Re: [Openstack] private network issue ( kola-ansible pike/stable deployment )
So the situation is: * VM1 has a floating IP and can be reached via floating IP * VM1 can ping VM2 * VM2 can't ssh VM2 Useful additional information you may have gathered already: * Does the ssh client issue any error message, and which? * Is an sshd running on VM2? * If yes, any error in the sshd log? I.e., does VM2 receive anything at all, and how does it process what it receives * Any /outgoing /connectivity problems from VM2? Other things to do or check: * Use debug options when running the ssh client and sshd * packet tracing on both VMs * ssh to VM2's private IP from the DHCP server's namespace * When you ping VM2, are you sure it's really VM2 that responds? Perhaps something else has the same IP, or even MAC. You can check that by tracing ICMP on VM2. Bernd On 4/7/2018 2:56 AM, Brian Haley wrote: > On 04/06/2018 01:28 PM, s serge wrote: >> Hello, >> >> I'm evaluating an installation and everything from networking side >> was looking good >> until I tried to reach a VM host via private network from another VM >> via ssh. >> >> In short: >> 1. Spawn a VM >> 2. Associate a floating IP >> 3. Logon to VM via ssh on public network >> 4. Spawn another VM >> 5. Try to reach 1st VM via ssh private network IP - FAIL. >> 6. ICMP to 1st VM IP via private network works well. >> >> Looks pretty weird for me as according to logs everything looks fine, >> both VM got assigned a private IP and fetches metadata info. >> >> Some notes about setup: >> Separate interfaces for management, private(VXLAN) and external network. >> Dozen of similar servers. >> >> I'll continue to debug the issue, but appreciate any relevant feedback. > > I would check two things: > > 1. Security groups are allowing port 22 > 2. MTU is set correctly, should probably be 1450 if you're using > VXLAN, which should have been set via the DHCP reply > > -Brian > > ___ > Mailing list: > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > Post to : openstack@lists.openstack.org > Unsubscribe : > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack signature.asc Description: OpenPGP digital signature ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] private network issue ( kola-ansible pike/stable deployment )
On 04/06/2018 01:28 PM, s serge wrote: Hello, I'm evaluating an installation and everything from networking side was looking good until I tried to reach a VM host via private network from another VM via ssh. In short: 1. Spawn a VM 2. Associate a floating IP 3. Logon to VM via ssh on public network 4. Spawn another VM 5. Try to reach 1st VM via ssh private network IP - FAIL. 6. ICMP to 1st VM IP via private network works well. Looks pretty weird for me as according to logs everything looks fine, both VM got assigned a private IP and fetches metadata info. Some notes about setup: Separate interfaces for management, private(VXLAN) and external network. Dozen of similar servers. I'll continue to debug the issue, but appreciate any relevant feedback. I would check two things: 1. Security groups are allowing port 22 2. MTU is set correctly, should probably be 1450 if you're using VXLAN, which should have been set via the DHCP reply -Brian ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] private network issue ( kola-ansible pike/stable deployment )
I'm sorry, some corrections, p.5 and p.6 should be: 5. From 1st VM try to reach the second VM(p.4) via ssh private network IP - FAIL. 6. ICMP from 1st VM to second(p.4) IP via private network works well. 06.04.2018, 20:42, "s serge" : > Hello, > > I'm evaluating an installation and everything from networking side was > looking good > until I tried to reach a VM host via private network from another VM via ssh. > > In short: > 1. Spawn a VM > 2. Associate a floating IP > 3. Logon to VM via ssh on public network > 4. Spawn another VM > 5. Try to reach 1st VM via ssh private network IP - FAIL. > 6. ICMP to 1st VM IP via private network works well. > > Looks pretty weird for me as according to logs everything looks fine, > both VM got assigned a private IP and fetches metadata info. > > Some notes about setup: > Separate interfaces for management, private(VXLAN) and external network. > Dozen of similar servers. > > I'll continue to debug the issue, but appreciate any relevant feedback. > > Thanks, > Regards, > Serge. > > ___ > Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > Post to : openstack@lists.openstack.org > Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] private network issue ( kola-ansible pike/stable deployment )
Hello, I'm evaluating an installation and everything from networking side was looking good until I tried to reach a VM host via private network from another VM via ssh. In short: 1. Spawn a VM 2. Associate a floating IP 3. Logon to VM via ssh on public network 4. Spawn another VM 5. Try to reach 1st VM via ssh private network IP - FAIL. 6. ICMP to 1st VM IP via private network works well. Looks pretty weird for me as according to logs everything looks fine, both VM got assigned a private IP and fetches metadata info. Some notes about setup: Separate interfaces for management, private(VXLAN) and external network. Dozen of similar servers. I'll continue to debug the issue, but appreciate any relevant feedback. Thanks, Regards, Serge. ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[Openstack] pacemaker failing to install - opnfv Danube Fuel
OPNFV - Danube 3.0 Fuel install error. I am getting this error during the openstack install process. I have installed OS using fuel many times, and never ran into this. It says pacemaker can't install without corosync, but it appears to be installed. Would anyone know why I'm seeing this error? Tried this with a single controller and a dual one, same result. Node is simple KVM, standard OVS VLAN config, with cinder as storage. This is the command the install script seems to be failing at: root@node-10:~# /usr/bin/apt-get -q -y -o DPkg::Options::=--force-confold -o APT::Get::AllowUnauthenticated=1 install pacemaker Reading package lists... Building dependency tree... Reading state information... Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation: The following packages have unmet dependencies: pacemaker : Depends: corosync (>= 2.3.0) but it is not going to be installed E: Unable to correct problems, you have held broken packages. root@node-10:~# Coroysnc appears to be installed passed the required version. ||/ Name Version ArchitectureDescription +++-=-===-== =-== == ii corosync 2.3.5-3ubuntu2.1amd64 cluster engine daemon and utilities root@node-10:~# Puppet log, which is basically the output of the failed command. 2018-04-06 14:42:07 ERR (/Stage[main]/Corosync/Package[pacemaker]/ensure) E: Unable to correct problems, you have held broken packages. 2018-04-06 14:42:07 ERR (/Stage[main]/Corosync/Package[pacemaker]/ensure) pacemaker : Depends: corosync (>= 2.3.0) but it is not going to be installed 2018-04-06 14:42:07 ERR (/Stage[main]/Corosync/Package[pacemaker]/ensure) The following packages have unmet dependencies: 2018-04-06 14:42:07 ERR (/Stage[main]/Corosync/Package[pacemaker]/ensure) 2018-04-06 14:42:07 ERR (/Stage[main]/Corosync/Package[pacemaker]/ensure) The following information may help to resolve the situation: 2018-04-06 14:42:07 ERR (/Stage[main]/Corosync/Package[pacemaker]/ensure) or been moved out of Incoming. 2018-04-06 14:42:07 ERR (/Stage[main]/Corosync/Package[pacemaker]/ensure) distribution that some required packages have not yet been created 2018-04-06 14:42:07 ERR (/Stage[main]/Corosync/Package[pacemaker]/ensure) requested an impossible situation or if you are using the unstable 2018-04-06 14:42:07 ERR (/Stage[main]/Corosync/Package[pacemaker]/ensure) Some packages could not be installed. This may mean that you have 2018-04-06 14:42:07 ERR (/Stage[main]/Corosync/Package[pacemaker]/ensure) Reading state information... 2018-04-06 14:42:07 ERR (/Stage[main]/Corosync/Package[pacemaker]/ensure) Building dependency tree... 2018-04-06 14:42:07 ERR (/Stage[main]/Corosync/Package[pacemaker]/ensure) change from purged to present failed: Execution of '/usr/bin/apt-get -q -y -o DPkg::Options::=--force-confold -o APT::Get::AllowUnauthenticated=1 install pacemaker' returned 100: Reading package lists... ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
