Revision history [back]

click to hide/show revision 1
initial version

Using AWS Elastic IPs with Openstack

I'm trying to setup AWS Elastic IPs with Openstack, I had managed to get this to work but was forced to reboot and my changes didn't hold, I can't be that far off. The first time it worked I used this and this to solve my problems/guide me but they are no longer helping.

What issue am I facing? When I associate an elastic ip with a private ip on amazon, it doesn't "bridge" that gap. From the controller I can ping floating ip addresses I assign to the private network (using my Openstack controller), but I can't ping Amazon elastic IPs pointing to Amazon/Openstack floating IPs.

My network is setup like this, my second NIC has an ip of 10.0.136.112 so I assigned secondary private IPs (10.0.136.113 through .118 for exapmple) through amazon to its private IP address. In Openstack I took that pool I created and used it for my floating IPs.

To illustrate, 54.85.85.85 (Amazon Elastic IP) points to 10.0.136.116 ( Amazon private IP / Openstack floating IP) points to 192.168.0.5 (IP assigned on Openstack private ip).

So pinging 10.0.136.116 from the controller works, and all my instances do have internet connectivity. What doesn't work is attempting to ping 54.85.85.85 from another compute. Not sure what I'm doing wrong at this point, I've been staring at this for too long so any advice is appreciated.

Thanks for reading!

Network Map

ip a output

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc pfifo_fast state UP qlen 1000
    link/ether 0a:9c:15:f8:b3:59 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.167/16 brd 10.0.255.255 scope global eth0
    inet6 fe80::89c:15ff:fef8:b359/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 0a:9a:e0:f8:3c:6b brd ff:ff:ff:ff:ff:ff
    inet 10.0.136.112/32 scope global eth1
    inet6 fe80::89a:e0ff:fef8:3c6b/64 scope link 
       valid_lft forever preferred_lft forever
4: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN 
    link/ether 36:a1:c0:ae:4e:b6 brd ff:ff:ff:ff:ff:ff
5: br-ex: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN 
    link/ether 42:16:bb:3a:7f:4d brd ff:ff:ff:ff:ff:ff
    inet 10.0.136.1/24 scope global br-ex
    inet6 fe80::58ee:78ff:fe72:c3d7/64 scope link 
       valid_lft forever preferred_lft forever
7: br-int: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN 
    link/ether 7e:32:df:fe:e2:4a brd ff:ff:ff:ff:ff:ff
    inet6 fe80::8c31:17ff:fe14:fe3d/64 scope link 
       valid_lft forever preferred_lft forever
13: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN 
    link/ether f6:20:7b:d3:78:06 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
15: phy-br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether ee:93:60:b0:ca:3b brd ff:ff:ff:ff:ff:ff
    inet6 fe80::ec93:60ff:feb0:ca3b/64 scope link 
       valid_lft forever preferred_lft forever
16: int-br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 82:e4:77:56:67:61 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::80e4:77ff:fe56:6761/64 scope link 
       valid_lft forever preferred_lft forever
19: br-tun: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN 
    link/ether 06:6f:cc:ee:5c:4c brd ff:ff:ff:ff:ff:ff
    inet6 fe80::6c98:20ff:fef7:57e8/64 scope link 
       valid_lft forever preferred_lft forever
24: tapba008aa3-1e: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 500
    link/ether fe:16:3e:87:87:0d brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fc16:3eff:fe87:870d/64 scope link 
       valid_lft forever preferred_lft forever
25: tapddd1ad23-3b: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 500
    link/ether fe:16:3e:8b:84:be brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fc16:3eff:fe8b:84be/64 scope link 
       valid_lft forever preferred_lft forever
26: tapbcb7fc69-3e: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 500
    link/ether fe:16:3e:b7:aa:0a brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fc16:3eff:feb7:aa0a/64 scope link 
       valid_lft forever preferred_lft forever
27: tap5846f754-ba: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 500
    link/ether fe:16:3e:60:bf:07 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fc16:3eff:fe60:bf07/64 scope link 
       valid_lft forever preferred_lft forever

ovs-vsctl show

root@controller8:~# sudo ovs-vsctl show
d578b8e4-98b5-4cab-85c1-cc8315306527
    Bridge br-ex
        Port br-ex
            Interface br-ex
                type: internal
        Port "virbr0"
            Interface "virbr0"
        Port phy-br-ex
            Interface phy-br-ex
        Port "qg-8b717322-6a"
            Interface "qg-8b717322-6a"
                type: internal
    Bridge br-tun
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
    Bridge br-int
        Port "tapddd1ad23-3b"
            tag: 1
            Interface "tapddd1ad23-3b"
        Port int-br-ex
            Interface int-br-ex
        Port "tapba008aa3-1e"
            Interface "tapba008aa3-1e"
        Port "qr-618529af-60"
            tag: 1
            Interface "qr-618529af-60"
                type: internal
        Port br-int
            Interface br-int
                type: internal
        Port "tap352d75f8-45"
            tag: 3
            Interface "tap352d75f8-45"
                type: internal
        Port "tap5846f754-ba"
            tag: 1
            Interface "tap5846f754-ba"
        Port "tapbcb7fc69-3e"
            tag: 1
            Interface "tapbcb7fc69-3e"
        Port "tapfbac6e3c-b1"
            tag: 1
            Interface "tapfbac6e3c-b1"
                type: internal
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
    ovs_version: "1.10.2"

Using AWS Elastic IPs with Openstack

I'm trying to setup AWS Elastic IPs with Openstack, I had managed to get this to work but was forced to reboot and my changes didn't hold, I can't be that far off. The first time it worked I used this and this to solve my problems/guide me but they are no longer helping.

What issue am I facing? When I associate an elastic ip with a private ip on amazon, it doesn't "bridge" that gap. From the controller I can ping floating ip addresses I assign to the private network (using my Openstack controller), but I can't ping Amazon elastic IPs pointing to Amazon/Openstack floating IPs.

My network is setup like this, my second NIC has an ip of 10.0.136.112 so I assigned secondary private IPs (10.0.136.113 through .118 for exapmple) through amazon to its private IP address. In Openstack I took that pool I created and used it for my floating IPs.

To illustrate, 54.85.85.85 (Amazon Elastic IP) points to 10.0.136.116 ( Amazon private IP / Openstack floating IP) points to 192.168.0.5 (IP assigned on Openstack private ip).

So pinging 10.0.136.116 from the controller works, and all my instances do have internet connectivity. What doesn't work is attempting to ping 54.85.85.85 from another compute. Not sure what I'm doing wrong at this point, I've been staring at this for too long so any advice is appreciated.

Thanks for reading!

edit: I've started over from scratch but selected a range of ips that doesn't share a range with either eth0 or eth1 and I'm getting the same result.

Network Map

ip a output

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc pfifo_fast state UP qlen 1000
    link/ether 0a:9c:15:f8:b3:59 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.167/16 brd 10.0.255.255 scope global eth0
    inet6 fe80::89c:15ff:fef8:b359/64 scope link 
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 0a:9a:e0:f8:3c:6b brd ff:ff:ff:ff:ff:ff
    inet 10.0.136.112/32 scope global eth1
    inet6 fe80::89a:e0ff:fef8:3c6b/64 scope link 
       valid_lft forever preferred_lft forever
4: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN 
    link/ether 36:a1:c0:ae:4e:b6 brd ff:ff:ff:ff:ff:ff
5: br-ex: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN 
    link/ether 42:16:bb:3a:7f:4d brd ff:ff:ff:ff:ff:ff
    inet 10.0.136.1/24 scope global br-ex
    inet6 fe80::58ee:78ff:fe72:c3d7/64 scope link 
       valid_lft forever preferred_lft forever
7: br-int: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN 
    link/ether 7e:32:df:fe:e2:4a brd ff:ff:ff:ff:ff:ff
    inet6 fe80::8c31:17ff:fe14:fe3d/64 scope link 
       valid_lft forever preferred_lft forever
13: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN 
    link/ether f6:20:7b:d3:78:06 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
15: phy-br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether ee:93:60:b0:ca:3b brd ff:ff:ff:ff:ff:ff
    inet6 fe80::ec93:60ff:feb0:ca3b/64 scope link 
       valid_lft forever preferred_lft forever
16: int-br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 82:e4:77:56:67:61 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::80e4:77ff:fe56:6761/64 scope link 
       valid_lft forever preferred_lft forever
19: br-tun: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN 
    link/ether 06:6f:cc:ee:5c:4c brd ff:ff:ff:ff:ff:ff
    inet6 fe80::6c98:20ff:fef7:57e8/64 scope link 
       valid_lft forever preferred_lft forever
24: tapba008aa3-1e: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 500
    link/ether fe:16:3e:87:87:0d brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fc16:3eff:fe87:870d/64 scope link 
       valid_lft forever preferred_lft forever
25: tapddd1ad23-3b: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 500
    link/ether fe:16:3e:8b:84:be brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fc16:3eff:fe8b:84be/64 scope link 
       valid_lft forever preferred_lft forever
26: tapbcb7fc69-3e: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 500
    link/ether fe:16:3e:b7:aa:0a brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fc16:3eff:feb7:aa0a/64 scope link 
       valid_lft forever preferred_lft forever
27: tap5846f754-ba: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 500
    link/ether fe:16:3e:60:bf:07 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fc16:3eff:fe60:bf07/64 scope link 
       valid_lft forever preferred_lft forever

ovs-vsctl show

root@controller8:~# sudo ovs-vsctl show
d578b8e4-98b5-4cab-85c1-cc8315306527
    Bridge br-ex
        Port br-ex
            Interface br-ex
                type: internal
        Port "virbr0"
            Interface "virbr0"
        Port phy-br-ex
            Interface phy-br-ex
        Port "qg-8b717322-6a"
            Interface "qg-8b717322-6a"
                type: internal
    Bridge br-tun
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
    Bridge br-int
        Port "tapddd1ad23-3b"
            tag: 1
            Interface "tapddd1ad23-3b"
        Port int-br-ex
            Interface int-br-ex
        Port "tapba008aa3-1e"
            Interface "tapba008aa3-1e"
        Port "qr-618529af-60"
            tag: 1
            Interface "qr-618529af-60"
                type: internal
        Port br-int
            Interface br-int
                type: internal
        Port "tap352d75f8-45"
            tag: 3
            Interface "tap352d75f8-45"
                type: internal
        Port "tap5846f754-ba"
            tag: 1
            Interface "tap5846f754-ba"
        Port "tapbcb7fc69-3e"
            tag: 1
            Interface "tapbcb7fc69-3e"
        Port "tapfbac6e3c-b1"
            tag: 1
            Interface "tapfbac6e3c-b1"
                type: internal
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
    ovs_version: "1.10.2"