Bug update :- On "qbra7a715f5-02" ICMP replies from VM are already lost
** Description changed:
- $ git clone https://git.openstack.org/openstack-dev/devstack
- $ cd devstack
- $ ./stack.sh
+ $ git clone https://git.openstack.org/openstack-dev/devstack
+ $ cd devstack
+ $ ./stack.sh
- Tested on VMs (F21 KVM Hypervisor) 4 GB RAM , 2 VCPUs running stack.sh
+ Tested on VMs (F21 KVM Hypervisor) 4 GB RAM , 2 VCPUs running stack.sh
instance with Ubuntu 14.04.2 (1).
- My local.conf.
+ My local.conf.
- [[local|localrc]]
- HOST_IP=192.169.142.52
- ADMIN_PASSWORD=secret
- MYSQL_PASSWORD=secret
- RABBIT_PASSWORD=secret
- SERVICE_PASSWORD=secret
- FLOATING_RANGE=192.168.10.0/24
- FLAT_INTERFACE=eth0
- Q_FLOATING_ALLOCATION_POOL=start=192.168.10.150,end=192.168.10.254
- PUBLIC_NETWORK_GATEWAY=192.168.10.15
- SERVICE_TOKEN=super-secret-admin-token
+ [[local|localrc]]
+ HOST_IP=192.169.142.52
+ ADMIN_PASSWORD=secret
+ MYSQL_PASSWORD=secret
+ RABBIT_PASSWORD=secret
+ SERVICE_PASSWORD=secret
+ FLOATING_RANGE=192.168.10.0/24
+ FLAT_INTERFACE=eth0
+ Q_FLOATING_ALLOCATION_POOL=start=192.168.10.150,end=192.168.10.254
+ PUBLIC_NETWORK_GATEWAY=192.168.10.15
+ SERVICE_TOKEN=super-secret-admin-token
- DEST=$HOME/stack
- SERVICE_DIR=$DEST/status
- DATA_DIR=$DEST/data
- LOGFILE=$DEST/logs/stack.sh.log
- LOGDIR=$DEST/logs
+ DEST=$HOME/stack
+ SERVICE_DIR=$DEST/status
+ DATA_DIR=$DEST/data
+ LOGFILE=$DEST/logs/stack.sh.log
+ LOGDIR=$DEST/logs
- FIXED_RANGE=10.254.1.0/24
- NETWORK_GATEWAY=10.254.1.1
+ FIXED_RANGE=10.254.1.0/24
+ NETWORK_GATEWAY=10.254.1.1
- # Services
- disable_service n-net
- enable_service q-svc
- enable_service q-agt
- enable_service q-dhcp
- enable_service q-l3
- enable_service q-meta
- enable_service horizon
- disable_service tempest
+ # Services
+ disable_service n-net
+ enable_service q-svc
+ enable_service q-agt
+ enable_service q-dhcp
+ enable_service q-l3
+ enable_service q-meta
+ enable_service horizon
+ disable_service tempest
Security rules ( demo tenant, I ran `cd dev* && . openrc demo` )
- ubuntu@ubuntu-vm:~/devstack$ nova secgroup-list-rules default
- +-+---+-+---+--+
- | IP Protocol | From Port | To Port | IP Range | Source Group |
- +-+---+-+---+--+
- | | | | | default |
- | icmp | -1 | -1 | 0.0.0.0/0 | |
- | | | | | default |
- | tcp | 22 | 22 | 0.0.0.0/0 | |
- +-+---+-+---+--+
+ ubuntu@ubuntu-vm:~/devstack$ nova secgroup-list-rules default
+ +-+---+-+---+--+
+ | IP Protocol | From Port | To Port | IP Range | Source Group |
+ +-+---+-+---+--+
+ | | | | | default |
+ | icmp | -1 | -1 | 0.0.0.0/0 | |
+ | | | | | default |
+ | tcp | 22 | 22 | 0.0.0.0/0 | |
+ +-+---+-+---+--+
I can login to VF21 instance only via qdhcp-namespace
- ubuntu@ubuntu-vm:~/devstack$ . openrc demo
- ubuntu@ubuntu-vm:~/devstack$ sudo ip netns exec
qdhcp-94d8a1e6-89bf-4162-9fc3-061a9bc17737 ssh -i osxkey.pem fedora@10.254.1.4
- Last login: Wed Feb 25 22:01:09 2015 from 10.254.1.3
- [fedora@vf21rsx01 ~]$ uname -a
- Linux vf21rsx01.novalocal 3.18.7-200.fc21.x86_64 #1 SMP Wed Feb 11
21:53:17 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
+ ubuntu@ubuntu-vm:~/devstack$ . openrc demo
+ ubuntu@ubuntu-vm:~/devstack$ sudo ip netns exec
qdhcp-94d8a1e6-89bf-4162-9fc3-061a9bc17737 ssh -i osxkey.pem fedora@10.254.1.4
+ Last login: Wed Feb 25 22:01:09 2015 from 10.254.1.3
+ [fedora@vf21rsx01 ~]$ uname -a
+ Linux vf21rsx01.novalocal 3.18.7-200.fc21.x86_64 #1 SMP Wed Feb 11
21:53:17 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
- I have internet access && can run yum -y update.
+ I have internet access && can run yum -y update.
I ping from 192.169.142.153 (host running stack.sh instance ) floating
IP 192.168.10.154 ( private IP 50.0.0.13) . `tcpdump -vv -i eth0` is
running inside VM (192.168.10.154, 50.0.0.13)
- 20:19:34.729398 IP (tos 0x0, ttl 63, id 42021, offset 0, flags [DF],
proto ICMP (1), length 84)
- ip-192-169-142-53.ip.secureserver.net > 50-0-0-13.static.sonic.net:
ICMP echo request, id 8588, seq 560, length 64
- 20:19:34.729696 IP (tos 0x0, ttl 64, id 41602, offset 0, flags [none],
proto ICMP (1), length 84)
- 50-0-0-13.static.sonic.net > ip-192-169-142-53.ip.secureserver.net:
ICMP echo reply, id 8588, seq 560, length 64
- 20:19:35.729432 IP (tos 0x0, ttl 63, id 42096, offset 0, flags [DF],
proto ICMP (1), length 84)
- ip