Floating IP not pinging externally - Ocata

asked 2018-02-15 04:31:13 -0500

sathiya022 gravatar image

I have successfully deployed everything in Openstack Ocata in Redhat 7 using Ironic, everything is automation with the following settings. I was not able to ping the floating IP externally rather i can perform ping, ssh and other things using namespace.

qg is external interface of SDN router

qr is internal interface of SDN router

These interfaces are directly created inside the br-int. In older versions of Openstack. There is no patch between the br-int and br-ex. So the qg will be created directly in br-ex. In this version, we find that both interfaces are created inside the br-int, if i change the external bridge as br-int in all L3 agents, then the router interfaces shows down. Even-though all the communication of ping and ssh happens inside the qrouter namespaces itself. Still I have doubt where the qg need to be created. Also, I cannot find any linux bridges in qo and qv as like older version, eventhough everything working fine with dashboard side, instance and other things working fine.

I have three controllers and two hypercoverged Compute.

VLAN for Ocata Setup

172.26.11.0/24 - Provision Network ( VLAN2611 )
172.26.12.0/24 - Internal Network ( VLAN2612 )
172.26.13.0/24 - Tentant Network ( VLAN2613 )
172.26.14.0/24 - Storage Network ( VLAN2614 )
172.26.16.0/24 - Storage Managment ( VLAN2616 )
172.26.17.0/24 - Management Network ( VLAN2617 )
172.30.10.0/23 - External Network ( VLAN3010 )

Server Setup:

[stack@director ~]$ nova list

+--------------------------------------+------------------------+--------+------------+-------------+-----------------------+
| ID                                   | Name                   | Status | Task State | Power State | Networks              |
+--------------------------------------+------------------------+--------+------------+-------------+-----------------------+
| 3e37a6ed-1b0a-49de-9aa8-5515949ad11a | overcloud-compute-0    | ACTIVE | -          | Running     | ctlplane=172.26.11.13 |
| 3bab2815-1df8-4b1a-ab70-fa1d00dd5889 | overcloud-compute-1    | ACTIVE | -          | Running     | ctlplane=172.26.11.25 |
| 531cc5ad-ceb2-40c4-9662-1a984eea1907 | overcloud-controller-0 | ACTIVE | -          | Running     | ctlplane=172.26.11.12 |
| 598cb725-ed9d-4e7f-b8d1-3d5ac0df86d8 | overcloud-controller-1 | ACTIVE | -          | Running     | ctlplane=172.26.11.23 |
| a92cbacd-301e-4201-aa74-b100eb245345 | overcloud-controller-2 | ACTIVE | -          | Running     | ctlplane=172.26.11.28 |
+--------------------------------------+------------------------+--------+------------+-------------+-----------------------+

Controller-0 IP's Assigned:

All other two controllers will have the same IP address configuration.

[stack@director ~]$ ssh heat-admin@172.26.11.12
Last login: Wed Feb 14 09:23:13 2018 from 172.26.11.254
[heat-admin@overcloud-controller-0 ~]$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: em1: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
    link/ether c8:1f:66:e1:1a:c3 brd ff:ff:ff:ff:ff:ff
    inet 172.26.11.12/24 brd 172.26.11.255 scope global em1
       valid_lft forever preferred_lft forever
    inet 172.26.11.22/32 brd 172.26.11.255 scope global em1
       valid_lft forever preferred_lft forever
    inet6 fe80::ca1f:66ff:fee1:1ac3/64 scope link
       valid_lft forever preferred_lft forever
3: em2: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc mq master ovs-system state UP qlen 1000
    link/ether c8:1f:66:e1:1a:c4 brd ff:ff:ff:ff:ff:ff
    inet6 ...
(more)
edit retag flag offensive close merge delete

Comments

Have you added a rule to the security group ingress to allow ICMP?

USMC_YMMOT gravatar imageUSMC_YMMOT ( 2018-02-15 13:36:53 -0500 )edit

We have added all the security groups correctly.

sathiya022 gravatar imagesathiya022 ( 2018-02-22 02:59:29 -0500 )edit