yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #08019
[Bug 1266983] [NEW] Grizzly 2013.1.4 's NOVA Waste PublicIP
Public bug reported:
192.168.0.0/24 is Manage IP
172.168.149.0/24 is Public IP
172.5.5.0/24 is VM Fix IP
1.We boot a VM only link to private network without public network,
[root@controllernode ~(wuxi_it)]$ nova list
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| 786b8958-2a77-4a3c-89c9-35fbce1b6391 | CentOS6.4_test | ACTIVE | None | Running | ext_net=172.168.149.158; wuxi_it-net=172.168.5.11, 172.168.149.155 |
| d5dcea71-8b1c-4e92-aac7-069460e11bb3 | Cirros_3.1_node1 | ACTIVE | None | Running | ext_net=172.168.149.161; wuxi_it-net=172.168.5.9 |
| acd5c695-85c3-4e89-8730-e0badf487a5a | cirros_test | ACTIVE | None | Running | wuxi_it-net=172.168.5.13 |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
2.We assign a floating-ip to this VM
[root@controllernode ~(wuxi_it)]$ nova add-floating-ip cirros_test 172.168.149.157
[root@controllernode ~(wuxi_it)]$ nova list
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| 786b8958-2a77-4a3c-89c9-35fbce1b6391 | CentOS6.4_test | ACTIVE | None | Running | ext_net=172.168.149.158; wuxi_it-net=172.168.5.11, 172.168.149.155 |
| d5dcea71-8b1c-4e92-aac7-069460e11bb3 | Cirros_3.1_node1 | ACTIVE | None | Running | ext_net=172.168.149.161; wuxi_it-net=172.168.5.9 |
| acd5c695-85c3-4e89-8730-e0badf487a5a | cirros_test | ACTIVE | None | Running | wuxi_it-net=172.168.5.13, 172.168.149.157 |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
We find we can't ping this IP:172.168.149.157
3.We boot a VM with both private and public network and assign same floating-ip to this VM
[root@controllernode ~(wuxi_it)]$ nova list
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| 786b8958-2a77-4a3c-89c9-35fbce1b6391 | CentOS6.4_test | ACTIVE | None | Running | ext_net=172.168.149.158; wuxi_it-net=172.168.5.11, 172.168.149.155 |
| d5dcea71-8b1c-4e92-aac7-069460e11bb3 | Cirros_3.1_node1 | ACTIVE | None | Running | ext_net=172.168.149.161; wuxi_it-net=172.168.5.9 |
| 5166613f-90dd-4d1b-b79c-41497215746c | Cirros_3.1_test | BUILD | spawning | NOSTATE | ext_net=172.168.149.162; wuxi_it-net=172.168.5.15 |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
[root@controllernode ~(wuxi_it)]$ nova floating-ip-list
+-----------------+--------------------------------------+--------------+---------+
| Ip | Instance Id | Fixed Ip | Pool |
+-----------------+--------------------------------------+--------------+---------+
| 172.168.149.155 | 786b8958-2a77-4a3c-89c9-35fbce1b6391 | 172.168.5.11 | ext_net |
| 172.168.149.156 | 98d31755-1e92-4217-8247-b2be88978475 | 172.168.5.12 | ext_net |
| 172.168.149.157 | None | None | ext_net |
+-----------------+--------------------------------------+--------------+---------+
[root@controllernode ~(wuxi_it)]$ nova add-floating-ip Cirros_3.1_test 172.168.149.157
[root@controllernode ~(wuxi_it)]$ nova floating-ip-list
+-----------------+--------------------------------------+--------------+---------+
| Ip | Instance Id | Fixed Ip | Pool |
+-----------------+--------------------------------------+--------------+---------+
| 172.168.149.155 | 786b8958-2a77-4a3c-89c9-35fbce1b6391 | 172.168.5.11 | ext_net |
| 172.168.149.156 | 98d31755-1e92-4217-8247-b2be88978475 | 172.168.5.12 | ext_net |
| 172.168.149.157 | 5166613f-90dd-4d1b-b79c-41497215746c | 172.168.5.15 | ext_net |
+-----------------+--------------------------------------+--------------+---------+
[root@controllernode ~(wuxi_it)]$ nova list
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| 786b8958-2a77-4a3c-89c9-35fbce1b6391 | CentOS6.4_test | ACTIVE | None | Running | ext_net=172.168.149.158; wuxi_it-net=172.168.5.11, 172.168.149.155 |
| d5dcea71-8b1c-4e92-aac7-069460e11bb3 | Cirros_3.1_node1 | ACTIVE | None | Running | ext_net=172.168.149.161; wuxi_it-net=172.168.5.9 |
| 5166613f-90dd-4d1b-b79c-41497215746c | Cirros_3.1_test | ACTIVE | None | Running | ext_net=172.168.149.162; wuxi_it-net=172.168.5.15, 172.168.149.157 |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
We find we can ping this public IP now.
For 1st test, check in NetworkNode:
-A quantum-l3-agent-OUTPUT -d 172.168.149.155/32 -j DNAT --to-destination 172.168.5.11
-A quantum-l3-agent-OUTPUT -d 172.168.149.156/32 -j DNAT --to-destination 172.168.5.12
-A quantum-l3-agent-OUTPUT -d 172.168.149.157/32 -j DNAT --to-destination 172.168.5.13
-A quantum-l3-agent-POSTROUTING ! -i qg-6cd6c622-34 ! -o qg-6cd6c622-34 -m conntrack ! --ctstate DNAT -j ACCEPT
-A quantum-l3-agent-PREROUTING -d 169.254.169.254/32 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 9697
-A quantum-l3-agent-PREROUTING -d 172.168.149.155/32 -j DNAT --to-destination 172.168.5.11
-A quantum-l3-agent-PREROUTING -d 172.168.149.156/32 -j DNAT --to-destination 172.168.5.12
-A quantum-l3-agent-PREROUTING -d 172.168.149.157/32 -j DNAT --to-destination 172.168.5.13
-A quantum-l3-agent-float-snat -s 172.168.5.11/32 -j SNAT --to-source 172.168.149.155
-A quantum-l3-agent-float-snat -s 172.168.5.12/32 -j SNAT --to-source 172.168.149.156
-A quantum-l3-agent-float-snat -s 172.168.5.13/32 -j SNAT --to-source 172.168.149.157
-A quantum-l3-agent-snat -j quantum-l3-agent-float-snat
-A quantum-l3-agent-snat -s 172.168.5.0/24 -j SNAT --to-source 172.168.149.153
-A quantum-postrouting-bottom -j quantum-l3-agent-snat
COMMIT
# Completed on Fri Dec 27 11:42:48 2013
[root@NetworkNode ~]# ping 172.168.149.157
PING 172.168.149.157 (172.168.149.157) 56(84) bytes of data.
^C
--- 172.168.149.157 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2526ms
[root@NetworkNode ~]# ping 172.168.149.156
PING 172.168.149.156 (172.168.149.156) 56(84) bytes of data.
64 bytes from 172.168.149.156: icmp_seq=1 ttl=127 time=2.27 ms
^C
--- 172.168.149.156 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 749ms
rtt min/avg/max/mdev = 2.271/2.271/2.271/0.000 ms
[root@NetworkNode ~]# ping 172.168.149.157
PING 172.168.149.157 (172.168.149.157) 56(84) bytes of data.
^C
--- 172.168.149.157 ping statistics ---
39 packets transmitted, 0 received, 100% packet loss, time 38935ms
For 2nd test, check in NetworkNode:
-A quantum-l3-agent-OUTPUT -d 172.168.149.155/32 -j DNAT --to-destination 172.168.5.11
-A quantum-l3-agent-OUTPUT -d 172.168.149.156/32 -j DNAT --to-destination 172.168.5.12
-A quantum-l3-agent-OUTPUT -d 172.168.149.157/32 -j DNAT --to-destination 172.168.5.15
-A quantum-l3-agent-POSTROUTING ! -i qg-6cd6c622-34 ! -o qg-6cd6c622-34 -m conntrack ! --ctstate DNAT -j ACCEPT
-A quantum-l3-agent-PREROUTING -d 169.254.169.254/32 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 9697
-A quantum-l3-agent-PREROUTING -d 172.168.149.155/32 -j DNAT --to-destination 172.168.5.11
-A quantum-l3-agent-PREROUTING -d 172.168.149.156/32 -j DNAT --to-destination 172.168.5.12
-A quantum-l3-agent-PREROUTING -d 172.168.149.157/32 -j DNAT --to-destination 172.168.5.15
-A quantum-l3-agent-float-snat -s 172.168.5.11/32 -j SNAT --to-source 172.168.149.155
-A quantum-l3-agent-float-snat -s 172.168.5.12/32 -j SNAT --to-source 172.168.149.156
-A quantum-l3-agent-float-snat -s 172.168.5.15/32 -j SNAT --to-source 172.168.149.157
-A quantum-l3-agent-snat -j quantum-l3-agent-float-snat
-A quantum-l3-agent-snat -s 172.168.5.0/24 -j SNAT --to-source 172.168.149.153
-A quantum-postrouting-bottom -j quantum-l3-agent-snat
COMMIT
# Completed on Fri Dec 27 11:50:43 2013
[root@NetworkNode ~]# ping 172.168.149.157
PING 172.168.149.157 (172.168.149.157) 56(84) bytes of data.
64 bytes from 172.168.149.157: icmp_seq=1 ttl=63 time=1.80 ms
64 bytes from 172.168.149.157: icmp_seq=2 ttl=63 time=0.636 ms
^C
--- 172.168.149.157 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1438ms
rtt min/avg/max/mdev = 0.636/1.219/1.803/0.584 ms
It seems very waste IP address in IP pool.
** Affects: nova
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1266983
Title:
Grizzly 2013.1.4 's NOVA Waste PublicIP
Status in OpenStack Compute (Nova):
New
Bug description:
192.168.0.0/24 is Manage IP
172.168.149.0/24 is Public IP
172.5.5.0/24 is VM Fix IP
1.We boot a VM only link to private network without public network,
[root@controllernode ~(wuxi_it)]$ nova list
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| 786b8958-2a77-4a3c-89c9-35fbce1b6391 | CentOS6.4_test | ACTIVE | None | Running | ext_net=172.168.149.158; wuxi_it-net=172.168.5.11, 172.168.149.155 |
| d5dcea71-8b1c-4e92-aac7-069460e11bb3 | Cirros_3.1_node1 | ACTIVE | None | Running | ext_net=172.168.149.161; wuxi_it-net=172.168.5.9 |
| acd5c695-85c3-4e89-8730-e0badf487a5a | cirros_test | ACTIVE | None | Running | wuxi_it-net=172.168.5.13 |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
2.We assign a floating-ip to this VM
[root@controllernode ~(wuxi_it)]$ nova add-floating-ip cirros_test 172.168.149.157
[root@controllernode ~(wuxi_it)]$ nova list
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| 786b8958-2a77-4a3c-89c9-35fbce1b6391 | CentOS6.4_test | ACTIVE | None | Running | ext_net=172.168.149.158; wuxi_it-net=172.168.5.11, 172.168.149.155 |
| d5dcea71-8b1c-4e92-aac7-069460e11bb3 | Cirros_3.1_node1 | ACTIVE | None | Running | ext_net=172.168.149.161; wuxi_it-net=172.168.5.9 |
| acd5c695-85c3-4e89-8730-e0badf487a5a | cirros_test | ACTIVE | None | Running | wuxi_it-net=172.168.5.13, 172.168.149.157 |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
We find we can't ping this IP:172.168.149.157
3.We boot a VM with both private and public network and assign same floating-ip to this VM
[root@controllernode ~(wuxi_it)]$ nova list
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| 786b8958-2a77-4a3c-89c9-35fbce1b6391 | CentOS6.4_test | ACTIVE | None | Running | ext_net=172.168.149.158; wuxi_it-net=172.168.5.11, 172.168.149.155 |
| d5dcea71-8b1c-4e92-aac7-069460e11bb3 | Cirros_3.1_node1 | ACTIVE | None | Running | ext_net=172.168.149.161; wuxi_it-net=172.168.5.9 |
| 5166613f-90dd-4d1b-b79c-41497215746c | Cirros_3.1_test | BUILD | spawning | NOSTATE | ext_net=172.168.149.162; wuxi_it-net=172.168.5.15 |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
[root@controllernode ~(wuxi_it)]$ nova floating-ip-list
+-----------------+--------------------------------------+--------------+---------+
| Ip | Instance Id | Fixed Ip | Pool |
+-----------------+--------------------------------------+--------------+---------+
| 172.168.149.155 | 786b8958-2a77-4a3c-89c9-35fbce1b6391 | 172.168.5.11 | ext_net |
| 172.168.149.156 | 98d31755-1e92-4217-8247-b2be88978475 | 172.168.5.12 | ext_net |
| 172.168.149.157 | None | None | ext_net |
+-----------------+--------------------------------------+--------------+---------+
[root@controllernode ~(wuxi_it)]$ nova add-floating-ip Cirros_3.1_test 172.168.149.157
[root@controllernode ~(wuxi_it)]$ nova floating-ip-list
+-----------------+--------------------------------------+--------------+---------+
| Ip | Instance Id | Fixed Ip | Pool |
+-----------------+--------------------------------------+--------------+---------+
| 172.168.149.155 | 786b8958-2a77-4a3c-89c9-35fbce1b6391 | 172.168.5.11 | ext_net |
| 172.168.149.156 | 98d31755-1e92-4217-8247-b2be88978475 | 172.168.5.12 | ext_net |
| 172.168.149.157 | 5166613f-90dd-4d1b-b79c-41497215746c | 172.168.5.15 | ext_net |
+-----------------+--------------------------------------+--------------+---------+
[root@controllernode ~(wuxi_it)]$ nova list
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
| 786b8958-2a77-4a3c-89c9-35fbce1b6391 | CentOS6.4_test | ACTIVE | None | Running | ext_net=172.168.149.158; wuxi_it-net=172.168.5.11, 172.168.149.155 |
| d5dcea71-8b1c-4e92-aac7-069460e11bb3 | Cirros_3.1_node1 | ACTIVE | None | Running | ext_net=172.168.149.161; wuxi_it-net=172.168.5.9 |
| 5166613f-90dd-4d1b-b79c-41497215746c | Cirros_3.1_test | ACTIVE | None | Running | ext_net=172.168.149.162; wuxi_it-net=172.168.5.15, 172.168.149.157 |
+--------------------------------------+------------------+--------+------------+-------------+--------------------------------------------------------------------+
We find we can ping this public IP now.
For 1st test, check in NetworkNode:
-A quantum-l3-agent-OUTPUT -d 172.168.149.155/32 -j DNAT --to-destination 172.168.5.11
-A quantum-l3-agent-OUTPUT -d 172.168.149.156/32 -j DNAT --to-destination 172.168.5.12
-A quantum-l3-agent-OUTPUT -d 172.168.149.157/32 -j DNAT --to-destination 172.168.5.13
-A quantum-l3-agent-POSTROUTING ! -i qg-6cd6c622-34 ! -o qg-6cd6c622-34 -m conntrack ! --ctstate DNAT -j ACCEPT
-A quantum-l3-agent-PREROUTING -d 169.254.169.254/32 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 9697
-A quantum-l3-agent-PREROUTING -d 172.168.149.155/32 -j DNAT --to-destination 172.168.5.11
-A quantum-l3-agent-PREROUTING -d 172.168.149.156/32 -j DNAT --to-destination 172.168.5.12
-A quantum-l3-agent-PREROUTING -d 172.168.149.157/32 -j DNAT --to-destination 172.168.5.13
-A quantum-l3-agent-float-snat -s 172.168.5.11/32 -j SNAT --to-source 172.168.149.155
-A quantum-l3-agent-float-snat -s 172.168.5.12/32 -j SNAT --to-source 172.168.149.156
-A quantum-l3-agent-float-snat -s 172.168.5.13/32 -j SNAT --to-source 172.168.149.157
-A quantum-l3-agent-snat -j quantum-l3-agent-float-snat
-A quantum-l3-agent-snat -s 172.168.5.0/24 -j SNAT --to-source 172.168.149.153
-A quantum-postrouting-bottom -j quantum-l3-agent-snat
COMMIT
# Completed on Fri Dec 27 11:42:48 2013
[root@NetworkNode ~]# ping 172.168.149.157
PING 172.168.149.157 (172.168.149.157) 56(84) bytes of data.
^C
--- 172.168.149.157 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2526ms
[root@NetworkNode ~]# ping 172.168.149.156
PING 172.168.149.156 (172.168.149.156) 56(84) bytes of data.
64 bytes from 172.168.149.156: icmp_seq=1 ttl=127 time=2.27 ms
^C
--- 172.168.149.156 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 749ms
rtt min/avg/max/mdev = 2.271/2.271/2.271/0.000 ms
[root@NetworkNode ~]# ping 172.168.149.157
PING 172.168.149.157 (172.168.149.157) 56(84) bytes of data.
^C
--- 172.168.149.157 ping statistics ---
39 packets transmitted, 0 received, 100% packet loss, time 38935ms
For 2nd test, check in NetworkNode:
-A quantum-l3-agent-OUTPUT -d 172.168.149.155/32 -j DNAT --to-destination 172.168.5.11
-A quantum-l3-agent-OUTPUT -d 172.168.149.156/32 -j DNAT --to-destination 172.168.5.12
-A quantum-l3-agent-OUTPUT -d 172.168.149.157/32 -j DNAT --to-destination 172.168.5.15
-A quantum-l3-agent-POSTROUTING ! -i qg-6cd6c622-34 ! -o qg-6cd6c622-34 -m conntrack ! --ctstate DNAT -j ACCEPT
-A quantum-l3-agent-PREROUTING -d 169.254.169.254/32 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 9697
-A quantum-l3-agent-PREROUTING -d 172.168.149.155/32 -j DNAT --to-destination 172.168.5.11
-A quantum-l3-agent-PREROUTING -d 172.168.149.156/32 -j DNAT --to-destination 172.168.5.12
-A quantum-l3-agent-PREROUTING -d 172.168.149.157/32 -j DNAT --to-destination 172.168.5.15
-A quantum-l3-agent-float-snat -s 172.168.5.11/32 -j SNAT --to-source 172.168.149.155
-A quantum-l3-agent-float-snat -s 172.168.5.12/32 -j SNAT --to-source 172.168.149.156
-A quantum-l3-agent-float-snat -s 172.168.5.15/32 -j SNAT --to-source 172.168.149.157
-A quantum-l3-agent-snat -j quantum-l3-agent-float-snat
-A quantum-l3-agent-snat -s 172.168.5.0/24 -j SNAT --to-source 172.168.149.153
-A quantum-postrouting-bottom -j quantum-l3-agent-snat
COMMIT
# Completed on Fri Dec 27 11:50:43 2013
[root@NetworkNode ~]# ping 172.168.149.157
PING 172.168.149.157 (172.168.149.157) 56(84) bytes of data.
64 bytes from 172.168.149.157: icmp_seq=1 ttl=63 time=1.80 ms
64 bytes from 172.168.149.157: icmp_seq=2 ttl=63 time=0.636 ms
^C
--- 172.168.149.157 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1438ms
rtt min/avg/max/mdev = 0.636/1.219/1.803/0.584 ms
It seems very waste IP address in IP pool.
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1266983/+subscriptions
Follow ups
References