Ask Your Question
0

Using OpenStack with existing LAN Network

asked 2013-05-16 19:59:02 -0500

jzwiep gravatar image

We'd like to have OpenStack integrated with our existing LAN network. We want to assign a subnet not managed by our network's DHCP to nova-network. Right now, VMs spawn and aquire their addresses fine, but they can't ping any addresses outside of their subnet.

So we can ping other VMs, we can ping the compute/controller hosts, we can ping other machines that are assigned an address in the VM Subnet, machines can ping VMs, but we just can't get the VMs to be able to ping addresses outside of both their subnet and the OpenStack setup.

Any help would be greatly appreciated!

Our current setup:

OpenStack Essex

Network: 10.10.32.0/21

VM Subnet: 10.10.38.0/24

nova.conf

--sql_connection=mysql://novadbadmin:novasecret@10.10.33.52/nova
--dhcpbridge_flagfile=/etc/nova/nova.conf
--dhcpbridge=/usr/bin/nova-dhcpbridge
--logdir=/var/log/nova
--state_path=/var/lib/nova
--lock_path=/run/lock/nova
--allow_admin_api=true
--use_deprecated_auth=false
--auth_strategy=keystone
--scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler
--scheduler_available_filters=nova.scheduler.filters.standard_filters
--ram_allocation_ratio=0.85
--s3_host=10.10.33.52
--ec2_host=10.10.33.52
--cc_host=10.10.33.52
--nova_url=http://10.10.33.52:8774/v1.1/
--glance_api_servers=10.10.33.52:9292
--image_service=nova.image.glance.GlanceImageService
--ec2_url=http://10.10.33.52:8773/services/Cloud
--keystone_ec2_url=http://10.10.33.52:5000/v2.0/ec2tokens
--api_paste_config=/etc/nova/api-paste.ini
--iscsi_helper=tgtadm
--root_helper=sudo nova-rootwrap
--verbose
--connection_type=libvirt
--libvirt_type=kvm
--start_guests_on_host_boot=true
--resume_guests_state_on_host_boot=true
--rpc_response_timeout=3600

# vnc specific configuration
--novnc_enabled=true
--novncproxy_base_url=http://10.10.33.52:6080/vnc_auto.html
--vncserver_proxyclient_address=10.10.33.52
--vncserver_listen=10.10.33.52

# network specific settings
--network_manager=nova.network.manager.FlatManager
--libvirt_use_virtio_for_bridges=true
--flat_network_bridge=br100
--flat_interface=eth0
--flat_injected=False
--fixed_range=10.10.38.0/24

# RabbitMQ settings
--rabbit_host=10.10.33.52

interfaces

auto lo
iface lo inet loopback

auto eth1
iface eth1 inet dhcp

auto eth0
iface eth0 inet dhcp

auto br100
iface br100 inet dhcp
        bridge_stp off
        bridge_fd 0

Network

sudo nova-manage network create camera_network --fixed_range_v4=10.10.38.0/24 --bridge_interface=br100 --num_networks=1 --network_size=256

ifconfig

br100     Link encap:Ethernet  HWaddr 3a:7c:6e:51:bf:1f
          inet addr:10.10.38.1  Bcast:10.10.38.255  Mask:255.255.255.0
          inet6 addr: fe80::387c:6eff:fe51:bf1f/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 B)  TX bytes:1328 (1.3 KB)

eth0      Link encap:Ethernet  HWaddr d4:ae:52:bb:9f:2c
          inet addr:10.10.33.52  Bcast:10.10.39.255  Mask:255.255.248.0
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:3845153 errors:0 dropped:237 overruns:0 frame:0
          TX packets:446 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:3487867583 ...
(more)
edit retag flag offensive close merge delete

Comments

Hi, thanks for the question. May I ask if there's a reason you need to keep running the Essex release? Just because there's been some improvements in Folsom and Grizzly that may make this situation easier ...

fifieldt gravatar imagefifieldt ( 2013-05-16 23:12:30 -0500 )edit

Same question, why Essex? For Folsom and Grizzly take a look here: https://ask.openstack.org/question/508/trying-to-integrate-vms-to-existing-lan/

Alen Komljen gravatar imageAlen Komljen ( 2013-05-17 02:11:04 -0500 )edit

Essex is just what the current system happens to be running. Upgrading is definitely possible though. What kind of changes made in Folsom/Grizzly make this setup easier?

jzwiep gravatar imagejzwiep ( 2013-05-17 19:56:52 -0500 )edit

2 answers

Sort by ยป oldest newest most voted
0

answered 2013-07-24 20:59:05 -0500

jzwiep gravatar image

Managed to fix it.

I corrected the fixed_range in nova.conf to match nova's network, and added this config option:

--dmz_cidr=10.10.32.0/21

This stops VM traffic from getting SNATTED (https://answers.launchpad.net/nova/+question/185826)

edit flag offensive delete link more
1

answered 2013-05-18 01:57:15 -0500

Try same as I did with Folsom and Grizzly. Here are configuration changes: https://ask.openstack.org/question/508/trying-to-integrate-vms-to-existing-lan/

edit flag offensive delete link more

Comments

I actually did find and follow that exactly while trying our initial configuration. It caused almost everything to work correctly except for VMs being able to ping outside of their subnet. Do you think that switching to Folsom or Grizzly would fix that?

jzwiep gravatar imagejzwiep ( 2013-05-18 12:50:18 -0500 )edit

Did you try to enable ip forwarding on controller node? Try that: echo 1 > /proc/sys/net/ipv4/ip_forward and restart networking

Alen Komljen gravatar imageAlen Komljen ( 2013-05-18 16:13:21 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2013-05-16 19:59:02 -0500

Seen: 1,186 times

Last updated: Jul 24 '13