[clug] OpenStack - PackStack

Mick Wahren mick at micknsteph.com
Sun Dec 6 08:03:02 UTC 2015 

Hi George , 
That usually means you don't have your private router configured correctly.  Neutron cannot Nat the floating ip to the external router interface. Did you put your instance on the correct private network. Also have you set the gateway on the router?

It sounds as if the setup of openstack/neutron is correct but the private to public networking is incorrect.  

Create a public network. Should be done by packstack
Create a private network
Create a subnet on the private network 
Create a router
Attach the router to the private subnet
Set gateway on the router on the public network 
Attach instance interface to the private Network. 




Sent from Mick on the move 

> On 6 Dec 2015, at 17:56, George at Clug <Clug at goproject.info> wrote:
> 
>    Mike, 
> 
> I checked the NAT Tricks against the All-in-One scripted PackStack
> build, and they seemed to be already in place.
> 
> When creating an instance as admin, then attempting to Associate an IP
> address, I get the error message, "Error:External network xxxx is not
> reachable from subnet yyyy. Therefore, cannot associate Port zzzz with
> a Floating IP."
> 
> Of course the xxxx, zzzz and yyyy are not the real names, as I am too
> lazy to type in those long number sets.
> 
> I will give up on the PackStack All-in-One solution. It is too likely
> that any changes that I do to try to fix it, will in fact just make it
> much worse.
> 
> Short of anyone who knows PackStack being available for me to visit
> and to check my actual installation, I will now give Ansible a try and
> see if I can follow these instructions.
> 
> 
> George.
> 
> 
> 
> 
> 
> At Sunday, 06-12-2015 on 17:04 Mick Wahren wrote:
> 
> 
> And you added the rule set to your instance?
> 
> 
> The other possibility is that the router to your private network has
> not had it's gateway set to your public network. 
> 
> 
> If you create a security group to allow all incoming tcp,udp and icmp,
> apply that to your instance. Can you ping the floating ip of the
> instance?
> 
> 
> If you then open a console on your instance and log in as root, I
> think Cirros default pw is cubswin, can you ping both the internal and
> external address of your private network router?
> 
> 
> The problem usually lies between security groups or an incorrectly set
> gateway on the router. Connecting the instance directly to the public
> network will always fail. The instance needs to be connected to the
> private network/ subnet that you created. 
> 
> 
> Hope this helps. And sorry if this makes no sense. I'm typing  it
> from my phone which always end in disaster.  
> 
> 
> Good luck
> 
> 
> Mick
> 
> Sent from Mick on the move 
> 
> On 6 Dec 2015, at 14:55, George at Clug  wrote:
> 
> 
> 
> 
>    Mick,
> 
> I followed the instructions given in the web sites.  Maybe something
> is missing?
> 
> The instruction rules said "Under the "Security Groups" heading, click
> the "Manage Rules" button for the "default" security group. Click the
> "Add Rule" button, and in the resulting dialog, enter "22" in the
> "Port" field, and then click the "Add" button."
> 
> If you know the exact Instance rules that will work, then I could give
> that a try. 
> 
> George.
> 
> At Sunday, 06-12-2015 on 14:45 Mick Wahren wrote:
> 
> 
> Hi George,
> Have you defined the access rules for your instance? By default there
> are no rules made. I.e no access. You can easily configure these rules
> from the horizon web interface. Name them and apply the rule set to
> your instance and you should be able to ssh. 
> 
> 
> I think by default with RDO and a fedora instance you ssh as
> cloud-user@ then sudo -i for a root shell. 
> 
> 
> I usually create a default rule set to at least allow ssh. If you're
> not yet that concerned with isolation you can allow:all tcp inbound. 
> 
> 
> Cheers 
> Mick
> 
> Sent from Mick on the move 
> 
> On 6 Dec 2015, at 08:20, George at Clug  wrote:
> 
> 
> 
> 
>    Hi,
> 
> Would anyone have the knowledge and the time to check over a Pack
> Stack installation that I have (on a laptop) to see why Networking is
> working the way I believe it should ?
> 
> It would take way to long for me to attempt to fully define the
> configuration in an email.
> 
> https://www.rdoproject.org/install/quickstart/
> https://www.rdoproject.org/install/running-an-instance/
> A brief overview of issue is;
> 
> I followed the above instructions and when I attempt to ssh into any
> instance (e.g. Fedora22, as per instructions), all I get is "No route
> to host". I am unable to ping the Instances.
> 
> I have built and rebuilt the Pack Stack install several times, with
> various configurations, but still no success.
> 
> As the Admin account I have created two Cirros instances and these can
> ping each other on their private IP addresses, I can ping the
> public_gateway address, but I cannot ping their public IP addresses.
> 
> I have no DHCP servers within my test environment, it is an isolated
> network, but does have internet access via a NAT firewall/gateway.
> 
> George.
> 
> 
> 
> -- 
> linux mailing list
> linux at lists.samba.org
> https://lists.samba.org/mailman/listinfo/linux
> 
> 
> 
> 
> 
> 
> -- 
> linux mailing list
> linux at lists.samba.org
> https://lists.samba.org/mailman/listinfo/linux
> 
> 
> 
> 
> 
> 
> -- 
> linux mailing list
> linux at lists.samba.org
> https://lists.samba.org/mailman/listinfo/linux

More information about the linux mailing list