Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Ocata Packstack-Multi Node Config Can't Access VM Instance

Created a VM instance - This was successful. Assigned a floating IP also. Can see the console of the instantiated VM.

I cannot seem to hit the VM from my laptop, or on the nodes. Not sure what to do next in terms of troubleshooting.

IP Spaces -

10.21.200.x - Control, Network, Compute Node locations

ens192 - network nic that connects to physical connection this is assigned for example 10.21.200.4 for control .5 for network .6 for compute

ens224 - internal network nic

192.168.11.x - Private network subnet - That I created in neutron

The following is the config from packstack answer file:

CONFIG_NEUTRON_L3_EXT_BRIDGE=provider

CONFIG_NEUTRON_ML2_TYPE_DRIVERS=vxlan,flat

CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=vxlan

CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch

CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=extnet:br-ex

CONFIG_NEUTRON_OVS_BRIDGE_IFACES=br-ex:ens192

CONFIG_NEUTRON_OVS_BRIDGES_COMPUTE=

CONFIG_NEUTRON_OVS_EXTERNAL_PHYSNET=extnet

CONFIG_NEUTRON_OVS_TUNNEL_IF=ens224

CONFIG_NEUTRON_OVS_TUNNEL_SUBNETS=

CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789

CONFIG_PROVISION_OVS_BRIDGE=y

Attached is image of network topology: http://imgur.com/a/MXzHg

Ocata Packstack-Multi Node Config Can't Access VM Instance

Created a VM instance - This was successful. Assigned a floating IP also. Can see the console of the instantiated VM.

I cannot seem to hit the VM from my laptop, or on the nodes. Not sure what to do next in terms of troubleshooting.

IP Spaces -

10.21.200.x - Control, Network, Compute Node locations

ens192 - network nic that connects to physical connection this is assigned for example 10.21.200.4 for control .5 for network .6 for compute

ens224 - internal network nic

192.168.11.x - Private network subnet - That I created in neutron

The following is the config from packstack answer file:

CONFIG_NEUTRON_L3_EXT_BRIDGE=provider

CONFIG_NEUTRON_ML2_TYPE_DRIVERS=vxlan,flat

CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=vxlan

CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch

CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=extnet:br-ex

CONFIG_NEUTRON_OVS_BRIDGE_IFACES=br-ex:ens192

CONFIG_NEUTRON_OVS_BRIDGES_COMPUTE=

CONFIG_NEUTRON_OVS_EXTERNAL_PHYSNET=extnet

CONFIG_NEUTRON_OVS_TUNNEL_IF=ens224

CONFIG_NEUTRON_OVS_TUNNEL_SUBNETS=

CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789

CONFIG_PROVISION_OVS_BRIDGE=y

Attached is image of network topology: http://imgur.com/a/MXzHg

ALso when configuring the public and private networks -

neutron net-create public --provider:network_type flat --provider:physical_network extnet --router:external

neutron subnet-create --gateway 10.21.200.1 --allocation-pool start=10.21.200.35,end=10.21.200.50 --disable-dhcp --name public_subnet public 10.21.200.0/24

neutron subnet-create private 192.168.11.0/24 --name private_subnet --enable-dhcp=True --dns-nameserver 8.8.8.8 --dns-nameserver 8.8.4.4

Ocata Packstack-Multi Node Config Can't Access VM Instance

Created a VM instance - This was successful. Assigned a floating IP also. Can see the console of the instantiated VM.

I cannot seem to hit the VM from my laptop, or on nodes other than the nodes. network node. Not sure what to do next in terms of troubleshooting. I can ssh and ping from the network node, but not compute, or control.

IP Spaces -

10.21.200.x - Control, Network, Compute Node locations

ens192 - network nic that connects to physical connection this is assigned for example 10.21.200.4 for control .5 for network .6 for compute

ens224 - internal network nic

192.168.11.x - Private network subnet - That I created in neutron

The following is the config from packstack answer file:

CONFIG_NEUTRON_L3_EXT_BRIDGE=provider

CONFIG_NEUTRON_ML2_TYPE_DRIVERS=vxlan,flat

CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=vxlan

CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch

CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=extnet:br-ex

CONFIG_NEUTRON_OVS_BRIDGE_IFACES=br-ex:ens192

CONFIG_NEUTRON_OVS_BRIDGES_COMPUTE=

CONFIG_NEUTRON_OVS_EXTERNAL_PHYSNET=extnet

CONFIG_NEUTRON_OVS_TUNNEL_IF=ens224

CONFIG_NEUTRON_OVS_TUNNEL_SUBNETS=

CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789

CONFIG_PROVISION_OVS_BRIDGE=y

CONFIG_NEUTRON_L3_EXT_BRIDGE=provider    
CONFIG_NEUTRON_ML2_TYPE_DRIVERS=vxlan,flat    
CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=vxlan    
CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch    
CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=extnet:br-ex    
CONFIG_NEUTRON_OVS_BRIDGE_IFACES=br-ex:ens192    
CONFIG_NEUTRON_OVS_BRIDGES_COMPUTE=    
CONFIG_NEUTRON_OVS_EXTERNAL_PHYSNET=extnet    
CONFIG_NEUTRON_OVS_TUNNEL_IF=ens224    
CONFIG_NEUTRON_OVS_TUNNEL_SUBNETS=    
CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789    
CONFIG_PROVISION_OVS_BRIDGE=y

Attached is image of network topology: http://imgur.com/a/MXzHg

ALso when configuring the public and private networks -

neutron net-create public --provider:network_type flat --provider:physical_network extnet --router:external

--router:external neutron subnet-create --gateway 10.21.200.1 --allocation-pool start=10.21.200.35,end=10.21.200.50 --disable-dhcp --name public_subnet public 10.21.200.0/24

10.21.200.0/24 neutron subnet-create private 192.168.11.0/24 --name private_subnet --enable-dhcp=True --dns-nameserver 8.8.8.8 --dns-nameserver 8.8.4.4

8.8.4.4

Control - route

    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         gateway         0.0.0.0         UG    0      0        0 ens192
10.21.200.0     0.0.0.0         255.255.254.0   U     0      0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1002   0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1003   0        0 ens224
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 ens224

Network -route

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         gateway         0.0.0.0         UG    0      0        0 br-ex
10.21.200.0     0.0.0.0         255.255.254.0   U     0      0        0 br-ex
link-local      0.0.0.0         255.255.0.0     U     1002   0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1003   0        0 ens224
link-local      0.0.0.0         255.255.0.0     U     1007   0        0 br-ex
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 ens224

netns

ip netns
qrouter-1dbfae15-98b7-4c9c-9a7a-b99116d6562e
qdhcp-69a4ea6f-aff7-4f4c-9a7a-bebc1bc3e139

Compute -route

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         gateway         0.0.0.0         UG    0      0        0 ens192
10.21.200.0     0.0.0.0         255.255.254.0   U     0      0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1002   0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1003   0        0 ens224
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 ens224

Ocata Packstack-Multi Node Config Can't Access VM Instance

Created a VM instance - This was successful. Assigned a floating IP also. Can see the console of the instantiated VM.

I cannot seem to hit the VM from my laptop, or on nodes other than the network node. Not sure what to do next in terms of troubleshooting. I can ssh and ping from the network node, but not compute, or control.

IP Spaces -

10.21.200.x - Control, Network, Compute Node locations

ens192 - network nic that connects to physical connection this is assigned for example 10.21.200.4 for control .5 for network .6 for compute

ens224 - internal network nic

192.168.11.x - Private network subnet - That I created in neutron

The following is the config from packstack answer file:

CONFIG_NEUTRON_L3_EXT_BRIDGE=provider    
CONFIG_NEUTRON_ML2_TYPE_DRIVERS=vxlan,flat    
CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=vxlan    
CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch    
CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=extnet:br-ex    
CONFIG_NEUTRON_OVS_BRIDGE_IFACES=br-ex:ens192    
CONFIG_NEUTRON_OVS_BRIDGES_COMPUTE=    
CONFIG_NEUTRON_OVS_EXTERNAL_PHYSNET=extnet    
CONFIG_NEUTRON_OVS_TUNNEL_IF=ens224    
CONFIG_NEUTRON_OVS_TUNNEL_SUBNETS=    
CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789    
CONFIG_PROVISION_OVS_BRIDGE=y

Attached is image of network topology: http://imgur.com/a/MXzHg

ALso when configuring the public and private networks -

neutron net-create public --provider:network_type flat --provider:physical_network extnet --router:external

neutron subnet-create --gateway 10.21.200.1 --allocation-pool start=10.21.200.35,end=10.21.200.50 --disable-dhcp --name public_subnet public 
10.21.200.0/24

neutron  subnet-create private 192.168.11.0/24 --name private_subnet  --enable-dhcp=True --dns-nameserver 8.8.8.8 --dns-nameserver 8.8.4.4

Control - route

    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         gateway         0.0.0.0         UG    0      0        0 ens192
10.21.200.0     0.0.0.0         255.255.254.0   U     0      0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1002   0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1003   0        0 ens224
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 ens224

Network -route-route

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         gateway         0.0.0.0         UG    0      0        0 br-ex
10.21.200.0     0.0.0.0         255.255.254.0   U     0      0        0 br-ex
link-local      0.0.0.0         255.255.0.0     U     1002   0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1003   0        0 ens224
link-local      0.0.0.0         255.255.0.0     U     1007   0        0 br-ex
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 ens224

netns

.48 is the router .45 is the VM

ip netns
qrouter-1dbfae15-98b7-4c9c-9a7a-b99116d6562e
qdhcp-69a4ea6f-aff7-4f4c-9a7a-bebc1bc3e139

ip netns exec qrouter-1dbfae15-98b7-4c9c-9a7a-b99116d6562e ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
11: qg-204e3bf4-8d: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
    link/ether fa:16:3e:84:3e:6e brd ff:ff:ff:ff:ff:ff
    inet 10.21.200.48/24 brd 10.21.200.255 scope global qg-204e3bf4-8d
       valid_lft forever preferred_lft forever
    inet 10.21.200.45/32 brd 10.21.200.45 scope global qg-204e3bf4-8d
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe84:3e6e/64 scope link
       valid_lft forever preferred_lft forever
12: qr-82ebd85f-85: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN qlen 1000
    link/ether fa:16:3e:a7:1d:99 brd ff:ff:ff:ff:ff:ff
    inet 192.168.11.1/24 brd 192.168.11.255 scope global qr-82ebd85f-85
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fea7:1d99/64 scope link
       valid_lft forever preferred_lft forever

Compute -route

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         gateway         0.0.0.0         UG    0      0        0 ens192
10.21.200.0     0.0.0.0         255.255.254.0   U     0      0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1002   0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1003   0        0 ens224
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 ens224

Ocata Packstack-Multi Node Config Can't Access VM Instance

Created a VM instance - This was successful. Assigned a floating IP also. Can see the console of the instantiated VM.

I cannot seem to hit the VM from my laptop, or on nodes other than the network node. Not sure what to do next in terms of troubleshooting. I can ssh and ping from the network node, but not compute, or control.

IP Spaces -

10.21.200.x - Control, Network, Compute Node locations

ens192 - network nic that connects to physical connection this is assigned for example 10.21.200.4 for control .5 for network .6 for compute

ens224 - internal network nic

192.168.11.x - Private network subnet - That I created in neutron

The following is the config from packstack answer file:

CONFIG_NEUTRON_L3_EXT_BRIDGE=provider    
CONFIG_NEUTRON_ML2_TYPE_DRIVERS=vxlan,flat    
CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=vxlan    
CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch    
CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=extnet:br-ex    
CONFIG_NEUTRON_OVS_BRIDGE_IFACES=br-ex:ens192    
CONFIG_NEUTRON_OVS_BRIDGES_COMPUTE=    
CONFIG_NEUTRON_OVS_EXTERNAL_PHYSNET=extnet    
CONFIG_NEUTRON_OVS_TUNNEL_IF=ens224    
CONFIG_NEUTRON_OVS_TUNNEL_SUBNETS=    
CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789    
CONFIG_PROVISION_OVS_BRIDGE=y

Attached is image of network topology: http://imgur.com/a/MXzHg

ALso when configuring the public and private networks -

neutron net-create public --provider:network_type flat --provider:physical_network extnet --router:external

neutron subnet-create --gateway 10.21.200.1 --allocation-pool start=10.21.200.35,end=10.21.200.50 --disable-dhcp --name public_subnet public 
10.21.200.0/24

neutron  subnet-create private 192.168.11.0/24 --name private_subnet  --enable-dhcp=True --dns-nameserver 8.8.8.8 --dns-nameserver 8.8.4.4

Control - route

    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         gateway         0.0.0.0         UG    0      0        0 ens192
10.21.200.0     0.0.0.0         255.255.254.0   U     0      0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1002   0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1003   0        0 ens224
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 ens224

Network -route

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         gateway         0.0.0.0         UG    0      0        0 br-ex
10.21.200.0     0.0.0.0         255.255.254.0   U     0      0        0 br-ex
link-local      0.0.0.0         255.255.0.0     U     1002   0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1003   0        0 ens224
link-local      0.0.0.0         255.255.0.0     U     1007   0        0 br-ex
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 ens224

netns

.48 is the router .45 is the VM

ip netns
qrouter-1dbfae15-98b7-4c9c-9a7a-b99116d6562e
qdhcp-69a4ea6f-aff7-4f4c-9a7a-bebc1bc3e139

ip netns exec qrouter-1dbfae15-98b7-4c9c-9a7a-b99116d6562e ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
11: qg-204e3bf4-8d: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
    link/ether fa:16:3e:84:3e:6e brd ff:ff:ff:ff:ff:ff
    inet 10.21.200.48/24 brd 10.21.200.255 scope global qg-204e3bf4-8d
       valid_lft forever preferred_lft forever
    inet 10.21.200.45/32 brd 10.21.200.45 scope global qg-204e3bf4-8d
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe84:3e6e/64 scope link
       valid_lft forever preferred_lft forever
12: qr-82ebd85f-85: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN qlen 1000
    link/ether fa:16:3e:a7:1d:99 brd ff:ff:ff:ff:ff:ff
    inet 192.168.11.1/24 brd 192.168.11.255 scope global qr-82ebd85f-85
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fea7:1d99/64 scope link
       valid_lft forever preferred_lft forever

Compute -route

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         gateway         0.0.0.0         UG    0      0        0 ens192
10.21.200.0     0.0.0.0         255.255.254.0   U     0      0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1002   0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1003   0        0 ens224
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 ens224

Edit: Updated netmasks - I can ssh into the private IP and floating IP only from the network node using netns. Not sure why I can't hit it from control, compute, or externally... hrm

 ip netns exec qrouter-1dbfae15-98b7-4c9c-9a7a-b99116d6562e ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
14: qr-82ebd85f-85: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN qlen 1000
    link/ether fa:16:3e:a7:1d:99 brd ff:ff:ff:ff:ff:ff
    inet 192.168.11.1/24 brd 192.168.11.255 scope global qr-82ebd85f-85
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fea7:1d99/64 scope link
       valid_lft forever preferred_lft forever
15: qg-204e3bf4-8d: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
    link/ether fa:16:3e:84:3e:6e brd ff:ff:ff:ff:ff:ff
    inet 10.21.200.48/24 brd 10.21.200.255 scope global qg-204e3bf4-8d
       valid_lft forever preferred_lft forever
    inet 10.21.200.45/32 brd 10.21.200.45 scope global qg-204e3bf4-8d
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe84:3e6e/64 scope link
       valid_lft forever preferred_lft forever
[root@network ~]# ip netns exec qrouter-1dbfae15-98b7-4c9c-9a7a-b99116d6562e ssh 10.21.200.45
root@10.21.200.45's password:

[root@network ~]# ip netns exec qrouter-1dbfae15-98b7-4c9c-9a7a-b99116d6562e ssh cirros@10.21.200.45
cirros@10.21.200.45's password:
Permission denied, please try again.
cirros@10.21.200.45's password:
$ ls

Ocata Packstack-Multi Node Config Can't Access VM Instance

Created a VM instance - This was successful. Assigned a floating IP also. Can see the console of the instantiated VM.

I cannot seem to hit the VM from my laptop, or on nodes other than the network node. Not sure what to do next in terms of troubleshooting. I can ssh and ping from the network node, but not compute, or control.

IP Spaces -

10.21.200.x - Control, Network, Compute Node locations

ens192 - network nic that connects to physical connection this is assigned for example 10.21.200.4 for control .5 for network .6 for compute

ens224 - internal network nic

192.168.11.x - Private network subnet - That I created in neutron

The following is the config from packstack answer file:

CONFIG_NEUTRON_L3_EXT_BRIDGE=provider    
CONFIG_NEUTRON_ML2_TYPE_DRIVERS=vxlan,flat    
CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=vxlan    
CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch    
CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=extnet:br-ex    
CONFIG_NEUTRON_OVS_BRIDGE_IFACES=br-ex:ens192    
CONFIG_NEUTRON_OVS_BRIDGES_COMPUTE=    
CONFIG_NEUTRON_OVS_EXTERNAL_PHYSNET=extnet    
CONFIG_NEUTRON_OVS_TUNNEL_IF=ens224    
CONFIG_NEUTRON_OVS_TUNNEL_SUBNETS=    
CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789    
CONFIG_PROVISION_OVS_BRIDGE=y

Attached is image of network topology: http://imgur.com/a/MXzHg

ALso when configuring the public and private networks -

neutron net-create public --provider:network_type flat --provider:physical_network extnet --router:external

neutron subnet-create --gateway 10.21.200.1 --allocation-pool start=10.21.200.35,end=10.21.200.50 --disable-dhcp --name public_subnet public 
10.21.200.0/24

neutron  subnet-create private 192.168.11.0/24 --name private_subnet  --enable-dhcp=True --dns-nameserver 8.8.8.8 --dns-nameserver 8.8.4.4

Control - route

    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         gateway         0.0.0.0         UG    0      0        0 ens192
10.21.200.0     0.0.0.0         255.255.254.0   U     0      0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1002   0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1003   0        0 ens224
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 ens224

Network -route

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         gateway         0.0.0.0         UG    0      0        0 br-ex
10.21.200.0     0.0.0.0         255.255.254.0   U     0      0        0 br-ex
link-local      0.0.0.0         255.255.0.0     U     1002   0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1003   0        0 ens224
link-local      0.0.0.0         255.255.0.0     U     1007   0        0 br-ex
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 ens224

netns

.48 is the router .45 is the VM

ip netns
qrouter-1dbfae15-98b7-4c9c-9a7a-b99116d6562e
qdhcp-69a4ea6f-aff7-4f4c-9a7a-bebc1bc3e139

ip netns exec qrouter-1dbfae15-98b7-4c9c-9a7a-b99116d6562e ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
11: qg-204e3bf4-8d: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
    link/ether fa:16:3e:84:3e:6e brd ff:ff:ff:ff:ff:ff
    inet 10.21.200.48/24 brd 10.21.200.255 scope global qg-204e3bf4-8d
       valid_lft forever preferred_lft forever
    inet 10.21.200.45/32 brd 10.21.200.45 scope global qg-204e3bf4-8d
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe84:3e6e/64 scope link
       valid_lft forever preferred_lft forever
12: qr-82ebd85f-85: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN qlen 1000
    link/ether fa:16:3e:a7:1d:99 brd ff:ff:ff:ff:ff:ff
    inet 192.168.11.1/24 brd 192.168.11.255 scope global qr-82ebd85f-85
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fea7:1d99/64 scope link
       valid_lft forever preferred_lft forever

Compute -route

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         gateway         0.0.0.0         UG    0      0        0 ens192
10.21.200.0     0.0.0.0         255.255.254.0   U     0      0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1002   0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1003   0        0 ens224
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 ens224

Edit: Updated netmasks - I can ssh into the private IP and floating IP only from the network node using netns. Not sure why I can't hit it from control, compute, or externally... hrm

 ip netns exec qrouter-1dbfae15-98b7-4c9c-9a7a-b99116d6562e ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
14: qr-82ebd85f-85: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN qlen 1000
    link/ether fa:16:3e:a7:1d:99 brd ff:ff:ff:ff:ff:ff
    inet 192.168.11.1/24 brd 192.168.11.255 scope global qr-82ebd85f-85
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fea7:1d99/64 scope link
       valid_lft forever preferred_lft forever
15: qg-204e3bf4-8d: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
    link/ether fa:16:3e:84:3e:6e brd ff:ff:ff:ff:ff:ff
    inet 10.21.200.48/24 brd 10.21.200.255 scope global qg-204e3bf4-8d
       valid_lft forever preferred_lft forever
    inet 10.21.200.45/32 brd 10.21.200.45 scope global qg-204e3bf4-8d
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe84:3e6e/64 scope link
       valid_lft forever preferred_lft forever
[root@network ~]# ip netns exec qrouter-1dbfae15-98b7-4c9c-9a7a-b99116d6562e ssh 10.21.200.45
root@10.21.200.45's password:

[root@network ~]# ip netns exec qrouter-1dbfae15-98b7-4c9c-9a7a-b99116d6562e ssh cirros@10.21.200.45
cirros@10.21.200.45's password:
Permission denied, please try again.
cirros@10.21.200.45's password:
$ ls

ip netns exec qdhcp-69a4ea6f-aff7-4f4c-9a7a-bebc1bc3e139 ip addr 1: lo: <loopback,up,lower_up> mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 13: tap1cc3189f-52: <broadcast,multicast,up,lower_up> mtu 1450 qdisc noqueue state UNKNOWN qlen 1000 link/ether fa:16:3e:f0:cc:7c brd ff:ff:ff:ff:ff:ff inet 192.168.11.2/24 brd 192.168.11.255 scope global tap1cc3189f-52 valid_lft forever preferred_lft forever inet6 fe80::f816:3eff:fef0:cc7c/64 scope link valid_lft forever preferred_lft forever

Ocata Packstack-Multi Node Config Can't Access VM Instance

Created a VM instance - This was successful. Assigned a floating IP also. Can see the console of the instantiated VM.

I cannot seem to hit the VM from my laptop, or on nodes other than the network node. Not sure what to do next in terms of troubleshooting. I can ssh and ping from the network node, but not compute, or control.

IP Spaces -

10.21.200.x - Control, Network, Compute Node locations

ens192 - network nic that connects to physical connection this is assigned for example 10.21.200.4 for control .5 for network .6 for compute

ens224 - internal network nic

192.168.11.x - Private network subnet - That I created in neutron

The following is the config from packstack answer file:

CONFIG_NEUTRON_L3_EXT_BRIDGE=provider    
CONFIG_NEUTRON_ML2_TYPE_DRIVERS=vxlan,flat    
CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=vxlan    
CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch    
CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=extnet:br-ex    
CONFIG_NEUTRON_OVS_BRIDGE_IFACES=br-ex:ens192    
CONFIG_NEUTRON_OVS_BRIDGES_COMPUTE=    
CONFIG_NEUTRON_OVS_EXTERNAL_PHYSNET=extnet    
CONFIG_NEUTRON_OVS_TUNNEL_IF=ens224    
CONFIG_NEUTRON_OVS_TUNNEL_SUBNETS=    
CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789    
CONFIG_PROVISION_OVS_BRIDGE=y

Attached is image of network topology: http://imgur.com/a/MXzHg

ALso when configuring the public and private networks -

neutron net-create public --provider:network_type flat --provider:physical_network extnet --router:external

neutron subnet-create --gateway 10.21.200.1 --allocation-pool start=10.21.200.35,end=10.21.200.50 --disable-dhcp --name public_subnet public 
10.21.200.0/24

neutron  subnet-create private 192.168.11.0/24 --name private_subnet  --enable-dhcp=True --dns-nameserver 8.8.8.8 --dns-nameserver 8.8.4.4

Control - route

    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         gateway         0.0.0.0         UG    0      0        0 ens192
10.21.200.0     0.0.0.0         255.255.254.0   U     0      0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1002   0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1003   0        0 ens224
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 ens224

Network -route

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         gateway         0.0.0.0         UG    0      0        0 br-ex
10.21.200.0     0.0.0.0         255.255.254.0   U     0      0        0 br-ex
link-local      0.0.0.0         255.255.0.0     U     1002   0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1003   0        0 ens224
link-local      0.0.0.0         255.255.0.0     U     1007   0        0 br-ex
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 ens224

netns

.48 is the router .45 is the VM

ip netns
qrouter-1dbfae15-98b7-4c9c-9a7a-b99116d6562e
qdhcp-69a4ea6f-aff7-4f4c-9a7a-bebc1bc3e139

ip netns exec qrouter-1dbfae15-98b7-4c9c-9a7a-b99116d6562e ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
11: qg-204e3bf4-8d: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
    link/ether fa:16:3e:84:3e:6e brd ff:ff:ff:ff:ff:ff
    inet 10.21.200.48/24 brd 10.21.200.255 scope global qg-204e3bf4-8d
       valid_lft forever preferred_lft forever
    inet 10.21.200.45/32 brd 10.21.200.45 scope global qg-204e3bf4-8d
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe84:3e6e/64 scope link
       valid_lft forever preferred_lft forever
12: qr-82ebd85f-85: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN qlen 1000
    link/ether fa:16:3e:a7:1d:99 brd ff:ff:ff:ff:ff:ff
    inet 192.168.11.1/24 brd 192.168.11.255 scope global qr-82ebd85f-85
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fea7:1d99/64 scope link
       valid_lft forever preferred_lft forever

Compute -route

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         gateway         0.0.0.0         UG    0      0        0 ens192
10.21.200.0     0.0.0.0         255.255.254.0   U     0      0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1002   0        0 ens192
link-local      0.0.0.0         255.255.0.0     U     1003   0        0 ens224
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 ens224

Edit: Updated netmasks - I can ssh into the private IP and floating IP only from the network node using netns. Not sure why I can't hit it from control, compute, or externally... hrm

 ip netns exec qrouter-1dbfae15-98b7-4c9c-9a7a-b99116d6562e ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
14: qr-82ebd85f-85: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN qlen 1000
    link/ether fa:16:3e:a7:1d:99 brd ff:ff:ff:ff:ff:ff
    inet 192.168.11.1/24 brd 192.168.11.255 scope global qr-82ebd85f-85
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fea7:1d99/64 scope link
       valid_lft forever preferred_lft forever
15: qg-204e3bf4-8d: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
    link/ether fa:16:3e:84:3e:6e brd ff:ff:ff:ff:ff:ff
    inet 10.21.200.48/24 brd 10.21.200.255 scope global qg-204e3bf4-8d
       valid_lft forever preferred_lft forever
    inet 10.21.200.45/32 brd 10.21.200.45 scope global qg-204e3bf4-8d
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe84:3e6e/64 scope link
       valid_lft forever preferred_lft forever
[root@network ~]# ip netns exec qrouter-1dbfae15-98b7-4c9c-9a7a-b99116d6562e ssh 10.21.200.45
root@10.21.200.45's password:

[root@network ~]# ip netns exec qrouter-1dbfae15-98b7-4c9c-9a7a-b99116d6562e ssh cirros@10.21.200.45
cirros@10.21.200.45's password:
Permission denied, please try again.
cirros@10.21.200.45's password:
$ ls

ip netns exec qdhcp-69a4ea6f-aff7-4f4c-9a7a-bebc1bc3e139 ip addr 1: lo: <loopback,up,lower_up> <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 13: tap1cc3189f-52: <broadcast,multicast,up,lower_up> <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN qlen 1000 link/ether fa:16:3e:f0:cc:7c brd ff:ff:ff:ff:ff:ff inet 192.168.11.2/24 brd 192.168.11.255 scope global tap1cc3189f-52 valid_lft forever preferred_lft forever inet6 fe80::f816:3eff:fef0:cc7c/64 scope link valid_lft forever preferred_lft forever

forever ip netns exec qrouter-1dbfae15-98b7-4c9c-9a7a-b99116d6562e ip route show default via 10.21.200.1 dev qg-204e3bf4-8d 10.21.200.0/24 dev qg-204e3bf4-8d proto kernel scope link src 10.21.200.48 192.168.11.0/24 dev qr-82ebd85f-85 proto kernel scope link src 192.168.11.1