Devstack: Cannot ping instances of public and private networks

asked 2018-01-08 21:15:28 -0600

Khoa Tran gravatar image

updated 2018-01-11 03:39:26 -0600

Hi All, I'm using the local.conf file below to setup my devstack, the devstack completed successfully. I can do anything via OpenStack dashboard ( create network, subnet, instances, .... ), but I cannot ping the instances of both public network and private network. By default, they (public & private network) have been created by when stack completed, the IP of public network is 172.24.4.0/24, and private network is 10.0.0.0/26, and there is a router that is used to connect these networks together. I have created some instances on both networks, but I cannot ping or ssh to those instances although I stand on the controller node. I have read following article : https://docs.openstack.org/devstack/latest/networking.html (https://docs.openstack.org/devstack/l...), and followed the instruction in Default section with no luck. I also read the Locally Accessible Guests section, but I'm not sure the meaning of the statement "connect br-ex to a physical interface", I DON'Thave ifcfg-br-ex under the /etc/sysconfig/network-scripts/, but the bridge interface can be seen whey execute ifconfig, with IP is default gateway of public network (172.24.4.1), of course I can ping the gateway without any issue.

Therefore I'm not sure the real problem here, could you someone help me on this issue ? Much appreciate

Thanks Khoa Tran

edit retag flag offensive close merge delete

Comments

"connect br-ex to the physical interface" is required if you want your instances to access the world outside the cloud and vice versa. The following parapraphs explain how.

You did add port 22 and ICMP to the default security group?

Bernd Bausch gravatar imageBernd Bausch ( 2018-01-14 01:10:10 -0600 )edit

Also check if you can reach the instance from the DHCP namespace:

# ip netns
# ip netns exec qdhcp-... ping FIXED-IP

See also the Compute section on https://docs.openstack.org/newton/use....

Bernd Bausch gravatar imageBernd Bausch ( 2018-01-14 01:12:53 -0600 )edit

Hi Bernd Bausch,Not sure I'm understand your answer correctly, the paragraphs you have pointed out is the question below, right ? Or somehow, the paragraphs has disappeared accidentally. Anyway, I have added the port 22 and ICMP to the default security group of admin and demo projects.

Khoa Tran gravatar imageKhoa Tran ( 2018-01-16 05:06:40 -0600 )edit

Hi Bernd Bausch, I have added the port 22 and ICMP into default security group of admin and demo projects. I can ping the instances of private network using the syntax you have suggested (ip netns exec qdhcp-... ping FIXED-IP), but instances of public network cannot be reached. I'm Investigating it.

Khoa Tran gravatar imageKhoa Tran ( 2018-01-16 05:09:04 -0600 )edit

I meant the paragraphs on the page you reference, https://docs.openstack.org/devstack/l....

Bernd Bausch gravatar imageBernd Bausch ( 2018-01-19 23:36:13 -0600 )edit