Allow VM server to receive petitions on devstack singlemachine

asked 2015-03-20 14:09:44 -0500

goofyahead gravatar image

I got devstack installed and running on an intel NUC with only one NIC.

I added to the iptables

echo 1 > /proc/sys/net/ipv4/ip_forward
echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp
iptables -t nat -A POSTROUTING -o em1 -j MASQUERADE

And I can acces and have internet connection on the VM's. Ips are assigned using floating ips, and I can ssh them from any computer in the network.

The problem now is even I have a service running listening in the port 1026 in one VM is not accesible through the network cause the instance is listening on the local ip 10.11.12.2 and the request to 192.168.1.231 (its floating ip) does not get forwarded.

I've been looking on how to do this but it seems to me that this rule on iptables should do it.

Chain nova-network-PREROUTING (1 references)
target     prot opt source               destination         
DNAT       tcp  --  0.0.0.0/0            169.254.169.254      tcp     dpt:80 to:192.168.1.201:8775
DNAT       all  --  0.0.0.0/0            192.168.1.231        to:10.11.12.2

but the request are not getting through, any help on how can I check and allow all request over a floating ip to its internal one? Shouldn't this be done by nova network automatically when creating an instance? Would be easier with 2 NICS?

Thanks!

edit retag flag offensive close merge delete