From Fedora Project Wiki

No edit summary
No edit summary
 
(14 intermediate revisions by 4 users not shown)
Line 4: Line 4:
Follow [[QA:Testcase_launch_an_instance_on_OpenStack]]
Follow [[QA:Testcase_launch_an_instance_on_OpenStack]]


Make sure that nova is configured with the correct public network interface. The default is eth0, but you can change it like:
Make sure that nova is configured with the correct public network interface.
  $> <nowiki>echo '--public_interface=em1' | sudo tee -a /etc/nova/nova.conf</nowiki>
$> ifconfig em1
  $> sudo service openstack-nova-network restart
    em1: flags=...
  $> sudo openstack-config --set /etc/nova/nova.conf DEFAULT public_interface em1
  $> sudo systemctl restart openstack-nova-network.service


Ensure that ICMP (ping) and SSH are allowed to your instances.
Ensure that ICMP (ping) and SSH are allowed to your instances.
  $> euca-authorize -P icmp -t -1:-1 default
 
  $> euca-authorize -P tcp -p 22 default
  $> nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
  $> nova secgroup-add-rule default tcp 22 22 0.0.0.0/0


|actions=
|actions=
Line 16: Line 19:
If you've followed all of the test cases, the private network used for OpenStack instances is 10.0.0.0/24.  The purpose of this functionality is to be able to assign a pool of floating public IP addresses to instances, as well.
If you've followed all of the test cases, the private network used for OpenStack instances is 10.0.0.0/24.  The purpose of this functionality is to be able to assign a pool of floating public IP addresses to instances, as well.


The details of this test case are a bit specific to the environment you are using to test.  For this documentation, we're going to assume that the the OpenStack server's public interface is on the 192.168.122.0/24 subnet.  We are going to take an unused address from this subnet, 192.168.122.150, and define it as a floating IP address to be used by OpenStack.
The details of this test case are a bit specific to the environment you are using to test.  For this documentation, we're going to assume that the the OpenStack server's public interface is on the 172.31.0.0/24 subnet.  We are going to take an unused address range (172.31.0.241-172.31.0.254) from this subnet and define it as a floating IP address range to be used by OpenStack.


  $> sudo nova-manage floating create 192.168.122.150/31
  $> sudo nova-manage floating create 172.31.0.240/28
$> sudo nova-manage floating list
None 172.31.0.241 None nova em1
None 172.31.0.242 None nova em1
...


Allocate an address to use for an instance:
Allocate an address to use for an instance:


  $> euca-allocate-address
  $> nova floating-ip-create
  ADDRESS 192.168.122.150
  <nowiki>+--------------+-------------+----------+------+</nowiki>
<nowiki>|      Ip    | Instance Id | Fixed Ip | Pool |</nowiki>
<nowiki>+--------------+-------------+----------+------+</nowiki>
<nowiki>| 172.31.0.241 |    None    |  None  | nova |</nowiki>
<nowiki>+--------------+-------------+----------+------+</nowiki>


Associate the allocated address with a running instance:
Associate the allocated address with a running instance:


  $> euca-associate-address -i i-00000001 192.168.122.150
  $> INSTANCE=<instance name>
ADDRESS 192.168.122.150 i-00000001
$> nova add-floating-ip $INSTANCE 172.31.0.241


|results=
|results=
Line 36: Line 47:
  $> ip addr
  $> ip addr
  ...
  ...
  2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
  2: em1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 52:54:00:db:c8:51 brd ff:ff:ff:ff:ff:ff
    link/ether 00:13:20:f5:f9:8d brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.58/24 brd 192.168.122.255 scope global eth0
    inet 172.31.0.107/24 brd 172.31.0.255 scope global em1
    inet 192.168.122.150/32 scope global eth0
    inet 172.31.0.241/32 scope global em1
    inet6 fe80::213:20ff:fef5:f98d/64 scope link
        valid_lft forever preferred_lft forever
 
Also see the IP address reported as associated with the instance:
 
$> <nowiki>nova show $INSTANCE | grep network</nowiki>
<nowiki>|  testnet network  |  10.0.0.2, 172.31.0.241  |</nowiki>


Verify that you can now ssh into the instance using the newly assigned address:
Verify that you can now ssh into the instance using the newly assigned address:


  $> cd ~/novacreds
  $> cd ~/novacreds
  $> ssh -i nova_key.priv -o UserKnownHostsFile=/dev/null root@192.168.122.150
  $> ssh -i nova_key.priv -o UserKnownHostsFile=/dev/null root@172.31.0.241


{{admon/note|VM limitations|Note if running openstack within a VM, then the floating address will not be accessible from outside (probably due to the iptables NAT being bypassed by the bridge (ebtables) rules within the VM)}}
{{admon/note|VM limitations|Note if running openstack within a VM, then the floating address will not be accessible from outside (probably due to the iptables NAT being bypassed by the bridge (ebtables) rules within the VM)}}
Line 53: Line 71:
If you would like, you can now disassociate and release the address assigned for testing.
If you would like, you can now disassociate and release the address assigned for testing.


  $> euca-disassociate-address 192.168.122.150
  $> nova remove-floating-ip $INSTANCE 172.31.0.241
ADDRESS 192.168.122.150
  $> nova floating-ip-delete 172.31.0.241
  $> euca-release-address 192.168.122.150
ADDRESS 192.168.122.150


}}
}}


[[Category:OpenStack Test Cases]]
[[Category:OpenStack Test Cases]]
[[Category:Cloud SIG]]

Latest revision as of 15:38, 18 September 2012

Description

Set up Floating IPs with OpenStack

Setup

Follow QA:Testcase_launch_an_instance_on_OpenStack

Make sure that nova is configured with the correct public network interface.

$> ifconfig em1
   em1: flags=...
$> sudo openstack-config --set /etc/nova/nova.conf DEFAULT public_interface em1 
$> sudo systemctl restart openstack-nova-network.service

Ensure that ICMP (ping) and SSH are allowed to your instances.

$> nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
$> nova secgroup-add-rule default tcp 22 22 0.0.0.0/0 

How to test

If you've followed all of the test cases, the private network used for OpenStack instances is 10.0.0.0/24. The purpose of this functionality is to be able to assign a pool of floating public IP addresses to instances, as well.

The details of this test case are a bit specific to the environment you are using to test. For this documentation, we're going to assume that the the OpenStack server's public interface is on the 172.31.0.0/24 subnet. We are going to take an unused address range (172.31.0.241-172.31.0.254) from this subnet and define it as a floating IP address range to be used by OpenStack.

$> sudo nova-manage floating create 172.31.0.240/28
$> sudo nova-manage floating list
None	172.31.0.241	None	nova	em1
None	172.31.0.242	None	nova	em1
...

Allocate an address to use for an instance:

$> nova floating-ip-create
+--------------+-------------+----------+------+
|       Ip     | Instance Id | Fixed Ip | Pool |
+--------------+-------------+----------+------+
| 172.31.0.241 |     None    |   None   | nova |
+--------------+-------------+----------+------+

Associate the allocated address with a running instance:

$> INSTANCE=<instance name>
$> nova add-floating-ip $INSTANCE 172.31.0.241

Expected Results

Verify that the public IP address got assigned to your public network interface on the OpenStack server.

$> ip addr
...
2: em1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:13:20:f5:f9:8d brd ff:ff:ff:ff:ff:ff
    inet 172.31.0.107/24 brd 172.31.0.255 scope global em1
    inet 172.31.0.241/32 scope global em1
    inet6 fe80::213:20ff:fef5:f98d/64 scope link 
       valid_lft forever preferred_lft forever

Also see the IP address reported as associated with the instance:

$> nova show $INSTANCE | grep network
|  testnet network  |  10.0.0.2, 172.31.0.241  |

Verify that you can now ssh into the instance using the newly assigned address:

$> cd ~/novacreds
$> ssh -i nova_key.priv -o UserKnownHostsFile=/dev/null root@172.31.0.241
VM limitations
Note if running openstack within a VM, then the floating address will not be accessible from outside (probably due to the iptables NAT being bypassed by the bridge (ebtables) rules within the VM)

Check for new errors in the logs:

$> grep -i error /var/log/nova/*.log

If you would like, you can now disassociate and release the address assigned for testing.

$> nova remove-floating-ip $INSTANCE 172.31.0.241
$> nova floating-ip-delete 172.31.0.241