Ask Your Question
1

Can't access VMs on public network in devstack with Neutron

asked 2013-09-19 11:46:26 -0600

gvdm gravatar image

updated 2014-01-22 15:12:36 -0600

Evgeny gravatar image

Hi to all,

I built a DevStack machine (on Ubuntu 12.04) with Neutron ( https://wiki.openstack.org/wiki/NeutronDevstack ) support. This added the bridge "br-ex" to my Devstack's machine with the IP 172.24.4.225.

Now I can access Neutron's functionalities into Horizon and I can build Networks, Routers and link a VM to a network. I also see the prebuilt network called "public" into Horizon, which has the network IP range 172.24.4.224/28.

I create a brand new VM using the cirrOS built-in image (ah, what is the cirrosOS package manager? I'd like to install apache on it cannot find both "apt-get" and "yum") and associate to it the network "public". The Neutron module gives it the IP 172.24.4.227.

I also modify (by using the Horizon GUI) the "default" security group so that it allows ICMP and SSH network traffic (and, of course, associate the "default" security group to my cirrOS VM).

The problem is that I cannot even ping my VM from the Devstack node and the VM cannot ping the Devstack machine.

DevStack machine:

$ ping 172.24.4.227

PING 172.24.4.227 (172.24.4.227) 56(84) bytes of data.

From 172.24.4.225 icmp_seq=1 Destination Host Unreachable

What could be the problem? Should the "br-ex" bridge allow the access to the "public" network?

Thanks Giulio

edit retag flag offensive close merge delete

Comments

2

Maybe you are trying to boot the vm directly attached to the external network? If so, you need to boot to an internal network and associate a floating ip instead.

darragh-oreilly gravatar imagedarragh-oreilly ( 2013-09-19 12:10:26 -0600 )edit

So i should build a router, associate it to che "public" network (building a new network for the router's inner one), link the vm to the router and then add a floating ip to the vm? But why cannt I just link the vm to the "public" network?

gvdm gravatar imagegvdm ( 2013-09-19 12:29:04 -0600 )edit
2

yep, something like that. One reason is because VM VIFs won't be created on br-ex because it is not set as the intergration bridge. I don't know why you are even allowed to try.

darragh-oreilly gravatar imagedarragh-oreilly ( 2013-09-19 12:44:37 -0600 )edit

Thank you. This solved my problem :) Only one more thing: could you please explain me why cannot I link the VM to the "public" network? Why do I have to build a network with a router and then give the VM a bridge-network's IP (using floating IPs) when I can associate the VM with a bridge-network's IP just by adding the VM to the "public" network?

gvdm gravatar imagegvdm ( 2013-09-20 03:14:01 -0600 )edit

Booting a VM directly to the "public" network does not work because devstack sets it up as an external network for floating ips. Devstack also creates an internal network "private" and a "router1" all linked together. So you should be able to boot to "private" and associate a floating ip instead.

darragh-oreilly gravatar imagedarragh-oreilly ( 2013-09-23 12:44:16 -0600 )edit

1 answer

Sort by ยป oldest newest most voted
0

answered 2015-03-08 23:28:20 -0600

osdiaj gravatar image

@gvdm,

Have a look at https://ask.openstack.org/en/question... and https://ask.openstack.org/en/question... . If you are using provider vlan for tenant network, then it is possible to make the instance talk to external network directly. I'm not sure about devstack localrc configurations to enable the provider vlan network mode, but probably you can have a look here at http://stackoverflow.com/questions/26... and https://blueprints.launchpad.net/devs... .

Thanks.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2013-09-19 11:46:26 -0600

Seen: 3,793 times

Last updated: Mar 08 '15