Ask Your Question
0

external access for compute nodes [closed]

asked 2014-09-26 13:16:02 -0500

bgyako gravatar image

updated 2014-09-26 13:17:58 -0500

Hi All, Using Ice house on ubuntu 14.04. ML2 network set up.

Having small issue with providing internet access to compute nodes. I have 3 networks listed below, and everything with VM's is working. I am able to get to VM using public floating IP and I am able to get from vm to internet. My issue is routing physical compute node to internet through network node for updates.

Controller: 1. management network only.

Network controller: 1. management network 2. VMnet network 3. Public network.

Compute node: 1. management network 2. VMnet network.

edit retag flag offensive reopen merge delete

Closed for the following reason question is off-topic or not relevant by larsks
close date 2014-09-29 14:09:45.264593

Comments

If you are trying to route the physical compute node through another system for updates...this doesn't really seem like an OpenStack question.

larsks gravatar imagelarsks ( 2014-09-26 21:28:48 -0500 )edit

yes. agree with larsks. the best is you should have connection directly to the internet for compute node also.

senyapsudah gravatar imagesenyapsudah ( 2014-09-27 07:32:33 -0500 )edit

I do not think that is accurate, in the basic network set up section it tells you to test connectivity from node to internet. In addition, I was able to do this in grizzly by adding NAT rule on network controller.

bgyako gravatar imagebgyako ( 2014-09-27 16:38:16 -0500 )edit

Tragically, it is accurate. OpenStack takes care of routing traffic from your virtual instances, but how your physical hosts arrange for outbound connectivity is entirely up to you.

larsks gravatar imagelarsks ( 2014-09-27 18:38:54 -0500 )edit

Can't I route physical nodes through neutron? What about this link: https://ask.openstack.org/en/question...

bgyako gravatar imagebgyako ( 2014-09-27 19:17:29 -0500 )edit

1 answer

Sort by ยป oldest newest most voted
1

answered 2014-09-29 11:32:25 -0500

bgyako gravatar image

Was able to resolve by adding below rule on network node and setting gateway as network node on compute node.

sudo iptables -A FORWARD -i (PUBLIC INTERFACE) -o br-ex -s (MANAGE SUBNET 10.1.1.0/24) -m conntrack --ctstate NEW -j ACCEPT sudo iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT sudo iptables -A POSTROUTING -s (MANAGE SUBNET 10.1.1.0/24)-t nat -j MASQUERADE

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2014-09-26 13:16:02 -0500

Seen: 513 times

Last updated: Sep 29 '14