search

nii-cloud / dodai-deploy

Deployment Tool for OpenStack(Nova, Glance and Swift) and Hadoop using Puppet
https://github.com/nii-cloud/dodai-deploy/wiki
68 stars 25 forks source link

Unable to delete demo tenant/project and example users #26

Closed sepulworld closed 7 years ago

sepulworld commented 12 years ago

Greetings,

After successfully deploying with dodai-deploy, I am running into the issue of not being able to remove or example users and projects. It always breaks authentication for the admin user. Can you verify this?

guanxiaohua2k6 commented 12 years ago

Sorry for late reply due to being away on vacation.

I verified it. I couldn't log into dashboard neither. The cause is that there were orphan records left in table user_tenant_membership of DB keystone. After I removed the records, I could log into the dashboard again.

You can cleared the records with the following command.

sqlite3 /var/lib/keystone/keystone.db 'delete from user_tenant_membership where tenant_id not in ( select id from tenant );'
sepulworld commented 12 years ago

Hi Xiaohua!

Thank you for the response back. I hope you had a wonderful vacation. Your deployment application is wonderful. Thank you for sharing that with everyone.

Thank you for sharing the fix for the orphaned users issue. Can Keystone be easily moved over to MySQL?

-Z

On Sun, Aug 26, 2012 at 10:34 PM, Xiaohua Guan notifications@github.comwrote:

Sorry for late reply due to being away on vacation.

I verified it. I couldn't log into dashboard neither. The cause is that there were orphan records left in table user_tenant_membership of DB keystone. After I removed the records, I could log into the dashboard again.

You can cleared the records with the following command.

sqlite3 /var/lib/keystone/keystone.db 'delete from user_tenant_membership where tenant_id not in ( select id from tenant );'

— Reply to this email directly or view it on GitHubhttps://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-8047326.

Zane

guanxiaohua2k6 commented 12 years ago

Hi, zane,

You can migrate to mysql in the following steps.

  1. Stop keystone service

    stop keystone

  2. Change setting of /etc/keystone/keystone.conf

    "nova" is the password of mysql server.

    connection = mysql://root:nova@localhost/keystone

  3. Create keystone db

    nova is the password.

    mysql -uroot -pnova -e "CREATE DATABASE keystone;" keystone-manage db_sync

  4. Migrate data in sqlite3 db to mysql db.

    echo -e '.output keystone.sql\n.dump' | sqlite3 /var/lib/keystone/keystone.db

Open the file keystone.sql, and REMOVE the following statements, the save it.

Remove double quotation around table names with the command below.

sed -i -e 's/INTO "\([a-z_0-9]*\)"/INTO \1/g' keystone.sql

Import into mysql db.

mysql -uroot -pnova keystone < keystone.sql

Start keystone service.

start keystone
sepulworld commented 11 years ago

Thank you so much for the response! Works perfectly.

I have a hopefully straight forward question that I can't seem to find the answer on EUCA sites.

I have an image that is available to my admin user:

IMAGE ami-00000006 centos53-image-bucket/centos.5-3.x86-64.img.manifest.xml available private x86_64 machine aki-00000004 ari-00000005 instance-store

I want to make it "public" to my other users on the openstack deployment. How can I do this? It is presently set to "private"

Thanks Zane

On Mon, Aug 27, 2012 at 8:49 PM, Xiaohua Guan notifications@github.comwrote:

Hi, zane,

You can migrate to mysql in the following steps.

1.

Stop keystone service

stop keystone 2.

Change setting of /etc/keystone/keystone.conf "nova" is the password of mysql server.

connection = mysql://root:nova@localhost/keystone 3.

Create keystone db nova is the password.

mysql -uroot -pnova -e "CREATE DATABASE keystone;" keystone-manage db_sync 4.

Migrate data in sqlite3 db to mysql db.

echo -e '.output keystone.sql\n.dump' | sqlite3 /var/lib/keystone/keystone.db

Open the file keystone.sql, and REMOVE the following statements, the save it.

  • PRAGMA
  • BEGIN TRAN...
  • COMMIT
  • CREATE TABLE
  • INSERT INTO "migrate_version" ...

Remove double quotation around table names with the command below.

sed -i -e 's/INTO "([a-z_0-9]*)"/INTO \1/g' keystone.sql

Import into mysql db.

mysql -uroot -pnova keystone < keystone.sql

Start keystone service.

start keystone

— Reply to this email directly or view it on GitHubhttps://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-8078617.

Zane

guanxiaohua2k6 commented 11 years ago

Can you try the following command to convert a image into public?

euca-modify-image-attribute --launch-permission --add all IMAGE_ID
sepulworld commented 11 years ago

Ok so I ran an apt-get upgrade and it updated the Horizon dashboard. I am now able to update image to make it public in the web interface, but with a new project It errors on deployment at the network setup phase. The image deploys fine for the admin account though.

I will look into this further. I might try your command below too. Thank you for the advice!

-Z

On Thu, Oct 4, 2012 at 7:06 PM, Xiaohua Guan notifications@github.comwrote:

Can you try the following command to convert a image into public?

euca-modify-image-attribute --launch-permission --add all IMAGE_ID

— Reply to this email directly or view it on GitHubhttps://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9163390.

Zane

sepulworld commented 11 years ago

Hi Xiaohua,

So the image is public now -

IMAGE ami-00000006 None (centos53-image-bucket/centos.5-3.x86-64.img.manifest.xml) available public x86_64 machine aki-00000004 ari-00000005 instance-store

But I receive errors when trying to deploy with another project/user. The vm deployment appears to error during the network setup phase.

2012-10-04 19:21:48 DEBUG nova.network.manager [req-f2ddaacd-0351-477a-bc91-fe6c7e30e4b7 d9f568eb2360465b89bb1967641f59a2 16a37915625142ef862ca86b58daba01] floating IP allocation for instance |29| from (pid=20446) allocate_for_instance /usr/lib/python2.7/dist-packages/nova/network/manager.py:315 2012-10-04 19:21:48 DEBUG nova.network.manager [req-f2ddaacd-0351-477a-bc91-fe6c7e30e4b7 d9f568eb2360465b89bb1967641f59a2 16a37915625142ef862ca86b58daba01] network allocations for instance |29| from (pid=20446) allocate_for_instance /usr/lib/python2.7/dist-packages/nova/network/manager.py:889 2012-10-04 19:21:48 ERROR nova.rpc.amqp [req-f2ddaacd-0351-477a-bc91-fe6c7e30e4b7 d9f568eb2360465b89bb1967641f59a2 16a37915625142ef862ca86b58daba01] Exception during message handling 2012-10-04 19:21:48 TRACE nova.rpc.amqp Traceback (most recent call last): 2012-10-04 19:21:48 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/rpc/amqp.py", line 253, in _process_data 2012-10-04 19:21:48 TRACE nova.rpc.amqp rval = node_func(context=ctxt, _node_args) 2012-10-04 19:21:48 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/network/manager.py", line 257, in wrapped 2012-10-04 19:21:48 TRACE nova.rpc.amqp return func(self, context, args, _kwargs) 2012-10-04 19:21:48 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/network/manager.py", line 320, in allocate_for_instance 2012-10-04 19:21:48 TRACE nova.rpc.amqp _kwargs) 2012-10-04 19:21:48 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/network/manager.py", line 257, in wrapped 2012-10-04 19:21:48 TRACE nova.rpc.amqp return func(self, context, args, _kwargs) 2012-10-04 19:21:48 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/network/manager.py", line 892, in allocate_for_instance 2012-10-04 19:21:48 TRACE nova.rpc.amqp requested_networks=requested_networks) 2012-10-04 19:21:48 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/network/manager.py", line 1814, in _get_networks_for_instance 2012-10-04 19:21:48 TRACE nova.rpc.amqp networks = self.db.project_get_networks(context, project_id) 2012-10-04 19:21:48 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/db/api.py", line 1298, in project_get_networks 2012-10-04 19:21:48 TRACE nova.rpc.amqp return IMPL.project_get_networks(context, project_id, associate) 2012-10-04 19:21:48 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/db/sqlalchemy/api.py", line 120, in wrapper 2012-10-04 19:21:48 TRACE nova.rpc.amqp return f(_args, _kwargs) 2012-10-04 19:21:48 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/db/sqlalchemy/api.py", line 3147, in project_get_networks 2012-10-04 19:21:48 TRACE nova.rpc.amqp return [network_associate(context, project_id)] 2012-10-04 19:21:48 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/db/sqlalchemy/api.py", line 102, in wrapper 2012-10-04 19:21:48 TRACE nova.rpc.amqp return f(_args, _kwargs) 2012-10-04 19:21:48 TRACE nova.rpc.amqp File "/usr/lib/python2.7/dist-packages/nova/db/sqlalchemy/api.py", line 1852, in network_associate 2012-10-04 19:21:48 TRACE nova.rpc.amqp raise db.NoMoreNetworks() 2012-10-04 19:21:48 TRACE nova.rpc.amqp NoMoreNetworks 2012-10-04 19:21:48 TRACE nova.rpc.amqp 2012-10-04 19:21:48 ERROR nova.rpc.amqp [req-f2ddaacd-0351-477a-bc91-fe6c7e30e4b7 d9f568eb2360465b89bb1967641f59a2 16a37915625142ef862ca86b58daba01] Returning exception to caller 2012-10-04 19:21:48 ERROR nova.rpc.amqp [req-f2ddaacd-0351-477a-bc91-fe6c7e30e4b7 d9f568eb2360465b89bb1967641f59a2 16a37915625142ef862ca86b58daba01] ['Traceback (most recent call last):\n', ' File "/usr/lib/python2.7/dist-packages/nova/rpc/amqp.py", line 253, in _process_data\n rval = node_func(context=ctxt, _node_args)\n', ' File "/usr/lib/python2.7/dist-packages/nova/network/manager.py", line 257, in wrapped\n return func(self, context, args, _kwargs)\n', ' File "/usr/lib/python2.7/dist-packages/nova/network/manager.py", line 320, in allocate_for_instance\n _kwargs)\n', ' File "/usr/lib/python2.7/dist-packages/nova/network/manager.py", line 257, in wrapped\n return func(self, context, args, _kwargs)\n', ' File "/usr/lib/python2.7/dist-packages/nova/network/manager.py", line 892, in allocate_for_instance\n requested_networks=requested_networks)\n', ' File "/usr/lib/python2.7/dist-packages/nova/network/manager.py", line 1814, in _get_networks_for_instance\n networks = self.db.project_get_networks(context, project_id)\n', ' File "/usr/lib/python2.7/dist-packages/nova/db/api.py", line 1298, in project_get_networks\n return IMPL.project_get_networks(context, project_id, associate)\n', ' File "/usr/lib/python2.7/dist-packages/nova/db/sqlalchemy/api.py", line 120, in wrapper\n return f(_args, _kwargs)\n', ' File "/usr/lib/python2.7/dist-packages/nova/db/sqlalchemy/api.py", line 3147, in project_get_networks\n return [network_associate(context, project_id)]\n', ' File "/usr/lib/python2.7/dist-packages/nova/db/sqlalchemy/api.py", line 102, in wrapper\n return f(_args, _kwargs)\n', ' File "/usr/lib/python2.7/dist-packages/nova/db/sqlalchemy/api.py", line 1852, in network_associate\n raise db.NoMoreNetworks()\n', 'NoMoreNetworks\n'] 2012-10-04 19:22:10 DEBUG nova.rpc.amqp [-] received {u'_context_roles': [u'admin'], u'_msg_id': u'5a3e7ef72eed40a09bb656b72b9f010f', u'_context_read_deleted': u'no', u'_context_request_id': u'req-17793493-4343-4925-a701-c67e28f77ddd', u'args': {u'instance_id': 10, u'instance_uuid': u'232d2ac5-9a12-41b2-b293-80d886a69e03', u'host': u'openstack-1', u'project_id': u'01ca31656f3742b5af46b279ee1f3ef3', u'rxtx_factor': 1.0}, u'_context_auth_token': '', u'_context_is_admin': True, u'_context_project_id': None, u'_context_timestamp': u'2012-10-05T02:22:00.749207', u'_context_user_id': None, u'method': u'get_instance_nw_info', u'_context_remote_address': None} from (pid=20446) _safe_log /usr/lib/python2.7/dist-packages/nova/rpc/common.py:160 2012-10-04 19:22:10 DEBUG nova.rpc.amqp [req-17793493-4343-4925-a701-c67e28f77ddd None None] unpacked context: {'user_id': None, 'roles': [u'admin'], 'timestamp': '2012-10-05T02:22:00.749207', 'auth_token': '', 'remote_address': None, 'is_admin': True, 'request_id': u'req-17793493-4343-4925-a701-c67e28f77ddd', 'project_id': None, 'read_deleted': u'no'} from (pid=20446) _safe_log /usr/lib/python2.7/dist-packages/nova/rpc/common.py:160

On Thu, Oct 4, 2012 at 7:34 PM, Zane Williamson zane.williamson@gmail.comwrote:

Ok so I ran an apt-get upgrade and it updated the Horizon dashboard. I am now able to update image to make it public in the web interface, but with a new project It errors on deployment at the network setup phase. The image deploys fine for the admin account though.

I will look into this further. I might try your command below too. Thank you for the advice!

-Z

On Thu, Oct 4, 2012 at 7:06 PM, Xiaohua Guan notifications@github.comwrote:

Can you try the following command to convert a image into public?

euca-modify-image-attribute --launch-permission --add all IMAGE_ID

— Reply to this email directly or view it on GitHubhttps://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9163390.

Zane

Zane

guanxiaohua2k6 commented 11 years ago

Maybe you need to create a network for your new project with nova-manage.

sepulworld commented 11 years ago

Is there a way to allow access to this network my another project? I see the static IP network is associated with the project ID of the admin.

On Thu, Oct 4, 2012 at 10:44 PM, Xiaohua Guan notifications@github.comwrote:

Maybe you need to create a network for your new project with nova-manage.

— Reply to this email directly or view it on GitHubhttps://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166089.

Zane

guanxiaohua2k6 commented 11 years ago

It seems that the network belongs to a project and cannot be shared. So you have to create a different network for the new project.

On Fri, Oct 5, 2012 at 3:03 PM, Zane notifications@github.com wrote:

Is there a way to allow access to this network my another project? I see the static IP network is associated with the project ID of the admin.

On Thu, Oct 4, 2012 at 10:44 PM, Xiaohua Guan notifications@github.comwrote:

Maybe you need to create a network for your new project with nova-manage.

— Reply to this email directly or view it on GitHub< https://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166089>.

Zane

— Reply to this email directly or view it on GitHubhttps://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166313.

sepulworld commented 11 years ago

Great, made a new /27 network for the new project. I had to put it on vlan101 (new vlan). It appears I can't associate floating IPs to any new vms on this new vlan. Any suggestions on what configs I should check?

On Thu, Oct 4, 2012 at 11:06 PM, Xiaohua Guan notifications@github.comwrote:

It seems that the network belongs to a project and cannot be shared. So you have to create a different network for the new project.

On Fri, Oct 5, 2012 at 3:03 PM, Zane notifications@github.com wrote:

Is there a way to allow access to this network my another project? I see the static IP network is associated with the project ID of the admin.

On Thu, Oct 4, 2012 at 10:44 PM, Xiaohua Guan notifications@github.comwrote:

Maybe you need to create a network for your new project with nova-manage.

— Reply to this email directly or view it on GitHub< https://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166089>.

Zane

— Reply to this email directly or view it on GitHub< https://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166313>.

— Reply to this email directly or view it on GitHubhttps://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166348.

Zane

guanxiaohua2k6 commented 11 years ago

What's the error?

On Fri, Oct 5, 2012 at 3:30 PM, Zane notifications@github.com wrote:

Great, made a new /27 network for the new project. I had to put it on vlan101 (new vlan). It appears I can't associate floating IPs to any new vms on this new vlan. Any suggestions on what configs I should check?

On Thu, Oct 4, 2012 at 11:06 PM, Xiaohua Guan notifications@github.comwrote:

It seems that the network belongs to a project and cannot be shared. So you have to create a different network for the new project.

On Fri, Oct 5, 2012 at 3:03 PM, Zane notifications@github.com wrote:

Is there a way to allow access to this network my another project? I see the static IP network is associated with the project ID of the admin.

On Thu, Oct 4, 2012 at 10:44 PM, Xiaohua Guan < notifications@github.com>wrote:

Maybe you need to create a network for your new project with nova-manage.

— Reply to this email directly or view it on GitHub<

https://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166089>.

Zane

— Reply to this email directly or view it on GitHub< https://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166313>.

— Reply to this email directly or view it on GitHub< https://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166348>.

Zane

— Reply to this email directly or view it on GitHubhttps://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166701.

sepulworld commented 11 years ago

Hmm no errors. I can associate the floating IP, but can't ping that IP on the booted up vm. I can't ping the new subnet from the parent host either.

root@openstack-1:/var/lib/nova# nova-manage network list id IPv4 IPv6 start address DNS1 DNS2 VlanID project uuid 2012-10-04 23:21:41 DEBUG nova.utils [req-691afe42-789b-4b02-8cb2-fc29c2f810c7 None None] backend <module 'nova.db.sqlalchemy.api' from '/usr/lib/python2.7/dist-packages/nova/db/sqlalchemy/api.pyc'> from (pid=2834) __get_backend /usr/lib/python2.7/dist-packages/nova/utils.py:658 1 192.168.101.0/24 None 192.168.101.3 None None 100 01ca31656f3742b5af46b279ee1f3ef3 26887c63-3b62-4626-a7fb-92e7b16adbb0 2 192.168.102.0/27 None 192.168.102.3 None None 101 16a37915625142ef862ca86b58daba01 b00488ac-a1ee-4c5e-ad9e-fc7fae63bfbe root@openstack-1:/var/lib/nova# ping 192.168.102.3 PING 192.168.102.3 (192.168.102.3) 56(84) bytes of data. From 192.168.102.1 icmp_seq=1 Destination Host Unreachable From 192.168.102.1 icmp_seq=2 Destination Host Unreachable From 192.168.102.1 icmp_seq=3 Destination Host Unreachable

Must be an issue with using a new vlan for the new project?

On Thu, Oct 4, 2012 at 11:31 PM, Xiaohua Guan notifications@github.comwrote:

What's the error?

On Fri, Oct 5, 2012 at 3:30 PM, Zane notifications@github.com wrote:

Great, made a new /27 network for the new project. I had to put it on vlan101 (new vlan). It appears I can't associate floating IPs to any new vms on this new vlan. Any suggestions on what configs I should check?

On Thu, Oct 4, 2012 at 11:06 PM, Xiaohua Guan notifications@github.comwrote:

It seems that the network belongs to a project and cannot be shared. So you have to create a different network for the new project.

On Fri, Oct 5, 2012 at 3:03 PM, Zane notifications@github.com wrote:

Is there a way to allow access to this network my another project? I see the static IP network is associated with the project ID of the admin.

On Thu, Oct 4, 2012 at 10:44 PM, Xiaohua Guan < notifications@github.com>wrote:

Maybe you need to create a network for your new project with nova-manage.

— Reply to this email directly or view it on GitHub<

https://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166089>.

Zane

— Reply to this email directly or view it on GitHub<

https://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166313>.

— Reply to this email directly or view it on GitHub< https://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166348>.

Zane

— Reply to this email directly or view it on GitHub< https://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166701>.

— Reply to this email directly or view it on GitHubhttps://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166717.

Zane

guanxiaohua2k6 commented 11 years ago

Did you confirm the console of the new instance? Does the private IP was associated with the instance?

On Fri, Oct 5, 2012 at 3:36 PM, Zane notifications@github.com wrote:

Hmm no errors. I can associate the floating IP, but can't ping that IP on the booted up vm. I can't ping the new subnet from the parent host either.

root@openstack-1:/var/lib/nova# nova-manage network list id IPv4 IPv6 start address DNS1 DNS2 VlanID project uuid 2012-10-04 23:21:41 DEBUG nova.utils [req-691afe42-789b-4b02-8cb2-fc29c2f810c7 None None] backend <module 'nova.db.sqlalchemy.api' from '/usr/lib/python2.7/dist-packages/nova/db/sqlalchemy/api.pyc'> from (pid=2834) __get_backend /usr/lib/python2.7/dist-packages/nova/utils.py:658 1 192.168.101.0/24 None 192.168.101.3 None None 100 01ca31656f3742b5af46b279ee1f3ef3 26887c63-3b62-4626-a7fb-92e7b16adbb0 2 192.168.102.0/27 None 192.168.102.3 None None 101 16a37915625142ef862ca86b58daba01 b00488ac-a1ee-4c5e-ad9e-fc7fae63bfbe root@openstack-1:/var/lib/nova# ping 192.168.102.3 PING 192.168.102.3 (192.168.102.3) 56(84) bytes of data. From 192.168.102.1 icmp_seq=1 Destination Host Unreachable From 192.168.102.1 icmp_seq=2 Destination Host Unreachable From 192.168.102.1 icmp_seq=3 Destination Host Unreachable

Must be an issue with using a new vlan for the new project?

On Thu, Oct 4, 2012 at 11:31 PM, Xiaohua Guan notifications@github.comwrote:

What's the error?

On Fri, Oct 5, 2012 at 3:30 PM, Zane notifications@github.com wrote:

Great, made a new /27 network for the new project. I had to put it on vlan101 (new vlan). It appears I can't associate floating IPs to any new vms on this new vlan. Any suggestions on what configs I should check?

On Thu, Oct 4, 2012 at 11:06 PM, Xiaohua Guan < notifications@github.com>wrote:

It seems that the network belongs to a project and cannot be shared. So you have to create a different network for the new project.

On Fri, Oct 5, 2012 at 3:03 PM, Zane notifications@github.com wrote:

Is there a way to allow access to this network my another project? I see the static IP network is associated with the project ID of the admin.

On Thu, Oct 4, 2012 at 10:44 PM, Xiaohua Guan < notifications@github.com>wrote:

Maybe you need to create a network for your new project with nova-manage.

— Reply to this email directly or view it on GitHub<

https://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166089>.

Zane

— Reply to this email directly or view it on GitHub<

https://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166313>.

— Reply to this email directly or view it on GitHub<

https://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166348>.

Zane

— Reply to this email directly or view it on GitHub< https://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166701>.

— Reply to this email directly or view it on GitHub< https://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166717>.

Zane

— Reply to this email directly or view it on GitHubhttps://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166796.

sepulworld commented 11 years ago

Yes, so it appears if the vm lands on openstack-1 (where I ran the nova-manage network add command) I can ping a VM on its private IP, but I can't ping the floating IP I associate with it.

root@openstack-1:/var/lib/nova# ping 10.0.1.229 PING 10.0.1.229 (10.0.1.229) 56(84) bytes of data. ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted ping: sendmsg: Operation not permitted

If the vm lands on openstack-2 (the other physical node I have deployed with just nova-compute) the VM is unpingable on both private and floating ip. VMs going to this other node with the original private network on vlan100 work fine.

Very odd. Perhaps it is an issue with the nova.conf configuration?

On Thu, Oct 4, 2012 at 11:43 PM, Xiaohua Guan notifications@github.comwrote:

Did you confirm the console of the new instance? Does the private IP was associated with the instance?

On Fri, Oct 5, 2012 at 3:36 PM, Zane notifications@github.com wrote:

Hmm no errors. I can associate the floating IP, but can't ping that IP on the booted up vm. I can't ping the new subnet from the parent host either.

root@openstack-1:/var/lib/nova# nova-manage network list id IPv4 IPv6 start address DNS1 DNS2 VlanID project uuid 2012-10-04 23:21:41 DEBUG nova.utils [req-691afe42-789b-4b02-8cb2-fc29c2f810c7 None None] backend <module 'nova.db.sqlalchemy.api' from '/usr/lib/python2.7/dist-packages/nova/db/sqlalchemy/api.pyc'> from (pid=2834) __get_backend /usr/lib/python2.7/dist-packages/nova/utils.py:658 1 192.168.101.0/24 None 192.168.101.3 None None 100 01ca31656f3742b5af46b279ee1f3ef3 26887c63-3b62-4626-a7fb-92e7b16adbb0 2 192.168.102.0/27 None 192.168.102.3 None None 101 16a37915625142ef862ca86b58daba01 b00488ac-a1ee-4c5e-ad9e-fc7fae63bfbe root@openstack-1:/var/lib/nova# ping 192.168.102.3 PING 192.168.102.3 (192.168.102.3) 56(84) bytes of data. From 192.168.102.1 icmp_seq=1 Destination Host Unreachable From 192.168.102.1 icmp_seq=2 Destination Host Unreachable From 192.168.102.1 icmp_seq=3 Destination Host Unreachable

Must be an issue with using a new vlan for the new project?

On Thu, Oct 4, 2012 at 11:31 PM, Xiaohua Guan notifications@github.comwrote:

What's the error?

On Fri, Oct 5, 2012 at 3:30 PM, Zane notifications@github.com wrote:

Great, made a new /27 network for the new project. I had to put it on vlan101 (new vlan). It appears I can't associate floating IPs to any new vms on this new vlan. Any suggestions on what configs I should check?

On Thu, Oct 4, 2012 at 11:06 PM, Xiaohua Guan < notifications@github.com>wrote:

It seems that the network belongs to a project and cannot be shared. So you have to create a different network for the new project.

On Fri, Oct 5, 2012 at 3:03 PM, Zane notifications@github.com wrote:

Is there a way to allow access to this network my another project? I see the static IP network is associated with the project ID of the admin.

On Thu, Oct 4, 2012 at 10:44 PM, Xiaohua Guan < notifications@github.com>wrote:

Maybe you need to create a network for your new project with nova-manage.

— Reply to this email directly or view it on GitHub<

https://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166089>.

Zane

— Reply to this email directly or view it on GitHub<

https://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166313>.

— Reply to this email directly or view it on GitHub<

https://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166348>.

Zane

— Reply to this email directly or view it on GitHub<

https://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166701>.

— Reply to this email directly or view it on GitHub< https://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166717>.

Zane

— Reply to this email directly or view it on GitHub< https://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166796>.

— Reply to this email directly or view it on GitHubhttps://github.com/nii-cloud/dodai-deploy/issues/26#issuecomment-9166898.

Zane

guanxiaohua2k6 commented 11 years ago

Firstly, about the problem the instance cannot be pinged with public IP address from openstack-1, I think maybe there was something wrong with your IP tables. Could you show your IP tables of openstack-1?

As to the problem about openstack-2, I cannot supposed the reason if you don't give me more information. Could you show me the contents of nova.conf, bridge with command "brctl show", and IPs with command "ifconfig -a"?