No edit summary |
(use a different example address range from the default libvirt network to avoid confusion) |
||
Line 18: | Line 18: | ||
If you've followed all of the test cases, the private network used for OpenStack instances is 10.0.0.0/24. The purpose of this functionality is to be able to assign a pool of floating public IP addresses to instances, as well. | If you've followed all of the test cases, the private network used for OpenStack instances is 10.0.0.0/24. The purpose of this functionality is to be able to assign a pool of floating public IP addresses to instances, as well. | ||
The details of this test case are a bit specific to the environment you are using to test. For this documentation, we're going to assume that the the OpenStack server's public interface is on the | The details of this test case are a bit specific to the environment you are using to test. For this documentation, we're going to assume that the the OpenStack server's public interface is on the 172.31.0.0/24 subnet. We are going to take an unused address range (172.31.0.241-172.31.0.254) from this subnet and define it as a floating IP address range to be used by OpenStack. | ||
$> sudo nova-manage floating create | $> sudo nova-manage floating create 172.31.0.240/28 | ||
$> sudo nova-manage floating list | |||
None 172.31.0.241 None nova em1 | |||
None 172.31.0.242 None nova em1 | |||
... | |||
Allocate an address to use for an instance: | Allocate an address to use for an instance: | ||
$> euca-allocate-address | $> euca-allocate-address | ||
ADDRESS | ADDRESS 172.31.0.241 | ||
Associate the allocated address with a running instance: | Associate the allocated address with a running instance: | ||
$> euca-associate-address -i i-00000001 | $> euca-associate-address -i i-00000001 172.31.0.241 | ||
ADDRESS | ADDRESS 172.31.0.241 i-00000001 | ||
|results= | |results= | ||
Line 38: | Line 42: | ||
$> ip addr | $> ip addr | ||
... | ... | ||
2: | 2: em1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 | ||
link/ether 00:13:20:f5:f9:8d brd ff:ff:ff:ff:ff:ff | |||
inet 172.31.0.107/24 brd 172.31.0.255 scope global em1 | |||
inet 172.31.0.241/32 scope global em1 | |||
inet6 fe80::213:20ff:fef5:f98d/64 scope link | |||
valid_lft forever preferred_lft forever | |||
Verify that you can now ssh into the instance using the newly assigned address: | Verify that you can now ssh into the instance using the newly assigned address: | ||
$> cd ~/novacreds | $> cd ~/novacreds | ||
$> ssh -i nova_key.priv -o UserKnownHostsFile=/dev/null root@ | $> ssh -i nova_key.priv -o UserKnownHostsFile=/dev/null root@172.31.0.241 | ||
{{admon/note|VM limitations|Note if running openstack within a VM, then the floating address will not be accessible from outside (probably due to the iptables NAT being bypassed by the bridge (ebtables) rules within the VM)}} | {{admon/note|VM limitations|Note if running openstack within a VM, then the floating address will not be accessible from outside (probably due to the iptables NAT being bypassed by the bridge (ebtables) rules within the VM)}} | ||
Line 55: | Line 61: | ||
If you would like, you can now disassociate and release the address assigned for testing. | If you would like, you can now disassociate and release the address assigned for testing. | ||
$> euca-disassociate-address | $> euca-disassociate-address 172.31.0.241 | ||
ADDRESS | ADDRESS 172.31.0.241 | ||
$> euca-release-address | $> euca-release-address 172.31.0.241 | ||
ADDRESS | ADDRESS 172.31.0.241 | ||
}} | }} |
Revision as of 15:42, 8 March 2012
Description
Set up Floating IPs with OpenStack
Setup
Follow QA:Testcase_launch_an_instance_on_OpenStack
Make sure that nova is configured with the correct public network interface.
$> ifconfig em1 em1: flags=... $> sudo openstack-config-set /etc/nova/nova.conf DEFAULT public_interface em1 $> sudo systemctl restart openstack-nova-network.service
Ensure that ICMP (ping) and SSH are allowed to your instances.
$> euca-authorize -P icmp -t -1:-1 default $> euca-authorize -P tcp -p 22 default
How to test
If you've followed all of the test cases, the private network used for OpenStack instances is 10.0.0.0/24. The purpose of this functionality is to be able to assign a pool of floating public IP addresses to instances, as well.
The details of this test case are a bit specific to the environment you are using to test. For this documentation, we're going to assume that the the OpenStack server's public interface is on the 172.31.0.0/24 subnet. We are going to take an unused address range (172.31.0.241-172.31.0.254) from this subnet and define it as a floating IP address range to be used by OpenStack.
$> sudo nova-manage floating create 172.31.0.240/28 $> sudo nova-manage floating list None 172.31.0.241 None nova em1 None 172.31.0.242 None nova em1 ...
Allocate an address to use for an instance:
$> euca-allocate-address ADDRESS 172.31.0.241
Associate the allocated address with a running instance:
$> euca-associate-address -i i-00000001 172.31.0.241 ADDRESS 172.31.0.241 i-00000001
Expected Results
Verify that the public IP address got assigned to your public network interface on the OpenStack server.
$> ip addr ... 2: em1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:13:20:f5:f9:8d brd ff:ff:ff:ff:ff:ff inet 172.31.0.107/24 brd 172.31.0.255 scope global em1 inet 172.31.0.241/32 scope global em1 inet6 fe80::213:20ff:fef5:f98d/64 scope link valid_lft forever preferred_lft forever
Verify that you can now ssh into the instance using the newly assigned address:
$> cd ~/novacreds $> ssh -i nova_key.priv -o UserKnownHostsFile=/dev/null root@172.31.0.241
Check for new errors in the logs:
$> grep -i error /var/log/nova/*.log
If you would like, you can now disassociate and release the address assigned for testing.
$> euca-disassociate-address 172.31.0.241 ADDRESS 172.31.0.241 $> euca-release-address 172.31.0.241 ADDRESS 172.31.0.241