[Rdo-list] Single Node Openstack

David Krovich david.krovich at mail.wvu.edu
Wed Dec 24 17:31:39 UTC 2014 

More updates:

I now have a public network and a internal network linked together with 
a router.  I can create instances on the internal network and then 
associate a floating IP address with the instance.  However, I still 
can't talk to the instances over the network.

As of now I have an instance running with a floating IP of 192.168.5.11 
assigned to it.

I ran a packet sniffer on the laptop while trying to ping my router from 
the instance using the console built into openstack.  I can see traffic 
on the bridge interface but nothing is answering.

[root at localhost ~]# tshark
Running as user "root" and group "root". This could be dangerous.
Capturing on 'br-ex'
   1   0.000000 fa:16:3e:a9:b0:f8 -> Broadcast    ARP 42 Who has 
192.168.5.1?  Tell 192.168.5.11
   2   1.001142 fa:16:3e:a9:b0:f8 -> Broadcast    ARP 42 Who has 
192.168.5.1?  Tell 192.168.5.11
   3   2.003167 fa:16:3e:a9:b0:f8 -> Broadcast    ARP 42 Who has 
192.168.5.1?  Tell 192.168.5.11

If I try to ping from other machines in 192.168.5.0/24 to 192.168.5.11 I 
get no response and nothing even shows up on the bridge interface from 
sniffing.

I'm trying to think what to look at next, any ideas?

-Dave


On 12/24/2014 12:23 PM, David Krovich wrote:
> Thanks, I think I had already adjusted my security groups 
> appropriately. Here is a listing.
>
>
> [root at localhost ~(keystone_admin)]# neutron security-group-rule-list
> +--------------------------------------+----------------+-----------+----------+------------------+--------------+ 
>
> | id                                   | security_group | direction | 
> protocol | remote_ip_prefix | remote_group |
> +--------------------------------------+----------------+-----------+----------+------------------+--------------+ 
>
> | 50b74169-5f5c-40f3-b193-d568e1cd2864 | default        | egress 
> |          |                  |              |
> | 5d3a0a6e-7d90-49a7-8114-998b06d525df | default        | ingress 
> |          |                  | default      |
> | 670a2b30-bc93-415c-9998-750334ce99d8 | default        | egress | 
> icmp     | 0.0.0.0/0        |              |
> | 68d7fb55-b04f-4b0e-b488-5f6a6f429616 | default        | egress 
> |          |                  |              |
> | 6ec01872-1735-4e46-8a4a-6e3a78e5d867 | default        | ingress 
> |          |                  | default      |
> | 747224b1-7415-49f4-ad77-1acb604508a0 | default        | ingress 
> |          |                  | default      |
> | 836c2c01-710f-44a1-8e85-826729c2f152 | default        | ingress | 
> udp      | 0.0.0.0/0        |              |
> | 8f9f6446-64c8-46f3-943a-d13723a92aa9 | default        | ingress 
> |          |                  | default      |
> | 939931a6-7769-4cb7-adef-3170285449a7 | default        | egress 
> |          |                  |              |
> | b1a2837c-6c64-4c31-9d4b-e50084db3212 | default        | ingress 
> |          |                  | default      |
> | ba1f61ba-9b3a-4618-935e-e6a9c23b3f34 | default        | ingress | 
> icmp     | 0.0.0.0/0        |              |
> | bc32a758-079d-4fd8-9668-e748d3b075ec | default        | egress 
> |          |                  |              |
> | bf27706a-4d85-4f54-b18d-99877155bfb2 | default        | ingress | 
> tcp      | 0.0.0.0/0        |              |
> | c315bdfa-fe04-490b-aab3-8422c79d1b7f | default        | ingress 
> |          |                  | default      |
> | cf799c38-222e-4e5b-9056-c3b7ebac40b5 | default        | egress 
> |          |                  |              |
> | e2d3ea34-ab71-4764-986e-da2545b81e39 | default        | egress 
> |          |                  |              |
> +--------------------------------------+----------------+-----------+----------+------------------+--------------+ 
>
> [root at localhost ~(keystone_admin)]#
>
>
> On 12/24/2014 01:46 AM, Udi Kalifon wrote:
>> Usually this is because you forgot to allow ssh and icmp in the 
>> security group rules. It's easiest to configure if you use the GUI. 
>> Hope it helps.
>>
>> -- Udi.
>>
>>
>> ----- Original Message -----
>> From: "David Krovich" <David.Krovich at mail.wvu.edu>
>> To: rdo-list at redhat.com
>> Sent: Wednesday, December 24, 2014 2:59:22 AM
>> Subject: Re: [Rdo-list] Single Node Openstack
>>
>>
>>
>> Adding more information.
>>
>>
>>
>>
>>
>> ONBOOT=yes[root at localhost ~]# ip addr
>>
>> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
>> group default
>>
>> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>>
>> inet 127.0.0.1/8 scope host lo
>>
>> valid_lft forever preferred_lft forever
>>
>> inet6 ::1/128 scope host
>>
>> valid_lft forever preferred_lft forever
>>
>> 2: p5p1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast 
>> state UP group default qlen 1000
>>
>> link/ether 00:22:41:28:14:20 brd ff:ff:ff:ff:ff:ff
>>
>> inet 192.168.5.151/24 brd 192.168.5.255 scope global dynamic p5p1
>>
>> valid_lft 85871sec preferred_lft 85871sec
>>
>> inet6 fe80::222:41ff:fe28:1420/64 scope link
>>
>> valid_lft forever preferred_lft forever
>>
>> 3: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN 
>> group default
>>
>> link/ether 22:4a:7f:81:49:15 brd ff:ff:ff:ff:ff:ff
>>
>> 4: br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue 
>> state UNKNOWN group default
>>
>> link/ether 32:1a:96:7a:7e:4a brd ff:ff:ff:ff:ff:ff
>>
>> inet 192.168.5.151/24 brd 192.168.5.255 scope global br-ex
>>
>> valid_lft forever preferred_lft forever
>>
>> inet6 fe80::301a:96ff:fe7a:7e4a/64 scope link
>>
>> valid_lft forever preferred_lft forever
>>
>> 8: br-int: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group 
>> default
>>
>> link/ether 32:99:19:54:f9:40 brd ff:ff:ff:ff:ff:ff
>>
>> 10: br-tun: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN 
>> group default
>>
>> link/ether 76:49:ac:a6:ce:4f brd ff:ff:ff:ff:ff:ff
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> /etc/sysconfig/network-scripts/ifcfg-br-ex
>>
>>
>>
>>
>>
>> [root at localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-br-ex
>>
>> DEVICE=br-ex
>>
>> DEVICETYPE=ovs
>>
>> TYPE=OVSBridge
>>
>> BOOTPROTO=static
>>
>> IPADDR=192.168.5.151
>>
>> NETMASK=255.255.255.0
>>
>> ONBOOT=yes
>>
>>
>>
>>
>>
>>
>>
>>
>> [root at localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-p5p1
>>
>> TYPE="OVSPort"
>>
>> DEVICETYPE="ovs"
>>
>> OVS_BRIDGE="br-ex"
>>
>> DEFROUTE="yes"
>>
>> IPV4_FAILURE_FATAL="no"
>>
>> IPV6INIT="yes"
>>
>> IPV6_AUTOCONF="yes"
>>
>> IPV6_DEFROUTE="yes"
>>
>> IPV6_PEERDNS="yes"
>>
>> IPV6_PEERROUTES="yes"
>>
>> IPV6_FAILURE_FATAL="no"
>>
>> NAME="p5p1"
>>
>> UUID="70997a7b-a01c-48a6-b961-b11304839108"
>>
>> ONBOOT="yes"
>>
>> HWADDR="00:22:41:28:14:20"
>>
>> PEERDNS="yes"
>>
>> PEERROUTES="yes"
>>
>>
>>
>>
>>
>> Ran the following:
>>
>>
>>
>>
>>
>> [root at localhost ~]# . keystonerc_admin
>>
>> [root at localhost ~(keystone_admin)]# neutron router-gateway-clear router1
>>
>> Removed gateway from router router1
>>
>> [root at localhost ~(keystone_admin)]# neutron subnet-delete public_subnet
>>
>> Deleted subnet: public_subnet
>>
>> [root at localhost ~(keystone_admin)]# neutron subnet-create --name 
>> public_subnet --enable_dhcp=False 
>> --allocation-pool=start=192.168.5.10,end=192.168.5.20 
>> --gateway=192.168.5.1 public 192.168.5.0/24
>>
>> Created a new subnet:
>>
>> +-------------------+--------------------------------------------------+
>>
>> | Field | Value |
>>
>> +-------------------+--------------------------------------------------+
>>
>> | allocation_pools | {"start": "192.168.5.10", "end": "192.168.5.20"} |
>>
>> | cidr | 192.168.5.0/24 |
>>
>> | dns_nameservers | |
>>
>> | enable_dhcp | False |
>>
>> | gateway_ip | 192.168.5.1 |
>>
>> | host_routes | |
>>
>> | id | 8f11b060-73a9-4b43-a3cc-be192436102c |
>>
>> | ip_version | 4 |
>>
>> | ipv6_address_mode | |
>>
>> | ipv6_ra_mode | |
>>
>> | name | public_subnet |
>>
>> | network_id | 7fbe63c2-0745-45c3-9f00-622ee0eb223b |
>>
>> | tenant_id | 636f926081a345fc93ca12fb5401ffe5 |
>>
>> +-------------------+--------------------------------------------------+
>>
>> [root at localhost ~(keystone_admin)]#
>>
>>>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> From: rdo-list-bounces at redhat.com <rdo-list-bounces at redhat.com> on 
>> behalf of David Krovich <David.Krovich at mail.wvu.edu>
>> Sent: Tuesday, December 23, 2014 3:56 PM
>> To: rdo-list at redhat.com
>> Subject: [Rdo-list] Single Node Openstack
>>
>>
>> Hi,
>>
>>
>>
>>
>> I'm trying to learn about how to setup and configure OpenStack.
>>
>>
>>
>>
>> I've got a laptop that I want to use a test machine to run a single 
>> OpenStack node with instances appearing on the same network as the 
>> node itself. I'm trying to follow the instructions from this web site.
>>
>>
>>
>>
>> https://openstack.redhat.com/Neutron_with_existing_external_network
>>
>>
>> I'm running Fedora 20 on this laptop.
>>
>>
>>
>>
>> My network range is 192.168.5.0/24.
>>
>>
>>
>>
>> First question, does anyone have a similar setup? Fedora 20, single 
>> node, instances on the same network? I can get openstack installed 
>> via packstack and everything appears to work except that I can't seem 
>> to talk to the instances over the network. At this point I'm stuck 
>> and could use some advise on where to look further.
>>
>>
>>
>>
>> Thanks.
>>
>>
>>
>>
>> -Dave
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> Rdo-list mailing list
>> Rdo-list at redhat.com
>> https://www.redhat.com/mailman/listinfo/rdo-list
>
> _______________________________________________
> Rdo-list mailing list
> Rdo-list at redhat.com
> https://www.redhat.com/mailman/listinfo/rdo-list

More information about the dev mailing list