Hi all,
I'm having a few issues with my install here. My instances can't access
anything outside the cloud, and adding the correct rules to the security
group and assigning a public IP, the instance isn't accessible from the
outside world. I've had openstack running on this hardware before using
the Stackops Distro, but I've intalled Ubuntu 12.04 and Essex to test it
out as Stackops aren't on essex yet.
I've included the relevant (I think) info below. I'm not sure where/what
to check next, I'm not so good with network debugging unfortunately.
Could someone help, advise, or just generally point me in the right
direction?
Thanks!
/Kieran
I have it set to use FlatDHCP:
# network specific settings
--network_manager=nova.network.manager.FlatDHCPManager
--public_interface=bond0
--flat_interface=eth2
--flat_network_bridge=br100
--fixed_range=10.0.0.0/8
--floating_range=131.251.172.0/24
--network_size=256
--flat_network_dhcp_start=10.0.0.2
--flat_injected=False
--force_dhcp_release
--iscsi_helper=tgtadm
--connection_type=libvirt
--root_helper=sudo nova-rootwrap
--verbose
bond0 is a bonded interface on a public network. I can access the
Internet through that interface. eth2 is on a network connected to the
other hosts, each of which has eth2 connected to this network.
brctl shows eth2 is part of br100.
nova-network:
brctl show
bridge name bridge id STP enabled interfaces
br100 8000.001b21cda0d1 no eth2
nova-compute-1 (with the instance on it):
brctl show
bridge name bridge id STP enabled interfaces
br100 8000.001b21add0a1 no eth2
vnet0
virbr0 8000.000000000000 yes
I checked through this (
http://docs.openstack.org/trunk/openstack-compute/admin/content/associating-public-ip.html)
and everything looks correct (I think).
nova secgroup-list-rules default
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| icmp | -1 | -1 | 0.0.0.0/0 | |
| tcp | 22 | 22 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
The instance IP is 10.0.0.2, so (public IPs hidded):
sudo iptables -L -nv -t nat | grep 10.0.0.2
0 0 DNAT all -- * * 0.0.0.0/0
x.y.172.22 to:10.0.0.2
20 1656 DNAT all -- * * 0.0.0.0/0
x.y.172.22 to:10.0.0.2
0 0 SNAT all -- * * 10.0.0.2
0.0.0.0/0 to:x.y.172.22
from ip add:
....
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master
br100 state UP qlen 1000
link/ether 00:1b:21:cd:a0:d1 brd ff:ff:ff:ff:ff:ff
inet6 fe80::21b:21ff:fecd:a0d1/64 scope link
valid_lft forever preferred_lft forever
....
....
16: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc
noqueue state UP
link/ether 00:1b:21:6d:ef:00 brd ff:ff:ff:ff:ff:ff
inet x.y.172.2/24 brd 131.251.172.255 scope global bond0
inet x.y.172.22/32 scope global bond0
inet6 fe80::21b:21ff:fe6d:ef00/64 scope link
valid_lft forever preferred_lft forever
17: br100: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
state UP
link/ether 00:1b:21:cd:a0:d1 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.1/24 brd 10.0.0.255 scope global br100
inet6 fe80::1c2b:8bff:fe38:2003/64 scope link
valid_lft forever preferred_lft forever
_______________________________________________
Mailing list: https://launchpad.net/~openstack
Post to : openstack@lists.launchpad.net
Unsubscribe : https://launchpad.net/~openstack
More help : https://help.launchpad.net/ListHelp
