Ask Your Question
2

Put multiple network interfaces on same network for multiple IP addresses for an instance?

asked 2014-04-03 23:13:23 -0600

dpurcell gravatar image

I want to host two or three websites inside the same instance. The problem is, each of these sites will require SSL. I'll need to assign a unique IP address for each site and configure the web server accordingly.

I'm having trouble figuring out how to set up the networking for the instance so that I can either use aliasing (e.g. eth0:1, eth0:2, etc.) or multiple network interfaces (eth0, eth1, eth2, etc.)? I would prefer to keep the configuration simple and would like the multiple interfaces on the same network and not have to create a separate network + router for each interface.

I'm using OpenStack Havana + Neutron with OpenVSwitch.

edit retag flag offensive close merge delete
add a comment

2 answers

Sort by ยป oldest newest most voted
6

answered 2014-04-04 10:44:24 -0600

larsks gravatar image

For the purposes of this example, the following networks are defined:

$ neutron net-list
+--------------------------------------+--------+-------------------------------------------------------+
| id                                   | name   | subnets                                               |
+--------------------------------------+--------+-------------------------------------------------------+
| 3ff9b903-e921-4752-a26f-cba8f1433992 | net0   | cae5afad-217c-4e8b-8413-cdbce5214a5d 10.0.0.0/24      |
| 93c8ddfc-7baa-4667-a01c-dfbdf5d47f15 | public | ffcca46d-b3df-42db-a967-1068d8b158f5 192.168.200.0/24 |
+--------------------------------------+--------+-------------------------------------------------------+

Start by create an instance normally and assigning a floating ip address:

$ nova boot --image centos-6-x86_64 --flavor m1.small \
  --nic net-id=3ff9b903-e921-4752-a26f-cba8f1433992 \
  --key-name lars webserver

$ neutron floatingip-create public
Created a new floatingip:
+---------------------+--------------------------------------+
| Field               | Value                                |
+---------------------+--------------------------------------+
| fixed_ip_address    |                                      |
| floating_ip_address | 192.168.200.6                        |
| floating_network_id | 93c8ddfc-7baa-4667-a01c-dfbdf5d47f15 |
| id                  | 7b83c022-bd92-4176-9ac7-38624b91dc3b |
| port_id             |                                      |
| router_id           |                                      |
| tenant_id           | 28a490a259974817b88ce490a74df8d2     |
+---------------------+--------------------------------------+

$ nova add-floating-ip webserver 192.168.200.6

Now create another floating ip address:

$ neutron floatingip-create public
+---------------------+--------------------------------------+
| Field               | Value                                |
+---------------------+--------------------------------------+
| fixed_ip_address    |                                      |
| floating_ip_address | 192.168.200.7                        |
| floating_network_id | 93c8ddfc-7baa-4667-a01c-dfbdf5d47f15 |
| id                  | c8846e61-6046-4c06-a9a3-d8122c388c63 |
| port_id             |                                      |
| router_id           |                                      |
| tenant_id           | 28a490a259974817b88ce490a74df8d2     |
+---------------------+--------------------------------------+

We can't just add this using add-floating-ip:

$ nova add-floating-ip webserver 192.168.200.7
ERROR: Error. Unable to associate floating ip (HTTP 400) (Request-ID: req-a8ea0fbb-fec8-4427-ac8b-628ca2d8b107)

You can't have two floating ip addresses associated with the same fixed ip address. Floating ip addresses are implemented as NAT rules on the neutron router, and it doesn't make sense to have multiple NAT rules with the same fixed ip address but different floating addresses.

So we need to add another fixed ip to our instance:

$ nova add-fixed-ip webserver 3ff9b903-e921-4752-a26f-cba8f1433992
$ nova show | grep net0
| net0 network | 10.0.0.4, 10.0.0.5, 192.168.200.6 |

Unfortunately, our instance isn't going to know about this new address; DHCP will only pick up a single address -- and with two fixed addresses, you don't know which address you're going to get by default. Because that will cause all kinds of grief, you're going to have to configure networking statically on your host.

How you do that depends on your distribution, so for now we're just going to add the new address manually:

# ip address add 10.0.0.5/24 dev eth0
# ip address show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether fa:16:3e:1c:4e:d0 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.5/24 brd 10.0.0.255 scope global eth0
    inet 10.0.0.4/24 scope global secondary eth0
    inet6 fe80::f816:3eff:fe1c:4ed0/64 scope link 
       valid_lft forever preferred_lft forever

Now we can associate the second floating ip with the new fixed address:

$ nova add-floating-ip --fixed-address 10.0.0.5 webserver 192.168.200.7

I have configured simple ip-based virtual hosts on each of 10.0.0.4 and 10.0.0.5. With this configuration, I can now run:

$ curl http://192.168.200.7/

And get:

This is virtual host 10.0.0.5.

And similarly:

$ curl http://192.168.200.6/
This is virtual host 10.0.0.4.
edit flag offensive delete link more

Comments

Note that if you follow these instructions and then attempt to delete your instance you will run into https://bugs.launchpad.net/neutron/+b...

larsks gravatar imagelarsks ( 2014-04-04 11:35:00 -0600 )edit

Thank you. That worked perfectly! I was trying multinic setup which was turning into a lot of trouble. This is much simpler and exactly what I needed.

dpurcell gravatar imagedpurcell ( 2014-04-04 11:51:52 -0600 )edit

You sir, are a gentleman and a scholar.

certifiedloud gravatar imagecertifiedloud ( 2014-04-04 12:04:39 -0600 )edit

I've just submitted a patch for the broken delete functionality: https://review.openstack.org/85432

larsks gravatar imagelarsks ( 2014-04-04 13:06:27 -0600 )edit

...and hey, it's been merged

larsks gravatar imagelarsks ( 2014-04-21 22:25:11 -0600 )edit
see more comments
0

answered 2014-04-05 02:05:00 -0600

santosh.rath gravatar image

updated 2014-04-05 02:09:44 -0600

Hi santosh,

If you create VM with Two Nics without choosing any ip

syntax:nova boot --image img --flavor flavor --nic net-id=net1-id --nic net-id=net2-id vm-name

#nova boot --image=30a1bf24-38e7-4f6a-bb45-0fc4dea0db1a --flavor=m1.tiny --nic net-id=net1-id --nic net-id=net2-id vm20

Note: --image (put the image id) --flavor-(flavor name) -nic net-id=(put different network id example 11.0.0.0/24) -nic net-id=(put different network id example 13.0.0.0/24) instance name I faced same issue it is not possible (on same subnet muliple nics create on vm) only you can create muliple vmnics using different subnets

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2014-04-03 23:13:23 -0600

Seen: 8,077 times

Last updated: Apr 05 '14

Related questions

How to configure two public network

vnc console timeout after switching to ssl

[Horizon] unable to view vnc console in <iframe> with SSL

How to fix Ceilometer SSLError: [Errno 1] _ssl.c:492: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

Issues with SSL enabled keystone endpoint - KILO

Nova with ApacheSSL does not work HTTP 500

How to bring up multiple interfaces up with cloud-init

Horizone and VNC with corporate SSL certificate (Packstack)

Are there any plans to make Swift with SSL production ready?

configuring Keystone for both http & https