lost and found ( for me ? )

OpenStack logs (keystone, glance, nova , neutron )

Here are logs when operating keystone, glance, neutron after setting up Openstack multi nodes with RDO.

Assume you have already finished setting up OpenStack multi nodes with RDO.
http://lost-and-found-narihiro.blogspot.jp/2016/09/centos7-set-up-openstack-multi.html

create a user, project, register an image, boot an instance, configure floating ip, configure security groups.

[ user management ]

on the controller node
[root@controller ~]# source keystonerc_admin
[root@controller ~(keystone_admin)]#

[root@controller ~(keystone_admin)]# openstack
(openstack)

create a user
(openstack) user create --password user01 user01
+----------+----------------------------------+
| Field    | Value                            |
+----------+----------------------------------+
| email    | None                             |
| enabled  | True                             |
| id       | 1951635b07c24d3eb7de05fb8f2697cf |
| name     | user01                           |
| username | user01                           |
+----------+----------------------------------+
(openstack)

(openstack) user show user01
+----------+----------------------------------+
| Field    | Value                            |
+----------+----------------------------------+
| email    | None                             |
| enabled  | True                             |
| id       | 1951635b07c24d3eb7de05fb8f2697cf |
| name     | user01                           |
| username | user01                           |
+----------+----------------------------------+
(openstack)

create a procject
(openstack) project create --description "for user01" project01
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | for user01                       |
| enabled     | True                             |
| id          | 605f675c6d1a40cd9563adf3a75d4492 |
| name        | project01                        |
+-------------+----------------------------------+
(openstack)

associate a project “project01” with a user “user01”
(openstack) user set --project project01 user01

(openstack) user show user01
+------------+----------------------------------+
| Field      | Value                            |
+------------+----------------------------------+
| email      | None                             |
| enabled    | True                             |
| id         | 1951635b07c24d3eb7de05fb8f2697cf |
| name       | user01                           |
| project_id | 605f675c6d1a40cd9563adf3a75d4492 |
| username   | user01                           |
+------------+----------------------------------+
(openstack)

give admin proviledge
(openstack) role add --user user01 --project project01 admin
+-----------+----------------------------------+
| Field     | Value                            |
+-----------+----------------------------------+
| domain_id | None                             |
| id        | ab515cfcf31e42209608e25d3fdb6bc3 |
| name      | admin                            |
+-----------+----------------------------------+
(openstack)

login with a user “user01”
[root@controller ~]# cp keystonerc_admin keystonerc_user01

# cat keystonerc_user01
unset OS_SERVICE_TOKEN
export OS_USERNAME=user01
export OS_PASSWORD=user01
export OS_AUTH_URL=http://192.168.131.101:5000/v2.0
export PS1='[\u@\h \W(keystone_user01)]\$ '

export OS_TENANT_NAME=project01
export OS_REGION_NAME=RegionOne

[root@controller ~]# source keystonerc_user01
[root@controller ~(keystone_user01)]#

You can also add a user, project, role via GUI.

[ image management ]

on the controller node
one image has been registered.
[root@controller ~(keystone_user01)]# source keystonerc_admin
[root@controller ~(keystone_admin)]# openstack
(openstack) image list
+--------------------------------------+--------+--------+
| ID                                   | Name   | Status |
+--------------------------------------+--------+--------+
| 0787f9f4-4ab1-4b3b-b186-de167642051f | cirros | active |
+--------------------------------------+--------+--------+
(openstack)

add a new image.
download an image.
# wget https://download.fedoraproject.org/pub/fedora/linux/releases/24/CloudImages/x86_64/images/Fedora-Cloud-Base-24-1.2.x86_64.qcow2

Register the image
[root@controller ~(keystone_admin)]# openstack image create --file ./Fedora-Cloud-Base-24-1.2.x86_64.qcow2 --public Fedora24
+------------------+------------------------------------------------------+
| Field            | Value                                                |
+------------------+------------------------------------------------------+
| checksum         | 8de08e3fe24ee788e50a6a508235aa64                     |
| container_format | bare                                                 |
| created_at       | 2016-09-12T07:46:02Z                                 |
| disk_format      | raw                                                  |
| file             | /v2/images/dfb10702-96aa-4ece-9935-44a5c637aa5b/file |
| id               | dfb10702-96aa-4ece-9935-44a5c637aa5b                 |
| min_disk         | 0                                                    |
| min_ram          | 0                                                    |
| name             | Fedora24                                             |
| owner            | 5ae664c0eaaf4d38a4cbd6f640c77222                     |
| protected        | False                                                |
| schema           | /v2/schemas/image                                    |
| size             | 204590080                                            |
| status           | active                                               |
| tags             |                                                      |
| updated_at       | 2016-09-12T07:46:04Z                                 |
| virtual_size     | None                                                 |
| visibility       | public                                               |
+------------------+------------------------------------------------------+
[root@controller ~(keystone_admin)]#

[root@controller ~(keystone_admin)]# openstack image list
+--------------------------------------+----------+--------+
| ID                                   | Name     | Status |
+--------------------------------------+----------+--------+
| dfb10702-96aa-4ece-9935-44a5c637aa5b | Fedora24 | active |
| 0787f9f4-4ab1-4b3b-b186-de167642051f | cirros   | active |
+--------------------------------------+----------+--------+
[root@controller ~(keystone_admin)]#

[ network management ]

login with non privileged user “user01”
# source keystonerc_user01
[root@controller ~(keystone_user01)]# neutron
(neutron)

(neutron) net-create internal
Created a new network:
+-------------------------+--------------------------------------+
| Field                   | Value                                |
+-------------------------+--------------------------------------+
| admin_state_up          | True                                 |
| availability_zone_hints |                                      |
| availability_zones      |                                      |
| created_at              | 2016-09-12T08:16:36                  |
| description             |                                      |
| id                      | ecc3c3f9-31bd-4998-a41d-b682b508bfb5 |
| ipv4_address_scope      |                                      |
| ipv6_address_scope      |                                      |
| mtu                     | 1450                                 |
| name                    | internal                             |
| router:external         | False                                |
| shared                  | False                                |
| status                  | ACTIVE                               |
| subnets                 |                                      |
| tags                    |                                      |
| tenant_id               | 605f675c6d1a40cd9563adf3a75d4492     |
| updated_at              | 2016-09-12T08:16:36                  |
+-------------------------+--------------------------------------+
(neutron) subnet-create internal 192.168.37.0/24
Created a new subnet:
+-------------------+----------------------------------------------------+
| Field             | Value                                              |
+-------------------+----------------------------------------------------+
| allocation_pools  | {"start": "192.168.37.2", "end": "192.168.37.254"} |
| cidr              | 192.168.37.0/24                                    |
| created_at        | 2016-09-12T08:16:52                                |
| description       |                                                    |
| dns_nameservers   |                                                    |
| enable_dhcp       | True                                               |
| gateway_ip        | 192.168.37.1                                       |
| host_routes       |                                                    |
| id                | 37b936a4-cd4c-4565-9dee-2961cfc592c7               |
| ip_version        | 4                                                  |
| ipv6_address_mode |                                                    |
| ipv6_ra_mode      |                                                    |
| name              |                                                    |
| network_id        | ecc3c3f9-31bd-4998-a41d-b682b508bfb5               |
| subnetpool_id     |                                                    |
| tenant_id         | 605f675c6d1a40cd9563adf3a75d4492                   |
| updated_at        | 2016-09-12T08:16:52                                |
+-------------------+----------------------------------------------------+
(neutron)

(neutron) net-list
+--------------------------------------+----------+------------------------------------------------------+
| id                                   | name     | subnets                                              |
+--------------------------------------+----------+------------------------------------------------------+
| ecc3c3f9-31bd-4998-a41d-b682b508bfb5 | internal | 37b936a4-cd4c-4565-9dee-2961cfc592c7 192.168.37.0/24 |
| f6d28e0c-0233-416e-a212-b1d36d4d3cbf | public   | 22f91b90-5c43-474e-8e01-b72ac359186e                 |
+--------------------------------------+----------+------------------------------------------------------+
(neutron) subnet-list
+--------------------------------------+------+-----------------+----------------------------------------------------+
| id                                   | name | cidr            | allocation_pools                                   |
+--------------------------------------+------+-----------------+----------------------------------------------------+
| 37b936a4-cd4c-4565-9dee-2961cfc592c7 |      | 192.168.37.0/24 | {"start": "192.168.37.2", "end": "192.168.37.254"} |
+--------------------------------------+------+-----------------+----------------------------------------------------+
(neutron)

update network configuration
(neutron) subnet-update 37b936a4-cd4c-4565-9dee-2961cfc592c7 --dns-nameservers list=true 8.8.8.8 8.8.4.4
Updated subnet: 37b936a4-cd4c-4565-9dee-2961cfc592c7
(neutron)

(neutron) subnet-show 37b936a4-cd4c-4565-9dee-2961cfc592c7
+-------------------+----------------------------------------------------+
| Field             | Value                                              |
+-------------------+----------------------------------------------------+
| allocation_pools  | {"start": "192.168.37.2", "end": "192.168.37.254"} |
| cidr              | 192.168.37.0/24                                    |
| created_at        | 2016-09-12T08:16:52                                |
| description       |                                                    |
| dns_nameservers   | 8.8.8.8                                            |
|                   | 8.8.4.4                                            |
| enable_dhcp       | True                                               |
| gateway_ip        | 192.168.37.1                                       |
| host_routes       |                                                    |
| id                | 37b936a4-cd4c-4565-9dee-2961cfc592c7               |
| ip_version        | 4                                                  |
| ipv6_address_mode |                                                    |
| ipv6_ra_mode      |                                                    |
| name              |                                                    |
| network_id        | ecc3c3f9-31bd-4998-a41d-b682b508bfb5               |
| subnetpool_id     |                                                    |
| tenant_id         | 605f675c6d1a40cd9563adf3a75d4492                   |
| updated_at        | 2016-09-12T08:19:05                                |
+-------------------+----------------------------------------------------+
(neutron)

add a name
(neutron) subnet-update 37b936a4-cd4c-4565-9dee-2961cfc592c7 --name internal_subnet
Updated subnet: 37b936a4-cd4c-4565-9dee-2961cfc592c7
(neutron) subnet-list
+--------------------------------------+-----------------+-----------------+------------------------------------------+
| id                                   | name            | cidr            | allocation_pools                         |
+--------------------------------------+-----------------+-----------------+------------------------------------------+
| 37b936a4-cd4c-4565-9dee-2961cfc592c7 | internal_subnet | 192.168.37.0/24 | {"start": "192.168.37.2", "end":         |
|                                      |                 |                 | "192.168.37.254"}                        |
+--------------------------------------+-----------------+-----------------+------------------------------------------+
(neutron)

create a router
(neutron) router-create my_router
Created a new router:
+-------------------------+--------------------------------------+
| Field                   | Value                                |
+-------------------------+--------------------------------------+
| admin_state_up          | True                                 |
| availability_zone_hints |                                      |
| availability_zones      |                                      |
| description             |                                      |
| external_gateway_info   |                                      |
| id                      | 3be9346b-9447-46d4-8222-f507be59357e |
| name                    | my_router                            |
| routes                  |                                      |
| status                  | ACTIVE                               |
| tenant_id               | 605f675c6d1a40cd9563adf3a75d4492     |
+-------------------------+--------------------------------------+
(neutron)

(neutron) subnet-list
+--------------------------------------+-----------------+-----------------+------------------------------------------+
| id                                   | name            | cidr            | allocation_pools                         |
+--------------------------------------+-----------------+-----------------+------------------------------------------+
| 37b936a4-cd4c-4565-9dee-2961cfc592c7 | internal_subnet | 192.168.37.0/24 | {"start": "192.168.37.2", "end":         |
|                                      |                 |                 | "192.168.37.254"}                        |

(neutron) router-interface-add my_router 37b936a4-cd4c-4565-9dee-2961cfc592c7
Added interface ec8a8119-4978-42e7-b362-ecebc45831b1 to router my_router.
(neutron)

[ external network ]

Here is network configuration of each node.
Each node has two vNICs.
node
eth0 ( private )
eth1 ( public )
controller
192.168.130.101/24
192.168.131.101/24
network
192.168.130.102/24
192.168.131.102/24
compute
192.168.130.103/24
192.168.131.103/24

Default Gateway is 192.168.131.1

192.168.130.0/24 : internal ip pool
192.168.131.0/24 : external ip pool

On the network node.
[root@network ~]# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
   link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
   inet 127.0.0.1/8 scope host lo
      valid_lft forever preferred_lft forever
   inet6 ::1/128 scope host
      valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
   link/ether 52:54:00:ce:6f:67 brd ff:ff:ff:ff:ff:ff
   inet 192.168.130.102/24 brd 192.168.130.255 scope global eth0
      valid_lft forever preferred_lft forever
   inet6 fe80::5054:ff:fece:6f67/64 scope link
      valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
   link/ether 52:54:00:d8:d8:f6 brd ff:ff:ff:ff:ff:ff
   inet 192.168.131.102/24 brd 192.168.131.255 scope global eth1
      valid_lft forever preferred_lft forever
   inet6 fe80::5054:ff:fed8:d8f6/64 scope link
      valid_lft forever preferred_lft forever
4: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN
   link/ether 82:ba:29:80:8d:ee brd ff:ff:ff:ff:ff:ff
5: br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
   link/ether 62:65:8a:20:43:46 brd ff:ff:ff:ff:ff:ff
   inet 172.24.4.225/28 scope global br-ex
      valid_lft forever preferred_lft forever
   inet6 fe80::6065:8aff:fe20:4346/64 scope link
      valid_lft forever preferred_lft forever
6: br-int: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN
   link/ether ea:59:ff:60:36:4d brd ff:ff:ff:ff:ff:ff
7: br-tun: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN
   link/ether c6:c8:81:23:06:41 brd ff:ff:ff:ff:ff:ff

[root@network ~]# cd /etc/sysconfig/network-scripts/
[root@network network-scripts]# cp ifcfg-eth1 ifcfg-br-ex

edit ifcfg-eth1 and ifcfg-br-ex.

[root@network network-scripts]# cat ifcfg-eth1
DEVICE=eth1
BOOTPROTO=static
NM_CONTROLLED=no
ONBOOT=yes
[root@network network-scripts]#

[root@network network-scripts]# cat ifcfg-br-ex
DEVICE=br-ex
ONBOOT=yes
IPADDR=192.168.131.102
NETMASK=255.255.255.0
DNS1=8.8.8.8
DNS2=8.8.4.4
GATEWAY=192.168.131.1

eth1 is acts as L2 and br-ex acts as L3.

add eth1 port to br-ex bridge so that packets can go through the internet via network node’s br-ex.
[root@network network-scripts]# ovs-vsctl add-port br-ex eth1

[root@network network-scripts]# /etc/init.d/network restart
Restarting network (via systemctl):  [  OK  ]
[root@network network-scripts]#

[root@network network-scripts]# ip a s
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
   link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
   inet 127.0.0.1/8 scope host lo
      valid_lft forever preferred_lft forever
   inet6 ::1/128 scope host
      valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
   link/ether 52:54:00:ce:6f:67 brd ff:ff:ff:ff:ff:ff
   inet 192.168.130.102/24 brd 192.168.130.255 scope global eth0
      valid_lft forever preferred_lft forever
   inet6 fe80::5054:ff:fece:6f67/64 scope link
      valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master ovs-system state UP qlen 1000
   link/ether 52:54:00:d8:d8:f6 brd ff:ff:ff:ff:ff:ff
   inet6 fe80::5054:ff:fed8:d8f6/64 scope link
      valid_lft forever preferred_lft forever
4: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN
   link/ether 82:ba:29:80:8d:ee brd ff:ff:ff:ff:ff:ff
5: br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
   link/ether 62:65:8a:20:43:46 brd ff:ff:ff:ff:ff:ff
   inet 192.168.131.102/24 brd 192.168.131.255 scope global br-ex
      valid_lft forever preferred_lft forever
   inet6 fe80::6065:8aff:fe20:4346/64 scope link
      valid_lft forever preferred_lft forever
6: br-int: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN
   link/ether ea:59:ff:60:36:4d brd ff:ff:ff:ff:ff:ff
7: br-tun: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN
   link/ether c6:c8:81:23:06:41 brd ff:ff:ff:ff:ff:ff

with admin user.
# source keystonerc_admin
[root@controller ~(keystone_admin)]# neutron
(neutron)

create a router for external network.
(neutron) net-create --tenant-id services ext --router:external=True --shared
Created a new network:
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | True                                 |
| availability_zone_hints   |                                      |
| availability_zones        |                                      |
| created_at                | 2016-09-12T09:43:41                  |
| description               |                                      |
| id                        | b586f891-9821-4b0b-8d0e-b224b164383c |
| ipv4_address_scope        |                                      |
| ipv6_address_scope        |                                      |
| is_default                | False                                |
| mtu                       | 1450                                 |
| name                      | ext                                  |
| provider:network_type     | vxlan                                |
| provider:physical_network |                                      |
| provider:segmentation_id  | 79                                   |
| router:external           | True                                 |
| shared                    | True                                 |
| status                    | ACTIVE                               |
| subnets                   |                                      |
| tags                      |                                      |
| tenant_id                 | services                             |
| updated_at                | 2016-09-12T09:43:41                  |
+---------------------------+--------------------------------------+
(neutron)

(neutron) net-list
+--------------------------------------+------------------+------------------------------------------------------+
| id                                   | name             | subnets                                              |
+--------------------------------------+------------------+------------------------------------------------------+
| b586f891-9821-4b0b-8d0e-b224b164383c | ext              |                                                      |
| d586146c-d5cb-42d5-b2f6-c0a78a7e8f82 | private          | 04e81461-a74a-4a69-9898-157af0e6ca20 10.0.0.0/24     |
| f6d28e0c-0233-416e-a212-b1d36d4d3cbf | public           | 22f91b90-5c43-474e-8e01-b72ac359186e 172.24.4.224/28 |
| 7745f545-4d41-4f0d-9653-899a1526af8c | internal-network | ccd07578-b412-4664-8446-598a5b675f7c 192.168.40.0/24 |
| ecc3c3f9-31bd-4998-a41d-b682b508bfb5 | internal         | 37b936a4-cd4c-4565-9dee-2961cfc592c7 192.168.37.0/24 |
+--------------------------------------+------------------+------------------------------------------------------+
(neutron)

Create a subnet for external network.
(neutron) subnet-create --tenant-id services ext 192.168.131.0/24 --enable-dhcp --allocation_pool start=192.168.131.130,end=192.168.131.160
Created a new subnet:
+-------------------+--------------------------------------------------------+
| Field             | Value                                                  |
+-------------------+--------------------------------------------------------+
| allocation_pools  | {"start": "192.168.131.130", "end": "192.168.131.160"} |
| cidr              | 192.168.131.0/24                                       |
| created_at        | 2016-09-14T05:09:37                                    |
| description       |                                                        |
| dns_nameservers   |                                                        |
| enable_dhcp       | True                                                   |
| gateway_ip        | 192.168.131.1                                          |
| host_routes       |                                                        |
| id                | 96a2cf60-346d-4ad7-8975-89a4c8f19bb0                   |
| ip_version        | 4                                                      |
| ipv6_address_mode |                                                        |
| ipv6_ra_mode      |                                                        |
| name              |                                                        |
| network_id        | b586f891-9821-4b0b-8d0e-b224b164383c                   |
| subnetpool_id     |                                                        |
| tenant_id         | services                                               |
| updated_at        | 2016-09-14T05:09:37                                    |
+-------------------+--------------------------------------------------------+
(neutron)

Configure to have a router “my-router” use a network “ext”.
(neutron) net-list
+--------------------------------------+------------------+-------------------------------------------------------+
| id                                   | name             | subnets                                               |
+--------------------------------------+------------------+-------------------------------------------------------+
| b586f891-9821-4b0b-8d0e-b224b164383c | ext              | 96a2cf60-346d-4ad7-8975-89a4c8f19bb0 192.168.131.0/24 |
| f6d28e0c-0233-416e-a212-b1d36d4d3cbf | public           | 22f91b90-5c43-474e-8e01-b72ac359186e 172.24.4.224/28  |
| d586146c-d5cb-42d5-b2f6-c0a78a7e8f82 | private          | 04e81461-a74a-4a69-9898-157af0e6ca20 10.0.0.0/24      |
| 7745f545-4d41-4f0d-9653-899a1526af8c | internal-network | ccd07578-b412-4664-8446-598a5b675f7c 192.168.40.0/24  |
| ecc3c3f9-31bd-4998-a41d-b682b508bfb5 | internal         | 37b936a4-cd4c-4565-9dee-2961cfc592c7 192.168.37.0/24  |
+--------------------------------------+------------------+-------------------------------------------------------+
(neutron) router-list
+--------------------------------------+-----------+-------------------------------------------+-------------+-------+
| id                                   | name      | external_gateway_info                     | distributed | ha    |
+--------------------------------------+-----------+-------------------------------------------+-------------+-------+
| 3be9346b-9447-46d4-8222-f507be59357e | my-router | null                                      | False       | False |
| cf414122-2ed7-446c-88a6-448876d8196b | router1   | {"network_id":                            | False       | False |
|                                      |           | "f6d28e0c-0233-416e-a212-b1d36d4d3cbf",   |             |       |
|                                      |           | "enable_snat": true,                      |             |       |
|                                      |           | "external_fixed_ips": [{"subnet_id":      |             |       |
|                                      |           | "22f91b90-5c43-474e-8e01-b72ac359186e",   |             |       |
|                                      |           | "ip_address": "172.24.4.226"}]}           |             |       |
+--------------------------------------+-----------+-------------------------------------------+-------------+-------+
(neutron) router-gateway-set 3be9346b-9447-46d4-8222-f507be59357e b586f891-9821-4b0b-8d0e-b224b164383c
Set gateway for router 3be9346b-9447-46d4-8222-f507be59357e
(neutron)

(neutron) router-show 3be9346b-9447-46d4-8222-f507be59357e
+-------------------------+-----------------------------------------------------------------------------------------------+
| Field                   | Value                                                                                         |
+-------------------------+-----------------------------------------------------------------------------------------------+
| admin_state_up          | True                                                                                          |
| availability_zone_hints |                                                                                               |
| availability_zones      | nova                                                                                          |
| description             |                                                                                               |
| distributed             | False                                                                                         |
| external_gateway_info   | {"network_id": "b586f891-9821-4b0b-8d0e-b224b164383c", "enable_snat": true,                   |
|                         | "external_fixed_ips": [{"subnet_id": "96a2cf60-346d-4ad7-8975-89a4c8f19bb0", "ip_address":    |
|                         | "192.168.131.131"}]}                                                                          |
| ha                      | False                                                                                         |
| id                      | 3be9346b-9447-46d4-8222-f507be59357e                                                          |
| name                    | my-router                                                                                     |
| routes                  |                                                                                               |
| status                  | ACTIVE                                                                                        |
| tenant_id               | 605f675c6d1a40cd9563adf3a75d4492                                                              |
+-------------------------+-----------------------------------------------------------------------------------------------+
(neutron)

my-router has two ports, one for private network and the other for external network.
(neutron) router-port-list 3be9346b-9447-46d4-8222-f507be59357e
+--------------------------------------+------+-------------------+-----------------------------------------------+
| id                                   | name | mac_address       | fixed_ips                                     |
+--------------------------------------+------+-------------------+-----------------------------------------------+
| 05a86ecc-ddcc-4ea1-97a3-7e9ef6773a5e |      | fa:16:3e:f3:cb:3f | {"subnet_id": "96a2cf60-346d-                 |
|                                      |      |                   | 4ad7-8975-89a4c8f19bb0", "ip_address":        |
|                                      |      |                   | "192.168.131.131"}                            |
| ec8a8119-4978-42e7-b362-ecebc45831b1 |      | fa:16:3e:25:b0:3b | {"subnet_id": "37b936a4-cd4c-4565-9dee-       |
|                                      |      |                   | 2961cfc592c7", "ip_address": "192.168.37.1"}  |
+--------------------------------------+------+-------------------+-----------------------------------------------+
(neutron)

[ Launch an instance ]

Create a keypair

with user01
(openstack) [root@controller ~(keystone_user01)]# nova keypair-add user01_keypair
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----

launch an instance
[root@controller ~(keystone_user01)]# neutron net-list
+--------------------------------------+----------+-------------------------------------------------------+
| id                                   | name     | subnets                                               |
+--------------------------------------+----------+-------------------------------------------------------+
| b586f891-9821-4b0b-8d0e-b224b164383c | ext      | 96a2cf60-346d-4ad7-8975-89a4c8f19bb0 192.168.131.0/24 |
| f6d28e0c-0233-416e-a212-b1d36d4d3cbf | public   | 22f91b90-5c43-474e-8e01-b72ac359186e                  |
| ecc3c3f9-31bd-4998-a41d-b682b508bfb5 | internal | 37b936a4-cd4c-4565-9dee-2961cfc592c7 192.168.37.0/24  |
+--------------------------------------+----------+-------------------------------------------------------+
[root@controller ~(keystone_user01)]# nova image-list
+--------------------------------------+----------+--------+--------+
| ID                                   | Name     | Status | Server |
+--------------------------------------+----------+--------+--------+
| dfb10702-96aa-4ece-9935-44a5c637aa5b | Fedora24 | ACTIVE |        |
| 0787f9f4-4ab1-4b3b-b186-de167642051f | cirros   | ACTIVE |        |
+--------------------------------------+----------+--------+--------+

[root@controller ~(keystone_user01)]# nova boot --flavor 1 --image 0787f9f4-4ab1-4b3b-b186-de167642051f --key-name user01_keypair --nic net-id=ecc3c3f9-31bd-4998-a41d-b682b508bfb5 my-first-instance
+--------------------------------------+-----------------------------------------------+
| Property                             | Value                                         |
+--------------------------------------+-----------------------------------------------+
| OS-DCF:diskConfig                    | MANUAL                                        |
| OS-EXT-AZ:availability_zone          |                                               |
| OS-EXT-STS:power_state               | 0                                             |
| OS-EXT-STS:task_state                | scheduling                                    |
| OS-EXT-STS:vm_state                  | building                                      |
| OS-SRV-USG:launched_at               | -                                             |
| OS-SRV-USG:terminated_at             | -                                             |
| accessIPv4                           |                                               |
| accessIPv6                           |                                               |
| adminPass                            | 2J8n99rPP7sT                                  |
| config_drive                         |                                               |
| created                              | 2016-09-14T06:36:31Z                          |
| flavor                               | m1.tiny (1)                                   |
| hostId                               |                                               |
| id                                   | 76dbd219-4e69-461e-9404-26270e9b4cd8          |
| image                                | cirros (0787f9f4-4ab1-4b3b-b186-de167642051f) |
| key_name                             | user01_keypair                                |
| metadata                             | {}                                            |
| name                                 | my-first-instance                             |
| os-extended-volumes:volumes_attached | []                                            |
| progress                             | 0                                             |
| security_groups                      | default                                       |
| status                               | BUILD                                         |
| tenant_id                            | 605f675c6d1a40cd9563adf3a75d4492              |
| updated                              | 2016-09-14T06:36:32Z                          |
| user_id                              | 1951635b07c24d3eb7de05fb8f2697cf              |
+--------------------------------------+-----------------------------------------------+
[root@controller ~(keystone_user01)]#

instance is running.
[root@controller ~(keystone_user01)]# nova list
+--------------------------------------+-------------------+--------+------------+-------------+-----------------------+
| ID                                   | Name              | Status | Task State | Power State | Networks              |
+--------------------------------------+-------------------+--------+------------+-------------+-----------------------+
| 76dbd219-4e69-461e-9404-26270e9b4cd8 | my-first-instance | ACTIVE | -          | Running     | internal=192.168.37.3 |
+--------------------------------------+-------------------+--------+------------+-------------+-----------------------+
[root@controller ~(keystone_user01)]#

[root@controller ~(keystone_user01)]# nova console-log 76dbd219-4e69-461e-9404-26270e9b4cd8
[    0.000000] Initializing cgroup subsys cpuset
[    0.000000] Initializing cgroup subsys cpu
[    0.000000] Linux version 3.2.0-80-virtual (buildd@batsu) (gcc version 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) ) #116-Ubuntu SMP Mon Mar 23 17:28:52 UTC 2015 (Ubuntu 3.2.0-80.116-virtual 3.2.68)
[    0.000000] Command line: LABEL=cirros-rootfs ro console=tty1

[root@controller ~(keystone_user01)]# nova show 76dbd219-4e69-461e-9404-26270e9b4cd8
+--------------------------------------+----------------------------------------------------------+
| Property                             | Value                                                    |
+--------------------------------------+----------------------------------------------------------+
| OS-DCF:diskConfig                    | MANUAL                                                   |
| OS-EXT-AZ:availability_zone          | nova                                                     |
| OS-EXT-STS:power_state               | 1                                                        |
| OS-EXT-STS:task_state                | -                                                        |
| OS-EXT-STS:vm_state                  | active                                                   |
| OS-SRV-USG:launched_at               | 2016-09-14T06:36:40.000000                               |
| OS-SRV-USG:terminated_at             | -                                                        |
| accessIPv4                           |                                                          |
| accessIPv6                           |                                                          |
| config_drive                         |                                                          |
| created                              | 2016-09-14T06:36:31Z                                     |
| flavor                               | m1.tiny (1)                                              |
| hostId                               | d34eb8dc4d730fcc217d98d3685b0f9b8aeafc0deaa8bf8261d37cae |
| id                                   | 76dbd219-4e69-461e-9404-26270e9b4cd8                     |
| image                                | cirros (0787f9f4-4ab1-4b3b-b186-de167642051f)            |
| internal network                     | 192.168.37.3, 192.168.131.132                            |
| key_name                             | user01_keypair                                           |
| metadata                             | {}                                                       |
| name                                 | my-first-instance                                        |
| os-extended-volumes:volumes_attached | []                                                       |
| progress                             | 0                                                        |
| security_groups                      | default                                                  |
| status                               | ACTIVE                                                   |
| tenant_id                            | 605f675c6d1a40cd9563adf3a75d4492                         |
| updated                              | 2016-09-14T06:36:41Z                                     |
| user_id                              | 1951635b07c24d3eb7de05fb8f2697cf                         |
+--------------------------------------+----------------------------------------------------------+
[root@controller ~(keystone_user01)]#

get a VNC URL
[root@controller ~(keystone_user01)]# nova get-vnc-console 76dbd219-4e69-461e-9404-26270e9b4cd8 novnc
+-------+--------------------------------------------------------------------------------------+
| Type  | Url                                                                                  |
+-------+--------------------------------------------------------------------------------------+
| novnc | http://192.168.131.101:6080/vnc_auto.html?token=2a596aac-9335-478d-bced-858970362e46 |
+-------+--------------------------------------------------------------------------------------+

on the compute node
You can find oneVM is running.
[root@compute ~]# virsh list --all
Id    Name                           State
----------------------------------------------------
2     instance-00000001              running

[root@compute ~]#

[ floating IP ]

[root@controller ~(keystone_admin)]# source keystonerc_user01
[root@controller ~(keystone_user01)]# neutron net-list
+--------------------------------------+----------+-------------------------------------------------------+
| id                                   | name     | subnets                                               |
+--------------------------------------+----------+-------------------------------------------------------+
| b586f891-9821-4b0b-8d0e-b224b164383c | ext      | 96a2cf60-346d-4ad7-8975-89a4c8f19bb0 192.168.131.0/24 |
| f6d28e0c-0233-416e-a212-b1d36d4d3cbf | public   | 22f91b90-5c43-474e-8e01-b72ac359186e                  |
| ecc3c3f9-31bd-4998-a41d-b682b508bfb5 | internal | 37b936a4-cd4c-4565-9dee-2961cfc592c7 192.168.37.0/24  |
+--------------------------------------+----------+-------------------------------------------------------+

[root@controller ~(keystone_user01)]# neutron floatingip-create ext
Created a new floatingip:
+---------------------+--------------------------------------+
| Field               | Value                                |
+---------------------+--------------------------------------+
| description         |                                      |
| dns_domain          |                                      |
| dns_name            |                                      |
| fixed_ip_address    |                                      |
| floating_ip_address | 192.168.131.132                      |
| floating_network_id | b586f891-9821-4b0b-8d0e-b224b164383c |
| id                  | f64fb111-fae8-40e8-8d99-49a655f13592 |
| port_id             |                                      |
| router_id           |                                      |
| status              | DOWN                                 |
| tenant_id           | 605f675c6d1a40cd9563adf3a75d4492     |
+---------------------+--------------------------------------+

associate floating-ip with instance’s port

neutron floatingip-associate “floatingip ID” “port ID”
[root@controller ~(keystone_user01)]# neutron floatingip-list
+--------------------------------------+------------------+---------------------+---------+
| id                                   | fixed_ip_address | floating_ip_address | port_id |
+--------------------------------------+------------------+---------------------+---------+
| f64fb111-fae8-40e8-8d99-49a655f13592 |                  | 192.168.131.132     |         |
+--------------------------------------+------------------+---------------------+---------+

[root@controller ~(keystone_user01)]# nova list
+--------------------------------------+-------------------+--------+------------+-------------+-----------------------+
| ID                                   | Name              | Status | Task State | Power State | Networks              |
+--------------------------------------+-------------------+--------+------------+-------------+-----------------------+
| 76dbd219-4e69-461e-9404-26270e9b4cd8 | my-first-instance | ACTIVE | -          | Running     | internal=192.168.37.3 |
+--------------------------------------+-------------------+--------+------------+-------------+-----------------------+
[root@controller ~(keystone_user01)]# neutron port-list
+--------------------------------------+------+-------------------+-----------------------------------------------+
| id                                   | name | mac_address       | fixed_ips                                     |
+--------------------------------------+------+-------------------+-----------------------------------------------+
| 58c34b1f-6656-4e15-b95e-f4ccf5d2b270 |      | fa:16:3e:d4:ad:ab | {"subnet_id": "37b936a4-cd4c-4565-9dee-       |
|                                      |      |                   | 2961cfc592c7", "ip_address": "192.168.37.2"}  |
| 6ba86079-5287-4b2e-ac9a-246babe05398 |      | fa:16:3e:65:18:d4 | {"subnet_id": "37b936a4-cd4c-4565-9dee-       |
|                                      |      |                   | 2961cfc592c7", "ip_address": "192.168.37.3"}  |
| ec8a8119-4978-42e7-b362-ecebc45831b1 |      | fa:16:3e:25:b0:3b | {"subnet_id": "37b936a4-cd4c-4565-9dee-       |
|                                      |      |                   | 2961cfc592c7", "ip_address": "192.168.37.1"}  |
+--------------------------------------+------+-------------------+-----------------------------------------------+
[root@controller ~(keystone_user01)]#
[root@controller ~(keystone_user01)]# neutron floatingip-associate f64fb111-fae8-40e8-8d99-49a655f13592 6ba86079-5287-4b2e-ac9a-246babe05398
Associated floating IP f64fb111-fae8-40e8-8d99-49a655f13592
[root@controller ~(keystone_user01)]#

[root@controller ~(keystone_user01)]# neutron floatingip-list
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id                                   | fixed_ip_address | floating_ip_address | port_id                              |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| f64fb111-fae8-40e8-8d99-49a655f13592 | 192.168.37.3     | 192.168.131.132     | 6ba86079-5287-4b2e-ac9a-246babe05398 |
+--------------------------------------+------------------+---------------------+--------------------------------------+
[root@controller ~(keystone_user01)]#

[ security group ]

allow SSH access
[root@controller ~(keystone_user01)]# neutron security-group-rule-create --protocol tcp --port-range-min 22 --port-range-max 22 --remote-ip-prefix 0.0.0.0/0 default

allow ICMP
[root@controller ~(keystone_user01)]# neutron security-group-rule-create --protocol icmp  --remote-ip-prefix 0.0.0.0/0 defa
ult

try to send ping.
nnn, fail
[root@controller ~(keystone_user01)]# ping 192.168.131.132
PING 192.168.131.132 (192.168.131.132) 56(84) bytes of data.
^C
--- 192.168.131.132 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1007ms

status is down.
[root@controller ~(keystone_user01)]# neutron floatingip-list
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id                                   | fixed_ip_address | floating_ip_address | port_id                              |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| f64fb111-fae8-40e8-8d99-49a655f13592 | 192.168.37.3     | 192.168.131.132     | 6ba86079-5287-4b2e-ac9a-246babe05398 |
+--------------------------------------+------------------+---------------------+--------------------------------------+
[root@controller ~(keystone_user01)]# neutron floatingip-show f64fb111-fae8-40e8-8d99-49a655f13592
+---------------------+--------------------------------------+
| Field               | Value                                |
+---------------------+--------------------------------------+
| description         |                                      |
| dns_domain          |                                      |
| dns_name            |                                      |
| fixed_ip_address    | 192.168.37.3                         |
| floating_ip_address | 192.168.131.132                      |
| floating_network_id | b586f891-9821-4b0b-8d0e-b224b164383c |
| id                  | f64fb111-fae8-40e8-8d99-49a655f13592 |
| port_id             | 6ba86079-5287-4b2e-ac9a-246babe05398 |
| router_id           | 3be9346b-9447-46d4-8222-f507be59357e |
| status              | DOWN                                 |
| tenant_id           | 605f675c6d1a40cd9563adf3a75d4492     |
+---------------------+--------------------------------------+

restart l3 agent on the network node.
[root@network ~]# systemctl restart neutron-l3-agent
[root@network ~]#

still status is down.
[root@controller ~(keystone_user01)]# neutron floatingip-show f64fb111-fae8-40e8-8d99-49a655f13592
+---------------------+--------------------------------------+
| Field               | Value                                |
+---------------------+--------------------------------------+
| description         |                                      |
| dns_domain          |                                      |
| dns_name            |                                      |
| fixed_ip_address    | 192.168.37.3                         |
| floating_ip_address | 192.168.131.132                      |
| floating_network_id | b586f891-9821-4b0b-8d0e-b224b164383c |
| id                  | f64fb111-fae8-40e8-8d99-49a655f13592 |
| port_id             | 6ba86079-5287-4b2e-ac9a-246babe05398 |
| router_id           | 3be9346b-9447-46d4-8222-f507be59357e |
| status              | DOWN                                 |
| tenant_id           | 605f675c6d1a40cd9563adf3a75d4492     |
+---------------------+--------------------------------------+
[root@controller ~(keystone_user01)]#

on the network node.
some errors I found in logs on the network node.
[root@network neutron]# less l3-agent.log
2016-09-14 21:50:32.820 21953 ERROR neutron.agent.l3.agent Exception: The 'gateway_external_network_id' option must be configured for this agent as Neutron has more than one external network.

neutron has two NICs in my environment.
on the network node.
[root@network neutron]# pwd
/etc/neutron

[root@network neutron]# grep ^external l3_agent.ini
external_network_bridge = br-ex

on the network node, add the red line.
gateway_external_network_id = b586f891-9821-4b0b-8d0e-b224b164383c
external_network_bridge = br-ex

the above value is an ID of external network(ext)
[root@controller ~(keystone_admin)]# neutron net-list
+--------------------------------------+------------------+-------------------------------------------------------+
| id                                   | name             | subnets                                               |
+--------------------------------------+------------------+-------------------------------------------------------+
| f6d28e0c-0233-416e-a212-b1d36d4d3cbf | public           | 22f91b90-5c43-474e-8e01-b72ac359186e 172.24.4.224/28  |
| b586f891-9821-4b0b-8d0e-b224b164383c | ext              | 96a2cf60-346d-4ad7-8975-89a4c8f19bb0 192.168.131.0/24 |
| d586146c-d5cb-42d5-b2f6-c0a78a7e8f82 | private          | 04e81461-a74a-4a69-9898-157af0e6ca20 10.0.0.0/24      |
| 7745f545-4d41-4f0d-9653-899a1526af8c | internal-network | ccd07578-b412-4664-8446-598a5b675f7c 192.168.40.0/24  |
| ecc3c3f9-31bd-4998-a41d-b682b508bfb5 | internal         | 37b936a4-cd4c-4565-9dee-2961cfc592c7 192.168.37.0/24  |
+--------------------------------------+------------------+-------------------------------------------------------+
[root@controller ~(keystone_admin)]#

restart l3-agent to reflect that.
[root@network neutron]# systemctl restart neutron-l3-agent

on the controller.
status became ACTIVE.
[root@controller ~(keystone_admin)]# neutron router-show 3be9346b-9447-46d4-8222-f507be59357e
+-------------------------+-----------------------------------------------------------------------------------------------+
| Field                   | Value                                                                                         |
+-------------------------+-----------------------------------------------------------------------------------------------+
| admin_state_up          | True                                                                                          |
| availability_zone_hints |                                                                                               |
| availability_zones      | nova                                                                                          |
| description             |                                                                                               |
| distributed             | False                                                                                         |
| external_gateway_info   | {"network_id": "b586f891-9821-4b0b-8d0e-b224b164383c", "enable_snat": true,                   |
|                         | "external_fixed_ips": [{"subnet_id": "96a2cf60-346d-4ad7-8975-89a4c8f19bb0", "ip_address":    |
|                         | "192.168.131.131"}]}                                                                          |
| ha                      | False                                                                                         |
| id                      | 3be9346b-9447-46d4-8222-f507be59357e                                                          |
| name                    | my-router                                                                                     |
| routes                  |                                                                                               |
| status                  | ACTIVE                                                                                        |
| tenant_id               | 605f675c6d1a40cd9563adf3a75d4492                                                              |
+-------------------------+-----------------------------------------------------------------------------------------------+

Okay, I was able to send pings to the instance from outside.
$ ping 192.168.131.132
PING 192.168.131.132 (192.168.131.132) 56(84) bytes of data.
64 bytes from 192.168.131.132: icmp_seq=1 ttl=63 time=3.82 ms
64 bytes from 192.168.131.132: icmp_seq=2 ttl=63 time=1.22 ms
^C
--- 192.168.131.132 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 1.224/2.523/3.822/1.299 ms

access to the instance over SSH.
user : cirros
password : cubswin:)
$ ssh  cirros@192.168.131.132
cirros@192.168.131.132's password:
$
$ hostname
my-first-instance

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.