.0/24 <http://192.168.20.0/24>
>> for the instances.
>>
>> How do I get traffic routing into my instance
>> hosts on 192.168.20.0/24 <http://192.168.20.0/24>
>> on each compute host? (I only have one now, but
>> will be deploying 2
>> more once I have OpenStack set up.
>>
>> Eric
>>
>>
>>
>> On 6/10/14, 4:53 PM, Eric Berg wrote:
>>
>> I need some help setting up my network before
>> doing an install of RDO
>> using nova-networking. I've got 2 hosts --
>> one is a control and one
>> is a compute host. Each has 2 NICs.
>>
>> It's my understanding that I need to
>> configure the network before
>> doing the install, but I can't find any good
>> docs on just what I have
>> to do.
>>
>> My initial install allowed me to create
>> instances that I could get
>> into and out of via ssh, ping, etc., but when
>> I created a new tenant
>> and a network for that tenant, the networking
>> stopped working.
>>
>> I used this command to create the network:
>>
>> "nova network-create ruby-net --bridge br100
>> --multi-host T
>> --fixed-range-v4 192.168.20.0/24
>> <http://192.168.20.0/24>"
>>
>> While I found more documentation for neutron,
>> I'm not finding much
>> for nova. I have the following questions:
>>
>> 1) how should I set up my network interfaces
>> on the control and
>> compute host for a nova-networking installation?
>> 2) where are the docs for installation
>> (including such prep as
>> above), as well as post-install tenant set-up
>> for this type of network?
>>
>> Thanks for your consideration.
>>
>> Eric
>>
>>
>>
>>
>> _______________________________________________
>> Mailing list:
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>> Post to : openstack at lists.openstack.org
>> <mailto:openstack at lists.openstack.org>
>> Unsubscribe :
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>
>>
>> --
>> Eric Berg
>> Sr. Software Engineer
>> Rubenstein Technology Group
>> 55 Broad Street, 14th Floor
>> New York, NY 10004-2501
>>
>> (212) 518-6400
>> (212) 518-6467 fax
>> eberg at rubensteintech.com <mailto:eberg at rubensteintech.com>
>> www.rubensteintech.com <http://www.rubensteintech.com>
>>
>> _______________________________________________
>> Mailing list:
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>> Post to : openstack at lists.openstack.org
>> <mailto:openstack at lists.openstack.org>
>> Unsubscribe :
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>
>>
>>
>
> --
> Eric Berg
> Sr. Software Engineer
> Rubenstein Technology Group
> 55 Broad Street, 14th Floor
> New York, NY 10004-2501
>
> (212) 518-6400
> (212) 518-6467 fax
> eberg at rubensteintech.com <mailto:eberg at rubensteintech.com>
> www.rubensteintech.com <http://www.rubensteintech.com>
>
>
--
Eric Berg
Sr. Software Engineer
Rubenstein Technology Group
55 Broad Street, 14th Floor
New York, NY 10004-2501
(212) 518-6400
(212) 518-6467 fax
eberg at rubensteintech.com
www.rubensteintech.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140611/097fd2e7/attachment.html>
More information about the Openstack
mailing list