10:08 a.m.
On the overcloud nodes deployed by instack-virt-setup,
/etc/resolv.conf looks like this:
search openstacklocal
nameserver 192.168.122.1
That's not a useful address for either of these nodes, on which
external connectivity -- at least on the controller -- is via
eth0/br-ex on the 192.0.2.0/24 network. Even worse, on the controller
"192.168.122.1" is actually the address of the local "virbr0"
interface configured by libvirt, so DNS requests aren't going to go
anywhere useful.
There are obviously a number of ways to fix this, including setting up
dnsmasq on the undercloud node and using that instead. How is this
supposed to work? Did the deployments script screw up, or did I miss
something in the docs?
--
Lars Kellogg-Stedman <lars(a)redhat.com> | larsks @ {freenode,twitter,github}
Cloud Engineering / OpenStack | http://blog.oddbit.com/
11:06 a.m.
On Fri, Apr 17, 2015 at 11:08:25AM -0400, Lars Kellogg-Stedman wrote:
On the overcloud nodes deployed by instack-virt-setup,
/etc/resolv.conf looks like this:
search openstacklocal
nameserver 192.168.122.1
That's not a useful address for either of these nodes, on which
external connectivity -- at least on the controller -- is via
eth0/br-ex on the 192.0.2.0/24 network. Even worse, on the controller
"192.168.122.1" is actually the address of the local "virbr0"
interface configured by libvirt, so DNS requests aren't going to go
anywhere useful.
There are obviously a number of ways to fix this, including setting up
dnsmasq on the undercloud node and using that instead. How is this
supposed to work? Did the deployments script screw up, or did I miss
something in the docs?
I think we might have a couple of patches posted that are in review that might
help with these issues:
https://review.gerrithub.io/230339
https://review.gerrithub.io/230143
Also makes sure ip forwarding is enabled on the host machine:
sudo sysctl net.ipv4.ip_forward=1
(This needs to get added to the documentation).
Thanks for helping to try things out.
--
-- James Slagle
--
11:15 a.m.
Hi Lars,
192.168.122.1 is set on the virbr0 interface on the host (default
libvirt net) where under/overcloud VMs are running. The undercloud
node (instack VM) has 2 interfaces - one in the virbr0
bridge(192.168.122.0/24 subnet) and the other in the brbm ovs bridge
(192.0.2.0/24 subnet). The overcloud nodes have one interface in the
brbm bridge and route the traffic through the undercloud node. You can
check that default gw on overcloud nodes is 192.0.2.1 (eth1 of instack
VM). The undercloud node masquerades all traffic coming from
192.0.2.0/24 so the overcloud nodes can get external connectivity,
including to 192.168.122.1 which handles the dns queries.
On Fri, Apr 17, 2015 at 6:06 PM, James Slagle <jslagle(a)redhat.com> wrote:
On Fri, Apr 17, 2015 at 11:08:25AM -0400, Lars Kellogg-Stedman
wrote:
> On the overcloud nodes deployed by instack-virt-setup,
> /etc/resolv.conf looks like this:
>
> search openstacklocal
> nameserver 192.168.122.1
>
> That's not a useful address for either of these nodes, on which
> external connectivity -- at least on the controller -- is via
> eth0/br-ex on the 192.0.2.0/24 network. Even worse, on the controller
> "192.168.122.1" is actually the address of the local "virbr0"
> interface configured by libvirt, so DNS requests aren't going to go
> anywhere useful.
>
> There are obviously a number of ways to fix this, including setting up
> dnsmasq on the undercloud node and using that instead. How is this
> supposed to work? Did the deployments script screw up, or did I miss
> something in the docs?
I think we might have a couple of patches posted that are in review that might
help with these issues:
https://review.gerrithub.io/230339
https://review.gerrithub.io/230143
Also makes sure ip forwarding is enabled on the host machine:
sudo sysctl net.ipv4.ip_forward=1
(This needs to get added to the documentation).
Thanks for helping to try things out.
--
-- James Slagle
--
_______________________________________________
Rdo-list mailing list
Rdo-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/rdo-list
To unsubscribe: rdo-list-unsubscribe(a)redhat.com
12:09 p.m.
On Fri, Apr 17, 2015 at 06:15:37PM +0200, Marius Cornea wrote:
192.168.122.1 is set on the virbr0 interface on the host (default
libvirt net) where under/overcloud VMs are running.
It is also the address of the virbr0 interface *on the overcloud
nodes*.
(192.0.2.0/24 subnet). The overcloud nodes have one interface in
the
brbm bridge and route the traffic through the undercloud node. You can
check that default gw on overcloud nodes is 192.0.2.1 (eth1 of instack
VM).
That confirms what I said in my previous email:
That's not a useful address for either of these nodes, on which
external connectivity -- at least on the controller -- is via
eth0/br-ex on the 192.0.2.0/24 network.
The undercloud node masquerades all traffic coming from
192.0.2.0/24 so the overcloud nodes can get external connectivity,
including to 192.168.122.1 which handles the dns queries.
It doesn't. First, because 192.168.122.1 is set on the virbr0
interface on the overcloud controller node, traffic to this address
never leaves the host.
While the undercloud node does have masquerade rules in place:
# iptables -t nat -S | grep -i masquerade
-A POSTROUTING -s 192.0.2.0/24 -o eth0 -j MASQUERADE
-A BOOTSTACK_MASQ -s 192.0.2.0/24 ! -d 192.0.2.0/24 -j MASQUERADE
It doesn't have ip forwarding enabled:
# sysctl -a | grep ip_forward
net.ipv4.ip_forward = 0
No forwarding, so no masquerading.
--
Lars Kellogg-Stedman <lars(a)redhat.com> | larsks @ {freenode,twitter,github}
Cloud Engineering / OpenStack | http://blog.oddbit.com/
12:11 p.m.
On Fri, Apr 17, 2015 at 12:06:38PM -0400, James Slagle wrote:
Also makes sure ip forwarding is enabled on the host machine:
sudo sysctl net.ipv4.ip_forward=1
(This needs to get added to the documentation).
ip_forward is enabled on the host (did instack-virt-setup do that?
Because I didn't set that up explicitly). But it was *not* enabled on
the undercloud node, which is half of the problem I encountered with
DNS lookups.
--
Lars Kellogg-Stedman <lars(a)redhat.com> | larsks @ {freenode,twitter,github}
Cloud Engineering / OpenStack | http://blog.oddbit.com/
3506
days inactive
3506
days old
4 comments
3 participants
participants (3)
-
James Slagle -
Lars Kellogg-Stedman -
Marius Cornea