Hi Akihiro, On 10/6/14, 9:56 AM, "Akihiro Motoki" <[email protected]> wrote:
>Hi, > >On Mon, Oct 6, 2014 at 10:41 PM, Danny Choi (dannchoi) ><[email protected]> wrote: >> Hi Akihiro, >> >> Thank you for the detailed explanation. >> >> More questions: >> >> 1. The ³public² network is a floating IP pool (router:external=True). >> Does it make sense to attach the ³public² network, i.e. a floating IP >> to the VM during launch? > >Allocating a floating IP from the pool and connecting a VM directly to >the "public" network are different things. >Floating IP works as DNAT to private IP. >At now Neutron does not support auto association of floating IP which >is supported in nova-network. So is it OK to connect a VM directly to the “public” network which in this case is a floating IP pool? > >> I thought user usually attach a ³private" network first and then >> *associates* a floating IP to it. > >Your understaing is correct. > >> 2. In CLI as user admin, I can attach the "private² network to a VM. >> >> localadmin@qa4:~/devstack$ nova list >> >>+--------------------------------------+------+--------+------------+---- >>-- >> -------+-------------------+ >> | ID | Name | Status | Task State | >> Power State | Networks | >> >>+--------------------------------------+------+--------+------------+---- >>-- >> -------+-------------------+ >> | c308e2a1-1763-4d05-84ed-8fcf5f02abab | vm1 | ACTIVE | - | >> Running | public=172.24.4.4 | >> | 536a509f-7941-466a-9508-ce26f599f10a | vm2 | ACTIVE | - | >> Running | private=10.0.0.9 | <<<<< >> | c4a46ad6-466e-4b7f-be18-98659eb688ba | vm3 | ACTIVE | - | >> Running | private=10.0.0.11 | <<<<< >> >>+--------------------------------------+------+--------+------------+---- >>-- >> -------+-------------------+ >> >> However, I cannot ping the private IP addresses from the context of the >> qrouter. Why? > >Does your security group allow a ping from router IP address? >Rules of "default" security group does not allow PING from qrouter by >default. > >I would like to know the output of "neutron security-group-list" >and "neutron security-group-rule-list". localadmin@qa4:~/devstack$ neutron security-group-list +--------------------------------------+---------+-------------+ | id | name | description | +--------------------------------------+---------+-------------+ | 9c8d1321-5c94-4fdd-9ae3-07be0aef8d6e | default | default | | bef46da4-1059-44ee-bd2f-d3ce0bc55588 | default | default | | ce261138-3d08-4db9-b432-24fcbc8f914f | default | default | +--------------------------------------+---------+-------------+ localadmin@qa4:~/devstack$ neutron security-group-rule-list +--------------------------------------+----------------+-----------+------ ----+------------------+--------------+ | id | security_group | direction | protocol | remote_ip_prefix | remote_group | +--------------------------------------+----------------+-----------+------ ----+------------------+--------------+ | 0d18ae06-251c-4426-b37e-03f23fd2cb25 | default | ingress | | | default | | 27416209-aa65-48b8-a31f-60d9cf00bac4 | default | ingress | icmp | 0.0.0.0/0 | | | 3b1ecfec-5fe8-4395-968c-a23c2c6ada2a | default | egress | | | | | 3dfe4aef-4c3e-4966-839e-cd541bf5d414 | default | egress | | | | | 41bf8330-7e44-4106-9461-30211501b6f2 | default | ingress | | | default | | aa611eb3-18b9-43e1-ab78-d9db7b708316 | default | ingress | | | default | | cce02ef2-8335-43d4-aa8d-11caeba29f2b | default | ingress | | | default | | d240faa3-d78a-4bd0-b67f-7bcdcb7d9897 | default | ingress | tcp | 0.0.0.0/0 | | | e03ba40d-4e35-4544-878d-1baa2a99928a | default | egress | | | | | ea0f08a1-0c5f-4716-9431-bbf3c3db7188 | default | ingress | | | default | | edb27717-8295-455f-a616-bcf8ddefc153 | default | egress | | | | | f6e39e24-c4a6-4743-8f7a-4cb1ad68e523 | default | egress | | | | | facf07e0-32be-4f28-a102-af27930998a2 | default | ingress | | | default | | fc75f56d-d1c8-4e26-947f-57738f8d4659 | default | egress | | | | +--------------------------------------+----------------+-----------+------ ----+------------------+--------------+ Thanks, Danny > >Thanks, >Akihiro > > >> >> localadmin@qa4:~/devstack$ ip netns >> qdhcp-94d1e13c-cebc-419d-af06-49e6b4f01304 >> qrouter-7b422c9d-c5f9-4bb5-b1b3-159954c72323 >> localadmin@qa4:~/devstack$ sudo ip netns exec >> qrouter-7b422c9d-c5f9-4bb5-b1b3-159954c72323 ip addr list >> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN >>group >> default >> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 >> inet 127.0.0.1/8 scope host lo >> valid_lft forever preferred_lft forever >> inet6 ::1/128 scope host >> valid_lft forever preferred_lft forever >> 13: qr-5607b404-68: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state >> UNKNOWN group default >> link/ether fa:16:3e:2f:65:af brd ff:ff:ff:ff:ff:ff >> inet 10.0.0.1/24 brd 10.0.0.255 scope global qr-5607b404-68 >> valid_lft forever preferred_lft forever >> inet6 fe80::f816:3eff:fe2f:65af/64 scope link >> valid_lft forever preferred_lft forever >> 14: qg-b19af547-df: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state >> UNKNOWN group default >> link/ether fa:16:3e:67:b1:f9 brd ff:ff:ff:ff:ff:ff >> inet 172.24.4.2/24 brd 172.24.4.255 scope global qg-b19af547-df >> valid_lft forever preferred_lft forever >> inet6 fe80::f816:3eff:fe67:b1f9/64 scope link >> valid_lft forever preferred_lft forever >> localadmin@qa4:~/devstack$ sudo ip netns exec >> qrouter-7b422c9d-c5f9-4bb5-b1b3-159954c72323 ping 10.0.0.1 >> PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data. >> 64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=0.082 ms >> 64 bytes from 10.0.0.1: icmp_seq=2 ttl=64 time=0.031 ms >> 64 bytes from 10.0.0.1: icmp_seq=3 ttl=64 time=0.060 ms >> ^C >> --- 10.0.0.1 ping statistics --- >> 3 packets transmitted, 3 received, 0% packet loss, time 1998ms >> rtt min/avg/max/mdev = 0.031/0.057/0.082/0.022 ms >> localadmin@qa4:~/devstack$ sudo ip netns exec >> qrouter-7b422c9d-c5f9-4bb5-b1b3-159954c72323 ping 10.0.0.9 >> PING 10.0.0.9 (10.0.0.9) 56(84) bytes of data. >> From 10.0.0.1 icmp_seq=1 Destination Host Unreachable <<<<< >> From 10.0.0.1 icmp_seq=2 Destination Host Unreachable >> From 10.0.0.1 icmp_seq=3 Destination Host Unreachable >> ^C >> --- 10.0.0.9 ping statistics --- >> 5 packets transmitted, 0 received, +3 errors, 100% packet loss, time >>3999ms >> pipe 4 >> localadmin@qa4:~/devstack$ sudo ip netns exec >> qrouter-7b422c9d-c5f9-4bb5-b1b3-159954c72323 ping 10.0.0.11 >> PING 10.0.0.11 (10.0.0.11) 56(84) bytes of data. >> From 10.0.0.1 icmp_seq=1 Destination Host Unreachable <<<<< >> From 10.0.0.1 icmp_seq=2 Destination Host Unreachable >> From 10.0.0.1 icmp_seq=3 Destination Host Unreachable >> ^C >> --- 10.0.0.11 ping statistics --- >> 5 packets transmitted, 0 received, +3 errors, 100% packet loss, time >>4024ms >> >> >> Thanks, >> Danny >> >> >> On 10/6/14, 1:09 AM, "Akihiro Motoki" <[email protected]> wrote: >> >>>It is the expected behavior as its original design. >>> >>> >>>In Neutron API, if a user has admin role, the user can see all >>>resources from all tenants. >>>CLI just sends a request to Neutron API, so the result of net-list >>>with admin role lists both networks. >>>In addition, a network with router:external=True (in this case >>>"public" network) is visible to >>>non-admin users so that regular users can know floating IP pools. >>>(a network with router:external=True is a floating IP pool.) >>> >>>In Horizon, the network list in Project panel only lists networks from >>>the current project. >>>It is the intended behaviors. The admin network panel is used to lists >>>all networks from all projects. >>>Regarding "public" network, it is not listed in the project network >>>panel because "public" network >>>is a floating IP pool and there is no need to be listed in the network >>>panel. It is used in Floating IP >>>Allocation form. >>> >>> >>>Regarding VM launching, it is the intended behavior too. >>> >>>In CLI case, Neutron API allows admin users to create a port on any >>>networks >>>even if a network belongs to other projects. This is the reason >>>"admin" user with "admin" tenant >>>can launch an instance connected to "private" network of "demo" project. >>> >>>In Horizon, Horizon honors the typical use case to avoid complicated use >>>cases. >>>Horizon developers think it is a special use where admin user launch >>>an instance connected to other projects. >>>This is the reason an admin user cannot launch an instance connected >>>to "private" network from "demo" project. >>>If there is such special needs, it can be done through CLI. >>> >>>I hope it helps you understand the behavior. >>> >>>Thanks, >>>Akihiro >>> >>> >>> >>>On Mon, Oct 6, 2014 at 8:29 AM, Danny Choi (dannchoi) >>><[email protected]> wrote: >>>> Hi, >>>> >>>> I used devstack to deploy Juno OpenStack. >>>> >>>> By default, devstack created 2 users: admin (with role ³admin²) and >>>>demo. >>>> >>>> localadmin@qa4:~/devstack$ source openrc admin admin >>>> >>>> localadmin@qa4:~/devstack$ keystone user-list >>>> >>>> >>>>+----------------------------------+----------+---------+-------------- >>>>-- >>>>------+ >>>> >>>> | id | name | enabled | email >>>> | >>>> >>>> >>>>+----------------------------------+----------+---------+-------------- >>>>-- >>>>------+ >>>> >>>> | 8ad8cd428ac94cd1a888d4372a61cabc | admin | True | >>>> | <<< >>>> >>>> | e057de661e644f709899b169dd716037 | alt_demo | True | >>>> [email protected] | >>>> >>>> | d55afe55b4de4815bc3e832b2684abd8 | cinder | True | >>>> | >>>> >>>> | 57a3f7eefcff4a37b064938ebf7335da | demo | True | >>>>[email protected] >>>> | <<< >>>> >>>> | e40971caaf8040d2bc91ec62ad846377 | glance | True | >>>> | >>>> >>>> | b6920c6626144595807f40ac36a453e4 | heat | True | >>>> | >>>> >>>> | 71af3e61cb63442ea6a91fcd221487dd | neutron | True | >>>> | >>>> >>>> | 259fb79c8bfa4c0f9d5df37c45868ce8 | nova | True | >>>> | >>>> >>>> >>>>+----------------------------------+----------+---------+-------------- >>>>-- >>>>------+ >>>> >>>> localadmin@qa4:~/devstack$ keystone tenant-list >>>> >>>> +----------------------------------+--------------------+---------+ >>>> >>>> | id | name | enabled | >>>> >>>> +----------------------------------+--------------------+---------+ >>>> >>>> | 55ec74628b004fedbef9b8cad130a442 | admin | True | >>>><<< >>>> >>>> | 2e6b7da08b9643cc95518c8efc7f71c3 | alt_demo | True | >>>> >>>> | 51dcdd7f6f6545bd8bb49aeb556dab48 | demo | True | >>>><<< >>>> >>>> | e9f10b3e51fd4ff68150ec82eeeac3e4 | invisible_to_admin | True | >>>> >>>> | 4264b64d7697419886ebf2ef141069a5 | service | True | >>>> >>>> +----------------------------------+--------------------+---------+ >>>> >>>> localadmin@qa4:~/devstack$ keystone user-get admin >>>> >>>> +----------+----------------------------------+ >>>> >>>> | Property | Value | >>>> >>>> +----------+----------------------------------+ >>>> >>>> | email | | >>>> >>>> | enabled | True | >>>> >>>> | id | 8ad8cd428ac94cd1a888d4372a61cabc | >>>> >>>> | name | admin | >>>> >>>> | tenantId | 55ec74628b004fedbef9b8cad130a442 | <<< tenant=admin >>>> >>>> | username | admin | >>>> >>>> +----------+----------------------------------+ >>>> >>>> localadmin@qa4:~/devstack$ keystone user-get demo >>>> >>>> +----------+----------------------------------+ >>>> >>>> | Property | Value | >>>> >>>> +----------+----------------------------------+ >>>> >>>> | email | [email protected] | >>>> >>>> | enabled | True | >>>> >>>> | id | 57a3f7eefcff4a37b064938ebf7335da | >>>> >>>> | name | demo | >>>> >>>> | tenantId | 51dcdd7f6f6545bd8bb49aeb556dab48 | <<< tenant=demo >>>> >>>> | username | demo | >>>> >>>> +----------+----------------------------------+ >>>> >>>> localadmin@qa4:~/devstack$ keystone user-role-list --user admin >>>>--tenant >>>> admin >>>> >>>> >>>>+----------------------------------+------------------+---------------- >>>>-- >>>>----------------+----------------------------------+ >>>> >>>> | id | name | >>>>user_id >>>> | tenant_id | >>>> >>>> >>>>+----------------------------------+------------------+---------------- >>>>-- >>>>----------------+----------------------------------+ >>>> >>>> | 9fe2ff9ee4384b1894a90878d3e92bab | _member_ | >>>> 8ad8cd428ac94cd1a888d4372a61cabc | 55ec74628b004fedbef9b8cad130a442 | >>>> >>>> | 1f4f0d145e71452d9e633c63baae3696 | admin | >>>> 8ad8cd428ac94cd1a888d4372a61cabc | 55ec74628b004fedbef9b8cad130a442 | >>>> >>>> | 98b3a4cad94949319d99acde115f682b | heat_stack_owner | >>>> 8ad8cd428ac94cd1a888d4372a61cabc | 55ec74628b004fedbef9b8cad130a442 | >>>> >>>> >>>>+----------------------------------+------------------+---------------- >>>>-- >>>>----------------+----------------------------------+ >>>> >>>> localadmin@qa4:~/devstack$ keystone user-role-list --user demo >>>>--tenant >>>>demo >>>> >>>> >>>>+----------------------------------+------------------+---------------- >>>>-- >>>>----------------+----------------------------------+ >>>> >>>> | id | name | >>>>user_id >>>> | tenant_id | >>>> >>>> >>>>+----------------------------------+------------------+---------------- >>>>-- >>>>----------------+----------------------------------+ >>>> >>>> | b3831a6a7eac4b8996ba428345cb9067 | Member | >>>> 57a3f7eefcff4a37b064938ebf7335da | 51dcdd7f6f6545bd8bb49aeb556dab48 | >>>> >>>> | 9fe2ff9ee4384b1894a90878d3e92bab | _member_ | >>>> 57a3f7eefcff4a37b064938ebf7335da | 51dcdd7f6f6545bd8bb49aeb556dab48 | >>>> >>>> | 750c89eea84f4e53852033331c835617 | anotherrole | >>>> 57a3f7eefcff4a37b064938ebf7335da | 51dcdd7f6f6545bd8bb49aeb556dab48 | >>>> >>>> | 98b3a4cad94949319d99acde115f682b | heat_stack_owner | >>>> 57a3f7eefcff4a37b064938ebf7335da | 51dcdd7f6f6545bd8bb49aeb556dab48 | >>>> >>>> >>>>+----------------------------------+------------------+---------------- >>>>-- >>>>----------------+----------------------------------+ >>>> >>>> >>>> There are 2 networks created, public (tenant = admin) and private >>>>(tenant = >>>> demo); and both networks are not shared. >>>> >>>> localadmin@qa4:~/devstack$ neutron net-list >>>> >>>> >>>>+--------------------------------------+---------+--------------------- >>>>-- >>>>-----------------------------+ >>>> >>>> | id | name | subnets >>>> | >>>> >>>> >>>>+--------------------------------------+---------+--------------------- >>>>-- >>>>-----------------------------+ >>>> >>>> | 2d113f8c-d742-4f2f-8cf2-a8e56749d51d | public | >>>> ab40f80e-aaf6-43ab-a1da-92f8ac7f7246 172.24.4.0/24 | >>>> >>>> | 94d1e13c-cebc-419d-af06-49e6b4f01304 | private | >>>> 1265bbd4-e775-4d9b-a7d5-498848c09b37 10.0.0.0/24 | >>>> >>>> >>>>+--------------------------------------+---------+--------------------- >>>>-- >>>>-----------------------------+ >>>> >>>> localadmin@qa4:~/devstack$ neutron net-show public >>>> >>>> +---------------------------+--------------------------------------+ >>>> >>>> | Field | Value | >>>> >>>> +---------------------------+--------------------------------------+ >>>> >>>> | admin_state_up | True | >>>> >>>> | id | 2d113f8c-d742-4f2f-8cf2-a8e56749d51d | >>>> >>>> | name | public | >>>> >>>> | provider:network_type | vlan | >>>> >>>> | provider:physical_network | p1p1 | >>>> >>>> | provider:segmentation_id | 301 | >>>> >>>> | router:external | True | >>>> >>>> | shared | False | >>>> >>>> | status | ACTIVE | >>>> >>>> | subnets | ab40f80e-aaf6-43ab-a1da-92f8ac7f7246 | >>>> >>>> | tenant_id | 55ec74628b004fedbef9b8cad130a442 | >>>><<< >>>> tenant=admin >>>> >>>> +---------------------------+--------------------------------------+ >>>> >>>> localadmin@qa4:~/devstack$ neutron net-show private >>>> >>>> +---------------------------+--------------------------------------+ >>>> >>>> | Field | Value | >>>> >>>> +---------------------------+--------------------------------------+ >>>> >>>> | admin_state_up | True | >>>> >>>> | id | 94d1e13c-cebc-419d-af06-49e6b4f01304 | >>>> >>>> | name | private | >>>> >>>> | provider:network_type | vlan | >>>> >>>> | provider:physical_network | p1p1 | >>>> >>>> | provider:segmentation_id | 300 | >>>> >>>> | router:external | False | >>>> >>>> | shared | False | >>>> >>>> | status | ACTIVE | >>>> >>>> | subnets | 1265bbd4-e775-4d9b-a7d5-498848c09b37 | >>>> >>>> | tenant_id | 51dcdd7f6f6545bd8bb49aeb556dab48 | >>>><<< >>>> tenant=demo >>>> >>>> +---------------------------+--------------------------------------+ >>>> >>>> >>>> In CLI, both networks are visible for both users admin and demo. >>>> >>>> localadmin@qa4:~/devstack$ source openrc admin admin >>>> >>>> localadmin@qa4:~/devstack$ neutron net-list >>>> >>>> >>>>+--------------------------------------+---------+--------------------- >>>>-- >>>>-----------------------------+ >>>> >>>> | id | name | subnets >>>> | >>>> >>>> >>>>+--------------------------------------+---------+--------------------- >>>>-- >>>>-----------------------------+ >>>> >>>> | 2d113f8c-d742-4f2f-8cf2-a8e56749d51d | public | >>>> ab40f80e-aaf6-43ab-a1da-92f8ac7f7246 172.24.4.0/24 | >>>> >>>> | 94d1e13c-cebc-419d-af06-49e6b4f01304 | private | >>>> 1265bbd4-e775-4d9b-a7d5-498848c09b37 10.0.0.0/24 | >>>> >>>> >>>>+--------------------------------------+---------+--------------------- >>>>-- >>>>-----------------------------+ >>>> >>>> localadmin@qa4:~/devstack$ >>>> >>>> localadmin@qa4:~/devstack$ >>>> >>>> localadmin@qa4:~/devstack$ source openrc demo demo >>>> >>>> localadmin@qa4:~/devstack$ neutron net-list >>>> >>>> >>>>+--------------------------------------+---------+--------------------- >>>>-- >>>>---------------------------+ >>>> >>>> | id | name | subnets >>>> | >>>> >>>> >>>>+--------------------------------------+---------+--------------------- >>>>-- >>>>---------------------------+ >>>> >>>> | 2d113f8c-d742-4f2f-8cf2-a8e56749d51d | public | >>>> ab40f80e-aaf6-43ab-a1da-92f8ac7f7246 | >>>> >>>> | 94d1e13c-cebc-419d-af06-49e6b4f01304 | private | >>>> 1265bbd4-e775-4d9b-a7d5-498848c09b37 10.0.0.0/24 | >>>> >>>> >>>>+--------------------------------------+---------+--------------------- >>>>-- >>>>---------------------------+ >>>> >>>> >>>> >>>> In Horizon dashboard, I logged in as user admin. >>>> >>>> >>>> From the Projects pulldown, select admin. >>>> >>>> At the left pane, Project->Network->Networks, only the ³public" >>>>network >>>>is >>>> shown. >>>> >>>> >>>> From the Projects pulldown, select demo. >>>> >>>> At the left pane, Project->Network->Networks, only the ³private" >>>>network is >>>> shown. >>>> >>>> >>>> As a result, when I launch an instance with Horizon dashboard, I can >>>>only >>>> attach the public network (when project = admin) >>>> >>>> or the private network (when project = demo). >>>> >>>> >>>> However, in CLI, as user admin, I can launch an instance with public >>>>or >>>> private network. >>>> >>>> >>>> localadmin@qa4:~/devstack$ source openrc admin admin >>>> >>>> localadmin@qa4:~/devstack$ neutron net-list >>>> >>>> >>>>+--------------------------------------+---------+--------------------- >>>>-- >>>>-----------------------------+ >>>> >>>> | id | name | subnets >>>> | >>>> >>>> >>>>+--------------------------------------+---------+--------------------- >>>>-- >>>>-----------------------------+ >>>> >>>> | 2d113f8c-d742-4f2f-8cf2-a8e56749d51d | public | >>>> ab40f80e-aaf6-43ab-a1da-92f8ac7f7246 172.24.4.0/24 | >>>> >>>> | 94d1e13c-cebc-419d-af06-49e6b4f01304 | private | >>>> 1265bbd4-e775-4d9b-a7d5-498848c09b37 10.0.0.0/24 | >>>> >>>> >>>>+--------------------------------------+---------+--------------------- >>>>-- >>>>-----------------------------+ >>>> >>>> localadmin@qa4:~/devstack$ nova boot --image cirros-0.3.2-x86_64-uec >>>> --flavor 1 --nic net-id=2d113f8c-d742-4f2f-8cf2-a8e56749d51d vm1 >>>> >>>> >>>>+--------------------------------------+------------------------------- >>>>-- >>>>-------------------------------+ >>>> >>>> | Property | Value >>>> | >>>> >>>> >>>>+--------------------------------------+------------------------------- >>>>-- >>>>-------------------------------+ >>>> >>>> | OS-DCF:diskConfig | MANUAL >>>> | >>>> >>>> | OS-EXT-AZ:availability_zone | nova >>>> | >>>> >>>> | OS-EXT-SRV-ATTR:host | - >>>> | >>>> >>>> | OS-EXT-SRV-ATTR:hypervisor_hostname | - >>>> | >>>> >>>> | OS-EXT-SRV-ATTR:instance_name | instance-0000000a >>>> | >>>> >>>> | OS-EXT-STS:power_state | 0 >>>> | >>>> >>>> | OS-EXT-STS:task_state | scheduling >>>> | >>>> >>>> | OS-EXT-STS:vm_state | building >>>> | >>>> >>>> | OS-SRV-USG:launched_at | - >>>> | >>>> >>>> | OS-SRV-USG:terminated_at | - >>>> | >>>> >>>> | accessIPv4 | >>>> | >>>> >>>> | accessIPv6 | >>>> | >>>> >>>> | adminPass | 3ZGJRjr6s3bk >>>> | >>>> >>>> | config_drive | >>>> | >>>> >>>> | created | 2014-10-05T23:03:36Z >>>> | >>>> >>>> | flavor | m1.tiny (1) >>>> | >>>> >>>> | hostId | >>>> | >>>> >>>> | id | >>>> c308e2a1-1763-4d05-84ed-8fcf5f02abab | >>>> >>>> | image | cirros-0.3.2-x86_64-uec >>>> (ea46d1d4-6c10-4f91-96e3-9ccd9cb8d76b) | >>>> >>>> | key_name | - >>>> | >>>> >>>> | metadata | {} >>>> | >>>> >>>> | name | vm1 >>>> | >>>> >>>> | os-extended-volumes:volumes_attached | [] >>>> | >>>> >>>> | progress | 0 >>>> | >>>> >>>> | security_groups | default >>>> | >>>> >>>> | status | BUILD >>>> | >>>> >>>> | tenant_id | >>>>55ec74628b004fedbef9b8cad130a442 >>>> | >>>> >>>> | updated | 2014-10-05T23:03:36Z >>>> | >>>> >>>> | user_id | >>>>8ad8cd428ac94cd1a888d4372a61cabc >>>> | >>>> >>>> >>>>+--------------------------------------+------------------------------- >>>>-- >>>>-------------------------------+ >>>> >>>> localadmin@qa4:~/devstack$ nova list >>>> >>>> >>>>+--------------------------------------+------+--------+------------+-- >>>>-- >>>>---------+-------------------+ >>>> >>>> | ID | Name | Status | Task State | >>>>Power >>>> State | Networks | >>>> >>>> >>>>+--------------------------------------+------+--------+------------+-- >>>>-- >>>>---------+-------------------+ >>>> >>>> | c308e2a1-1763-4d05-84ed-8fcf5f02abab | vm1 | ACTIVE | - | >>>> Running | public=172.24.4.4 | >>>> >>>> >>>>+--------------------------------------+------+--------+------------+-- >>>>-- >>>>---------+-------------------+ >>>> >>>> localadmin@qa4:~/devstack$ nova boot --image cirros-0.3.2-x86_64-uec >>>> --flavor 1 --nic net-id=94d1e13c-cebc-419d-af06-49e6b4f01304 vm2 >>>> >>>> >>>>+--------------------------------------+------------------------------- >>>>-- >>>>-------------------------------+ >>>> >>>> | Property | Value >>>> | >>>> >>>> >>>>+--------------------------------------+------------------------------- >>>>-- >>>>-------------------------------+ >>>> >>>> | OS-DCF:diskConfig | MANUAL >>>> | >>>> >>>> | OS-EXT-AZ:availability_zone | nova >>>> | >>>> >>>> | OS-EXT-SRV-ATTR:host | - >>>> | >>>> >>>> | OS-EXT-SRV-ATTR:hypervisor_hostname | - >>>> | >>>> >>>> | OS-EXT-SRV-ATTR:instance_name | instance-0000000b >>>> | >>>> >>>> | OS-EXT-STS:power_state | 0 >>>> | >>>> >>>> | OS-EXT-STS:task_state | scheduling >>>> | >>>> >>>> | OS-EXT-STS:vm_state | building >>>> | >>>> >>>> | OS-SRV-USG:launched_at | - >>>> | >>>> >>>> | OS-SRV-USG:terminated_at | - >>>> | >>>> >>>> | accessIPv4 | >>>> | >>>> >>>> | accessIPv6 | >>>> | >>>> >>>> | adminPass | fLQ7xn8pgAhc >>>> | >>>> >>>> | config_drive | >>>> | >>>> >>>> | created | 2014-10-05T23:04:09Z >>>> | >>>> >>>> | flavor | m1.tiny (1) >>>> | >>>> >>>> | hostId | >>>> | >>>> >>>> | id | >>>> 536a509f-7941-466a-9508-ce26f599f10a | >>>> >>>> | image | cirros-0.3.2-x86_64-uec >>>> (ea46d1d4-6c10-4f91-96e3-9ccd9cb8d76b) | >>>> >>>> | key_name | - >>>> | >>>> >>>> | metadata | {} >>>> | >>>> >>>> | name | vm2 >>>> | >>>> >>>> | os-extended-volumes:volumes_attached | [] >>>> | >>>> >>>> | progress | 0 >>>> | >>>> >>>> | security_groups | default >>>> | >>>> >>>> | status | BUILD >>>> | >>>> >>>> | tenant_id | >>>>55ec74628b004fedbef9b8cad130a442 >>>> | >>>> >>>> | updated | 2014-10-05T23:04:09Z >>>> | >>>> >>>> | user_id | >>>>8ad8cd428ac94cd1a888d4372a61cabc >>>> | >>>> >>>> >>>>+--------------------------------------+------------------------------- >>>>-- >>>>-------------------------------+ >>>> >>>> localadmin@qa4:~/devstack$ nova list >>>> >>>> >>>>+--------------------------------------+------+--------+------------+-- >>>>-- >>>>---------+-------------------+ >>>> >>>> | ID | Name | Status | Task State | >>>>Power >>>> State | Networks | >>>> >>>> >>>>+--------------------------------------+------+--------+------------+-- >>>>-- >>>>---------+-------------------+ >>>> >>>> | c308e2a1-1763-4d05-84ed-8fcf5f02abab | vm1 | ACTIVE | - | >>>> Running | public=172.24.4.4 | >>>> >>>> | 536a509f-7941-466a-9508-ce26f599f10a | vm2 | ACTIVE | - | >>>> Running | private=10.0.0.9 | >>>> >>>> >>>>+--------------------------------------+------+--------+------------+-- >>>>-- >>>>---------+<<<<<<<<<+ >>>> >>>> >>>> And as user demo, I can only attach the private network to an >>>>instance. >>>> >>>> >>>> localadmin@qa4:~/devstack$ source openrc demo demo >>>> >>>> localadmin@qa4:~/devstack$ neutron net-list >>>> >>>> >>>>+--------------------------------------+---------+--------------------- >>>>-- >>>>---------------------------+ >>>> >>>> | id | name | subnets >>>> | >>>> >>>> >>>>+--------------------------------------+---------+--------------------- >>>>-- >>>>---------------------------+ >>>> >>>> | 2d113f8c-d742-4f2f-8cf2-a8e56749d51d | public | >>>> ab40f80e-aaf6-43ab-a1da-92f8ac7f7246 | >>>> >>>> | 94d1e13c-cebc-419d-af06-49e6b4f01304 | private | >>>> 1265bbd4-e775-4d9b-a7d5-498848c09b37 10.0.0.0/24 | >>>> >>>> >>>>+--------------------------------------+---------+--------------------- >>>>-- >>>>---------------------------+ >>>> >>>> localadmin@qa4:~/devstack$ nova boot --image cirros-0.3.2-x86_64-uec >>>> --flavor 1 --nic net-id=94d1e13c-cebc-419d-af06-49e6b4f01304 cirros-1 >>>> >>>> >>>>+--------------------------------------+------------------------------- >>>>-- >>>>-------------------------------+ >>>> >>>> | Property | Value >>>> | >>>> >>>> >>>>+--------------------------------------+------------------------------- >>>>-- >>>>-------------------------------+ >>>> >>>> | OS-DCF:diskConfig | MANUAL >>>> | >>>> >>>> | OS-EXT-AZ:availability_zone | nova >>>> | >>>> >>>> | OS-EXT-STS:power_state | 0 >>>> | >>>> >>>> | OS-EXT-STS:task_state | scheduling >>>> | >>>> >>>> | OS-EXT-STS:vm_state | building >>>> | >>>> >>>> | OS-SRV-USG:launched_at | - >>>> | >>>> >>>> | OS-SRV-USG:terminated_at | - >>>> | >>>> >>>> | accessIPv4 | >>>> | >>>> >>>> | accessIPv6 | >>>> | >>>> >>>> | adminPass | gYHta22xTK9a >>>> | >>>> >>>> | config_drive | >>>> | >>>> >>>> | created | 2014-10-05T23:17:28Z >>>> | >>>> >>>> | flavor | m1.tiny (1) >>>> | >>>> >>>> | hostId | >>>> | >>>> >>>> | id | >>>> 791ad866-420d-4e32-baad-b34f0b6e50d1 | >>>> >>>> | image | cirros-0.3.2-x86_64-uec >>>> (ea46d1d4-6c10-4f91-96e3-9ccd9cb8d76b) | >>>> >>>> | key_name | - >>>> | >>>> >>>> | metadata | {} >>>> | >>>> >>>> | name | cirros-1 >>>> | >>>> >>>> | os-extended-volumes:volumes_attached | [] >>>> | >>>> >>>> | progress | 0 >>>> | >>>> >>>> | security_groups | default >>>> | >>>> >>>> | status | BUILD >>>> | >>>> >>>> | tenant_id | >>>>51dcdd7f6f6545bd8bb49aeb556dab48 >>>> | >>>> >>>> | updated | 2014-10-05T23:17:28Z >>>> | >>>> >>>> | user_id | >>>>57a3f7eefcff4a37b064938ebf7335da >>>> | >>>> >>>> >>>>+--------------------------------------+------------------------------- >>>>-- >>>>-------------------------------+ >>>> >>>> localadmin@qa4:~/devstack$ nova list >>>> >>>> >>>>+--------------------------------------+----------+--------+----------- >>>>-+ >>>>-------------+-------------------+ >>>> >>>> | ID | Name | Status | Task >>>>State >>>>| >>>> Power State | Networks | >>>> >>>> >>>>+--------------------------------------+----------+--------+----------- >>>>-+ >>>>-------------+-------------------+ >>>> >>>> | 791ad866-420d-4e32-baad-b34f0b6e50d1 | cirros-1 | ACTIVE | - >>>>| >>>> Running | private=10.0.0.12 | >>>> >>>> >>>>+--------------------------------------+----------+--------+----------- >>>>-+ >>>>-------------+-------------------+ >>>> >>>> localadmin@qa4:~/devstack$ nova boot --image cirros-0.3.2-x86_64-uec >>>> --flavor 1 --nic net-id=2d113f8c-d742-4f2f-8cf2-a8e56749d51d cirros-2 >>>> >>>> >>>>+--------------------------------------+------------------------------- >>>>-- >>>>-------------------------------+ >>>> >>>> | Property | Value >>>> | >>>> >>>> >>>>+--------------------------------------+------------------------------- >>>>-- >>>>-------------------------------+ >>>> >>>> | OS-DCF:diskConfig | MANUAL >>>> | >>>> >>>> | OS-EXT-AZ:availability_zone | nova >>>> | >>>> >>>> | OS-EXT-STS:power_state | 0 >>>> | >>>> >>>> | OS-EXT-STS:task_state | scheduling >>>> | >>>> >>>> | OS-EXT-STS:vm_state | building >>>> | >>>> >>>> | OS-SRV-USG:launched_at | - >>>> | >>>> >>>> | OS-SRV-USG:terminated_at | - >>>> | >>>> >>>> | accessIPv4 | >>>> | >>>> >>>> | accessIPv6 | >>>> | >>>> >>>> | adminPass | aZRHa3ZgQAHP >>>> | >>>> >>>> | config_drive | >>>> | >>>> >>>> | created | 2014-10-05T23:18:13Z >>>> | >>>> >>>> | flavor | m1.tiny (1) >>>> | >>>> >>>> | hostId | >>>> | >>>> >>>> | id | >>>> 6ffd8081-8659-40b3-b7c2-dc6746855692 | >>>> >>>> | image | cirros-0.3.2-x86_64-uec >>>> (ea46d1d4-6c10-4f91-96e3-9ccd9cb8d76b) | >>>> >>>> | key_name | - >>>> | >>>> >>>> | metadata | {} >>>> | >>>> >>>> | name | cirros-2 >>>> | >>>> >>>> | os-extended-volumes:volumes_attached | [] >>>> | >>>> >>>> | progress | 0 >>>> | >>>> >>>> | security_groups | default >>>> | >>>> >>>> | status | BUILD >>>> | >>>> >>>> | tenant_id | >>>>51dcdd7f6f6545bd8bb49aeb556dab48 >>>> | >>>> >>>> | updated | 2014-10-05T23:18:13Z >>>> | >>>> >>>> | user_id | >>>>57a3f7eefcff4a37b064938ebf7335da >>>> | >>>> >>>> >>>>+--------------------------------------+------------------------------- >>>>-- >>>>-------------------------------+ >>>> >>>> localadmin@qa4:~/devstack$ nova list >>>> >>>> >>>>+--------------------------------------+----------+--------+----------- >>>>-+ >>>>-------------+-------------------+ >>>> >>>> | ID | Name | Status | Task >>>>State >>>>| >>>> Power State | Networks | >>>> >>>> >>>>+--------------------------------------+----------+--------+----------- >>>>-+ >>>>-------------+-------------------+ >>>> >>>> | 791ad866-420d-4e32-baad-b34f0b6e50d1 | cirros-1 | ACTIVE | - >>>>| >>>> Running | private=10.0.0.12 | >>>> >>>> | 6ffd8081-8659-40b3-b7c2-dc6746855692 | cirros-2 | ERROR | - >>>>| >>>> NOSTATE | | >>>> >>>> >>>>+--------------------------------------+----------+--------+----------- >>>>-+ >>>>-------------+<<<<<<<<<+ >>>> >>>> >>>> >>>> Is this the expected behavior? >>>> >>>> >>>> Thanks, >>>> >>>> Danny >>>> >>>> >>>> >>>> _______________________________________________ >>>> Mailing list: >>>>http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack >>>> Post to : [email protected] >>>> Unsubscribe : >>>>http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack >>>> >>> >>> >>> >>>-- >>>Akihiro Motoki <[email protected]> >> > > > >-- >Akihiro Motoki <[email protected]> _______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : [email protected] Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
