Ask Your Question
0

Can't Ping Instances or SSH into Instances

asked 2017-04-20 15:32:35 -0500

wesley.p.clawson gravatar image

I've got DevStack (Mitaka/Stable) fully pulled up on Ubuntu 16.04 on top of a VMWare VM (250 GB, 16 GB RAM). It's currently got one interface (ens160) that it uses to connect to the external world. I thought that I had properly setup the local.conf file but when I make an instance I can't ping/ssh it or any routers connected to the public network. I am pinging from the VM that DevStack is on.

  • I have added the security group rules correctly
  • I have done, iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
  • Maybe some other things too, it's been a long two days.

Here's how I imagined it working....http://imgur.com/a/tsMrO with the important bit is that traffic must hit the gateway of our Lab network with vlan 60 tag or nothing happens externally.

my local.conf file

[[local|localrc]]
HOST_IP=10.3.35.236
SERVICE_HOST=10.3.35.236
MYSQL_HOST=10.3.35.236
RABBIT_HOST=10.3.35.236
GLANCE_HOSTPORT=10.3.35.236:9292
ADMIN_PASSWORD=letmein
DATABASE_PASSWORD=letmein
RABBIT_PASSWORD=letmein
SERVICE_PASSWORD=letmein

## Neutron options
Q_USE_SECGROUP=True
FLOATING_RANGE="10.3.34.0/24"
IPV4_ADDRS_SAFE_TO_USE="10.0.0.0/22"
Q_FLOATING_ALLOCATION_POOL=start=10.3.34.240,end=10.3.34.254
PUBLIC_NETWORK_GATEWAY="10.3.34.1"
PUBLIC_INTERFACE=ens160

# Open vSwitch provider networking configuration
Q_USE_PROVIDERNET_FOR_PUBLIC=True
OVS_PHYSICAL_BRIDGE=br-ex
PUBLIC_BRIDGE=br-ex
OVS_BRIDGE_MAPPINGS=public:br-ex

disable_service n-net
enable_service neutron q-svc q-agt q-dhcp q-l3 q-meta
enable_service heat h-api h-api-cfn h-api-cw h-eng

Here's my sudo ovs-vsctl show command:

stack@devstack:~/devstack$ sudo ovs-vsctl show
a89383ad-a05b-4541-902e-91e35951ab99
    Bridge br-tun
        fail_mode: secure
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
    Bridge br-int
        fail_mode: secure
        Port int-br-ex
            Interface int-br-ex
                type: patch
                options: {peer=phy-br-ex}
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "qg-abf9c7ae-2c"
            tag: 2
            Interface "qg-abf9c7ae-2c"
                type: internal
        Port br-int
            Interface br-int
                type: internal
        Port "qr-a4e307b5-38"
            tag: 1
            Interface "qr-a4e307b5-38"
                type: internal
        Port "tapc39a37fe-2e"
            tag: 1
            Interface "tapc39a37fe-2e"
                type: internal
        Port "qr-7cfeffbb-8d"
            tag: 1
            Interface "qr-7cfeffbb-8d"
                type: internal
    Bridge br-ex
        fail_mode: secure
        Port "ens160"
            Interface "ens160"
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
        Port br-ex
            Interface br-ex
                type: internal
    ovs_version: "2.5.2"

Any help would be greatly appreciated. The end goal here is to have Devstack pull up an instance, be able to SSH into it, and have the instance be able to pull files from the external internet.

Any advice would be greatly appreciated. I'd be happy to provide more info.

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
0

answered 2017-04-25 08:06:31 -0500

Herr-Herner gravatar image

You must explicitly enable promiscuous mode on the virtual switch to which your VMware VM is attached to, otherwise all incoming traffic gets blocked that is targeted to mac addresses unknown by the virtual switch. The virtual switch in VMware does not work like a real one. There is no forwarding table present.

Have a look here: https://kb.vmware.com/selfservice/sea...

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2017-04-20 15:32:35 -0500

Seen: 419 times

Last updated: Apr 25 '17