Hello James I know it is hard to access the instance with only one external IP address. But I think there is a way to route the traffic to get there right?
Here is my configuration: The host has a one interface can access external network. Neutron is in a kvm deployed on the host and has two virtual network interfaces: onr for tunnel-network 10.0.0.x and one for external-network(I want to forward the traffic from it to outside network). I am using Legacy with Open vSwitch.(I think it's the juju default config) my neutron bridge table: 092c9e99-25bb-4bec-8cfc-8c0af7f9aa79 Bridge br-data Port phy-br-data Interface phy-br-data Port br-data Interface br-data type: internal Bridge br-tun Port "gre-0a00002e" Interface "gre-0a00002e" type: gre options: {in_key=flow, local_ip="10.0.0.44", out_key=flow, remote_ip="10.0.0.46"} Port "gre-0a000020" Interface "gre-0a000020" type: gre options: {in_key=flow, local_ip="10.0.0.44", out_key=flow, remote_ip="10.0.0.32"} Port "gre-0a000016" Interface "gre-0a000016" type: gre options: {in_key=flow, local_ip="10.0.0.44", out_key=flow, remote_ip="10.0.0.22"} Port "gre-0a000027" Interface "gre-0a000027" type: gre options: {in_key=flow, local_ip="10.0.0.44", out_key=flow, remote_ip="10.0.0.39"} Port "gre-0a00002b" Interface "gre-0a00002b" type: gre options: {in_key=flow, local_ip="10.0.0.44", out_key=flow, remote_ip="10.0.0.43"} Port "gre-0a000018" Interface "gre-0a000018" type: gre options: {in_key=flow, local_ip="10.0.0.44", out_key=flow, remote_ip="10.0.0.24"} Port br-tun Interface br-tun type: internal Port "gre-0a00002d" Interface "gre-0a00002d" type: gre options: {in_key=flow, local_ip="10.0.0.44", out_key=flow, remote_ip="10.0.0.45"} Port patch-int Interface patch-int type: patch options: {peer=patch-tun} Port "gre-0a000023" Interface "gre-0a000023" type: gre options: {in_key=flow, local_ip="10.0.0.44", out_key=flow, remote_ip="10.0.0.35"} Port "gre-0a00002a" Interface "gre-0a00002a" type: gre options: {in_key=flow, local_ip="10.0.0.44", out_key=flow, remote_ip="10.0.0.42"} Bridge br-int fail_mode: secure Port "tap5881c2ce-1a" tag: 1 Interface "tap5881c2ce-1a" Port patch-tun Interface patch-tun type: patch options: {peer=patch-int} Port "tap156e2b2a-aa" tag: 2 Interface "tap156e2b2a-aa" Port "tap2228fe49-74" tag: 1 Interface "tap2228fe49-74" Port int-br-data Interface int-br-data Port br-int Interface br-int type: internal Bridge br-ex Port br-ex Interface br-ex type: internal Port "em2" Interface "em2" Port "tapaa55b086-57" Interface "tapaa55b086-57" Port "eth1" Interface "eth1" ovs_version: "2.0.2" em2 is the host external network interface and eth1 is the neutron kvm interface I want to do the surgery. The problem is the br-ex, instances will go through it to access the outside network. So how can I route the traffic from br-ex to external network? Can the kvm and host share the same ip or can the host's ip act as a router to the kvm? thank you for help!!! Yanyang Tao Student, Integrated Computing PhD Program Dept of Computer Science, College of EIT, UALR Tel: +1 501 909‐2599 E-mail:yyoung...@gmail.com From: James Page Date: 2016-01-13 23:40 To: yyoung...@gmail.com CC: Juju?email?list Subject: Re: Can't Access To Instances Use SSH Hello On Wed, Jan 13, 2016 at 10:59 PM, yyoung...@gmail.com <yyoung...@gmail.com> wrote: I deployed Openstack manually with JUJU and MAAS. Here is my distribution: Keystone, Neutron, Mysql, Rabbitmq, Dashboard, nova-cloud-controller, Glance, Cinder each deployed on one VM(which is kvm) on one physical server. nova-compute has 9 nodes each deployed on one physical nodes. My external network is one fixed IP like x.x.x.x. I can only get one available IP address from our community. This will make accessing instances very hard; at least two IP addresses would be needed - one of the virtual router that is created to provide north/south traffic routing to the internal network, and one for a floating ip address for the instance you want to access. My internal network which use 10.0.0.0/24 used for the communication for openstack services. I finished the deploy. Right now I am struggling with accessing the instances, I create one public network(as floating ip) and one private network(as fixed ip) through dashboard for the instance, and I can access the instance from the dashboard, but unfortunately I can't login into it due to there is no username and password(I want to deploy hadoop on the instances). I also can't ssh to the instance with ssh root@floating ip -i {keypair}.pem, it seems like the two networks I created in dashboard has no use, My intuition is the network config of Neutron has some problem, and I attached the Neutron network config. So do you have any ideas about it, any response will be appreciated. Thank you! I'd suggest a read through the post deployment configuration steps in the official OpenStack bundle: https://jujucharms.com/openstack-base/ This includes details on how to configure external and private networks, how to enable appropriate security rules and how to access instances using floating ip addresses. Hopefully this will get you rolling on accessing instances, but your limitation on a single external IP address will be blocker for an effective cloud. Hope that helps James
-- Juju mailing list Juju@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/juju