Ask Your Question
0

Not able to access Controller from Instance VM

asked 2017-05-02 11:31:45 -0600

Krishnakumar gravatar image

I was following the example configuration provided for the Newton to create self service networks in the openstack. It has got an internal network (10.0.0 - series IP) and external network with two networking cards each for controllers and compute nodes. When i tried to install the cloud foundry after installing the Bosh director VM, it failed at the 'create_stemcell' CPI method saying that it could not connect to the keystone api url http://10.0.0.11:5000 . From controller i could ping the instance VM floating IP's and through router i was able to ping the instance VM internal IP. However i was not able to ping the controller (10.0.0.11) from the instance VM. When i did a trace route it actually showed routes starting from the internal network to the external network gateway, then through the firewall it went out to the wan.

edit retag flag offensive close merge delete
add a comment

1 answer

Sort by ยป oldest newest most voted
0

answered 2017-05-03 01:05:58 -0600

sanjana gravatar image

Did you check the firewall rules for allowing traffic outside VMs? Could you attach a screenshot of the network topology to make it more clear

edit flag offensive delete link more

Comments

Thanks for the reply, i checked the firewall rules, VMs can ping outside to the same network ie to the another VM's in the provider network. I followed the example configuration given in this document. https://docs.openstack.org/newton/install-guide-ubuntu/launch-instance-networks-selfservice.html (https://docs.openstack.org/newton/ins...)

Krishnakumar gravatar imageKrishnakumar ( 2017-05-03 07:29:43 -0600 )edit

Could you attach the network topology screenshot from horizon? And also mention the details of your external network

sanjana gravatar imagesanjana ( 2017-05-03 23:07:17 -0600 )edit

Here is the network topology screen shot [https://ibb.co/fHw00k] My external network details Network Address: 192.168.7.0/24 Gateway: 192.168.7.100

Krishnakumar gravatar imageKrishnakumar ( 2017-05-04 01:36:56 -0600 )edit

Add a router that connects your internal network to the external network. First check if you are able to ping the router gateway from the VM. Second, associate a floating IP to your VM instance, 3rd associate security group rule to allow ssh, icmp (ping is disabled by default) with your VM instance.

sanjana gravatar imagesanjana ( 2017-05-04 23:24:22 -0600 )edit

Yes the virtual router is added and the security rules have been set. Its not the problem, that the controller cannot ping the VM instance, instead VM cannot ping the the controller. Controller can ping the floating ip of the VM and the selfservice network IP through the sudo ip netns exec command.

Krishnakumar gravatar imageKrishnakumar ( 2017-05-05 00:50:42 -0600 )edit
see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

subscribe to rss feed

Stats

Asked: 2017-05-02 11:31:45 -0600

Seen: 152 times

Last updated: May 03 '17

Related questions

dedicated network between cinder and compute

OS_SERVICE_ENDPOINT vs OS_AUTH_URL [closed]

How to enable HTTPS o openstack Juno on ubuntu

Edit Endpoints Openstack grizzly [closed]

NetworkNotCreated: bridge_interface is required to create a network

How to check OpenStack Keystone LDAP working ?

Keystone Liberty software for Centos/RedHat 6

CRITICAL keystone [-] NoSuchOptError: no such option in group cache: memcache_servers [closed]

HA openstack (active-active) using haproxy gives 504 for neutron service and rest all services are verified using openstack doc has anyone faced the same issue ?? or can help me with this

after insalling devstack http://server-ip:5000 not accessible