← Back to team overview

openstack team mailing list archive

  1. openstack team
  2. Mailing list archive
  3. Message #20923

Initial quantum network state broken

  Thread PreviousDate PreviousThread Next 
Sigh.  So I abandoned RHEL 6.3, rekicked my systems and set up the
scale-ready installation described in these instructions:

https://github.com/mseknibilel/OpenStack-Folsom-Install-guide/blob/master/OpenStack_Folsom_Install_Guide_WebVersion.rst

Basically:

(o) controller node on a mgmt and public net
(o) network node (quantum and openvs) on a mgmt, net-config, and public net
(o) compute node is on a mgmt and net-config net

Took me just over an hour and ran into only a few easily-fixed speed bumps.
 But the VM networks are totally non-functioning.  VMs launch but no
network traffic can go in or out.

I'm particularly befuddled by these problems:

( 1 ) This error in nova-compute:

ERROR nova.network.quantumv2 [-] _get_auth_token() failed

( 2 ) No NAT rules on the compute node, which probably explains why the VMs
complain about not finding a network or being able to get metadata from
169.254.169.254.

root@kvm-cs-sn-10i:~# iptables -t nat -S
-P PREROUTING ACCEPT
-P INPUT ACCEPT
-P OUTPUT ACCEPT
-P POSTROUTING ACCEPT
-N nova-api-metadat-OUTPUT
-N nova-api-metadat-POSTROUTING
-N nova-api-metadat-PREROUTING
-N nova-api-metadat-float-snat
-N nova-api-metadat-snat
-N nova-compute-OUTPUT
-N nova-compute-POSTROUTING
-N nova-compute-PREROUTING
-N nova-compute-float-snat
-N nova-compute-snat
-N nova-postrouting-bottom
-A PREROUTING -j nova-api-metadat-PREROUTING
-A PREROUTING -j nova-compute-PREROUTING
-A OUTPUT -j nova-api-metadat-OUTPUT
-A OUTPUT -j nova-compute-OUTPUT
-A POSTROUTING -j nova-api-metadat-POSTROUTING
-A POSTROUTING -j nova-compute-POSTROUTING
-A POSTROUTING -j nova-postrouting-bottom
-A nova-api-metadat-snat -j nova-api-metadat-float-snat
-A nova-compute-snat -j nova-compute-float-snat
-A nova-postrouting-bottom -j nova-api-metadat-snat
-A nova-postrouting-bottom -j nova-compute-snat

(3) A lastly, no default secgroup rules, whose function governs... what
exactly?  Connections to the VM's public or private IPs?  I guess I'm just
not sure if this is relevant to my overall problem of ZERO VM network
connectivity.

I seek guidance please.  Thanks.


-- 
\*..+.-
--Greg Chavez
+//..;};

Follow ups

  Thread PreviousDate PreviousThread Next