Hi Everyone, I used the Openshift-on-openstack Heat templates. I deployed the system, except for the docker-registry and did that by hand. Here's my services.
I can curl 172.30.195.55:5000 on the master-0 where it's deployed, but not from any other nodes ``` [root@ossdell-openshift-master-0 ~]# oc get services NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE docker-registry 172.30.195.55 <none> 5000/TCP 5m kubernetes 172.30.0.1 <none> 443/TCP,53/UDP,53/TCP 1d router 172.30.112.213 <none> 80/TCP,443/TCP,1936/TCP 1d [root@ossdell-openshift-master-0 ~]# curl -v 172.30.195.55:5000 * About to connect() to 172.30.195.55 port 5000 (#0) * Trying 172.30.195.55... * Connected to 172.30.195.55 (172.30.195.55) port 5000 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.29.0 > Host: 172.30.195.55:5000 > Accept: */* > < HTTP/1.1 200 OK < Cache-Control: no-cache < Date: Fri, 10 Jun 2016 16:21:33 GMT < Content-Length: 0 < Content-Type: text/plain; charset=utf-8 < * Connection #0 to host 172.30.195.55 left intact [root@ossdell-openshift-master-0 ~]# ``` Here's master-1 trying to curl: ``` [root@ossdell-openshift-master-1 ~]# curl -v 172.30.195.55:5000 * About to connect() to 172.30.195.55 port 5000 (#0) * Trying 172.30.195.55... * No route to host * Failed connect to 172.30.195.55:5000; No route to host * Closing connection 0 curl: (7) Failed connect to 172.30.195.55:5000; No route to host ``` And the routing table on master-1 ``` [root@ossdell-openshift-master-1 ~]# ip r default via 192.168.0.1 dev eth0 proto static metric 10010.0.0.0/24 dev eth1 proto kernel scope link src 10.0.0.4 metric 100172.30.25.0/24 dev docker0 proto kernel scope link src 172.30.25.1172.30.62.0/24 via 10.0.0.5 dev eth1172.30.95.0/24 via 10.0.0.6 dev eth1172.30.97.0/24 via 10.0.0.7 dev eth1192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.6 metric 100 [root@ossdell-openshift-master-1 ~]# ``` Flannel is running on all the nodes: ``` [root@ossdell-openshift-master-1 ~]# ps -ef | grep flann root 8615 1 0 Jun08 ? 00:00:13 /usr/bin/flanneld -etcd-endpoints=https://ossdell-openshift-master-0.example.com:2379,https://ossdell-openshift-master-1.example.com:2379 -etcd-prefix=/openshift.com/network --iface eth1 --etcd-cafile=/etc/origin/node/node.etcd-ca.crt --etcd-keyfile=/etc/origin/node/node.etcd-client.key --etcd-certfile=/etc/origin/node/node.etcd-client.crt ``` And my OpenStack has port_security_enabled everywhere: ``` [heat-admin@tan-controller-0 ~]$ neutron net-list | tail -n +4 | awk '{print $2}' | xargs -n 1 neutron net-show | grep port | port_security_enabled | True | | port_security_enabled | True | | port_security_enabled | True | | port_security_enabled | True | | port_security_enabled | True | ``` So, is there a config that Flannel is missing to build up the route to 172.30.195.55 ? I can curl the router just fine: ``` [root@ossdell-openshift-node-gptvbd41 ~]# curl -v 172.30.112.213:80 | grep 200 * About to connect() to 172.30.112.213 port 80 (#0) * Trying 172.30.112.213... % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Connected to 172.30.112.213 (172.30.112.213) port 80 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.29.0 > Host: 172.30.112.213 > Accept: */* > * HTTP 1.0, assume close after body < HTTP/1.0 503 Service Unavailable < Pragma: no-cache < Cache-Control: private, max-age=0, no-cache, no-store < Connection: close < Content-Type: text/html < { [data not shown] ``` Any idea what I can jostle to get flannel to deliver packets down to the service-cluster-ip-range (which I'm assuming the docker-registry IP comes from) Thanks VERY much, Judd (at Dell) -- Judd Maltin T: 917-882-1270 Of Life immense in passion, pulse, and power, Cheerful—for freest action form’d, under the laws divine, The Modern Man I sing. -Walt Whitman
_______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
