On 06/17/2015 02:38 PM, Eugen Block wrote:

Hi Rossella,

thank you very much for your response. The steps you describe were already realized, we have a router that enables communication to the floating network, a floating IP is assigned to the instance (in Horizon or CLI) and it is possible to ping another instance in this network. But the VM itself has no IP assigned to eth0, when I call ifconfig there is no IP. I have to login to the VM and manually change the network settings and assign the floating IP I created in the previous step. This seems not very practical. I would assume that the same floating IP address should be assigned during VM-creation. But obviously this is not the case, am I right?

It's OK that the VM has no floating IP assigned to its eth0. It's by design. You don't need to manually assign the IP to the VM, floating IP are handled by Neutron.

In the attached links I couldn't find any help for my other question regarding VLANs. Is it possible to configure the bridge and/or the vlan so that the connection remains after a reboot of the compute node? Currently this is not the case, I have to call "brctl addif <bridge> <VLAN-device>" after every reboot to enable SSH login. Isn't there an easier way to establish this permanently?

In your previous email you said you added a vlan in the compute node and connected it to the floating network bridge. You don't need to do these steps. The compute node (unless you are using DVR) has no access to the external network. The network node has access to it and this is configured automatically by SUSE Cloud. You don't need to manually set up VLANs or linux bridges. VMs should be accessible if you assign them a floating IP and if you allow ssh in the security groups. cheers, Rossella

Thanks! Eugen

Zitat von Rossella Sblendido :

...

On 06/16/2015 01:45 PM, Eugen Block wrote:

...

Hi everyone,

I'm working with SUSE OpenStack Cloud 5 and have a question regarding the network configuration. I'm not sure if this is the right mailing list, but I'll give it a try. We have a three node environment, 1 Admin node (SLES11-SP3),1 Control node (SLES11-SP3) and 1 Compute node (SLES12). After some problems we managed to set up a working cloud environment, except the network configuration is not quite clear yet. We deployed the Neutron barclamp with linuxbridge and have our physical network divided into VLANs. So the question is: how is the whole network setup supposed to be? What am I supposed to see on Control and/or Compute Node?

You can find details information here [1] .

...

If I understand the documentation correctly, I should be able to log into a running instance via ssh. But this only works, if we manually set up a vlan on the compute node and attach it to the corresponding bridge (floating network), but this configuration only exists until the next reboot. I don't want to ask too many questions, so I would be really happy if someone could explain to me, what I should see on the nodes. A similar question is here: https://forums.suse.com/showthread.php?6490-running-instances-in-external-VL....

I'm not very familiar with VLANs, bridges etc., so please don't answer to complicated for me ;-)

To be able to ssh in a VM from outside the cloud you have to assign a floating up to the VM and then ssh using the floating ip. You can find the right commands to use there [2]. You can also use horizon to do that. These are the basic operations:

1) create a router 2) set it as a gatway 3) connects the network that the VM belongs to to the router 4) create a floating IP 5) assign it to the VM

Make sure that the security group assigned to the VM allows TCP on port 22 otherwise ssh won't work.

cheers,

Rossella

...

Thanks a lot!

Best regards, Eugen

[1] http://docs.openstack.org/admin-guide-cloud/content/under_the_hood_linuxbrid...

[2] http://docs.openstack.org/admin-guide-cloud/content/l3_workflow.html -- To unsubscribe, e-mail: opensuse-cloud+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-cloud+owner@opensuse.org

-- To unsubscribe, e-mail: opensuse-cloud+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-cloud+owner@opensuse.org

Thanks, Adam and Rossella.

But the VM's eth0 still needs an IP, right?  Otherwise the VM's kernel has no way of communicating over IP.  So it has to be configured via DHCP.  It sounds to me like your VM's eth0 isn't configured to use DHCP.

That was exactly my thought: if eth0 has no IP, how am I supposed to communicate with the VM? I tried an image which has DHCP enabled, still no success without changing it manually. I created that SLES11-SP3 image with virt-manager from scratch, it had an IP assigned in the admin network during installation. Interesting is: when I upload that image to glance and start a VM, it has no IP on eth0. I really don't get it at this point.

In your previous email you said you added a vlan in the compute node and connected it to the floating network > bridge. You don't need to do these steps. The compute node (unless you are using DVR) has no access to the external network. The network node has access to it and this is configured automatically by SUSE Cloud. You don't need to manually set up VLANs or linux bridges. VMs should be accessible if you assign them a floating IP and if you allow ssh in the security groups.

The network configuration is still the same, so maybe we'll have to change it and give it a try. But it is still not clear to me, how our network settings have to look like. You say, I don't have to configure anything on the compute node, so what do I have to do on control node? Before the current installation we had a setup without VLAns on Compute Node and it didn't work either. Now we are stuck and don't know what's right and what's wrong in our environment. Any further help would be really appreciated! Regards, Eugen Zitat von Adam Spiers :

Rossella Sblendido wrote:

...

On 06/17/2015 02:38 PM, Eugen Block wrote:

...

Hi Rossella,

thank you very much for your response. The steps you describe were already realized, we have a router that enables communication to the floating network, a floating IP is assigned to the instance (in Horizon or CLI) and it is possible to ping another instance in this network. But the VM itself has no IP assigned to eth0, when I call ifconfig there is no IP. I have to login to the VM and manually change the network settings and assign the floating IP I created in the previous step. This seems not very practical. I would assume that the same floating IP address should be assigned during VM-creation. But obviously this is not the case, am I right?

It's OK that the VM has no floating IP assigned to its eth0. It's by design. You don't need to manually assign the IP to the VM, floating IP are handled by Neutron.

But the VM's eth0 still needs an IP, right?  Otherwise the VM's kernel has no way of communicating over IP.  So it has to be configured via DHCP.  It sounds to me like your VM's eth0 isn't configured to use DHCP. -- To unsubscribe, e-mail: opensuse-cloud+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-cloud+owner@opensuse.org

-- Eugen Block voice : +49-40-559 51 75 NDE Netzdesign und -entwicklung AG fax : +49-40-559 51 77 Postfach 61 03 15 D-22423 Hamburg e-mail : eblock@nde.ag Vorsitzende des Aufsichtsrates: Angelika Mozdzen Sitz und Registergericht: Hamburg, HRB 90934 Vorstand: Jens-U. Mozdzen USt-IdNr. DE 814 013 983 -- To unsubscribe, e-mail: opensuse-cloud+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-cloud+owner@opensuse.org

Hi Adam, I can't answer all your questions, I'll have to ask a colleague for help. Unfortunately, this may take a while since I'm on vacation for the next two weeks. I forwarded this issue to my colleague, so maybe he'll come back to you and will be able to give a more detailed answer, if not I'll get back to you after my vacation. Regards, Eugen Zitat von Adam Spiers :

Eugen Block wrote:

...

Thanks, Adam and Rossella.

...

But the VM's eth0 still needs an IP, right?  Otherwise the VM's kernel has no way of communicating over IP.  So it has to be configured via DHCP.  It sounds to me like your VM's eth0 isn't configured to use DHCP.

That was exactly my thought: if eth0 has no IP, how am I supposed to communicate with the VM?

You can't :-)

...

I tried an image which has DHCP enabled, still no success without changing it manually.

Please give details. You are saying that it definitely made a DHCP request but got no response? Did you try packet sniffing to see whether neutron's dnsmasq received the request and offered a response?

...

I created that SLES11-SP3 image with virt-manager from scratch, it had an IP assigned in the admin network during installation.

A static IP or DHCP? Static won't work.

...

Interesting is: when I upload that image to glance and start a VM, it has no IP on eth0. I really don't get it at this point.

Again we can't help you without more details. Do you have a support contract? If so we could even arrange a remote support session.

...

...

In your previous email you said you added a vlan in the compute node and connected it to the floating network > bridge. You don't need to do these steps. The compute node (unless you are using DVR) has no access to the external network. The network node has access to it and this is configured automatically by SUSE Cloud. You don't need to manually set up VLANs or linux bridges. VMs should be accessible if you assign them a floating IP and if you allow ssh in the security groups.

The network configuration is still the same, so maybe we'll have to change it and give it a try. But it is still not clear to me, how our network settings have to look like. You say, I don't have to configure anything on the compute node, so what do I have to do on control node?

Nothing, Crowbar should do it all for you.

...

Before the current installation we had a setup without VLAns on Compute Node and it didn't work either. Now we are stuck and don't know what's right and what's wrong in our environment. Any further help would be really appreciated!

It's very hard to help without proper debug. Ideally we would help you via remote access, but at very least we'll need supportconfig tarballs from the admin server and neutron nodes, and debug from the VM network configuration (supportconfig tarballs if the guest VMs are SLES-based). Use of a support contract will be by far the best way to solve this. Help on these forums is best-effort only, as I'm sure you can understand. -- To unsubscribe, e-mail: opensuse-cloud+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-cloud+owner@opensuse.org

-- Eugen Block voice : +49-40-559 51 75 NDE Netzdesign und -entwicklung AG fax : +49-40-559 51 77 Postfach 61 03 15 D-22423 Hamburg e-mail : eblock@nde.ag Vorsitzende des Aufsichtsrates: Angelika Mozdzen Sitz und Registergericht: Hamburg, HRB 90934 Vorstand: Jens-U. Mozdzen USt-IdNr. DE 814 013 983 -- To unsubscribe, e-mail: opensuse-cloud+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-cloud+owner@opensuse.org

Hey guys, it's been a while since my last response, I wasn't on vacation all this time ;-) We are fighting with our cloud environment and have an open Service Request for an issue where openvswitch causes problems. I didn't count how many times I re-installed our cloud nodes from scratch in the last two weeks, but last week happened something strange. I don't know why, but one single installation worked and I had the chance to see what the network configuration is supposed to look like. Of course I tried to reproduce it, but it didn't work at all since last week. I just wanted to share what I saw, maybe one of you is facing the same question. The difference to our settings when I posted this question lies in the neutron barclamp. When we set up our first environments we used "linuxbridge", but as you read in my question, the instances had no IP and there was a lot of modification required to get it all working as desired. Then we tried openvswitch with vlan, but we are facing major problems while trying to deploy nova barclamp. As I already mentioned, we got it working only once, but it's not reproducable. Anyway, with openvswitch the instance get their IP injected and you can see it directly in the login prompt. If you configure your security groups and rules correctly, the instances can ping your external network etc. So if - and only if - you get your cloud working with openvswitch, the cloud is able to handle all the traffic correctly, just as Rossella described in her first answer. I just wish that there was a hint or a recommendation or a description which settings should be used when deploying neutron. Anyway, now I understand the description here: http://docs.openstack.org/openstack-ops/content/network_troubleshooting.html The configuration on control (network) and compute nodes looked exactly like described. Now I just need to get the cloud working again, which seems to be quite difficult, our SR is open vor weeks now. Thanks again for your answers! Regards, Eugen Zitat von Adam Spiers :

No problem! Whenever suits you guys.

Please note I'll also be away on vacation from next Thursday; however if you send to this list then others will see, and of course if you submit an official support request to SUSE then you can even get 24x7 support if you want it :)

Eugen Block wrote:

...

Hi Adam,

I can't answer all your questions, I'll have to ask a colleague for help. Unfortunately, this may take a while since I'm on vacation for the next two weeks. I forwarded this issue to my colleague, so maybe he'll come back to you and will be able to give a more detailed answer, if not I'll get back to you after my vacation.

Regards, Eugen

Zitat von Adam Spiers :

...

Eugen Block wrote:

...

Thanks, Adam and Rossella.

...

But the VM's eth0 still needs an IP, right?  Otherwise the VM's kernel has no way of communicating over IP.  So it has to be configured via DHCP.  It sounds to me like your VM's eth0 isn't configured to use DHCP.

That was exactly my thought: if eth0 has no IP, how am I supposed to communicate with the VM?

You can't :-)

...

I tried an image which has DHCP enabled, still no success without changing it manually.

Please give details. You are saying that it definitely made a DHCP request but got no response? Did you try packet sniffing to see whether neutron's dnsmasq received the request and offered a response?

...

I created that SLES11-SP3 image with virt-manager from scratch, it had an IP assigned in the admin network during installation.

A static IP or DHCP? Static won't work.

...

Interesting is: when I upload that image to glance and start a VM, it has no IP on eth0. I really don't get it at this point.

Again we can't help you without more details. Do you have a support contract? If so we could even arrange a remote support session.

...

...

In your previous email you said you added a vlan in the compute node and connected it to the floating network > bridge. You don't need to do these steps. The compute node (unless you are using DVR) has no access to the external network. The network node has access to it and this is configured automatically by SUSE Cloud. You don't need to manually set up VLANs or linux bridges. VMs should be accessible if you assign them a floating IP and if you allow ssh in the security groups.

The network configuration is still the same, so maybe we'll have to change it and give it a try. But it is still not clear to me, how our network settings have to look like. You say, I don't have to configure anything on the compute node, so what do I have to do on control node?

Nothing, Crowbar should do it all for you.

...

Before the current installation we had a setup without VLAns on Compute Node and it didn't work either. Now we are stuck and don't know what's right and what's wrong in our environment. Any further help would be really appreciated!

It's very hard to help without proper debug. Ideally we would help you via remote access, but at very least we'll need supportconfig tarballs from the admin server and neutron nodes, and debug from the VM network configuration (supportconfig tarballs if the guest VMs are SLES-based). Use of a support contract will be by far the best way to solve this. Help on these forums is best-effort only, as I'm sure you can understand. -- To unsubscribe, e-mail: opensuse-cloud+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-cloud+owner@opensuse.org

-- Eugen Block voice : +49-40-559 51 75 NDE Netzdesign und -entwicklung AG fax : +49-40-559 51 77 Postfach 61 03 15 D-22423 Hamburg e-mail : eblock@nde.ag

Vorsitzende des Aufsichtsrates: Angelika Mozdzen Sitz und Registergericht: Hamburg, HRB 90934 Vorstand: Jens-U. Mozdzen USt-IdNr. DE 814 013 983

-- To unsubscribe, e-mail: opensuse-cloud+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-cloud+owner@opensuse.org

-- To unsubscribe, e-mail: opensuse-cloud+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-cloud+owner@opensuse.org

-- Eugen Block voice : +49-40-559 51 75 NDE Netzdesign und -entwicklung AG fax : +49-40-559 51 77 Postfach 61 03 15 D-22423 Hamburg e-mail : eblock@nde.ag Vorsitzende des Aufsichtsrates: Angelika Mozdzen Sitz und Registergericht: Hamburg, HRB 90934 Vorstand: Jens-U. Mozdzen USt-IdNr. DE 814 013 983 -- To unsubscribe, e-mail: opensuse-cloud+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-cloud+owner@opensuse.org

On 06/17/2015 07:26 PM, Adam Spiers wrote:

Rossella Sblendido wrote:

...

On 06/17/2015 02:38 PM, Eugen Block wrote:

...

Hi Rossella,

thank you very much for your response. The steps you describe were already realized, we have a router that enables communication to the floating network, a floating IP is assigned to the instance (in Horizon or CLI) and it is possible to ping another instance in this network. But the VM itself has no IP assigned to eth0, when I call ifconfig there is no IP. I have to login to the VM and manually change the network settings and assign the floating IP I created in the previous step. This seems not very practical. I would assume that the same floating IP address should be assigned during VM-creation. But obviously this is not the case, am I right?

It's OK that the VM has no floating IP assigned to its eth0. It's by design. You don't need to manually assign the IP to the VM, floating IP are handled by Neutron.

But the VM's eth0 still needs an IP, right? Otherwise the VM's kernel has no way of communicating over IP. So it has to be configured via DHCP. It sounds to me like your VM's eth0 isn't configured to use DHCP.

The VM gets its private IP assigned to eth0. This is configured by dnsmasq whose config file is managed by the DHCP agent. The question was about floating IPs, those addresses are not assigned to the VMs interface. Floating IPs are managed only in the network node, they are assigned to a virtual interface that lives in the router namespace. They are NAT translated before they reach the compute nodes. Hope it's more clear now. -- To unsubscribe, e-mail: opensuse-cloud+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-cloud+owner@opensuse.org