Ask Your Question
0

Openstack instances can't ping the outside world

asked 2015-09-24 13:11:09 -0500

Gentux gravatar image

updated 2015-09-29 11:01:14 -0500

Hello,

We're trying to setup a single node installation of Openstack, and soon a multi-node one. We're using puppetto achieve that, following this great article : http://www.cloudbase.it/deploy-openstack-kilo-with-puppet/ (http://www.cloudbase.it/deploy-openst...)

After installation, we can't directly create floating ip and use them, we need to add these two security-group rules :

nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
nova secgroup-add-rule default tcp 22 22 0.0.0.0/0

And then we can ping our instances from the host, and instances can ping the host.

The problem is: instances can't ping the outside world (ex: 8.8.8.8 or http://google.com).

I believe the answer can solve another issue I didn't fully understand, we got an IP Block (/27) When I run this command:

ifconfig eth1 <my_public_ip>

Then I can ping my_public_ip from anywhere, but when neutron try to use those public IPs it doesn't work and I can't access my instances.

Can anyone give us some leads to find out what's wrong ?

EDIT: As suggested in comments, I switched to RDO deployment.

Now, instances can ping the outside world, and name resolution works. So the "title question" is solved. Should I create another question on http://ask.openstack.org to continue troubleshoot my installation ?

Public IP block given by ISP isn't working, I installed packstack this way

packstack --allinone --provision-demo-floatrange=1.2.3.4/27

VM are accessible, but public IPs can't be accessed from outside.

edit retag flag offensive close merge delete

Comments

Check your resolv.conf file maybe you need to add the nameserver

soumitrakarmakar gravatar imagesoumitrakarmakar ( 2015-09-25 00:23:17 -0500 )edit

My /etc/resolv.conf:

nameserver <local_name_server>
nameserver <local_name_server2>
nameserver 8.8.8.8
search <private-domain>.com

The host can pin 8.8.8.8 and resolve hostname like http://google.com

Gentux gravatar imageGentux ( 2015-09-25 02:30:20 -0500 )edit

Your choice of puppet technology for Openstack deployment looks a bit strange, unless it's your own project.

dbaxps gravatar imagedbaxps ( 2015-09-25 02:45:18 -0500 )edit

There's some puppet project maintained by openstack community, it seems like a logical choice to me.

What would you suggest ?

Gentux gravatar imageGentux ( 2015-09-25 02:48:37 -0500 )edit

RH RDO deployment via packstack.

dbaxps gravatar imagedbaxps ( 2015-09-25 03:01:26 -0500 )edit

2 answers

Sort by ยป oldest newest most voted
1

answered 2015-09-29 11:44:22 -0500

Gentux gravatar image

Hi,

I just found the solution I was looking for.

Thanks to dbaxps in the comment I switched to RH RDO deployment via packstack. So, thank you dbaxps.

And the issue regarding those public ips was a settings in /etc/sysctl.conf

sysctl -w net.ipv4.conf.eth0.proxy_arp=1

I hope this solution will be helpful for some people in the future :) And thanks to these people who spent time helping me in comments !

edit flag offensive delete link more
0

answered 2015-09-29 14:53:41 -0500

dbaxps gravatar image

updated 2015-09-29 15:21:43 -0500

I strongly believe that RH's RDO-Manager and more restrictive RDO utility packstack
are supposed to win on the market. Yes , packstack cannot install 3 Node HA Controller,
but RDO-Manager already can. Puppet technology has certain advantages even on packstack level
allowing self learning persons to move on very fast and understand Openstack via already been built
properly configured Multi node RDO systems even deployed via packstack and tuned manually afterwards

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-09-24 13:11:09 -0500

Seen: 2,704 times

Last updated: Sep 29 '15