Ask Your Question
2

Multi Flat Network Config Cannot Access Public Netowrk

asked 2013-05-07 08:55:59 -0500

ten_ten_steve gravatar image

updated 2013-05-08 09:23:07 -0500

I currently have a single node installation of openstack grizzly running on bare metal with Ubuntu 12.04 LTS. The machine I’m using has three physical ethernet ports: eth0, eth1 and eth2.

I’ve been trying to configure the system in such a way where eth0 is my general control port, and reserve eth1 and eth2 for VM traffic. Just like the multiple flat network use case found here: http://docs.openstack.org/trunk/openstack-network/admin/content/use_cases_multi_flat.html (link)

I understand that this set-up should be a simple extension to the single flat network configuration and I’ve been following the installation and logical network config guide found here: http://docs.openstack.org/trunk/openstack-network/admin/content/app_demo_flat.html (link)

But I’ve not been able to get a connection between the VM and my physical 192.168.1.0/24 network.

I’m using Quantum + OpenVSwitch as my network node components. Running ovs-vsctl shows my OVS Configuration as:

Bridge br-int
    Port br-int
        Interface br-int
            type: internal
    Port "int-br-eth1"
        Interface "int-br-eth1"
Bridge "br-eth1"
    Port "br-eth1"
        Interface "br-eth1"
            type: internal
    Port "phy-br-eth1"
        Interface "phy-br-eth1"
    Port "eth1"
        Interface "eth1"
ovs_version: "1.4.0+build0"

And ifconfig indicates that OVS is creating two interfaces:

int-br-eth1 Link encap:Ethernet  HWaddr 12:b6:b4:6f:4f:4f
            inet6 addr: fe80::10b6:b4ff:fe6f:4f4f/64 Scope:Link
            UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
            RX packets:6 errors:0 dropped:0 overruns:0 frame:0
            TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
            collisions:0 txqueuelen:1000
            RX bytes:468 (468.0 B)  TX bytes:468 (468.0 B)

phy-br-eth1 Link encap:Ethernet  HWaddr 6a:75:85:08:65:da
            inet6 addr: fe80::6875:85ff:fe08:65da/64 Scope:Link
            UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
            RX packets:6 errors:0 dropped:0 overruns:0 frame:0
            TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
            collisions:0 txqueuelen:1000
            RX bytes:468 (468.0 B)  TX bytes:468 (468.0 B)

In ovsquantumplugin.ini I have:

[OVS]
network_vlan_ranges = physnet1
bridge_mappings = physnet1:br-eth0

I am able to create networks and assign subnets using Quantum. I have also allowed SSH and Ping for the default security group. When I assign my network to my instance, the instance does receive an IP, but the instance can't ping the public network and vice-vera.

Any help would be greatly appreciated.

Update

Going through the various quantum logs last night, I see this in the dhcp-agent.log

Stderr: 'sudo: no tty present and no askpass program specified\nSorry, try again.\nsudo: no tty present and no askpass program specified\nSorry, try again.\nsudo: no tty present and no askpass program specified\nSorry, try again.\nsudo: 3 incorrect password attempts\n'

edit retag flag offensive close merge delete

2 answers

Sort by » oldest newest most voted
1

answered 2013-05-12 15:24:28 -0500

JakeWarner gravatar image

updated 2013-05-12 15:24:51 -0500

Regarding your error in the 'Update', try to modify /etc/quantum/quantum.conf and set:

root_helper = sudo quantum-rootwrap /etc/quantum/rootwrap.conf

instead of:

# root_helper = sudo

If that doesn't work (after a restart of the dhcp-agent), please respond with the results of (this will not contain any passwords/sensitive information):

cat /etc/passwd|grep quantum
edit flag offensive delete link more

Comments

Following your advice I changed the quantum.conf root_helper parameter, and restarted the dhcp agent but the error message comes back. Passing the command "cat /etc/passwd|grep quantum" give the response "quantum:x:112:119::/var/lib/quantum:/bin/false"

ten_ten_steve gravatar imageten_ten_steve ( 2013-05-13 09:36:09 -0500 )edit

If you run the following and restart DHCP, is the issue solved?

sed -i 's/quantum ALL = (root) NOPASSWD: SETENV: \/usr\/bin\/quantum-rootwrap/#quantum ALL = (root) NOPASSWD: SETENV: \/usr\/bin\/quantum-rootwrap/g' /etc/sudoers.d/quantum

JakeWarner gravatar imageJakeWarner ( 2013-05-13 14:13:22 -0500 )edit

my original quantum_sudoers does not have "SETENV:" in that line. After I change according to the comment, the controller node and compute node cannot communicate (cannot sudo ip exec $net ssh user@10.0.0.3)

Vic gravatar imageVic ( 2013-06-13 07:41:18 -0500 )edit
1

answered 2013-05-18 05:06:53 -0500

darragh-oreilly gravatar image

You have configured a bridge named br-eth1, but the bridge mapping in ovsquantumplugin.ini is to br-eth0.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

Stats

Asked: 2013-05-07 08:55:59 -0500

Seen: 731 times

Last updated: May 18 '13