Horizon Public IP Not accessible fresh Mirantis Install

asked 2015-12-11 00:33:09 -0500

dcapone gravatar image

I recently deployed a small test environment using Mirantis Fuel 7.0.

1 Controller/MangoDB, 1 Compute, and 2 storage nodes.

I am using a single GigE connection to each server as this is merely for testing purposes.

Fuel deployed the environment fine, verify networks passed with flying colors, and a health check on the environment passes with flying colors. However, I am unable to reach the Horizon dashboard IP. From any of the Openstack nodes I am able to ping both the public and private IPs that are assigned to Horizon and I can use elinks to access a text version o fthe Horizon dashboard from these systems as well. However, from outside of the Openstack infrastructure, I am unable to see/reach the Horizon public IP address in any way.

I can see several other public IPs that were assigned to the nodes in the deployment in the ARP cache of our external router and can ping those IPs without issue. The Horizon IP is the only one with an issue. I have a feeling that this is an IPTables issue/Neutron issue and that the provate network IP assigned to Horizon is not being NAT'd properly within Neutron/iptables and therefore x.x.x.3 from the outside never becomes reachable. I have ggogled extensively this issue and have tried numerous suggestions such as disabling selinux, updating sysctl to disable rp_filtering, rebooting the system after each of these changes. I have also tried to restart apache2 / haproxy all without any luck. I also removed the Server Alias references from the apache2 conf files as was suggested in a different port. However, despite all of that, it is still not working.

Further, since I am unable to see the IP at all (or ping it), I think that the issue is a Neutron / iptables issue. x.x.x.4 is another IP address that is directly assigned to the br-ex interface and I can ping that IP without issue so the external network connectivity seems just fine.

Does anyone have any suggestions for this? Anyone come across this before?

edit retag flag offensive close merge delete


Any insight?

dcapone gravatar imagedcapone ( 2015-12-11 22:20:37 -0500 )edit

4 answers

Sort by ยป oldest newest most voted

answered 2016-01-27 04:31:24 -0500

kelepirci gravatar image

If you have enabled "HTTPS for Horizon" you must enter "DNS hostname for public TLS endpoints".

If you have not entered DNS hostname for public TLS endpoints you probably will have problem reaching Horizon dashboard. (This happened to me before.)

edit flag offensive delete link more

answered 2015-12-12 21:59:31 -0500

Bipin gravatar image


Normally MOS will give you a neat and clean install if you configured the network properly. No need to change, IPTABLES or anything. Before proceeding, are you able to do a ping to the GW of your PublicIP ?

ping -c 3 <GW >

route -n


edit flag offensive delete link more


I can ping the gateway AND the "Horizon" IP from any machine in the MOS deployment. I can also access the Horizon dashboard from any other server in the MOS deployment from elinks.

Further, I can ping ANY other public IP in the MOS environment, including the other public IP assigned to Horizon Srv

dcapone gravatar imagedcapone ( 2015-12-13 18:42:08 -0500 )edit

anything related to your perimeter firewall ?

Bipin gravatar imageBipin ( 2015-12-13 22:16:26 -0500 )edit

answered 2016-03-21 15:06:24 -0500

eangel gravatar image

Did you ever figure out what was wrong? I'm having a similar problem with a fresh Mirantis 8 install.

edit flag offensive delete link more

answered 2017-04-13 07:36:24 -0500

check the apache service config and port listener it should be inline with the ip address of controller

2 files to be check, ports.conf and horizon_vhost.conf

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools



Asked: 2015-12-11 00:33:09 -0500

Seen: 1,857 times

Last updated: Apr 13 '17