{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 一夜七次 的问题《openstack networking can't ping/ssh from/to VM》','https://www.manongdao.com/q-1370602.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I've installed multi-node openstak using devstack script. Can run VMs, but problem with networking, can't ssh/ping from one VM to another. I can ssh to VM only from host (control1,computeX) where it running, from other hosts can't. Any suggestions?
nova-compute control1 nova enabled :-)
nova-cert control1 nova enabled :-)
nova-network control1 nova enabled :-)
nova-scheduler control1 nova enabled :-)
nova-consoleauth control1 nova enabled :-)
nova-compute compute1 nova enabled :-)
nova-volume compute1 nova enabled :-)
nova-network compute1 nova enabled :-)
nova-compute compute2 nova enabled :-)
nova-volume compute2 nova enabled :-)
nova-network compute2 nova enabled :-)
control1 /etc/network/interfaces
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 172.16.0.1
#address 172.16.0.101
netmask 255.255.255.0
network 172.16.0.0
broadcast 172.16.0.255
gateway 172.16.0.254
dns-nameservers 8.8.8.8
auto eth1
iface eth1 inet static
address 11.0.0.4
netmask 255.255.255.0
network 11.0.0.0
broadcast 11.0.0.255
compute1 /etc/network/interfaces
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 172.16.0.2
netmask 255.255.255.0
network 172.16.0.0
broadcast 172.16.0.255
gateway 172.16.0.254
dns-nameservers 8.8.8.8
auto eth1
iface eth1 inet static
address 11.0.0.5
netmask 255.255.255.0
network 11.0.0.0
broadcast 11.0.0.255
control1 /etc/nova/nova.conf
[DEFAULT]
verbose=True
auth_strategy=keystone
allow_resize_to_same_host=True
root_helper=sudo /usr/local/bin/nova-rootwrap /etc/nova/rootwrap.conf
compute_scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler
dhcpbridge_flagfile=/etc/nova/nova.conf
fixed_range=10.1.0.0/16
s3_host=172.16.0.1
s3_port=3333
network_manager=nova.network.manager.FlatDHCPManager
osapi_compute_extension=nova.api.openstack.compute.contrib.standard_extensions
my_ip=172.16.0.1
public_interface=eth0
vlan_interface=eth0
flat_network_bridge=br100
flat_interface=eth1
sql_connection=mysql://root:supersecret@172.16.0.1/nova?charset=utf8
libvirt_type=qemu
libvirt_cpu_mode=none
instance_name_template=instance-%08x
novncproxy_base_url=http://172.16.0.1:6080/vnc_auto.html
xvpvncproxy_base_url=http://172.16.0.1:6081/console
vncserver_listen=127.0.0.1
vncserver_proxyclient_address=127.0.0.1
api_paste_config=/etc/nova/api-paste.ini
image_service=nova.image.glance.GlanceImageService
ec2_dmz_host=172.16.0.1
rabbit_host=172.16.0.1
rabbit_password=supersecret
glance_api_servers=172.16.0.1:9292
force_dhcp_release=True
multi_host=True
send_arp_for_ha=True
use_syslog=True
logging_context_format_string=%(asctime)s %(levelname)s %(name)s [%(request_id)s %(user_name)s %(project_name)s] %(instance)s%(message)s
volume_api_class=nova.volume.cinder.API
compute_driver=libvirt.LibvirtDriver
firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver
enabled_apis=ec2,osapi_compute,metadata
Try adding the following option to nova.conf, which controls whether the firewall (iptables) will allow traffic between instances:
It should be on by default, so that's probably not your problem, but it's the first thing I would try.
This is from the table called Description of nova.conf file configuration options of networking options from the OpenStack Compute Admin guide.
You may need to add rules to the default OpenStack security group to enable ping and SSH:
The first rule enables the Internet Control Message Protocol (ICMP) for VM instances (the ping command). The second rule enables TCP connections via the 22 port, which is used by SSH.
Try changing network_manager=nova.network.manager.FlatDHCPManager to network_manager=nova.network.manager.FlatManager and also try other configurations for your network_manager setting. It says that FLatManager should work here: http://docs.openstack.org/trunk/openstack-compute/admin/content/configuring-flat-networking.html and it is similair to FLatDHCPManager, so not quite sure what the problem is as it seems you are bound to a physical ethernet card.