Ask Your Question
0

Cannot connect to the instance console for a VM

asked 2014-11-26 12:29:53 -0600

admiles gravatar image

updated 2014-11-26 13:11:10 -0600

We can launch our VM's and they show up as instances and according to the dashboard are assigned IP's yet the instance console cannot connect: "The connection to the server was reset while the page was loading."

Tried connecting to qdhcp and pinging the VM from the stack network host:

ip netns exec qdhcp-0bfe4cfd ping  -c 3 192.168.99.18

and the IP is up so the VM is getting the IP and responding to pings but we cannot connect on the dashboard instance console.

We are using:

  • OpenStack Icehouse configuration
  • cirros-0.3.2-x86_64 test VM image
  • Ubuntu
  • GRE networking.

Controller nova.conf file:

[DEFAULT]

verbose = True

# SCS OpenStack Settings
rpc_backend = rabbit
rabbit_userid = stackrabbit
rabbit_host = stackcontrol
rabbit_password = xxxxxxxxxxxxxxxxxxxxxxxxxxxx

service_neutron_metadata_proxy = true
neutron_metadata_proxy_shared_secret = xxxxxxxxxxxxxxxxxxxxxx

my_ip = 10.0.0.11
vncserver_listen = 10.0.0.11
vncserver_proxyclient_address = 10.0.0.11
auth_strategy = keystone

# Original file settings:
dhcpbridge_flagfile=/etc/nova/nova.conf
dhcpbridge=/usr/bin/nova-dhcpbridge
logdir=/var/log/nova
state_path=/var/lib/nova
lock_path=/var/lock/nova
force_dhcp_release=True
iscsi_helper=tgtadm
libvirt_use_virtio_for_bridges=True
connection_type=libvirt
root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf
verbose=True
ec2_private_dns_show_ip=True
api_paste_config=/etc/nova/api-paste.ini
volumes_path=/var/lib/nova/volumes
enabled_apis=ec2,osapi_compute,metadata

# SCS Openstack settings for Neutron Networking
network_api_class = nova.network.neutronv2.api.API
neutron_url = http://stackcontrol:9696
neutron_auth_strategy = keystone
neutron_admin_tenant_name = service
neutron_admin_username = neutron
neutron_admin_password = xxxxxxxxxxxxxxxxxxxxxxx
neutron_admin_auth_url = http://stackcontrol:35357/v2.0
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver
security_group_api = neutron

# SCS OpenStack
[database]
connection = mysql://nova:xxxxxxxxxxxxxxxxxx@stackcontrol/nova

# SCS OpenStack
[keystone_authtoken]
auth_uri = http://stackcontrol:5000
auth_host = stackcontrol
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = nova
admin_password = xxxxxxxxxxxxxxxxxxxx

Compute node nova.conf file:

[DEFAULT]
# Original settings

dhcpbridge_flagfile=/etc/nova/nova.conf
dhcpbridge=/usr/bin/nova-dhcpbridge
logdir=/var/log/nova
state_path=/var/lib/nova
lock_path=/var/lock/nova
force_dhcp_release=True
iscsi_helper=tgtadm
libvirt_use_virtio_for_bridges=True
connection_type=libvirt
root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf
ec2_private_dns_show_ip=True
api_paste_config=/etc/nova/api-paste.ini
volumes_path=/var/lib/nova/volumes
enabled_apis=ec2,osapi_compute,metadata

# SCS OpenStack Settings
verbose = True
auth_strategy = keystone

rpc_backend = rabbit
rabbit_userid = stackrabbit
rabbit_host = stackcontrol
rabbit_password = xxxxxxxxxxxxxxxxxxxxxxxxxxxxx

my_ip = 10.0.0.31
vnc_enabled = True
vncserver_listen = 0.0.0.0
vncserver_proxyclient_address = 10.0.0.31
novncproxy_base_url = https://horizon.scs.carleton.ca:6080/vnc_auto.html
xvpvncproxy_base_url =  https://horizon.scs.carleton.ca:6081/console
ssl_only = True
cert = /etc/nova/ssl/scs2014.crt
key = /etc/nova/ssl/scs2014.key

glance_host = stackcontrol

# SCS OpenStack - added to support neutron networking
network_api_class = nova.network.neutronv2.api.API
neutron_url = http://stackcontrol:9696
neutron_auth_strategy = keystone
neutron_admin_tenant_name = service
neutron_admin_username = neutron
neutron_admin_password = xxxxxxxxxxxxxxxxxxxxxxx
neutron_admin_auth_url = http://stackcontrol:35357/v2.0
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver
security_group_api = neutron


[database]
# The SQLAlchemy connection string used to connect to the database
connection = mysql://nova:xxxxxxxxxxxxxxxxxxxxxxxxxxx@stackcontrol/nova

[keystone_authtoken]
auth_uri=http://stackcontrol:5000
auth_host = stackcontrol
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = nova
admin_password = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted
1

answered 2014-11-26 22:44:33 -0600

rajiv-kumar gravatar image

updated 2014-11-26 22:45:56 -0600

In your compute nodes nova.conf, you have these entries.

                     novncproxy_base_url = https://horizon.scs.carleton.ca:6080/vnc_auto.html
                     xvpvncproxy_base_url =  https://horizon.scs.carleton.ca:6081/console

I think these two statements are culprit. novncproxy_base_url must be the url accessible to you from your browser. Internally you browser user this url for displaying console. It will work only if it "https://horizon.scs.carleton.ca" resolve by the dns to the corect ip address or its corresponding entry is present in the /etc/hosts. For info you can refer openstack installation guide. For a quick understanding you can refer to

            http://docs.openstack.org/havana/config-reference/content/faq-about-vnc.html
edit flag offensive delete link more

Comments

I played with those two statements, if I change it to the external IP I can see that my browser is passed the IP; unfortunately it didn't fix the problem. The DNS name is resolving properly. It was worth a try, thanks.

admiles gravatar imageadmiles ( 2014-11-27 09:36:56 -0600 )edit
1

answered 2014-11-26 19:59:08 -0600

GLaupre gravatar image

updated 2014-11-26 19:59:43 -0600

Hello,

Is it that important that you use the console on the dashboard? Can you ssh the machine and get a console direct via a terminal instead? Try to access it from your controller node and attach a floating ip if you want to reach it from your public network.

I had the same issue actually, I don't use the dashboard console.

edit flag offensive delete link more

Comments

That's a great idea. As a matter of fact my collegue got this working yesterday. Thanks for the tip. We still like to have the console working so that we can isolate the network if appropriate.

admiles gravatar imageadmiles ( 2014-11-27 07:41:17 -0600 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2014-11-26 12:29:53 -0600

Seen: 4,740 times

Last updated: Nov 26 '14