StarlingX

Cannot open VM console with Network Segment Range IP

Bug #1826610 reported by Juan Carlos Alonso
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
StarlingX
Invalid
High
chen haochuan

Bug Description

Brief Description
-----------------

In order to test the connectivity to a VM and between VMs, launch such VMs with an IP from a network from a network segment range.
Assign a segment_id to the network.
Cannot make an SSH to VMs
Cannot open the console of VMs.
Cannot ping the VMs.

Severity
--------

<Major: System/Feature is usable but degraded>

Steps to Reproduce
------------------

- Create flavor
- Create image
- Create a network segment range
- Crate a network wiht one segment id
- Launch instances
- Add Controller-0 IP to "/etc/hosts" in host:
  <your Controller IP address> novncproxy.openstack.svc.cluster.local
- Execute below commands to enable instance console access:
  Disable firewall on port 80 and 443
  sudo iptables -A INPUT -p tcp -m multiport --dports 80 -m comment --comment "500 horizon ingress dashboard" -j ACCEPT
  sudo iptables -A INPUT -p tcp -m multiport --dports 443 -m comment --comment "500 horizon ingress dashboard" -j ACCEPT
- Open Horizon and try to open VM console

Expected Behavior
------------------

Can access to VM through the console

Actual Behavior
----------------

Cannot make an SSH to VMs with an IP from a network of a network segment range.
Cannot open the console of VMs.
Cannot ping the VMs.

Reproducibility
---------------
<Reproducible/100%>

System Configuration
--------------------

Standard Local Storage (2+2)
Standard External Storage (2+2+2)

Logs
----

VM-Status.png
VM-Console-Status.png
Network-Topology.png
network_server_list.txt
nova-novncproxy-86cd7ff5db-7hr4k.txt
nova-novncproxy-86cd7ff5db-nv2x6.txt

Test Activity
-------------

Feature Testing

Revision history for this message
Juan Carlos Alonso (juancarlosa) wrote :
Revision history for this message
Juan Carlos Alonso (juancarlosa) wrote :
Revision history for this message
Juan Carlos Alonso (juancarlosa) wrote :
Revision history for this message
Juan Carlos Alonso (juancarlosa) wrote :
Revision history for this message
Juan Carlos Alonso (juancarlosa) wrote :
Revision history for this message
Juan Carlos Alonso (juancarlosa) wrote :
Revision history for this message
Juan Carlos Alonso (juancarlosa) wrote :
summary: - Cannot SSH to a VM with Network Segment Range
+ Cannot open VM console with Network Segment Range IP
Revision history for this message
Fernando Hernandez Gonzalez (fhernan2) wrote :
Revision history for this message
Fernando Hernandez Gonzalez (fhernan2) wrote :
Revision history for this message
Fernando Hernandez Gonzalez (fhernan2) wrote :
Revision history for this message
Fernando Hernandez Gonzalez (fhernan2) wrote :
Revision history for this message
Fernando Hernandez Gonzalez (fhernan2) wrote :
Revision history for this message
Fernando Hernandez Gonzalez (fhernan2) wrote :
Revision history for this message
Fernando Hernandez Gonzalez (fhernan2) wrote :
Revision history for this message
Fernando Hernandez Gonzalez (fhernan2) wrote :
Revision history for this message
Fernando Hernandez Gonzalez (fhernan2) wrote :

I am getting same behavior on 2+2+2 Baremetal system. Please see image attached and logs:
 - 2+2+2_Network_topology.png
 - horizon_port_31000_displayingvmsrunning.png
 - Instance_cephvm2_connectio_failed.png
 - CTL-0_IPtables_cmds_and_etc-hosts_edited.png
 - nova-novncproxy-74ff67467c-hcx5c.txt
 - nova-novncproxy-74ff67467c-phmwx.txt
 - nova-storage-init-7ksbg.txt

Revision history for this message
Yang Liu (yliu12) wrote :

For ping vm, I was able to reach VMs from external after adding neutron security group rules to default security group to allow icmp and tcp (see Kailun's email from Apr 5th to startlingx-discuss mailing list).

For the vm console issue, it never worked for me since containerization. I think it may have the same root cause as #1817618.

Revision history for this message
Frank Miller (sensfan22) wrote :

LP 1817618 reports an issue accessing the VM console log and not the VM console itself. Has the VM console access being broken as well as VM console log access? If yes that LP bug should be updated.

Also LP 1827246 (https://bugs.launchpad.net/starlingx/+bug/1827246) was opened this week to report that the VM console access itself is not working. This LP should be marked as a duplicate of that LP.

tags: added: stx.2.0
Revision history for this message
Frank Miller (sensfan22) wrote :

Marking stx2.0 gating as VM console access is fundamental to using StarlingX with VMs.

Changed in starlingx:
status: New → Triaged
importance: Undecided → High
assignee: nobody → Cindy Xie (xxie1)
Revision history for this message
Frank Miller (sensfan22) wrote :

Assigning to Cindy and request assistance to identify a prime to investigate this issue. But this LP should be marked as a duplicate of LP 1827246 (https://bugs.launchpad.net/starlingx/+bug/1827246)

chen haochuan (martin1982)
Changed in starlingx:
assignee: Cindy Xie (xxie1) → chen haochuan (martin1982)
Revision history for this message
Erich Cordoba (ericho) wrote :

Set as invalid as this is a duplicate of https://bugs.launchpad.net/starlingx/+bug/1827246

Changed in starlingx:
status: Triaged → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.