Hi, I am setting up replica of my real-world deployment in terms of networks within single instance of OpenStack. For that I have to create 3 networks (1 for each tier): web, middleware, db.
I have created those networks successfully then I've added the routers between respective networks, yet my web tier can't reach middleware and middleware can't reach DB using those private nets. I have created a separate "public" network to which all those nets can be routed (so that I can access VMs directly). This one works just fine. Most details provided in gist: https://gist.github.com/droopy4096/0008581552e63710341b To simplify: this time around I've used dashboard to create network infrastructure. So procedure I've followed: * created each network (front, mid, db, public) with according subnet. * created routers "bridging" specific pairs of network, e.g.: gb_front_mid_router is connecting front tier (web) and mid tier (middleware). * for each tier created secgroup with corresponding rules * created VMs for each tier assigned to specific private network with specific secgroups applied * checked that default secgroup seems to be allowing everything in (see gist) pinging from systest-front to systest-mid (on 10.10/16 IPs) fails so far. Same goes for pings from mid to db etc. what am I missing? Why traffic from one private net can't reach another? Anything needs to be added to configuration? -- Dmitry Makovey Web Systems Administrator Athabasca University (780) 675-6245 --- Confidence is what you have before you understand the problem Woody Allen When in trouble when in doubt run in circles scream and shout http://www.wordwizard.com/phpbb3/viewtopic.php?f=16&t=19330
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
