Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Network config when testing on nested environment

I'm composing a test environment for Openstack Icehouse on CentOS 7 It will be nested in the sense that the 2 openstack nodes I'm going to setup are virtual machines.

In detail:

hypervisor is my laptop with Fedora 23, 16Gb of ram, SSD disk and standard Qemu/KVM environment included inside the distro the laptop would be also where I run web browser to access horizon dashboard

openstack_co1 vm where I initially run and test packstak on CentOS 7.2 with copy host cpu configuration and setup controller+compute

openstack_co2 vm where I will run additional compute node with copy host cpu configuration

the 2 vms will have two networks

1) 192.168.122.x/24 that is configured as NAT in Qemu/KVM of my laptop and should be the public lan for Openstack env

2) 192.168.124.x/24 that is configured as "isolated, internal and host routing only" in Qemu/KVM and should be the private lan for openstack env

So my laptop has the 192.168.122.1 and 192.168.124.1 ip addresses set up and chronyd configured to be queried by the openstack nodes

I was able to run packstak after some debugging:

  • configuring repo with baseurl=http://repos.fedorapeople.org/repos/openstack/EOL/openstack-icehouse/epel-7/

  • preinstalling packages so that packstack needs only to setup and not download

  • modifying file /usr/lib/python2.7/site-packages/packstack/puppet/templates/openstack_client.pp

and changing python-iso8601 with python2-iso8601 as provided now

  • modifying file /etc/mongod.conf

changing bind_ip = 127.0.0.1

with my node ip bind_ip = 192.168.122.81

because during puppet phase it is this file that is read and not mongodb.conf and it listens only on localhost causing time out and failure

found reference here: https://ask.openstack.org/en/question/86847/packstack-fails-with-error-unable-to-connect-to-mongodb-server/

  • modifying /usr/share/openstack-dashboard/openstack_dashboard/api/neutron.py

line 818

if fips.is_supported

with

if True

otherwise you get error connecting to neutron in instances page. Found reference here: https://bugs.launchpad.net/horizon/+bug/1349841

  • downgrading python-websockify from python-websockify-0.6.0-2.el7 to python-websockify-0.5.1-1.el7.noarch.rpm

otherwise unable to use novnc console.

Found reference here: https://bugzilla.redhat.com/show_bug.cgi?id=1220081

  • running packstack

All seems ok then.

I have now some doubts related to my nested vm environment and network and iptables configuration.

Is it ok the network config I plan to use and then during the tests to assign as floating ips the ones on 192.168.122.x network (the Qemu/KVM natted one)?

Is it expected ootb that from my laptop (192.168.122.1) I will be able to reach (if related security groups configurations are in place) via ssh the openstack instances on these floating ips or should I create a particular firewalld rule on my laptop?

Thanks in advance, Gianluca

Network config when testing on nested environment

I'm composing a test environment for Openstack Icehouse on CentOS 7 It will be nested in the sense that the 2 openstack nodes I'm going to setup are virtual machines.

In detail:

hypervisor is my laptop with Fedora 23, 16Gb of ram, SSD disk and standard Qemu/KVM environment included inside the distro the laptop would be also where I run web browser to access horizon dashboard

openstack_co1 vm where I initially run and test packstak on CentOS 7.2 with copy host cpu configuration and setup controller+compute

openstack_co2 vm where I will run additional compute node with copy host cpu configuration

the 2 vms will have two networks

1) 192.168.122.x/24 that is configured as NAT in Qemu/KVM of my laptop and should be the public lan for Openstack env

2) 192.168.124.x/24 that is configured as "isolated, internal and host routing only" in Qemu/KVM and should be the private lan for openstack env

So my laptop has the 192.168.122.1 and 192.168.124.1 ip addresses set up and chronyd configured to be queried by the openstack nodes

I was able to run packstak after some debugging:

  • configuring repo with baseurl=http://repos.fedorapeople.org/repos/openstack/EOL/openstack-icehouse/epel-7/

  • preinstalling packages so that packstack needs only to setup and not download

  • modifying file /usr/lib/python2.7/site-packages/packstack/puppet/templates/openstack_client.pp

and changing python-iso8601 with python2-iso8601 as provided now

  • modifying file /etc/mongod.conf

changing bind_ip = 127.0.0.1

with my node ip bind_ip = 192.168.122.81

because during puppet phase it is this file that is read and not mongodb.conf and it listens only on localhost causing time out and failure

found reference here: https://ask.openstack.org/en/question/86847/packstack-fails-with-error-unable-to-connect-to-mongodb-server/

  • modifying /usr/share/openstack-dashboard/openstack_dashboard/api/neutron.py

line 818

if fips.is_supported

with

if True

otherwise you get error connecting to neutron in instances page. Found reference here: https://bugs.launchpad.net/horizon/+bug/1349841

  • downgrading python-websockify from python-websockify-0.6.0-2.el7 to python-websockify-0.5.1-1.el7.noarch.rpm

otherwise unable to use novnc console.

Found reference here: https://bugzilla.redhat.com/show_bug.cgi?id=1220081

  • running packstack

All seems ok then.

I have now some doubts related to my nested vm environment and network and iptables configuration.

Is it ok the network config I plan to use and then during the tests to assign as floating ips the ones on 192.168.122.x network (the Qemu/KVM natted one)?

Is it expected ootb that from my laptop (192.168.122.1) I will be able to reach (if related security groups configurations are in place) via ssh the openstack instances on these floating ips or should I create a particular firewalld rule on my laptop?

Thanks in advance, Gianluca