[clug] OpenStack - PackStack

George at Clug Clug at goproject.info
Sun Dec 6 06:56:51 UTC 2015


I checked the NAT Tricks against the All-in-One scripted PackStack
build, and they seemed to be already in place.

When creating an instance as admin, then attempting to Associate an IP
address, I get the error message, "Error:External network xxxx is not
reachable from subnet yyyy. Therefore, cannot associate Port zzzz with
a Floating IP."

Of course the xxxx, zzzz and yyyy are not the real names, as I am too
lazy to type in those long number sets.

I will give up on the PackStack All-in-One solution. It is too likely
that any changes that I do to try to fix it, will in fact just make it
much worse.

Short of anyone who knows PackStack being available for me to visit
and to check my actual installation, I will now give Ansible a try and
see if I can follow these instructions.


At Sunday, 06-12-2015 on 17:04 Mick Wahren wrote:

And you added the rule set to your instance?

The other possibility is that the router to your private network has
not had it's gateway set to your public network. 

If you create a security group to allow all incoming tcp,udp and icmp,
apply that to your instance. Can you ping the floating ip of the

If you then open a console on your instance and log in as root, I
think Cirros default pw is cubswin, can you ping both the internal and
external address of your private network router?

The problem usually lies between security groups or an incorrectly set
gateway on the router. Connecting the instance directly to the public
network will always fail. The instance needs to be connected to the
private network/ subnet that you created. 

Hope this helps. And sorry if this makes no sense. I'm typing  it
from my phone which always end in disaster.  

Good luck


Sent from Mick on the move 

On 6 Dec 2015, at 14:55, George at Clug  wrote:


I followed the instructions given in the web sites.  Maybe something
is missing?

The instruction rules said "Under the "Security Groups" heading, click
the "Manage Rules" button for the "default" security group. Click the
"Add Rule" button, and in the resulting dialog, enter "22" in the
"Port" field, and then click the "Add" button."

If you know the exact Instance rules that will work, then I could give
that a try. 


At Sunday, 06-12-2015 on 14:45 Mick Wahren wrote:

Hi George,
Have you defined the access rules for your instance? By default there
are no rules made. I.e no access. You can easily configure these rules
from the horizon web interface. Name them and apply the rule set to
your instance and you should be able to ssh. 

I think by default with RDO and a fedora instance you ssh as
cloud-user@ then sudo -i for a root shell. 

I usually create a default rule set to at least allow ssh. If you're
not yet that concerned with isolation you can allow:all tcp inbound. 


Sent from Mick on the move 

On 6 Dec 2015, at 08:20, George at Clug  wrote:


Would anyone have the knowledge and the time to check over a Pack
Stack installation that I have (on a laptop) to see why Networking is
working the way I believe it should ?

It would take way to long for me to attempt to fully define the
configuration in an email.

A brief overview of issue is;

I followed the above instructions and when I attempt to ssh into any
instance (e.g. Fedora22, as per instructions), all I get is "No route
to host". I am unable to ping the Instances.

I have built and rebuilt the Pack Stack install several times, with
various configurations, but still no success.

As the Admin account I have created two Cirros instances and these can
ping each other on their private IP addresses, I can ping the
public_gateway address, but I cannot ping their public IP addresses.

I have no DHCP servers within my test environment, it is an isolated
network, but does have internet access via a NAT firewall/gateway.


linux mailing list
linux at lists.samba.org

linux mailing list
linux at lists.samba.org

More information about the linux mailing list