Quantcast
Channel: Ask OpenStack: Q&A Site for OpenStack Users and Developers - Individual question feed
Viewing all articles
Browse latest Browse all 3

Comment by dbaxps for I am pretty close. I can load Cirros instance on Compute, log in via VNC and run nslookup inside it. Everything is fine with IP's and routing. However , i cannot connect via ssh to both Cirros and Fedora 19 instances. Might it be gre tunnelling problem ? Details :- On Controller :- # neutron security-group-rule-create --protocol tcp \ --port-range-min 22 --port-range-max 22 \ --direction ingress --remote-ip-prefix 0.0.0.0/0 default Multiple security_group matches found for name 'default', use an ID to be more specific. # neutron security-group-list +--------------------------------------+---------+-------------+ | id | name | description | +--------------------------------------+---------+-------------+ | a085748d-92c0-40e0-a4c1-bc86935ec0ee | default | default | | b6203882-561d-4f7b-9e2e-441c57e83419 | default | default | | c70b80d3-f060-4002-af22-6603c745a6cf | default | default | +--------------------------------------+---------+-------------+ # neutron security-group-rule-create --protocol tcp --port-range-min 22 --port-range-max 22 --direction ingress --remote-ip-prefix 0.0.0.0/0 a085748d-92c0-40e0-a4c1-bc86935ec0ee 409-{u'NeutronError': {u'message': u'Security group rule already exists. Group id is 6d15d6cc-ed13-4c26-89ff-7ff10e6c4656.', u'type': u'SecurityGroupRuleExists', u'detail': u''}} # neutron security-group-rule-create --protocol tcp --port-range-min 22 --port-range-max 22 --direction ingress --remote-ip-prefix 0.0.0.0/0 b6203882-561d-4f7b-9e2e-441c57e83419 Created a new security_group_rule: +-------------------+--------------------------------------+ | Field | Value | +-------------------+--------------------------------------+ | direction | ingress | | ethertype | IPv4 | | id | 97232fb3-6ba1-46a3-a8e3-2f25ba0c70dc | | port_range_max | 22 | | port_range_min | 22 | | protocol | tcp | | remote_group_id | | | remote_ip_prefix | 0.0.0.0/0 | | security_group_id | b6203882-561d-4f7b-9e2e-441c57e83419 | | tenant_id | 751cda6ede504ccd9562edd233b32b34 | +-------------------+--------------------------------------+ # neutron floatingip-show \ 3d40ed62-ad78-4042-8342-9f76c419c8c1 +---------------------+--------------------------------------+ | Field | Value | +---------------------+--------------------------------------+ | fixed_ip_address | 10.0.0.2 | | floating_ip_address | 192.169.142.105 | | floating_network_id | 8e2df372-544d-4921-ad58-e164e5128410 | | id | 3d40ed62-ad78-4042-8342-9f76c419c8c1 | | port_id | 41da6b37-dfd8-49a2-8dae-45d9a99ef7d7 | | router_id | ba157037-747e-4a44-84d5-13d7d30e88ac | | tenant_id | 751cda6ede504ccd9562edd233b32b34 | +---------------------+--------------------------------------+ I can ping from Controller 192.169.142.105 # ssh -l fedora -i oskey1.priv 192.169.142.105 Hangs I double checked iptables on compute node . It's OK

Previous: Answer by dbaxps for I am pretty close. I can load Cirros instance on Compute, log in via VNC and run nslookup inside it. Everything is fine with IP's and routing. However , i cannot connect via ssh to both Cirros and Fedora 19 instances. Might it be gre tunnelling problem ? Details :- On Controller :- # neutron security-group-rule-create --protocol tcp \ --port-range-min 22 --port-range-max 22 \ --direction ingress --remote-ip-prefix 0.0.0.0/0 default Multiple security_group matches found for name 'default', use an ID to be more specific. # neutron security-group-list +--------------------------------------+---------+-------------+ | id | name | description | +--------------------------------------+---------+-------------+ | a085748d-92c0-40e0-a4c1-bc86935ec0ee | default | default | | b6203882-561d-4f7b-9e2e-441c57e83419 | default | default | | c70b80d3-f060-4002-af22-6603c745a6cf | default | default | +--------------------------------------+---------+-------------+ # neutron security-group-rule-create --protocol tcp --port-range-min 22 --port-range-max 22 --direction ingress --remote-ip-prefix 0.0.0.0/0 a085748d-92c0-40e0-a4c1-bc86935ec0ee 409-{u'NeutronError': {u'message': u'Security group rule already exists. Group id is 6d15d6cc-ed13-4c26-89ff-7ff10e6c4656.', u'type': u'SecurityGroupRuleExists', u'detail': u''}} # neutron security-group-rule-create --protocol tcp --port-range-min 22 --port-range-max 22 --direction ingress --remote-ip-prefix 0.0.0.0/0 b6203882-561d-4f7b-9e2e-441c57e83419 Created a new security_group_rule: +-------------------+--------------------------------------+ | Field | Value | +-------------------+--------------------------------------+ | direction | ingress | | ethertype | IPv4 | | id | 97232fb3-6ba1-46a3-a8e3-2f25ba0c70dc | | port_range_max | 22 | | port_range_min | 22 | | protocol | tcp | | remote_group_id | | | remote_ip_prefix | 0.0.0.0/0 | | security_group_id | b6203882-561d-4f7b-9e2e-441c57e83419 | | tenant_id | 751cda6ede504ccd9562edd233b32b34 | +-------------------+--------------------------------------+ # neutron floatingip-show \ 3d40ed62-ad78-4042-8342-9f76c419c8c1 +---------------------+--------------------------------------+ | Field | Value | +---------------------+--------------------------------------+ | fixed_ip_address | 10.0.0.2 | | floating_ip_address | 192.169.142.105 | | floating_network_id | 8e2df372-544d-4921-ad58-e164e5128410 | | id | 3d40ed62-ad78-4042-8342-9f76c419c8c1 | | port_id | 41da6b37-dfd8-49a2-8dae-45d9a99ef7d7 | | router_id | ba157037-747e-4a44-84d5-13d7d30e88ac | | tenant_id | 751cda6ede504ccd9562edd233b32b34 | +---------------------+--------------------------------------+ I can ping from Controller 192.169.142.105 # ssh -l fedora -i oskey1.priv 192.169.142.105 Hangs I double checked iptables on compute node . It's OK
$
0
0
-A INPUT -p gre -j ACCEPT -A OUTPUT -p gre -j ACCEPT are In filter section /etc/sysconfig/iptables on both nodes

Viewing all articles
Browse latest Browse all 3

Trending Articles