I've done a fresh RDO install and am successfully running instances on
my compute host, but, while I can connect out of my instances just fine,
I can't get into them from any host but my compute host.
I thought that RDO was going to set me up so that each compute host
handled the routing directly, but it appears that all of my instance's
traffic is routing through a bridge to my control host.
My compute and control hosts are on a 192.168.0.0/16 network and are
using 192.168.20.0/24 for the instances.
How do I get traffic routing into my instance hosts on 192.168.20.0/24
on each compute host? (I only have one now, but will be deploying 2
more once I have OpenStack set up.
Eric
ps please excuse my having also posted this on the openstack list as well.
On 6/10/14, 6:16 PM, Eric Berg wrote:
On 6/4/14, 10:12 AM, Lars Kellogg-Stedman wrote:
> On Tue, Jun 03, 2014 at 10:55:43AM -0400, Eric Berg wrote:
>> I have performed this installation and now have a control host and one
>> compute host, but am not sure of a few things:
>>
>> 1. First, I believe that I need nova-networking running on each compute
>> hosts to avoid routing all traffic through a dedicated network
>> host,
>> but I'm not sure how to check to see that the networking service is
>> running on my compute host.
>> 2. Lars helped me set up a single-host setup, which put my instances on
>> our 192.168.0.0/16 network by using an ovs bridge (br-ex) with the
>> IP of the host on the bridge, which owns eth0, but I'm not sure how
>> that relates to this new setup. Should I create the same type of
>> bridged connection on each compute host?
> Eric,
>
> If you're working with the configuration you and I worked on, you're
> using neutron, so you can't use nova-networking on each compute host,
> unless you decide to ditch neutron.
>
> Neutron does not have an operational model matching nova-network's
> multi-host mode.
>
> You can set up Neutron in an active/passive configuration if you want
> to have some fault tolerance, but a given external network is always
> going to route through a single node when using the native Linux layer
> 3 agent.
>
> You can use vendor plugins from Cisco, etc., if you need a more
> performant configuration (but I don't have any details on what that
> would look like).
I bailed on neutron. I did a packstack install with
CONFIG_NEUTRON_INSTALL=n and got a set-up with one control host and
one (so far) compute node from which I can ssh/ping hosts on my
network. ...but not all hosts, since there's no easy routing into my
private OpenStack network.
Lars, I believe that when you suggested that we set up a bridge on the
neutron allinone install you helped me through first, we created an
ovs bridge with the IP of the primary interface, then made that
interface part of the bridge. That was so that packets hitting that
interface would traverse the bridge to the private network(s) on which
the instances reside, so that they would have general access to my
company intranet, thus the internet in general.
How do I make my cloud instances visible on my intranet with this
configuration?
--
Eric Berg
Sr. Software Engineer
Rubenstein Technology Group
55 Broad Street, 14th Floor
New York, NY 10004-2501
(212) 518-6400
(212) 518-6467 fax
eberg(a)rubensteintech.com
www.rubensteintech.com