Ask Your Question

Not able to access Controller from Instance VM

asked 2017-05-02 11:31:45 -0500

Krishnakumar gravatar image

I was following the example configuration provided for the Newton to create self service networks in the openstack. It has got an internal network (10.0.0 - series IP) and external network with two networking cards each for controllers and compute nodes. When i tried to install the cloud foundry after installing the Bosh director VM, it failed at the 'create_stemcell' CPI method saying that it could not connect to the keystone api url . From controller i could ping the instance VM floating IP's and through router i was able to ping the instance VM internal IP. However i was not able to ping the controller ( from the instance VM. When i did a trace route it actually showed routes starting from the internal network to the external network gateway, then through the firewall it went out to the wan.

edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted

answered 2020-05-12 19:55:05 -0500

hey man, how are you? Did you find the solution for that? br

edit flag offensive delete link more

answered 2017-05-03 01:05:58 -0500

sanjana gravatar image

Did you check the firewall rules for allowing traffic outside VMs? Could you attach a screenshot of the network topology to make it more clear

edit flag offensive delete link more


Thanks for the reply, i checked the firewall rules, VMs can ping outside to the same network ie to the another VM's in the provider network. I followed the example configuration given in this document. (

Krishnakumar gravatar imageKrishnakumar ( 2017-05-03 07:29:43 -0500 )edit

Could you attach the network topology screenshot from horizon? And also mention the details of your external network

sanjana gravatar imagesanjana ( 2017-05-03 23:07:17 -0500 )edit

Here is the network topology screen shot [] My external network details Network Address: Gateway:

Krishnakumar gravatar imageKrishnakumar ( 2017-05-04 01:36:56 -0500 )edit

Add a router that connects your internal network to the external network. First check if you are able to ping the router gateway from the VM. Second, associate a floating IP to your VM instance, 3rd associate security group rule to allow ssh, icmp (ping is disabled by default) with your VM instance.

sanjana gravatar imagesanjana ( 2017-05-04 23:24:22 -0500 )edit

Yes the virtual router is added and the security rules have been set. Its not the problem, that the controller cannot ping the VM instance, instead VM cannot ping the the controller. Controller can ping the floating ip of the VM and the selfservice network IP through the sudo ip netns exec command.

Krishnakumar gravatar imageKrishnakumar ( 2017-05-05 00:50:42 -0500 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools


Asked: 2017-05-02 11:31:45 -0500

Seen: 349 times

Last updated: May 12 '20