openstack team mailing list archive
-
openstack team
-
Mailing list archive
-
Message #20953
Re: Cant ping private or floating IP
oh that's weird.
I still get this error. couldnt this be because I cannot ping the VM in the
first place?. Because as far as I know metadata takes care of ssh keys. But
what if you cant reach the VM in the first place?
no instance data found in start-local
ci-info: lo : 1 127.0.0.1 255.0.0.0 .
ci-info: eth0 : 1 10.5.5.3 255.255.255.0 fa:16:3e:a7:28:25
ci-info: route-0: 0.0.0.0 10.5.5.1 0.0.0.0 eth0 UG
ci-info: route-1: 10.5.5.0 0.0.0.0 255.255.255.0 eth0 U
cloud-init start running: Sun, 17 Feb 2013 02:45:35 +0000. up 3.51 seconds
2013-02-17 02:48:25,840 - util.py[WARNING]:
'http://169.254.169.254/2009-04-04/meta-data/instance-id' failed
[50/120s]: url error [timed out]
2013-02-17 02:49:16,893 - util.py[WARNING]:
'http://169.254.169.254/2009-04-04/meta-data/instance-id' failed
[101/120s]: url error [timed out]
2013-02-17 02:49:34,912 - util.py[WARNING]:
'http://169.254.169.254/2009-04-04/meta-data/instance-id' failed
[119/120s]: url error [timed out]
2013-02-17 02:49:35,913 - DataSourceEc2.py[CRITICAL]: giving up on md
after 120 seconds
no instance data found in start
Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd
* Starting AppArmor profiles [80G
[74G[ OK ]
On 17 February 2013 02:41, Jean-Baptiste RANSY <
jean-baptiste.ransy@xxxxxxxxxx> wrote:
> For me, it's normal that you are not able to curl 169.254.169.254 from
> your compute and controller nodes : Same thing on my side, but my VM get
> their metadata.
>
> Try to lunch an instance.
>
> JB
>
>
>
> On 02/17/2013 03:35 AM, Chathura M. Sarathchandra Magurawalage wrote:
>
> root@computernode:~# curl -v http://169.254.169.254
> * About to connect() to 169.254.169.254 port 80 (#0)
> * Trying 169.254.169.254...
>
> root@controller:~# curl -v http://169.254.169.254
> * About to connect() to 169.254.169.254 port 80 (#0)
> * Trying 169.254.169.254...
>
>
> root@athena:~# iptables -L -n -v
> Chain INPUT (policy ACCEPT 59009 packets, 22M bytes)
> pkts bytes target prot opt in out source
> destination
> 59493 22M quantum-l3-agent-INPUT all -- * * 0.0.0.0/0
> 0.0.0.0/0
> 59493 22M nova-api-INPUT all -- * * 0.0.0.0/0
> 0.0.0.0/0
> 484 73533 ACCEPT 47 -- * * 0.0.0.0/0
> 0.0.0.0/0
>
> Chain FORWARD (policy ACCEPT 707 packets, 47819 bytes)
> pkts bytes target prot opt in out source
> destination
> 707 47819 quantum-filter-top all -- * * 0.0.0.0/0
> 0.0.0.0/0
> 707 47819 quantum-l3-agent-FORWARD all -- * * 0.0.0.0/0
> 0.0.0.0/0
> 707 47819 nova-filter-top all -- * * 0.0.0.0/0
> 0.0.0.0/0
> 707 47819 nova-api-FORWARD all -- * * 0.0.0.0/0
> 0.0.0.0/0
>
> Chain OUTPUT (policy ACCEPT 56022 packets, 22M bytes)
> pkts bytes target prot opt in out source
> destination
> 56022 22M quantum-filter-top all -- * * 0.0.0.0/0
> 0.0.0.0/0
> 56022 22M quantum-l3-agent-OUTPUT all -- * * 0.0.0.0/0
> 0.0.0.0/0
> 56022 22M nova-filter-top all -- * * 0.0.0.0/0
> 0.0.0.0/0
> 56022 22M nova-api-OUTPUT all -- * * 0.0.0.0/0
> 0.0.0.0/0
>
> Chain nova-api-FORWARD (1 references)
> pkts bytes target prot opt in out source
> destination
>
> Chain nova-api-INPUT (1 references)
> pkts bytes target prot opt in out source
> destination
> 0 0 ACCEPT tcp -- * * 0.0.0.0/0
> 192.168.2.225 tcp dpt:8775
>
> Chain nova-api-OUTPUT (1 references)
> pkts bytes target prot opt in out source
> destination
>
> Chain nova-api-local (1 references)
> pkts bytes target prot opt in out source
> destination
>
> Chain nova-filter-top (2 references)
> pkts bytes target prot opt in out source
> destination
> 56729 22M nova-api-local all -- * * 0.0.0.0/0
> 0.0.0.0/0
>
> Chain quantum-filter-top (2 references)
> pkts bytes target prot opt in out source
> destination
> 56729 22M quantum-l3-agent-local all -- * * 0.0.0.0/0
> 0.0.0.0/0
>
> Chain quantum-l3-agent-FORWARD (1 references)
> pkts bytes target prot opt in out source
> destination
>
> Chain quantum-l3-agent-INPUT (1 references)
> pkts bytes target prot opt in out source
> destination
> 0 0 ACCEPT tcp -- * * 0.0.0.0/0
> 192.168.2.225 tcp dpt:8775
>
> Chain quantum-l3-agent-OUTPUT (1 references)
> pkts bytes target prot opt in out source
> destination
>
> Chain quantum-l3-agent-local (1 references)
> pkts bytes target prot opt in out source
> destination
>
> root@athena:~# iptables -L -n -v -t nat
> Chain PREROUTING (policy ACCEPT 3212 packets, 347K bytes)
> pkts bytes target prot opt in out source
> destination
> 3212 347K quantum-l3-agent-PREROUTING all -- * * 0.0.0.0/0
> 0.0.0.0/0
> 3212 347K nova-api-PREROUTING all -- * * 0.0.0.0/0
> 0.0.0.0/0
>
> Chain INPUT (policy ACCEPT 639 packets, 84948 bytes)
> pkts bytes target prot opt in out source
> destination
>
> Chain OUTPUT (policy ACCEPT 3180 packets, 213K bytes)
> pkts bytes target prot opt in out source
> destination
> 3180 213K quantum-l3-agent-OUTPUT all -- * * 0.0.0.0/0
> 0.0.0.0/0
> 3180 213K nova-api-OUTPUT all -- * * 0.0.0.0/0
> 0.0.0.0/0
>
> Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
> pkts bytes target prot opt in out source
> destination
> 3726 247K quantum-l3-agent-POSTROUTING all -- * *
> 0.0.0.0/0 0.0.0.0/0
> 0 0 nova-api-POSTROUTING all -- * * 0.0.0.0/0
> 0.0.0.0/0
> 0 0 quantum-postrouting-bottom all -- * * 0.0.0.0/0
> 0.0.0.0/0
> 0 0 nova-postrouting-bottom all -- * * 0.0.0.0/0
> 0.0.0.0/0
>
> Chain nova-api-OUTPUT (1 references)
> pkts bytes target prot opt in out source
> destination
>
> Chain nova-api-POSTROUTING (1 references)
> pkts bytes target prot opt in out source
> destination
>
> Chain nova-api-PREROUTING (1 references)
> pkts bytes target prot opt in out source
> destination
>
> Chain nova-api-float-snat (1 references)
> pkts bytes target prot opt in out source
> destination
>
> Chain nova-api-snat (1 references)
> pkts bytes target prot opt in out source
> destination
> 0 0 nova-api-float-snat all -- * * 0.0.0.0/0
> 0.0.0.0/0
>
> Chain nova-postrouting-bottom (1 references)
> pkts bytes target prot opt in out source
> destination
> 0 0 nova-api-snat all -- * * 0.0.0.0/0
> 0.0.0.0/0
>
> Chain quantum-l3-agent-OUTPUT (1 references)
> pkts bytes target prot opt in out source
> destination
>
> Chain quantum-l3-agent-POSTROUTING (1 references)
> pkts bytes target prot opt in out source
> destination
> 3726 247K ACCEPT all -- !qg-6f8374cb-cb !qg-6f8374cb-cb 0.0.0.0/0
> 0.0.0.0/0 ! ctstate DNAT
> 0 0 ACCEPT all -- * * 10.5.5.0/24
> 192.168.2.225
>
> Chain quantum-l3-agent-PREROUTING (1 references)
> pkts bytes target prot opt in out source
> destination
> 0 0 DNAT tcp -- * * 0.0.0.0/0
> 169.254.169.254 tcp dpt:80 to:192.168.2.225:8775
>
> Chain quantum-l3-agent-float-snat (1 references)
> pkts bytes target prot opt in out source
> destination
>
> Chain quantum-l3-agent-snat (1 references)
> pkts bytes target prot opt in out source
> destination
> 0 0 quantum-l3-agent-float-snat all -- * * 0.0.0.0/0
> 0.0.0.0/0
> 0 0 SNAT all -- * * 10.5.5.0/24
> 0.0.0.0/0 to:192.168.2.151
>
> Chain quantum-postrouting-bottom (1 references)
> pkts bytes target prot opt in out source
> destination
> 0 0 quantum-l3-agent-snat all -- * * 0.0.0.0/0
> 0.0.0.0/0
>
> thanks.
>
>
> On 17 February 2013 02:25, Jean-Baptiste RANSY <
> jean-baptiste.ransy@xxxxxxxxxx> wrote:
>
>> Controller node :
>> # iptables -L -n -v
>> # iptables -L -n -v -t nat
>>
>>
>>
>> On 02/17/2013 03:18 AM, Chathura M. Sarathchandra Magurawalage wrote:
>>
>> You should be able to curl 169.254.169.254 from compute node, which I
>> cant at the moment.
>>
>> I have got the bridge set up in the l3_agent.ini
>>
>>
>>
>
>
Follow ups
References
-
Cant ping private or floating IP
From: Chathura M. Sarathchandra Magurawalage, 2013-02-14
-
Re: Cant ping private or floating IP
From: Sylvain Bauza, 2013-02-15
-
Re: Cant ping private or floating IP
From: Chathura M. Sarathchandra Magurawalage, 2013-02-16
-
Re: Cant ping private or floating IP
From: Jean-Baptiste RANSY, 2013-02-16
-
Re: Cant ping private or floating IP
From: Chathura M. Sarathchandra Magurawalage, 2013-02-16
-
Re: Cant ping private or floating IP
From: Jean-Baptiste RANSY, 2013-02-16
-
Re: Cant ping private or floating IP
From: Chathura M. Sarathchandra Magurawalage, 2013-02-16
-
Re: Cant ping private or floating IP
From: Jean-Baptiste RANSY, 2013-02-16
-
Re: Cant ping private or floating IP
From: Chathura M. Sarathchandra Magurawalage, 2013-02-16
-
Re: Cant ping private or floating IP
From: Jean-Baptiste RANSY, 2013-02-17
-
Re: Cant ping private or floating IP
From: Jean-Baptiste RANSY, 2013-02-17
-
Re: Cant ping private or floating IP
From: Jean-Baptiste RANSY, 2013-02-17
-
Re: Cant ping private or floating IP
From: Chathura M. Sarathchandra Magurawalage, 2013-02-17
-
Re: Cant ping private or floating IP
From: Jean-Baptiste RANSY, 2013-02-17
-
Re: Cant ping private or floating IP
From: Chathura M. Sarathchandra Magurawalage, 2013-02-17
-
Re: Cant ping private or floating IP
From: Jean-Baptiste RANSY, 2013-02-17
-
Re: Cant ping private or floating IP
From: Chathura M. Sarathchandra Magurawalage, 2013-02-17
-
Re: Cant ping private or floating IP
From: Jean-Baptiste RANSY, 2013-02-17
-
Re: Cant ping private or floating IP
From: Chathura M. Sarathchandra Magurawalage, 2013-02-17
-
Re: Cant ping private or floating IP
From: Jean-Baptiste RANSY, 2013-02-17