[Openstack] Multiple private nets and routing

Dmitry Makovey dmitry at athabascau.ca
Thu May 21 20:56:49 UTC 2015


Hi,

I am setting up replica of my real-world deployment in terms of networks
within single instance of OpenStack. For that I have to create 3
networks (1 for each tier): web, middleware, db.

I have created those networks successfully then I've added the routers
between respective networks, yet my web tier can't reach middleware and
middleware can't reach DB using those private nets.

I have created a separate "public" network to which all those nets can
be routed (so that I can access VMs directly). This one works just fine.

Most details provided in gist:

https://gist.github.com/droopy4096/0008581552e63710341b

To simplify: this time around I've used dashboard to create network
infrastructure. So procedure I've followed:

* created each network (front, mid, db, public) with according subnet.
* created routers "bridging" specific pairs of network, e.g.:
gb_front_mid_router is connecting front tier (web) and mid tier
(middleware).
* for each tier created secgroup with corresponding rules
* created VMs for each tier assigned to specific private network with
specific secgroups applied
* checked that default secgroup seems to be allowing everything in (see
gist)

pinging from systest-front to systest-mid (on 10.10/16 IPs) fails so
far. Same goes for pings from mid to db etc.

what am I missing? Why traffic from one private net can't reach another?
Anything needs to be added to configuration?

-- 
Dmitry Makovey
Web Systems Administrator
Athabasca University
(780) 675-6245
---
Confidence is what you have before you understand the problem
    Woody Allen

When in trouble when in doubt run in circles scream and shout
     http://www.wordwizard.com/phpbb3/viewtopic.php?f=16&t=19330

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 173 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20150521/2e18a2ed/attachment.sig>


More information about the Openstack mailing list