Ask Your Question

d@kj's profile - activity

2019-10-08 13:42:08 -0600 received badge  Notable Question (source)
2019-10-08 13:42:08 -0600 received badge  Famous Question (source)
2019-04-12 04:07:36 -0600 commented answer no ping to Internet from instance and neutron-gateway/0 - error “Destination Host Unreachable”

thanks a lot for your support . As you suggested me I've reconfigure OPS fresh and before to run the deploy via Juju, I've replaced br-ex= eno2 to br-ex= eno3, now the incance can reach Internet without problem. Thanks again.

2019-04-12 00:39:20 -0600 received badge  Famous Question (source)
2019-04-11 09:43:53 -0600 commented answer no ping to Internet from instance and neutron-gateway/0 - error “Destination Host Unreachable”

here is the screen of neutron-gateway/0 https://paste.ubuntu.com/p/RqSJnwFFQr/ and the following is the ifconfig on nova-compute/0 https://paste.ubuntu.com/p/47BJvqyNmb/

2019-04-10 07:43:28 -0600 commented question no ping to Internet from instance and neutron-gateway/0 - error “Destination Host Unreachable”

no, at moment any solution found. I've tried also to change the type of external network, flat and VLAN, but nothing in the both case I've the same issue.

2019-04-09 19:08:47 -0600 received badge  Notable Question (source)
2019-04-08 03:47:29 -0600 answered a question Openstack with MAAS + juju network setup

you can view also that but you must have 5 nodes:

https://docs.openstack.org/project-deploy-guide/charm-deployment-guide/latest/index.html (https://docs.openstack.org/project-de...)

2019-04-08 03:46:58 -0600 answered a question Hardware Requirements for setting up OpenStack IAAS

you can view also that but you must have 5 nodes:

https://docs.openstack.org/project-deploy-guide/charm-deployment-guide/latest/index.html (https://docs.openstack.org/project-de...)

2019-04-08 03:36:36 -0600 commented answer Newton - Instance can't access internet

I've the same problem but my lab is the following: https://ask.openstack.org/en/question/121039/no-ping-to-internet-from-instance-and-neutron-gateway0-error-destination-host-unreachable/ (post)

2019-04-08 02:28:37 -0600 received badge  Popular Question (source)
2019-04-05 05:22:38 -0600 marked best answer Create Instance on Canonical Distribution of OpenStack Autopilot

My Lab:

  • 1 VM for MAAS
  • 1 VM for JUJU
  • 1 VM for LANDSCAPE
  • 4 VM for OPENSTACK

Canonical Distribution of Openstack is correctly installed on a virtual environment (VMware Esxi), but if I try to create a new instance receive that issue:

Error: Failed to perform requested operation on instance "hubsvr01", the instance has an error status: Please try again later [Error: Exceeded maximum number of retries. Exceeded max scheduling attempts 3 for instance 26ad0d3f-5788-4c74-bd8b-aa114cf56174. Last exception: Image could not be found.].

2019-04-05 05:22:38 -0600 received badge  Scholar (source)
2019-04-05 05:18:01 -0600 asked a question no ping to Internet from instance and neutron-gateway/0 - error “Destination Host Unreachable”

Same network schema shown in this https://ask.openstack.org/en/question/119783/no-ping-to-instance-from-neutron-gateway0-error-destination-host-unreachable/ (post).

IP plan:

Maas: 10.20.81.1
Juju: 10.20.81.2
Openstack: 10.20.81.21-24
External Gateway: 10.20.81.254
Private Network: 10.1.0.0/24
Instance: 10.1.0.12 - 10.20.81.220 (floating)
Internal Gateway: 10.1.0.1
Internal DHCP service: 10.1.0.10

Network topology

    10.20.81.0/24     
                              +-------------+
                                  Firewall
                                10.20.81.254
                              +-------------+
                                     | 
    +-------------------------------------------------------------+
                                  Switch 
          vlan81              vlan81                  vlan81
    +-------------------------------------------------------------+
            |                   |                   || | | |
    +--------------+     +------------+        +------------------+
    |Maas+Juju           |Juju Gui|            |Openstack
    |10.20.81.1          |10.20.81.2           |10.20.81.21-24
    +--------------+     +-------------+       +------------------+
                                                         |
                                    +--------------------------------------------+
                                    Private Subnet-1           Public Subnet-2
                                     10.1.0.0/24                10.20.81.0/24
                                     +---+----+--+              +----+------+
                                     |    |        +----+            |
                                     |    |     .1 |    |.221         |
                                     |    +--------+ VR +-------------+
                                     |             |    |
                                     +--+-+        +----+
                                     |    |
                                     |VM |
                                     |.12 |
                                     |    |
                                     +----+

This time the problem is the ping toward Internet. The Openstack instance and netron-gateway/0 can't reach the external world.

from neutron-gateway/0

ubuntu@os-compute02:~$ sudo ip netns exec qrouter-e933429f-6816-47b3-9e50-581d78243935 ping 10.20.81.254
PING 10.20.81.254 (10.20.81.254) 56(84) bytes of data.
From 10.20.81.221 icmp_seq=1 Destination Host Unreachable
From 10.20.81.221 icmp_seq=2 Destination Host Unreachable

ubuntu@os-compute02:~$ sudo ip netns exec qrouter-e933429f-6816-47b3-9e50-581d78243935 ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
From 10.20.81.221 icmp_seq=1 Destination Host Unreachable
From 10.20.81.221 icmp_seq=2 Destination Host Unreachable

ubuntu@os-compute02:~$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=120 time=16.7 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=120 time=17.9 ms

ubuntu@os-compute02:~$ sudo ip netns exec qrouter-e933429f-6816-47b3-9e50-581d78243935 route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.1.0.0        0.0.0.0         255.255.255.0   U     0      0        0 qr-44aa8011-cf
10.20.81.0      0.0.0.0         255.255.255.0   U     0      0        0 qg-f33e7db4-43

ubuntu@os-compute02:~$ route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         10.20.81.254    0.0.0.0         UG    0      0        0 br-eno2
10.4.251.0      0.0.0.0         255.255.255.0   U     0      0        0 lxdbr0
10.20.81.0      0.0.0.0         255.255.255.0   U     0      0        0 br-eno2

from instance

ubuntu@os-compute02:~$ sudo ip netns exec qrouter-e933429f-6816-47b3-9e50-581d78243935 ssh -p 22 -i ~/.ssh/u1804Key.pem ubuntu@10.1.0.12 -v
O
Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-33-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

  System information as of Fri Apr  5 09:50:37 UTC 2019

  System load:  0.0               Processes:           90
  Usage of /:   1.2% of 77.36GB   Users logged in:     0
  Memory usage: 12%               IP address for ens2: 10.1.0.20 ...
(more)
2019-04-05 05:15:23 -0600 edited question no ping to Instance from neutron-gateway/0 - error "Destination Host Unreachable"

I performed a cluster node installation using this guide [OpenStack Charms Deployment Guide].(https://docs.openstack.org/project-deploy-guide/charm-deployment-guide/latest/install-maas.html), where the type of network is a Flat network and the components used are:

  • Maas
  • Juju
  • Openstack

My lab is composed by following devices:

  • 1 IBM System 3540 M4 Maas (500GB HDD - 8GB RAM - 1 Nic)
  • 1 IBM System 3540 M4 Juju (500GB HDD - 8GB RAM -1 Nic)
  • 4 IBM System 3540 M4 Openstack (500GBx2 HDD - 16GB RAM - 2 Nic)
  • 1 Palo Alto Network Firewall

Public Network 10.20.81.0/24 - Private Network 10.0.0.0/24

  • Maas: 10.20.81.1
  • Juju: 10.20.81.2
  • Openstack 10.20.81.21-24
  • Gateway 10.20.81.254
  • Instance: 10.0.0.9 - 10.20.81.215 (floating)

Network plan

10.20.81.0/24     
                          +-------------+
                              Firewall
                            10.20.81.254
                          +-------------+
                                 | 
+-------------------------------------------------------------+
                              Switch 
      vlan81              vlan81                  vlan81
+-------------------------------------------------------------+
        |                   |                   || | | |
+--------------+     +------------+        +------------------+
|Maas+Juju           |Juju Gui|            |Openstack
|10.20.81.1          |10.20.81.2           |10.20.81.21-24
+--------------+     +-------------+       +------------------+
                                                     |
                                +--------------------------------------------+
                                Private Subnet-1           Public Subnet-2
                                 10.0.0.0/24                10.20.81.0/24
                                 +---+----+--+              +----+------+
                                 |    |        +----+            |
                                 |    |        |    |            |
                                 |    +--------+ VR +-------------+
                                 |             |    |
                                 +--+-+        +----+
                                 |    |
                                 | VM |
                                 | .9 |
                                 |    |
                                 +----+

On my lab, the nodes for Openstack present two eth interface, the first one (eno2) the single external network used as floating IP, then the other one (eno3) for the private network.

I can not reach teh install via SSH or ping

Maas route:

$: ip route
default via 10.20.81.254 dev enp2s0 proto static 
10.20.81.0/24 dev enp2s0 proto kernel scope link src 10.20.81.1

Juju Controller:

ubuntu@juju-controller:~$ ip route
default via 10.20.81.254 dev enp8s0 proto static 
10.20.81.0/24 dev enp8s0 proto kernel scope link src 10.20.81.2

Compute Nodes:

ubuntu@os-compute01:~$ ip route
default via 10.20.81.254 dev br-eno2 proto static 
10.20.81.0/24 dev br-eno2 proto kernel scope link src 10.20.81.21 
10.38.53.0/24 dev lxdbr0 proto kernel scope link src 10.38.53.1

ubuntu@os-compute02:~$ ip route
default via 10.20.81.254 dev br-eno2 proto static 
10.20.81.0/24 dev br-eno2 proto kernel scope link src 10.20.81.22 
10.104.230.0/24 dev lxdbr0 proto kernel scope link src 10.104.230.1 

ubuntu@os-compute03:~$ ip route
default via 10.20.81.254 dev br-eno2 proto static 
10.20.81.0/24 dev br-eno2 proto kernel scope link src 10.20.81.23 
10.126.34.0/24 dev lxdbr0 proto kernel scope link src 10.126.34.1 

ubuntu@os-compute04:~$ ip route
default via 10.20.81.254 dev br-eno2 proto static 
10.20.81.0/24 dev br-eno2 proto kernel scope link src 10.20.81.24 
10.72.47.0/24 dev lxdbr0 proto kernel scope link src 10.72.47.1

Router:

$:openstack router show u1804Ro
Password: 
+-------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field                   | Value                                                                                                                                                                                    |
+-------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| admin_state_up          | UP                                                                                                                                                                                       |
| availability_zone_hints |                                                                                                                                                                                          |
| availability_zones      | nova                                                                                                                                                                                     |
| created_at              | 2019-02-28T22:27:36Z                                                                                                                                                                     |
| description             |                                                                                                                                                                                          |
| distributed             | False                                                                                                                                                                                    |
| external_gateway_info   | {"network_id": "e2ba9320-b1cb-4fd8-acd8-b4d9df9df819", "enable_snat": true, "external_fixed_ips": [{"subnet_id": "b3ae37b6-487b-4063-8d69-ec849fd9c9c7", "ip_address ...
(more)
2019-04-04 16:45:37 -0600 commented answer instance is not able to ping the internet but able to ping the openstack server

I've the same problem with my lab

2019-04-04 16:44:08 -0600 commented question I am not able ping external provider network

I've the same problem with my lab

2019-04-04 16:27:38 -0600 answered a question OVS: can ping qdhcp from qrouter but not instances

I've had the same issue and I've resolved in this way: https://ask.openstack.org/en/question/119783/openstack-no-ping-to-instance-from-neutron-gateway0-error-destination-host-unreachable/ (post)

2019-04-04 16:22:04 -0600 answered a question Can't ping or SSH Vm's

You can following this https://docs.openstack.org/project-deploy-guide/charm-deployment-guide/rocky/index.html (guide)

2019-04-04 04:07:16 -0600 received badge  Notable Question (source)
2019-04-04 04:07:16 -0600 received badge  Popular Question (source)
2019-04-03 16:27:05 -0600 answered a question no ssh to instance from neutron-gateway/0 - error “Permission denied (publickey)”

I've resolved that. Instead of making the import of the key, I've created a new Key pairs directly of Openstack, saved that on my desktop and copy with the same name on neutron-gateway/0 in .ssh/ directory.

$: juju ssh neutron-gateway/0
ubuntu@os-compute03: nano .ssh/u1804Key.pem

copy the key and change the permission

ubuntu@os-compute03: chmod 600 .ssh/u1804Key.pem

https://pasteboard.co/I8tINDO.png (image 1) https://pasteboard.co/I8tJ4TB.png (image 2)

ubuntu@os-compute02:~$ sudo ip netns exec qrouter-e933429f-6816-47b3-9e50-581d78243935 ssh -p 22 -i ~/.ssh/u1804Key.pem ubuntu@10.1.0.13
Welcome to Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-33-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

  System information as of Wed Apr  3 21:19:12 UTC 2019

  System load:  0.0               Processes:           90
  Usage of /:   1.2% of 77.36GB   Users logged in:     0
  Memory usage: 12%               IP address for ens2: 10.1.0.13
  Swap usage:   0%


  Get cloud support with Ubuntu Advantage Cloud Guest:
    http://www.ubuntu.com/business/services/cloud

0 packages can be updated.
0 updates are security updates.

Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings


Last login: Wed Apr  3 20:51:52 2019 from 10.1.0.1
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.

ubuntu@u1804ins:~$
2019-04-03 09:09:01 -0600 edited question no ssh to instance from neutron-gateway/0 - error “Permission denied (publickey)”

My network scheme is like the one shown here:

https://ask.openstack.org/en/question/119783/no-ping-destination-host-unreachable-to-instance-from-neutron-gateway0/ (network plan)

I can't use SSH connection to the instance, I made this procedure

$: juju ssh neutron-gateway/0

ubuntu@os-compute03:~$ sudo ip netns
qrouter-fc288112-3fce-405d-9c3f-5451253de4f0 (id: 4)
qdhcp-fcfc4529-79db-40e5-9d23-0af9c3411a3f (id: 3)

to create a SSH keypair I've used this command:

ubuntu@os-compute03: ssh-keygen -t rsa -f .ssh/cloud.key

ping the instance

ubuntu@os-compute02:~$ sudo ip netns exec  qrouter-fc288112-3fce-405d-9c3f-5451253de4f ping 10.1.0.9
PING 10.1.0.9 (10.1.0.9) 56(84) bytes of data.
64 bytes from 10.1.0.9: icmp_seq=1 ttl=64 time=0.441 ms
64 bytes from 10.1.0.9: icmp_seq=2 ttl=64 time=0.385 ms

then I've imported the public key on Openstack, created a new instance and then I tried to run the connection from neutron-gateway.

ubuntu@os-compute03:~$ sudo ip netns exec qrouter-fc288112-3fce-405d-9c3f-5451253de4f0 ssh -i .ssh/cloud.key.pub -p 22 ubuntu@10.0.0.9 -v
OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n  7 Dec 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 10.0.0.9 [10.0.0.9] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file .ssh/cloud.key.pub type 0
debug1: key_load_public: No such file or directory
debug1: identity file .ssh/cloud.key.pub-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.6p1 Ubuntu-4
debug1: match: OpenSSH_7.6p1 Ubuntu-4 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 10.0.0.9:22 as 'ubuntu'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:uhk/YW8LX1R8ZDaMtpg0093Qqtvuh1zBiM/JZ9cCAHQ
debug1: Host '10.1.0.13' is known and matches the ECDSA host key.
debug1: Found key in /root/.ssh/known_hosts:2
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:MkeQaw9euGwwKRu9Ck54BeoLlH1zctL0Fh7SUTelRDc .ssh/id_rsa.pub
debug1: Server accepts key: pkalg rsa-sha2-512 blen 279
Load key ".ssh/cloud.key.pub": invalid format
debug1: No more authentication methods to try.
ubuntu@10.0.0.9: Permission denied (publickey).

in the input there is this error:

Load key ".ssh/cloud.key.pub": invalid format

why?