[Openstack] Trouble connecting to a new VM
Tyler Couto
tcouto at certain.com
Wed Nov 18 15:50:10 UTC 2015
Thanks Andreas, that's a great vnc tip. I'll try that today.
Tyler
Sent from my android device.
-----Original Message-----
From: Andreas Scheuring <scheuran at linux.vnet.ibm.com>
To: Tyler Couto <tcouto at certain.com>
Cc: "openstack at lists.openstack.org" <openstack at lists.openstack.org>
Sent: Wed, 18 Nov 2015 1:10 AM
Subject: Re: [Openstack] Trouble connecting to a new VM
Tyler,
to access your vnc console you can try the following:
- Login to your compute node
- run "virsh list --all"
- run "virsh dumpxml <vm-name>"
- check the devic section about vnc. You should find something like this
<graphics type='vnc' port='5900' autoport='yes' listen='0.0.0.0'>
<listen type='address' address='0.0.0.0'/>
</graphics>
Ensure that the listen address is either 0.0.0.0 or something that is
reachable from your controller node. Remember the port.
Now you can open the console using any vncviewer from the compute node
with
> vncviewer localhost:5900
Or from your some other node
vncviewer <compute-node-ip>:5900
If the listen address is something else, make check your nova.conf<http://nova.conf>
regarding vnc settings
If the whole section does not show up, check that you have vnc enabled
in your nova.conf<http://nova.conf>
Regarding your ovs setup. Something seems to be wrong, as both of your
routers interfaces go into br-int
- qrxxxx
- qqxxx
qqxxx is the external leg of the router and should sit on br-ex. Please
check your l3 configuration file.
If you need some help, please provide the l3 configuration file and the
ip configuration of your controller node. In addition the neutron
network details (neutron net-list & neutron net-show xxx) would be
helpful.
--
Andreas
(IRC: scheuran)
On Di, 2015-11-17 at 09:31 -0800, Tyler Couto wrote:
> Thanks Andreas. My security groups do allow icmp traffic.
> +---------+----------------------------------------------------------------
> ------+
> | name | security_group_rules
> |
> +---------+----------------------------------------------------------------
> ------+
> | default | egress, IPv4
> |
> | | egress, IPv6
> |
> | | ingress, IPv4, 22/tcp, remote_ip_prefix: 0.0.0.0/0
> |
> | | ingress, IPv4, icmp, remote_ip_prefix: 0.0.0.0/0
> |
> | | ingress, IPv4, remote_group_id:
> d404679b-aeed-4d2f-bea9-2c7d19ff3fb1 |
> | | ingress, IPv6, remote_group_id:
> d404679b-aeed-4d2f-bea9-2c7d19ff3fb1 |
> +---------+‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹+
>
> I can¹t access my VM¹s console, so I do not know whether I can ping from
> my VM. I figured this might be a related issue. I receive this error on
> when trying to access the noVNC console:
> Failed to connect to server (code: 1006)
>
>
> This is a two node setup. I have one controller/neutron-network node.
> Here¹s the output of 'ovs-vsctl show¹:
>
> Bridge br-tun
> fail_mode: secure
> Port "gre-ac10183d"
> Interface "gre-ac10183d"
> type: gre
> options: {df_default="true", in_key=flow, local_ip="172.16.24.60<http://172.16.24.60>",
> out_key=flow, remote_ip="172.16.24.61<http://172.16.24.61>"}
> Port gre-mirror
> Interface gre-mirror
> Port br-tun
> Interface br-tun
> type: internal
> Port patch-int
> Interface patch-int
> type: patch
> options: {peer=patch-tun}
> Bridge br-ex
> Port "enp4s0f0"
> Interface "enp4s0f0"
> Port phy-br-ex
> Interface phy-br-ex
> type: patch
> options: {peer=int-br-ex}
> Port br-ex
> Interface br-ex
> type: internal
> Port "enp4s0f1"
> Interface "enp4s0f1"
> Bridge br-int
> fail_mode: secure
> Port "qr-a81f0614-0e"
> tag: 2
> Interface "qr-a81f0614-0e"
> type: internal
> Port "qg-289ea4d2-29"
> tag: 5
> Interface "qg-289ea4d2-29"
> type: internal
> Port br-int
> Interface br-int
> type: internal
> Port patch-tun
> Interface patch-tun
> type: patch
> options: {peer=patch-int}
> Port int-br-ex
> Interface int-br-ex
> type: patch
> options: {peer=phy-br-ex}
> Port "tap468d3ee4-c0"
> tag: 4095
> Interface "tap468d3ee4-c0"
> type: internal
> ovs_version: "2.3.1"
>
>
> I have on compute node. Here¹s the output of 'ovs-vsctl show':
>
> Bridge br-int
> fail_mode: secure
> Port "qvoc6d01e4b-1d"
> tag: 1
> Interface "qvoc6d01e4b-1d"
> Port br-int
> Interface br-int
> type: internal
> Port patch-tun
> Interface patch-tun
> type: patch
> options: {peer=patch-int}
> Bridge br-tun
> fail_mode: secure
> Port br-tun
> Interface br-tun
> type: internal
> Port patch-int
> Interface patch-int
> type: patch
> options: {peer=patch-tun}
> Port "gre-ac10183c"
> Interface "gre-ac10183c"
> type: gre
> options: {df_default="true", in_key=flow, local_ip="172.16.24.61<http://172.16.24.61>",
> out_key=flow, remote_ip="172.16.24.60<http://172.16.24.60>"}
> Port gre-mirror
> Interface gre-mirror
> Port "tap0"
> Interface "tap0"
> ovs_version: "2.3.1"
>
>
> I also have a laptop on the same network as the openstack machines. I can
> successfully ping the interface of the neutron router from my laptop.
>
> As far as the physical interfaces, I am only using one physical interface
> on each openstack machine. I know this is not the recommended setup, but
> since this is only a POC, I wanted to keep it simple.
>
> -Tyler
>
>
>
> On 11/17/15, 12:48 AM, "Andreas Scheuring" <scheuran at linux.vnet.ibm.com<mailto:scheuran at linux.vnet.ibm.com>>
> wrote:
>
> >ease check your Security Groups first.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20151118/e83b1579/attachment.html>
More information about the Openstack
mailing list