[Rdo-list] Neutron with existing network issues.

Dave Neary dneary at redhat.com
Thu Jun 4 00:22:55 UTC 2015 

Hi,

On 03/10/2015 04:18 PM, NS Murthy wrote:
> I am new to RDO openstack. I have installed in one single bare metal
> server which had 2 NICS connected with different subnets on my company
> network. 
> 
> 
> 1) Primary NIC subnet: 10.58.100.24 - This is where i have installed
> openstack and openstack dashboard is listening to logon from this IP.
> 2) Tenant NIC subnet: 10.68.200.5 - this is a secondary IP which i kept
> for tenant network so that i can logon.
> 3) 1 br-ex interface ip 10.58.100.24
> 
> I have used br-ex interface address(which is my primary 1GB NIC  IP)
>  configured for  tenant however i cannot ping tenant instance ip
>  10.68.200.25 from my management node but can ping floating
> IPs(10.58.100.25)  and can do SSH to floating ip.
> 
> can someone provide a tip or help how to ping tenant IP as well connect
> to tenant IP without floating IP. 

Tenant IP addresses are probably protected by a DHCP network namespace.
The easiest way to connect to the instance from the management host is
to use ip netns to list the namespaces, then "ip netns exec qdhcpXXXXXX
(replace with the qdhcp namespace for your tenant) ping 10.68.200.5"

The issue for pinging the tenant IP is that your management host does
not know how to route traffic there. To fix this issue, you will need a
routing table entry for everyone who should be able to get to tenants
(all traffic for 10.68.200.* should go to gateway IP address
10.58.100.24) and on the controller node, you need to be able to route
to & from 10.68.200.* addresses - one way to do that is to create a
vrouter and connect your public 10.58.200.* subnet and the tenant
10.68.200.* subnet to the router. I *think* that would work, but I could
also be wrong.


> At the end i need the below.
> 1) i need to have tenant network on 10.68.200.0/24, i need to ping this
> network so that tenant can logon to SSH without floating IP.
> 2) i have requirement to have 2 Network interfaces on a instance ? how
> do i accomplish this ? becasue every tenant have fense network so i can
> only get one network when i spin instance from image ?

You don't need 2 NICs per instance in general. I have tried to do this
in the past (creating an OpenStack cluster on OpenStack, and I wanted to
separate management traffic from tenant traffic), but was not
successful. I don't recall the suggestions I received, I believe that
there was some cloud-init magic involved.

Dave.

-- 
Dave Neary - NFV/SDN Community Strategy
Open Source and Standards, Red Hat - http://community.redhat.com
Ph: +1-978-399-2182 / Cell: +1-978-799-3338

More information about the dev mailing list