On Tue, May 26, 2015 at 03:54:36PM +0200, Tomas Sedovic wrote:
Hey everyone,
I tried to get RDO set up with floating IP addresses, but I'm running into
problems I'm not sure how to debug (not that familiar with networking and
Neutron).
I followed these guides on a clean Fedora 21 x86_64 server:
https://www.rdoproject.org/Quickstart
https://www.rdoproject.org/Floating_IP_range
[. . .]
once all 20 requests failed, it got to a login screen, but I could
not ping
or SSH into it:
# ping 10.40.128.81
PING 10.40.128.81 (10.40.128.81) 56(84) bytes of data.
From 10.40.128.44 icmp_seq=1 Destination Host Unreachable
From 10.40.128.44 icmp_seq=2 Destination Host Unreachable
From 10.40.128.44 icmp_seq=3 Destination Host Unreachable
From 10.40.128.44 icmp_seq=4 Destination Host Unreachable
# ssh cirros(a)10.40.128.81
ssh: connect to host 10.40.128.81 port 22: No route to host
It could be any no. of reasons, as I don't know what's going on in your
network. But, your steps sound reasonably correct. Just for comparision,
that's what I normally do:
# Create new private network:
$ neutron net-create $privnetname
# Create a subnet
neutron subnet-create $privnetname \
$subnetspace/24 \
--name $privsubnetname
# Create a router
neutron router-create $routername
# Associate the router to the external network by setting its gateway
# NOTE: This assumes the external network name is 'ext'
export EXT_NET=$(neutron net-list | grep ext | awk '{print $2;}')
export PRIV_NET=$(neutron subnet-list | grep $privsubnetname | awk '{print
$2;}')
export ROUTER_ID=$(neutron router-list | grep $routername | awk '{print $2;}'
neutron router-gateway-set \
$ROUTER_ID $EXT_NET_ID
neutron router-interface-add \
$ROUTER_ID $PRIV_NET_ID
# Add Neutron security groups for this test tenant
neutron security-group-rule-create \
--protocol icmp \
--direction ingress \
--remote-ip-prefix 0.0.0.0/0 \
default
neutron security-group-rule-create \
--protocol tcp \
--port-range-min 22 \
--port-range-max 22 \
--direction ingress \
--remote-ip-prefix 0.0.0.0/0 \
default
On a related note, all the above, inlcuding creating the Keystone
tenant, user, etc is put together in this trivial script[1], which
allows me to create tenant networks this way:
$ ./create-new-tenant-network.sh \
demoten1 tuser1 \
14.0.0.0 trouter1 \
priv-net1 priv-subnet1
It assumes your external network is named as "ext", but you can modify
the script trivially to change that.
[1]
https://github.com/kashyapc/ostack-misc/blob/master/create-new-tenant-net...
--
/kashyap