network-programmingcloudvirtual-machineopenstackdevstack

Cannot ping instances of OpenStack machine from external net


I used DevStack(victoria branch) to quick-deploy the OpenStack all-in-one on my Ubuntu-20.04 system. This machine has a public ip address 222.XXX.XXX.XXX on interface eno1, and the DevStack script has automatically added br-ex and virbr0 interfaces on this machine. Here is my config.
#ifconfig
br-ex: inet 172.24.4.1 netmask 255.255.255.0 broadcast 0.0.0.0
eno1: inet 222.XXX.XXX.XXX netmask 255.255.255.128 broadcast 222.XXX.XXX.XXX
virbr0: inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
Now I created an VM instance on image cirros. On my OpenStack dashboard, I created a private network demo-net of type vxlan, and it has a subnet 'demo-subnet', with the CIDR 10.56.1.0/24 and Gateway 10.56.1.1. The DHCP option is on.
Meanwhile, DevStack has already created a public net with CIDR 172.24.4.0/24(bonded to br-ex) and Gateway 172.24.4.1.
There is a router connecting the demo-net and public net.
I allocated a floating IP 172.24.4.124 in the public net's pool to this instance. I can ping this IP on this machine, and vice versa. But the problem is, when I ping 172.24.4.124 on another machine, it fails. I hope to access the VM instance outside the host, so what should I do to fix it?
Any help will be greatly appreciated! Thank you.


Solution

  • By default, Devstack creates an isolated "external" network which it calls public. You can only connect to this network, and all virtual networks that are attached to it, from the Devstack host. You could try to configure port forwarding (iptables command) on the Devstack host, but the real solution is below.

    You need to configure Devstack so that it uses your external network 222.XXX.XXX.XXX. The way this is done is documented at https://docs.openstack.org/devstack/latest/networking.html#shared-guest-interface (assuming your Devstack host has a single NIC eno1). In your case, you need to put this in local.conf:

    PUBLIC_INTERFACE=eno1
    HOST_IP=222.x.x.x
    FLOATING_RANGE=222.x.y.z/PREFIX
    PUBLIC_NETWORK_GATEWAY=your router, probably 222.something
    Q_FLOATING_ALLOCATION_POOL=start=222.a.b.c,end=222.d.e.f
    

    FLOATING_RANGE is the CIDR for the subnet to which eno1 is connected, and PREFIX is the prefix used by eno1. Q_FLOATING_ALLOCATION_POOL is the range of IP addresses in the 222.x.x.x network that you want to use for floating IPs.

    You will have to recreate a Devstack (although it might be possible to change the configuration of the current cloud, I would not know how). Before you do that, I would also strongly recommend reinstalling Ubuntu, to ensure no unwanted configurations from your current setup remain.