Ask Your Question
0

Hosting Openstack on an AWS EC2 instance. Openstack VMs unable to access internet!

asked 2016-12-27 07:58:34 -0500

Vinoth gravatar image

updated 2017-01-02 23:11:17 -0500

Hi,

I'm currently looking to host OpenStack on an AWS instance. I have installed Openstack-Kilo (Single node setup) in Ubuntu 14.04(HVM Ec2 Instance) with OpenVswitch/GRE/Neutron networking and QEMU emulator for computing.

I can provision new VMs and ping the router Gateway from the VM. Also, can ping the VM's floating IP from the Controller.

But the problem is to access the internet from the VM. Notably pinging 8.8.8.8 from "ip netns exec router-xxxxx" also not reaching the gateway.

I have 3NICs attached to my EC2 instance. In that eth2 is mapped with br-ex OVS bridge, eth1 for VM tunnnel network, and eth0 for openstack Management network.

Important:

In available 3NICs, I can access the internet thru only one NIC at a time. I.e., Any one NIC is accessible to internet. For example, If I assigned the default gateway to eth0, then executing "ping 8.8.8.8 -I eth1" will failed to access the internet.

Notably, If I assigned default gateway to br-ex or eth2 (external network NIC), then no NIC is accessible to internet.

I have listed the VPC/OVS-Br/Route information below:

**AWS VPC Details:**

VPC CIDR: 172.16.0.0/16
VPC Subnet CIDR: 172.16.0.0/16

**VPC Route Table:**
Destination         Target          Status      Propagated
172.16.0.0/16       local           Active      No
0.0.0.0/0       internet-GateWay    Active      No


**AWS Instance Details:**

VM_Name: Openstack_Kilo_Controller
NIC details:
Name        Private_IP          Public_IP
eth0        172.16.24.177       36.H.H.33
eth1        172.16.15.184       36.H.H.22
eth2        172.16.2.27


**VM routing table information**:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use  Iface
default          172.16.0.1      0.0.0.0             UG    0      0        0      eth0
172.16.0.0          *               255.255.0.0        U     0      0        0      eth1
172.16.0.0          *               255.255.0.0        U     0      0        0      eth0
192.168.122.0       *             255.255.255.0    U     0      0        0      virbr0

Cat /etc/network/interface file:

#Management Network
auto eth0
iface eth0 inet static
address 172.16.24.177
netmask 255.255.0.0
gateway 172.16.0.1


# The external network interface
auto eth2
iface eth2 inet manual
        up ip link set dev $IFACE up
        down ip link set dev $IFACE down


#Tunnel network
auto eth1
iface eth1 inet static
address 172.16.15.184
netmask 255.255.0.0

vim /etc/neutron/plugins/ml2/ml2_conf.ini

[ml2]
type_drivers = flat,vlan,gre,vxlan
tenant_network_types = gre
mechanism_drivers = openvswitch

[ml2_type_flat]
flat_networks = external

[ml2_type_gre]
tunnel_id_ranges = 1:1000

[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

[ovs]
local_ip = 172.16.15.184
bridge_mappings = external:br-ex

[agent]
tunnel_types = gre

ovs-vsctl show output:

1e33e3bd-ee07-4ded-86da-49d34068f7a8
    Bridge br-tun
        fail_mode: secure
        Port br-tun
            Interface br-tun
                type: internal
        Port "gre-ac1018b1"
            Interface "gre-ac1018b1"
                type: gre
                options: {df_default="true", in_key=flow, local_ip="172.16.15.184", out_key=flow, remote_ip="172.16.24.177"}
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun ...
(more)
edit retag flag offensive close merge delete

3 answers

Sort by ยป oldest newest most voted
0

answered 2017-01-02 23:12:02 -0500

Vinoth gravatar image

updated 2017-03-01 03:49:23 -0500

My blog on "Deploying OpenStack on AWS" will help.

http://www.cloudenablers.com/blog/dep...

Thanks,

Vinoth Kumar Selvaraj

edit flag offensive delete link more
0

answered 2016-12-29 00:03:21 -0500

silently gravatar image

route -n

ping gateway first of all .

traceroute destination's ip or hostname , see disconnect at which hop .

edit flag offensive delete link more

Comments

Connectivity issue after Bridge mapping between br-ex and eth2 is fixed by assigning eth2's MAC address to br-ex. However, the connectivity between br-ex and br-int still exist. Whenever I create new floating IPs mapped with newly created VMs, It is not reflecting in br-ex interface.

Vinoth gravatar imageVinoth ( 2017-01-02 23:10:10 -0500 )edit
0

answered 2016-12-28 05:45:25 -0500

Anil gravatar image

please provide output of

ip netns

ip netns exec <qrouter-xxx> netstat -nr

edit flag offensive delete link more

Comments

Thanks for your response Anil. I have added the output at the end of the above question.

Vinoth gravatar imageVinoth ( 2016-12-28 06:25:22 -0500 )edit

Connectivity issue after Bridge mapping between br-ex and eth2 is fixed by assigning eth2's MAC address to br-ex. However, the connectivity between br-ex and br-int still exist. Whenever I create new floating IPs mapped with newly created VMs, It is not reflecting in br-ex interface.

Vinoth gravatar imageVinoth ( 2017-01-02 23:10:29 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2016-12-27 07:58:34 -0500

Seen: 353 times

Last updated: Mar 01 '17