Using VlanManager, no network access to instances running on another nova-compute host.
I have a setup with two hosts, one running as management/compute node and the other as a pure compute node. I am able to run instances on both hosts and have network access to any instances that are running on the combined master/compute node. The instances that are running on the pure compute node however are inaccessible from the network. Both hosts have two active nics, eth0 is the public interface on a 10.169.30.128/25 network and eth1 is a 172.16.0.0/16 private network. I have defined an virtual network for the project to run in as follows: nova-manage network create --label=public --fixed_range_v4=192.168.1.0/24 --num_networks=1 --network_size=256 --vlan=1 --bridge=vlan1 --dns1=10.0.4.7
Here is the configuration that nova-manage reports:
--storage_availability_zone=nova --ca_file=cacert.pem --ec2_dmz_host=$my_ip --fixed_range=172.16.0.0/16 --compute_topic=compute --dmz_mask=255.255.255.0 --fixed_range_v6=fd00::/48 --glance_api_servers=10.192.30.137:9292 --rabbit_password=guest --user_cert_subject=/C=US/ST=California/L=MountainView/O=AnsoLabs/OU=NovaDev/CN=%s-%s-%s --s3_dmz=10.192.30.137 --quota_ram=51200 --find_host_timeout=30 --aws_access_key_id=admin --vncserver_host=0.0.0.0 --network_size=1024 --enable_new_services --my_ip=10.192.30.137 --live_migration_retry_count=30 --lockout_attempts=5 --credential_cert_file=cert.pem --quota_max_injected_files=5 --zone_capabilities=hypervisor=xenserver;kvm,os=linux;windows --logdir=/var/log/nova --sqlite_db=nova.sqlite --nouse_forwarded_for --cpuinfo_xml_template=/usr/lib/pymodules/python2.7/nova/virt/cpuinfo.xml.template --num_networks=1 --boot_script_template=/usr/lib/pymodules/python2.7/nova/cloudpipe/bootscript.template --live_migration_flag=VIR_MIGRATE_UNDEFINE_SOURCE, VIR_MIGRATE_PEER2PEER --notification_driver=nova.notifier.no_op_notifier --osapi_max_limit=1000 --rabbit_port=5672 --s3_access_key=notchecked --rabbit_max_retries=12 --noresume_guests_state_on_host_boot --ajax_console_proxy_url=http://127.0.0.1:8000 --injected_network_template=/usr/lib/pymodules/python2.7/nova/virt/interfaces.template --network_host=10.192.30.137 --snapshot_name_template=snapshot-%08x --vncproxy_url=http://10.192.30.137:6080 --s3_secret_key=notchecked --ajax_console_proxy_topic=ajax_proxy --minimum_root_size=10737418240 --quota_cores=20 --nouse_project_ca --rabbit_userid=guest --volume_topic=volume --volume_name_template=volume-%08x --lock_path=/var/lock/nova --live_migration_uri=qemu+tcp://%s/system --flat_network_dns=8.8.4.4 --live_migration_bandwidth=0 --connection_type=libvirt --noupdate_dhcp_on_disassociate --default_project=openstack --s3_port=3333 --logfile_mode=420 --logging_context_format_string=%(asctime)s %(levelname)s %(name)s [%(request_id)s %(user_id)s %(project_id)s] %(message)s --instance_name_template=instance-%08x --ec2_host=$my_ip --credential_key_file=pk.pem --vpn_cert_subject=/C=US/ST=California/L=MountainView/O=AnsoLabs/OU=NovaDev/CN=project-vpn-%s-%s --logging_debug_format_suffix=from (pid=%(process)d) %(funcName)s %(pathname)s:%(lineno)d --stub_network=False --console_manager=nova.console.manager.ConsoleProxyManager --rpc_backend=nova.rpc.amqp --default_log_levels=amqplib=WARN,sqlalchemy=WARN,boto=WARN,eventlet.wsgi.server=WARN --osapi_scheme=http --credential_rc_file=%src --sql_connection=mysql://nova:nova@10.192.30.137/nova --console_topic=console --instances_path=$state_path/instances --flat_injected --use_local_volumes --host=csvirt-1 --fixed_ip_disassociate_timeout=600 --console_host=csvirt-1 --quota_instances=10 --quota_max_injected_file_content_bytes=10240 --libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtBridgeDriver --floating_range=4.4.4.0/24 --nomulti_host --lockout_window=15 --db_backend=sqlalchemy --credentials_template=/usr/lib/pymodules/python2.7/nova/auth/novarc.template --dmz_net=10.0.0.0 --sql_retry_interval=10 --vpn_start=1000 --volume_driver=nova.volume.driver.ISCSIDriver --crl_file=crl.pem --rpc_conn_pool_size=30 --s3_host=10.192.30.137 --qemu_img=qemu-img --max_nbd_devices=16 --vlan_interface ...