From Fedora Project Wiki

No edit summary
No edit summary
Line 7: Line 7:
  $> ifconfig em1
  $> ifconfig em1
     em1: flags=...
     em1: flags=...
  $> <nowiki>echo 'public_interface=em1' | sudo tee -a /etc/nova/nova.conf</nowiki>
  $> sudo openstack-config-set /etc/nova/nova.conf DEFAULT public_interface em1
  $> sudo systemctl restart openstack-nova-network
  $> sudo systemctl restart openstack-nova-network



Revision as of 15:34, 8 March 2012

Description

Set up Floating IPs with OpenStack

Setup

Follow QA:Testcase_launch_an_instance_on_OpenStack

Make sure that nova is configured with the correct public network interface.

$> ifconfig em1
   em1: flags=...
$> sudo openstack-config-set /etc/nova/nova.conf DEFAULT public_interface em1 
$> sudo systemctl restart openstack-nova-network

Ensure that ICMP (ping) and SSH are allowed to your instances.

$> euca-authorize -P icmp -t -1:-1 default 
$> euca-authorize -P tcp -p 22 default 

How to test

If you've followed all of the test cases, the private network used for OpenStack instances is 10.0.0.0/24. The purpose of this functionality is to be able to assign a pool of floating public IP addresses to instances, as well.

The details of this test case are a bit specific to the environment you are using to test. For this documentation, we're going to assume that the the OpenStack server's public interface is on the 192.168.122.0/24 subnet. We are going to take an unused address from this subnet, 192.168.122.150, and define it as a floating IP address to be used by OpenStack.

$> sudo nova-manage floating create 192.168.122.150/30

Allocate an address to use for an instance:

$> euca-allocate-address
ADDRESS	192.168.122.150

Associate the allocated address with a running instance:

$> euca-associate-address -i i-00000001 192.168.122.150
ADDRESS	192.168.122.150	i-00000001

Expected Results

Verify that the public IP address got assigned to your public network interface on the OpenStack server.

$> ip addr
...
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
   link/ether 52:54:00:db:c8:51 brd ff:ff:ff:ff:ff:ff
   inet 192.168.122.58/24 brd 192.168.122.255 scope global eth0
   inet 192.168.122.150/32 scope global eth0

Verify that you can now ssh into the instance using the newly assigned address:

$> cd ~/novacreds
$> ssh -i nova_key.priv -o UserKnownHostsFile=/dev/null root@192.168.122.150
VM limitations
Note if running openstack within a VM, then the floating address will not be accessible from outside (probably due to the iptables NAT being bypassed by the bridge (ebtables) rules within the VM)

Check for new errors in the logs:

$> grep -i error /var/log/nova/*.log

If you would like, you can now disassociate and release the address assigned for testing.

$> euca-disassociate-address 192.168.122.150
ADDRESS	192.168.122.150
$> euca-release-address 192.168.122.150
ADDRESS	192.168.122.150