[Openstack] [devstack] [Neutron] Multi host installation cannot ping VM from compute node

Brian Haley brian.haley at hp.com
Thu Nov 20 16:11:23 UTC 2014 

On 11/19/2014 05:45 PM, Mark Kirkwood wrote:
> Hi,
> 
> I have a small multi host devstack setup running from from 2 Ubuntu 14.04 hosts
> (themselves VMs):
> - controller node (stack1) running everything except compute
> - compute node (stack2) running compute only
> 
> If I amend the default security group to allow ping and start a VM:
> 
> stack1 $ neutron security-group-rule-create --protocol icmp --direction ingress
> default
> stack1 $ nova boot --image cirros-0.3.2-x86_64-uec --flavor 1 cirros0
> stack1 $ nova list
> +--------------------------------------+---------+--------+------------+-------------+------------------+
> 
> | ID                                   | Name    | Status | Task State | Power
> State | Networks         |
> +--------------------------------------+---------+--------+------------+-------------+------------------+
> 
> | 2bebd3c2-0bab-41b7-b0dd-555b49fd147a | cirros0 | ACTIVE | -          |
> Running     | private=10.0.0.2 |
> +--------------------------------------+---------+--------+------------+-------------+------------------+
> 
> 
> stack1 $ ping 10.0.0.2
> PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
> 64 bytes from 10.0.0.2: icmp_seq=1 ttl=63 time=2.99 ms
> 
> 
> But from the compute node:
> 
> stack2 $ ping 10.0.0.2
> (hangs)
> 
> It looks like I'm missing a route or nat rule of some kind:
> 
> stack1 $ route
> $ route
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
> default         192.168.122.1   0.0.0.0         UG    0      0        0 eth0
> 10.0.0.0        172.24.4.2      255.255.255.0   UG    0      0        0 br-ex
> 172.24.4.0      *               255.255.255.0   U     0      0        0 br-ex
> 192.168.122.0   *               255.255.255.0   U     0      0        0 eth0

If you look in the lib/neutron file in the devstack directory, you'll see it's
doing a 'route add' for this, and from what you've shown it's only on the
network node.  I'd almost argue it shouldn't be doing this at all since that is
supposed to be a tenant private network, but I digress.

The best thing for you to do would be to add a floating IP to the instance,
which should be in the correct subnet range to work, but I think you'll still
need to add a network route for it as well, you just won't need the additional
route for the 10.0.0.0 network.  Sorry, it's been a while since I setup a
multi-host devstack.

-Brian

More information about the Openstack mailing list