Ask Your Question
0

diablo: no access via floating ip

asked 2011-10-10 12:45:46 -0500

otaku gravatar image

hi, I've setup openstack with flat_dhcp according the instructions on devstack ( http://devstack.org/guides/single-machine.html (http://devstack.org/guides/single-mac...) ). I can spin up machines via dashboard and access them from the host via the fixed-range ip, the virtual instances have connectivity to the outside as well. But if I assign them a public IP from the floating range I can't ping them. We traced traffic and see that it even reaches the bridge, just the final hop is missing... I tried running

euca-authorize -P icmp -t -1:-1 default euca-authorize -P tcp -p 22 default

but these commands failed, because auth is handled by keystone and I don't find documentation on getting euca2ools authorized with that. I setup with:

FLOATING_RANGE=192.168.250.64/26 FIXED_RANGE=10.0.0.0/24

and have the following nova.conf:

--verbose --nodaemon --scheduler_driver=nova.scheduler.simple.SimpleScheduler --dhcpbridge_flagfile=/opt/stack/nova/bin/nova.conf --network_manager=nova.network.manager.FlatDHCPManager --my_ip=192.168.250.25 --public_interface=eth0 --vlan_interface=eth0 --sql_connection=mysql://root:XXX@localhost/nova --libvirt_type=kvm --osapi_extensions_path=/opt/stack/openstackx/extensions --vncproxy_url=http://192.168.250.25:6080 --vncproxy_wwwroot=/opt/stack/noVNC/ --api_paste_config=/opt/stack/keystone/examples/paste/nova-api-paste.ini --image_service=nova.image.glance.GlanceImageService --ec2_dmz_host=192.168.250.25 --rabbit_host=localhost --rabbit_password=3860016f488ca195e5747587 --glance_api_servers=192.168.250.25:9292 --flat_network_bridge=br100 --flat_interface=eth0 --multi_host=0

edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted
0

answered 2011-10-11 08:35:18 -0500

otaku gravatar image

Thanks Vish Ishaya, that solved my question.

edit flag offensive delete link more
0

answered 2011-10-10 18:10:52 -0500

vishvananda gravatar image

You should be able to set up security groups through the dashboard.

On Oct 10, 2011, at 5:45 AM, Michael Hempel wrote:

New question #173821 on OpenStack Compute (nova): https://answers.launchpad.net/nova/+q...

hi, I've setup openstack with flat_dhcp according the instructions on devstack ( http://devstack.org/guides/single-mac... ). I can spin up machines via dashboard and access them from the host via the fixed-range ip, the virtual instances have connectivity to the outside as well. But if I assign them a public IP from the floating range I can't ping them. We traced traffic and see that it even reaches the bridge, just the final hop is missing... I tried running

euca-authorize -P icmp -t -1:-1 default euca-authorize -P tcp -p 22 default

but these commands failed, because auth is handled by keystone and I don't find documentation on getting euca2ools authorized with that. I setup with:

FLOATING_RANGE=192.168.250.64/26 FIXED_RANGE=10.0.0.0/24

and have the following nova.conf:

--verbose --nodaemon --scheduler_driver=nova.scheduler.simple.SimpleScheduler --dhcpbridge_flagfile=/opt/stack/nova/bin/nova.conf --network_manager=nova.network.manager.FlatDHCPManager --my_ip=192.168.250.25 --public_interface=eth0 --vlan_interface=eth0 --sql_connection=mysql://root:XXX@localhost/nova --libvirt_type=kvm --osapi_extensions_path=/opt/stack/openstackx/extensions --vncproxy_url=http://192.168.250.25:6080 --vncproxy_wwwroot=/opt/stack/noVNC/ --api_paste_config=/opt/stack/keystone/examples/paste/nova-api-paste.ini --image_service=nova.image.glance.GlanceImageService --ec2_dmz_host=192.168.250.25 --rabbit_host=localhost --rabbit_password=3860016f488ca195e5747587 --glance_api_servers=192.168.250.25:9292 --flat_network_bridge=br100 --flat_interface=eth0 --multi_host=0


You received this question notification because you are a member of Nova Core, which is an answer contact for OpenStack Compute (nova).

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2011-10-10 12:45:46 -0500

Seen: 21 times

Last updated: Oct 11 '11