[Openstack] CLI vs Horizon dashboard has different view of networks created by devstack
Danny Choi (dannchoi)
dannchoi at cisco.com
Mon Oct 6 14:18:13 UTC 2014
Hi Akihiro,
On 10/6/14, 9:56 AM, "Akihiro Motoki" <amotoki at gmail.com> wrote:
>Hi,
>
>On Mon, Oct 6, 2014 at 10:41 PM, Danny Choi (dannchoi)
><dannchoi at cisco.com> wrote:
>> Hi Akihiro,
>>
>> Thank you for the detailed explanation.
>>
>> More questions:
>>
>> 1. The ³public² network is a floating IP pool (router:external=True).
>> Does it make sense to attach the ³public² network, i.e. a floating IP
>> to the VM during launch?
>
>Allocating a floating IP from the pool and connecting a VM directly to
>the "public" network are different things.
>Floating IP works as DNAT to private IP.
>At now Neutron does not support auto association of floating IP which
>is supported in nova-network.
So is it OK to connect a VM directly to the “public” network which
in this case is a floating IP pool?
>
>> I thought user usually attach a ³private" network first and then
>> *associates* a floating IP to it.
>
>Your understaing is correct.
>
>> 2. In CLI as user admin, I can attach the "private² network to a VM.
>>
>> localadmin at qa4:~/devstack$ nova list
>>
>>+--------------------------------------+------+--------+------------+----
>>--
>> -------+-------------------+
>> | ID | Name | Status | Task State |
>> Power State | Networks |
>>
>>+--------------------------------------+------+--------+------------+----
>>--
>> -------+-------------------+
>> | c308e2a1-1763-4d05-84ed-8fcf5f02abab | vm1 | ACTIVE | - |
>> Running | public=172.24.4.4 |
>> | 536a509f-7941-466a-9508-ce26f599f10a | vm2 | ACTIVE | - |
>> Running | private=10.0.0.9 | <<<<<
>> | c4a46ad6-466e-4b7f-be18-98659eb688ba | vm3 | ACTIVE | - |
>> Running | private=10.0.0.11 | <<<<<
>>
>>+--------------------------------------+------+--------+------------+----
>>--
>> -------+-------------------+
>>
>> However, I cannot ping the private IP addresses from the context of the
>> qrouter. Why?
>
>Does your security group allow a ping from router IP address?
>Rules of "default" security group does not allow PING from qrouter by
>default.
>
>I would like to know the output of "neutron security-group-list"
>and "neutron security-group-rule-list".
localadmin at qa4:~/devstack$ neutron security-group-list
+--------------------------------------+---------+-------------+
| id | name | description |
+--------------------------------------+---------+-------------+
| 9c8d1321-5c94-4fdd-9ae3-07be0aef8d6e | default | default |
| bef46da4-1059-44ee-bd2f-d3ce0bc55588 | default | default |
| ce261138-3d08-4db9-b432-24fcbc8f914f | default | default |
+--------------------------------------+---------+-------------+
localadmin at qa4:~/devstack$ neutron security-group-rule-list
+--------------------------------------+----------------+-----------+------
----+------------------+--------------+
| id | security_group | direction |
protocol | remote_ip_prefix | remote_group |
+--------------------------------------+----------------+-----------+------
----+------------------+--------------+
| 0d18ae06-251c-4426-b37e-03f23fd2cb25 | default | ingress |
| | default |
| 27416209-aa65-48b8-a31f-60d9cf00bac4 | default | ingress | icmp
| 0.0.0.0/0 | |
| 3b1ecfec-5fe8-4395-968c-a23c2c6ada2a | default | egress |
| | |
| 3dfe4aef-4c3e-4966-839e-cd541bf5d414 | default | egress |
| | |
| 41bf8330-7e44-4106-9461-30211501b6f2 | default | ingress |
| | default |
| aa611eb3-18b9-43e1-ab78-d9db7b708316 | default | ingress |
| | default |
| cce02ef2-8335-43d4-aa8d-11caeba29f2b | default | ingress |
| | default |
| d240faa3-d78a-4bd0-b67f-7bcdcb7d9897 | default | ingress | tcp
| 0.0.0.0/0 | |
| e03ba40d-4e35-4544-878d-1baa2a99928a | default | egress |
| | |
| ea0f08a1-0c5f-4716-9431-bbf3c3db7188 | default | ingress |
| | default |
| edb27717-8295-455f-a616-bcf8ddefc153 | default | egress |
| | |
| f6e39e24-c4a6-4743-8f7a-4cb1ad68e523 | default | egress |
| | |
| facf07e0-32be-4f28-a102-af27930998a2 | default | ingress |
| | default |
| fc75f56d-d1c8-4e26-947f-57738f8d4659 | default | egress |
| | |
+--------------------------------------+----------------+-----------+------
----+------------------+--------------+
Thanks,
Danny
>
>Thanks,
>Akihiro
>
>
>>
>> localadmin at qa4:~/devstack$ ip netns
>> qdhcp-94d1e13c-cebc-419d-af06-49e6b4f01304
>> qrouter-7b422c9d-c5f9-4bb5-b1b3-159954c72323
>> localadmin at qa4:~/devstack$ sudo ip netns exec
>> qrouter-7b422c9d-c5f9-4bb5-b1b3-159954c72323 ip addr list
>> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
>>group
>> default
>> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>> inet 127.0.0.1/8 scope host lo
>> valid_lft forever preferred_lft forever
>> inet6 ::1/128 scope host
>> valid_lft forever preferred_lft forever
>> 13: qr-5607b404-68: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state
>> UNKNOWN group default
>> link/ether fa:16:3e:2f:65:af brd ff:ff:ff:ff:ff:ff
>> inet 10.0.0.1/24 brd 10.0.0.255 scope global qr-5607b404-68
>> valid_lft forever preferred_lft forever
>> inet6 fe80::f816:3eff:fe2f:65af/64 scope link
>> valid_lft forever preferred_lft forever
>> 14: qg-b19af547-df: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state
>> UNKNOWN group default
>> link/ether fa:16:3e:67:b1:f9 brd ff:ff:ff:ff:ff:ff
>> inet 172.24.4.2/24 brd 172.24.4.255 scope global qg-b19af547-df
>> valid_lft forever preferred_lft forever
>> inet6 fe80::f816:3eff:fe67:b1f9/64 scope link
>> valid_lft forever preferred_lft forever
>> localadmin at qa4:~/devstack$ sudo ip netns exec
>> qrouter-7b422c9d-c5f9-4bb5-b1b3-159954c72323 ping 10.0.0.1
>> PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data.
>> 64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=0.082 ms
>> 64 bytes from 10.0.0.1: icmp_seq=2 ttl=64 time=0.031 ms
>> 64 bytes from 10.0.0.1: icmp_seq=3 ttl=64 time=0.060 ms
>> ^C
>> --- 10.0.0.1 ping statistics ---
>> 3 packets transmitted, 3 received, 0% packet loss, time 1998ms
>> rtt min/avg/max/mdev = 0.031/0.057/0.082/0.022 ms
>> localadmin at qa4:~/devstack$ sudo ip netns exec
>> qrouter-7b422c9d-c5f9-4bb5-b1b3-159954c72323 ping 10.0.0.9
>> PING 10.0.0.9 (10.0.0.9) 56(84) bytes of data.
>> From 10.0.0.1 icmp_seq=1 Destination Host Unreachable <<<<<
>> From 10.0.0.1 icmp_seq=2 Destination Host Unreachable
>> From 10.0.0.1 icmp_seq=3 Destination Host Unreachable
>> ^C
>> --- 10.0.0.9 ping statistics ---
>> 5 packets transmitted, 0 received, +3 errors, 100% packet loss, time
>>3999ms
>> pipe 4
>> localadmin at qa4:~/devstack$ sudo ip netns exec
>> qrouter-7b422c9d-c5f9-4bb5-b1b3-159954c72323 ping 10.0.0.11
>> PING 10.0.0.11 (10.0.0.11) 56(84) bytes of data.
>> From 10.0.0.1 icmp_seq=1 Destination Host Unreachable <<<<<
>> From 10.0.0.1 icmp_seq=2 Destination Host Unreachable
>> From 10.0.0.1 icmp_seq=3 Destination Host Unreachable
>> ^C
>> --- 10.0.0.11 ping statistics ---
>> 5 packets transmitted, 0 received, +3 errors, 100% packet loss, time
>>4024ms
>>
>>
>> Thanks,
>> Danny
>>
>>
>> On 10/6/14, 1:09 AM, "Akihiro Motoki" <amotoki at gmail.com> wrote:
>>
>>>It is the expected behavior as its original design.
>>>
>>>
>>>In Neutron API, if a user has admin role, the user can see all
>>>resources from all tenants.
>>>CLI just sends a request to Neutron API, so the result of net-list
>>>with admin role lists both networks.
>>>In addition, a network with router:external=True (in this case
>>>"public" network) is visible to
>>>non-admin users so that regular users can know floating IP pools.
>>>(a network with router:external=True is a floating IP pool.)
>>>
>>>In Horizon, the network list in Project panel only lists networks from
>>>the current project.
>>>It is the intended behaviors. The admin network panel is used to lists
>>>all networks from all projects.
>>>Regarding "public" network, it is not listed in the project network
>>>panel because "public" network
>>>is a floating IP pool and there is no need to be listed in the network
>>>panel. It is used in Floating IP
>>>Allocation form.
>>>
>>>
>>>Regarding VM launching, it is the intended behavior too.
>>>
>>>In CLI case, Neutron API allows admin users to create a port on any
>>>networks
>>>even if a network belongs to other projects. This is the reason
>>>"admin" user with "admin" tenant
>>>can launch an instance connected to "private" network of "demo" project.
>>>
>>>In Horizon, Horizon honors the typical use case to avoid complicated use
>>>cases.
>>>Horizon developers think it is a special use where admin user launch
>>>an instance connected to other projects.
>>>This is the reason an admin user cannot launch an instance connected
>>>to "private" network from "demo" project.
>>>If there is such special needs, it can be done through CLI.
>>>
>>>I hope it helps you understand the behavior.
>>>
>>>Thanks,
>>>Akihiro
>>>
>>>
>>>
>>>On Mon, Oct 6, 2014 at 8:29 AM, Danny Choi (dannchoi)
>>><dannchoi at cisco.com> wrote:
>>>> Hi,
>>>>
>>>> I used devstack to deploy Juno OpenStack.
>>>>
>>>> By default, devstack created 2 users: admin (with role ³admin²) and
>>>>demo.
>>>>
>>>> localadmin at qa4:~/devstack$ source openrc admin admin
>>>>
>>>> localadmin at qa4:~/devstack$ keystone user-list
>>>>
>>>>
>>>>+----------------------------------+----------+---------+--------------
>>>>--
>>>>------+
>>>>
>>>> | id | name | enabled | email
>>>> |
>>>>
>>>>
>>>>+----------------------------------+----------+---------+--------------
>>>>--
>>>>------+
>>>>
>>>> | 8ad8cd428ac94cd1a888d4372a61cabc | admin | True |
>>>> | <<<
>>>>
>>>> | e057de661e644f709899b169dd716037 | alt_demo | True |
>>>> alt_demo at example.com |
>>>>
>>>> | d55afe55b4de4815bc3e832b2684abd8 | cinder | True |
>>>> |
>>>>
>>>> | 57a3f7eefcff4a37b064938ebf7335da | demo | True |
>>>>demo at example.com
>>>> | <<<
>>>>
>>>> | e40971caaf8040d2bc91ec62ad846377 | glance | True |
>>>> |
>>>>
>>>> | b6920c6626144595807f40ac36a453e4 | heat | True |
>>>> |
>>>>
>>>> | 71af3e61cb63442ea6a91fcd221487dd | neutron | True |
>>>> |
>>>>
>>>> | 259fb79c8bfa4c0f9d5df37c45868ce8 | nova | True |
>>>> |
>>>>
>>>>
>>>>+----------------------------------+----------+---------+--------------
>>>>--
>>>>------+
>>>>
>>>> localadmin at qa4:~/devstack$ keystone tenant-list
>>>>
>>>> +----------------------------------+--------------------+---------+
>>>>
>>>> | id | name | enabled |
>>>>
>>>> +----------------------------------+--------------------+---------+
>>>>
>>>> | 55ec74628b004fedbef9b8cad130a442 | admin | True |
>>>><<<
>>>>
>>>> | 2e6b7da08b9643cc95518c8efc7f71c3 | alt_demo | True |
>>>>
>>>> | 51dcdd7f6f6545bd8bb49aeb556dab48 | demo | True |
>>>><<<
>>>>
>>>> | e9f10b3e51fd4ff68150ec82eeeac3e4 | invisible_to_admin | True |
>>>>
>>>> | 4264b64d7697419886ebf2ef141069a5 | service | True |
>>>>
>>>> +----------------------------------+--------------------+---------+
>>>>
>>>> localadmin at qa4:~/devstack$ keystone user-get admin
>>>>
>>>> +----------+----------------------------------+
>>>>
>>>> | Property | Value |
>>>>
>>>> +----------+----------------------------------+
>>>>
>>>> | email | |
>>>>
>>>> | enabled | True |
>>>>
>>>> | id | 8ad8cd428ac94cd1a888d4372a61cabc |
>>>>
>>>> | name | admin |
>>>>
>>>> | tenantId | 55ec74628b004fedbef9b8cad130a442 | <<< tenant=admin
>>>>
>>>> | username | admin |
>>>>
>>>> +----------+----------------------------------+
>>>>
>>>> localadmin at qa4:~/devstack$ keystone user-get demo
>>>>
>>>> +----------+----------------------------------+
>>>>
>>>> | Property | Value |
>>>>
>>>> +----------+----------------------------------+
>>>>
>>>> | email | demo at example.com |
>>>>
>>>> | enabled | True |
>>>>
>>>> | id | 57a3f7eefcff4a37b064938ebf7335da |
>>>>
>>>> | name | demo |
>>>>
>>>> | tenantId | 51dcdd7f6f6545bd8bb49aeb556dab48 | <<< tenant=demo
>>>>
>>>> | username | demo |
>>>>
>>>> +----------+----------------------------------+
>>>>
>>>> localadmin at qa4:~/devstack$ keystone user-role-list --user admin
>>>>--tenant
>>>> admin
>>>>
>>>>
>>>>+----------------------------------+------------------+----------------
>>>>--
>>>>----------------+----------------------------------+
>>>>
>>>> | id | name |
>>>>user_id
>>>> | tenant_id |
>>>>
>>>>
>>>>+----------------------------------+------------------+----------------
>>>>--
>>>>----------------+----------------------------------+
>>>>
>>>> | 9fe2ff9ee4384b1894a90878d3e92bab | _member_ |
>>>> 8ad8cd428ac94cd1a888d4372a61cabc | 55ec74628b004fedbef9b8cad130a442 |
>>>>
>>>> | 1f4f0d145e71452d9e633c63baae3696 | admin |
>>>> 8ad8cd428ac94cd1a888d4372a61cabc | 55ec74628b004fedbef9b8cad130a442 |
>>>>
>>>> | 98b3a4cad94949319d99acde115f682b | heat_stack_owner |
>>>> 8ad8cd428ac94cd1a888d4372a61cabc | 55ec74628b004fedbef9b8cad130a442 |
>>>>
>>>>
>>>>+----------------------------------+------------------+----------------
>>>>--
>>>>----------------+----------------------------------+
>>>>
>>>> localadmin at qa4:~/devstack$ keystone user-role-list --user demo
>>>>--tenant
>>>>demo
>>>>
>>>>
>>>>+----------------------------------+------------------+----------------
>>>>--
>>>>----------------+----------------------------------+
>>>>
>>>> | id | name |
>>>>user_id
>>>> | tenant_id |
>>>>
>>>>
>>>>+----------------------------------+------------------+----------------
>>>>--
>>>>----------------+----------------------------------+
>>>>
>>>> | b3831a6a7eac4b8996ba428345cb9067 | Member |
>>>> 57a3f7eefcff4a37b064938ebf7335da | 51dcdd7f6f6545bd8bb49aeb556dab48 |
>>>>
>>>> | 9fe2ff9ee4384b1894a90878d3e92bab | _member_ |
>>>> 57a3f7eefcff4a37b064938ebf7335da | 51dcdd7f6f6545bd8bb49aeb556dab48 |
>>>>
>>>> | 750c89eea84f4e53852033331c835617 | anotherrole |
>>>> 57a3f7eefcff4a37b064938ebf7335da | 51dcdd7f6f6545bd8bb49aeb556dab48 |
>>>>
>>>> | 98b3a4cad94949319d99acde115f682b | heat_stack_owner |
>>>> 57a3f7eefcff4a37b064938ebf7335da | 51dcdd7f6f6545bd8bb49aeb556dab48 |
>>>>
>>>>
>>>>+----------------------------------+------------------+----------------
>>>>--
>>>>----------------+----------------------------------+
>>>>
>>>>
>>>> There are 2 networks created, public (tenant = admin) and private
>>>>(tenant =
>>>> demo); and both networks are not shared.
>>>>
>>>> localadmin at qa4:~/devstack$ neutron net-list
>>>>
>>>>
>>>>+--------------------------------------+---------+---------------------
>>>>--
>>>>-----------------------------+
>>>>
>>>> | id | name | subnets
>>>> |
>>>>
>>>>
>>>>+--------------------------------------+---------+---------------------
>>>>--
>>>>-----------------------------+
>>>>
>>>> | 2d113f8c-d742-4f2f-8cf2-a8e56749d51d | public |
>>>> ab40f80e-aaf6-43ab-a1da-92f8ac7f7246 172.24.4.0/24 |
>>>>
>>>> | 94d1e13c-cebc-419d-af06-49e6b4f01304 | private |
>>>> 1265bbd4-e775-4d9b-a7d5-498848c09b37 10.0.0.0/24 |
>>>>
>>>>
>>>>+--------------------------------------+---------+---------------------
>>>>--
>>>>-----------------------------+
>>>>
>>>> localadmin at qa4:~/devstack$ neutron net-show public
>>>>
>>>> +---------------------------+--------------------------------------+
>>>>
>>>> | Field | Value |
>>>>
>>>> +---------------------------+--------------------------------------+
>>>>
>>>> | admin_state_up | True |
>>>>
>>>> | id | 2d113f8c-d742-4f2f-8cf2-a8e56749d51d |
>>>>
>>>> | name | public |
>>>>
>>>> | provider:network_type | vlan |
>>>>
>>>> | provider:physical_network | p1p1 |
>>>>
>>>> | provider:segmentation_id | 301 |
>>>>
>>>> | router:external | True |
>>>>
>>>> | shared | False |
>>>>
>>>> | status | ACTIVE |
>>>>
>>>> | subnets | ab40f80e-aaf6-43ab-a1da-92f8ac7f7246 |
>>>>
>>>> | tenant_id | 55ec74628b004fedbef9b8cad130a442 |
>>>><<<
>>>> tenant=admin
>>>>
>>>> +---------------------------+--------------------------------------+
>>>>
>>>> localadmin at qa4:~/devstack$ neutron net-show private
>>>>
>>>> +---------------------------+--------------------------------------+
>>>>
>>>> | Field | Value |
>>>>
>>>> +---------------------------+--------------------------------------+
>>>>
>>>> | admin_state_up | True |
>>>>
>>>> | id | 94d1e13c-cebc-419d-af06-49e6b4f01304 |
>>>>
>>>> | name | private |
>>>>
>>>> | provider:network_type | vlan |
>>>>
>>>> | provider:physical_network | p1p1 |
>>>>
>>>> | provider:segmentation_id | 300 |
>>>>
>>>> | router:external | False |
>>>>
>>>> | shared | False |
>>>>
>>>> | status | ACTIVE |
>>>>
>>>> | subnets | 1265bbd4-e775-4d9b-a7d5-498848c09b37 |
>>>>
>>>> | tenant_id | 51dcdd7f6f6545bd8bb49aeb556dab48 |
>>>><<<
>>>> tenant=demo
>>>>
>>>> +---------------------------+--------------------------------------+
>>>>
>>>>
>>>> In CLI, both networks are visible for both users admin and demo.
>>>>
>>>> localadmin at qa4:~/devstack$ source openrc admin admin
>>>>
>>>> localadmin at qa4:~/devstack$ neutron net-list
>>>>
>>>>
>>>>+--------------------------------------+---------+---------------------
>>>>--
>>>>-----------------------------+
>>>>
>>>> | id | name | subnets
>>>> |
>>>>
>>>>
>>>>+--------------------------------------+---------+---------------------
>>>>--
>>>>-----------------------------+
>>>>
>>>> | 2d113f8c-d742-4f2f-8cf2-a8e56749d51d | public |
>>>> ab40f80e-aaf6-43ab-a1da-92f8ac7f7246 172.24.4.0/24 |
>>>>
>>>> | 94d1e13c-cebc-419d-af06-49e6b4f01304 | private |
>>>> 1265bbd4-e775-4d9b-a7d5-498848c09b37 10.0.0.0/24 |
>>>>
>>>>
>>>>+--------------------------------------+---------+---------------------
>>>>--
>>>>-----------------------------+
>>>>
>>>> localadmin at qa4:~/devstack$
>>>>
>>>> localadmin at qa4:~/devstack$
>>>>
>>>> localadmin at qa4:~/devstack$ source openrc demo demo
>>>>
>>>> localadmin at qa4:~/devstack$ neutron net-list
>>>>
>>>>
>>>>+--------------------------------------+---------+---------------------
>>>>--
>>>>---------------------------+
>>>>
>>>> | id | name | subnets
>>>> |
>>>>
>>>>
>>>>+--------------------------------------+---------+---------------------
>>>>--
>>>>---------------------------+
>>>>
>>>> | 2d113f8c-d742-4f2f-8cf2-a8e56749d51d | public |
>>>> ab40f80e-aaf6-43ab-a1da-92f8ac7f7246 |
>>>>
>>>> | 94d1e13c-cebc-419d-af06-49e6b4f01304 | private |
>>>> 1265bbd4-e775-4d9b-a7d5-498848c09b37 10.0.0.0/24 |
>>>>
>>>>
>>>>+--------------------------------------+---------+---------------------
>>>>--
>>>>---------------------------+
>>>>
>>>>
>>>>
>>>> In Horizon dashboard, I logged in as user admin.
>>>>
>>>>
>>>> From the Projects pulldown, select admin.
>>>>
>>>> At the left pane, Project->Network->Networks, only the ³public"
>>>>network
>>>>is
>>>> shown.
>>>>
>>>>
>>>> From the Projects pulldown, select demo.
>>>>
>>>> At the left pane, Project->Network->Networks, only the ³private"
>>>>network is
>>>> shown.
>>>>
>>>>
>>>> As a result, when I launch an instance with Horizon dashboard, I can
>>>>only
>>>> attach the public network (when project = admin)
>>>>
>>>> or the private network (when project = demo).
>>>>
>>>>
>>>> However, in CLI, as user admin, I can launch an instance with public
>>>>or
>>>> private network.
>>>>
>>>>
>>>> localadmin at qa4:~/devstack$ source openrc admin admin
>>>>
>>>> localadmin at qa4:~/devstack$ neutron net-list
>>>>
>>>>
>>>>+--------------------------------------+---------+---------------------
>>>>--
>>>>-----------------------------+
>>>>
>>>> | id | name | subnets
>>>> |
>>>>
>>>>
>>>>+--------------------------------------+---------+---------------------
>>>>--
>>>>-----------------------------+
>>>>
>>>> | 2d113f8c-d742-4f2f-8cf2-a8e56749d51d | public |
>>>> ab40f80e-aaf6-43ab-a1da-92f8ac7f7246 172.24.4.0/24 |
>>>>
>>>> | 94d1e13c-cebc-419d-af06-49e6b4f01304 | private |
>>>> 1265bbd4-e775-4d9b-a7d5-498848c09b37 10.0.0.0/24 |
>>>>
>>>>
>>>>+--------------------------------------+---------+---------------------
>>>>--
>>>>-----------------------------+
>>>>
>>>> localadmin at qa4:~/devstack$ nova boot --image cirros-0.3.2-x86_64-uec
>>>> --flavor 1 --nic net-id=2d113f8c-d742-4f2f-8cf2-a8e56749d51d vm1
>>>>
>>>>
>>>>+--------------------------------------+-------------------------------
>>>>--
>>>>-------------------------------+
>>>>
>>>> | Property | Value
>>>> |
>>>>
>>>>
>>>>+--------------------------------------+-------------------------------
>>>>--
>>>>-------------------------------+
>>>>
>>>> | OS-DCF:diskConfig | MANUAL
>>>> |
>>>>
>>>> | OS-EXT-AZ:availability_zone | nova
>>>> |
>>>>
>>>> | OS-EXT-SRV-ATTR:host | -
>>>> |
>>>>
>>>> | OS-EXT-SRV-ATTR:hypervisor_hostname | -
>>>> |
>>>>
>>>> | OS-EXT-SRV-ATTR:instance_name | instance-0000000a
>>>> |
>>>>
>>>> | OS-EXT-STS:power_state | 0
>>>> |
>>>>
>>>> | OS-EXT-STS:task_state | scheduling
>>>> |
>>>>
>>>> | OS-EXT-STS:vm_state | building
>>>> |
>>>>
>>>> | OS-SRV-USG:launched_at | -
>>>> |
>>>>
>>>> | OS-SRV-USG:terminated_at | -
>>>> |
>>>>
>>>> | accessIPv4 |
>>>> |
>>>>
>>>> | accessIPv6 |
>>>> |
>>>>
>>>> | adminPass | 3ZGJRjr6s3bk
>>>> |
>>>>
>>>> | config_drive |
>>>> |
>>>>
>>>> | created | 2014-10-05T23:03:36Z
>>>> |
>>>>
>>>> | flavor | m1.tiny (1)
>>>> |
>>>>
>>>> | hostId |
>>>> |
>>>>
>>>> | id |
>>>> c308e2a1-1763-4d05-84ed-8fcf5f02abab |
>>>>
>>>> | image | cirros-0.3.2-x86_64-uec
>>>> (ea46d1d4-6c10-4f91-96e3-9ccd9cb8d76b) |
>>>>
>>>> | key_name | -
>>>> |
>>>>
>>>> | metadata | {}
>>>> |
>>>>
>>>> | name | vm1
>>>> |
>>>>
>>>> | os-extended-volumes:volumes_attached | []
>>>> |
>>>>
>>>> | progress | 0
>>>> |
>>>>
>>>> | security_groups | default
>>>> |
>>>>
>>>> | status | BUILD
>>>> |
>>>>
>>>> | tenant_id |
>>>>55ec74628b004fedbef9b8cad130a442
>>>> |
>>>>
>>>> | updated | 2014-10-05T23:03:36Z
>>>> |
>>>>
>>>> | user_id |
>>>>8ad8cd428ac94cd1a888d4372a61cabc
>>>> |
>>>>
>>>>
>>>>+--------------------------------------+-------------------------------
>>>>--
>>>>-------------------------------+
>>>>
>>>> localadmin at qa4:~/devstack$ nova list
>>>>
>>>>
>>>>+--------------------------------------+------+--------+------------+--
>>>>--
>>>>---------+-------------------+
>>>>
>>>> | ID | Name | Status | Task State |
>>>>Power
>>>> State | Networks |
>>>>
>>>>
>>>>+--------------------------------------+------+--------+------------+--
>>>>--
>>>>---------+-------------------+
>>>>
>>>> | c308e2a1-1763-4d05-84ed-8fcf5f02abab | vm1 | ACTIVE | - |
>>>> Running | public=172.24.4.4 |
>>>>
>>>>
>>>>+--------------------------------------+------+--------+------------+--
>>>>--
>>>>---------+-------------------+
>>>>
>>>> localadmin at qa4:~/devstack$ nova boot --image cirros-0.3.2-x86_64-uec
>>>> --flavor 1 --nic net-id=94d1e13c-cebc-419d-af06-49e6b4f01304 vm2
>>>>
>>>>
>>>>+--------------------------------------+-------------------------------
>>>>--
>>>>-------------------------------+
>>>>
>>>> | Property | Value
>>>> |
>>>>
>>>>
>>>>+--------------------------------------+-------------------------------
>>>>--
>>>>-------------------------------+
>>>>
>>>> | OS-DCF:diskConfig | MANUAL
>>>> |
>>>>
>>>> | OS-EXT-AZ:availability_zone | nova
>>>> |
>>>>
>>>> | OS-EXT-SRV-ATTR:host | -
>>>> |
>>>>
>>>> | OS-EXT-SRV-ATTR:hypervisor_hostname | -
>>>> |
>>>>
>>>> | OS-EXT-SRV-ATTR:instance_name | instance-0000000b
>>>> |
>>>>
>>>> | OS-EXT-STS:power_state | 0
>>>> |
>>>>
>>>> | OS-EXT-STS:task_state | scheduling
>>>> |
>>>>
>>>> | OS-EXT-STS:vm_state | building
>>>> |
>>>>
>>>> | OS-SRV-USG:launched_at | -
>>>> |
>>>>
>>>> | OS-SRV-USG:terminated_at | -
>>>> |
>>>>
>>>> | accessIPv4 |
>>>> |
>>>>
>>>> | accessIPv6 |
>>>> |
>>>>
>>>> | adminPass | fLQ7xn8pgAhc
>>>> |
>>>>
>>>> | config_drive |
>>>> |
>>>>
>>>> | created | 2014-10-05T23:04:09Z
>>>> |
>>>>
>>>> | flavor | m1.tiny (1)
>>>> |
>>>>
>>>> | hostId |
>>>> |
>>>>
>>>> | id |
>>>> 536a509f-7941-466a-9508-ce26f599f10a |
>>>>
>>>> | image | cirros-0.3.2-x86_64-uec
>>>> (ea46d1d4-6c10-4f91-96e3-9ccd9cb8d76b) |
>>>>
>>>> | key_name | -
>>>> |
>>>>
>>>> | metadata | {}
>>>> |
>>>>
>>>> | name | vm2
>>>> |
>>>>
>>>> | os-extended-volumes:volumes_attached | []
>>>> |
>>>>
>>>> | progress | 0
>>>> |
>>>>
>>>> | security_groups | default
>>>> |
>>>>
>>>> | status | BUILD
>>>> |
>>>>
>>>> | tenant_id |
>>>>55ec74628b004fedbef9b8cad130a442
>>>> |
>>>>
>>>> | updated | 2014-10-05T23:04:09Z
>>>> |
>>>>
>>>> | user_id |
>>>>8ad8cd428ac94cd1a888d4372a61cabc
>>>> |
>>>>
>>>>
>>>>+--------------------------------------+-------------------------------
>>>>--
>>>>-------------------------------+
>>>>
>>>> localadmin at qa4:~/devstack$ nova list
>>>>
>>>>
>>>>+--------------------------------------+------+--------+------------+--
>>>>--
>>>>---------+-------------------+
>>>>
>>>> | ID | Name | Status | Task State |
>>>>Power
>>>> State | Networks |
>>>>
>>>>
>>>>+--------------------------------------+------+--------+------------+--
>>>>--
>>>>---------+-------------------+
>>>>
>>>> | c308e2a1-1763-4d05-84ed-8fcf5f02abab | vm1 | ACTIVE | - |
>>>> Running | public=172.24.4.4 |
>>>>
>>>> | 536a509f-7941-466a-9508-ce26f599f10a | vm2 | ACTIVE | - |
>>>> Running | private=10.0.0.9 |
>>>>
>>>>
>>>>+--------------------------------------+------+--------+------------+--
>>>>--
>>>>---------+<<<<<<<<<+
>>>>
>>>>
>>>> And as user demo, I can only attach the private network to an
>>>>instance.
>>>>
>>>>
>>>> localadmin at qa4:~/devstack$ source openrc demo demo
>>>>
>>>> localadmin at qa4:~/devstack$ neutron net-list
>>>>
>>>>
>>>>+--------------------------------------+---------+---------------------
>>>>--
>>>>---------------------------+
>>>>
>>>> | id | name | subnets
>>>> |
>>>>
>>>>
>>>>+--------------------------------------+---------+---------------------
>>>>--
>>>>---------------------------+
>>>>
>>>> | 2d113f8c-d742-4f2f-8cf2-a8e56749d51d | public |
>>>> ab40f80e-aaf6-43ab-a1da-92f8ac7f7246 |
>>>>
>>>> | 94d1e13c-cebc-419d-af06-49e6b4f01304 | private |
>>>> 1265bbd4-e775-4d9b-a7d5-498848c09b37 10.0.0.0/24 |
>>>>
>>>>
>>>>+--------------------------------------+---------+---------------------
>>>>--
>>>>---------------------------+
>>>>
>>>> localadmin at qa4:~/devstack$ nova boot --image cirros-0.3.2-x86_64-uec
>>>> --flavor 1 --nic net-id=94d1e13c-cebc-419d-af06-49e6b4f01304 cirros-1
>>>>
>>>>
>>>>+--------------------------------------+-------------------------------
>>>>--
>>>>-------------------------------+
>>>>
>>>> | Property | Value
>>>> |
>>>>
>>>>
>>>>+--------------------------------------+-------------------------------
>>>>--
>>>>-------------------------------+
>>>>
>>>> | OS-DCF:diskConfig | MANUAL
>>>> |
>>>>
>>>> | OS-EXT-AZ:availability_zone | nova
>>>> |
>>>>
>>>> | OS-EXT-STS:power_state | 0
>>>> |
>>>>
>>>> | OS-EXT-STS:task_state | scheduling
>>>> |
>>>>
>>>> | OS-EXT-STS:vm_state | building
>>>> |
>>>>
>>>> | OS-SRV-USG:launched_at | -
>>>> |
>>>>
>>>> | OS-SRV-USG:terminated_at | -
>>>> |
>>>>
>>>> | accessIPv4 |
>>>> |
>>>>
>>>> | accessIPv6 |
>>>> |
>>>>
>>>> | adminPass | gYHta22xTK9a
>>>> |
>>>>
>>>> | config_drive |
>>>> |
>>>>
>>>> | created | 2014-10-05T23:17:28Z
>>>> |
>>>>
>>>> | flavor | m1.tiny (1)
>>>> |
>>>>
>>>> | hostId |
>>>> |
>>>>
>>>> | id |
>>>> 791ad866-420d-4e32-baad-b34f0b6e50d1 |
>>>>
>>>> | image | cirros-0.3.2-x86_64-uec
>>>> (ea46d1d4-6c10-4f91-96e3-9ccd9cb8d76b) |
>>>>
>>>> | key_name | -
>>>> |
>>>>
>>>> | metadata | {}
>>>> |
>>>>
>>>> | name | cirros-1
>>>> |
>>>>
>>>> | os-extended-volumes:volumes_attached | []
>>>> |
>>>>
>>>> | progress | 0
>>>> |
>>>>
>>>> | security_groups | default
>>>> |
>>>>
>>>> | status | BUILD
>>>> |
>>>>
>>>> | tenant_id |
>>>>51dcdd7f6f6545bd8bb49aeb556dab48
>>>> |
>>>>
>>>> | updated | 2014-10-05T23:17:28Z
>>>> |
>>>>
>>>> | user_id |
>>>>57a3f7eefcff4a37b064938ebf7335da
>>>> |
>>>>
>>>>
>>>>+--------------------------------------+-------------------------------
>>>>--
>>>>-------------------------------+
>>>>
>>>> localadmin at qa4:~/devstack$ nova list
>>>>
>>>>
>>>>+--------------------------------------+----------+--------+-----------
>>>>-+
>>>>-------------+-------------------+
>>>>
>>>> | ID | Name | Status | Task
>>>>State
>>>>|
>>>> Power State | Networks |
>>>>
>>>>
>>>>+--------------------------------------+----------+--------+-----------
>>>>-+
>>>>-------------+-------------------+
>>>>
>>>> | 791ad866-420d-4e32-baad-b34f0b6e50d1 | cirros-1 | ACTIVE | -
>>>>|
>>>> Running | private=10.0.0.12 |
>>>>
>>>>
>>>>+--------------------------------------+----------+--------+-----------
>>>>-+
>>>>-------------+-------------------+
>>>>
>>>> localadmin at qa4:~/devstack$ nova boot --image cirros-0.3.2-x86_64-uec
>>>> --flavor 1 --nic net-id=2d113f8c-d742-4f2f-8cf2-a8e56749d51d cirros-2
>>>>
>>>>
>>>>+--------------------------------------+-------------------------------
>>>>--
>>>>-------------------------------+
>>>>
>>>> | Property | Value
>>>> |
>>>>
>>>>
>>>>+--------------------------------------+-------------------------------
>>>>--
>>>>-------------------------------+
>>>>
>>>> | OS-DCF:diskConfig | MANUAL
>>>> |
>>>>
>>>> | OS-EXT-AZ:availability_zone | nova
>>>> |
>>>>
>>>> | OS-EXT-STS:power_state | 0
>>>> |
>>>>
>>>> | OS-EXT-STS:task_state | scheduling
>>>> |
>>>>
>>>> | OS-EXT-STS:vm_state | building
>>>> |
>>>>
>>>> | OS-SRV-USG:launched_at | -
>>>> |
>>>>
>>>> | OS-SRV-USG:terminated_at | -
>>>> |
>>>>
>>>> | accessIPv4 |
>>>> |
>>>>
>>>> | accessIPv6 |
>>>> |
>>>>
>>>> | adminPass | aZRHa3ZgQAHP
>>>> |
>>>>
>>>> | config_drive |
>>>> |
>>>>
>>>> | created | 2014-10-05T23:18:13Z
>>>> |
>>>>
>>>> | flavor | m1.tiny (1)
>>>> |
>>>>
>>>> | hostId |
>>>> |
>>>>
>>>> | id |
>>>> 6ffd8081-8659-40b3-b7c2-dc6746855692 |
>>>>
>>>> | image | cirros-0.3.2-x86_64-uec
>>>> (ea46d1d4-6c10-4f91-96e3-9ccd9cb8d76b) |
>>>>
>>>> | key_name | -
>>>> |
>>>>
>>>> | metadata | {}
>>>> |
>>>>
>>>> | name | cirros-2
>>>> |
>>>>
>>>> | os-extended-volumes:volumes_attached | []
>>>> |
>>>>
>>>> | progress | 0
>>>> |
>>>>
>>>> | security_groups | default
>>>> |
>>>>
>>>> | status | BUILD
>>>> |
>>>>
>>>> | tenant_id |
>>>>51dcdd7f6f6545bd8bb49aeb556dab48
>>>> |
>>>>
>>>> | updated | 2014-10-05T23:18:13Z
>>>> |
>>>>
>>>> | user_id |
>>>>57a3f7eefcff4a37b064938ebf7335da
>>>> |
>>>>
>>>>
>>>>+--------------------------------------+-------------------------------
>>>>--
>>>>-------------------------------+
>>>>
>>>> localadmin at qa4:~/devstack$ nova list
>>>>
>>>>
>>>>+--------------------------------------+----------+--------+-----------
>>>>-+
>>>>-------------+-------------------+
>>>>
>>>> | ID | Name | Status | Task
>>>>State
>>>>|
>>>> Power State | Networks |
>>>>
>>>>
>>>>+--------------------------------------+----------+--------+-----------
>>>>-+
>>>>-------------+-------------------+
>>>>
>>>> | 791ad866-420d-4e32-baad-b34f0b6e50d1 | cirros-1 | ACTIVE | -
>>>>|
>>>> Running | private=10.0.0.12 |
>>>>
>>>> | 6ffd8081-8659-40b3-b7c2-dc6746855692 | cirros-2 | ERROR | -
>>>>|
>>>> NOSTATE | |
>>>>
>>>>
>>>>+--------------------------------------+----------+--------+-----------
>>>>-+
>>>>-------------+<<<<<<<<<+
>>>>
>>>>
>>>>
>>>> Is this the expected behavior?
>>>>
>>>>
>>>> Thanks,
>>>>
>>>> Danny
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Mailing list:
>>>>http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>>> Post to : openstack at lists.openstack.org
>>>> Unsubscribe :
>>>>http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>>>
>>>
>>>
>>>
>>>--
>>>Akihiro Motoki <amotoki at gmail.com>
>>
>
>
>
>--
>Akihiro Motoki <amotoki at gmail.com>
More information about the Openstack
mailing list