Accessing openstack instances hosted in Cloud - azure

I'm newbie to OpenStack! I've installed Openstack in Ubuntu Server 18.04 LTS on Microsoft Azure virtual machine (for my learning purpose because I don't have the required resources like 16GB RAM and 4 CPUs). I'm able to access the Openstack Dashboard with the help of public ip address of that VM using the browser in my machine. I've assigned floating ip address to the instance (here it is 172.24.4.8).
My instance specs are
This is my network topology and my azure virtual machine's network configurations
azure vm's private ip = 192.168.0.4
azure vm's public ip = 20.193.227.12
I can access the OpenStack Dashboard using azure vm's public ip address, But I'm unable to access the instance via SSH from my local machine and from that azure virtual machine too. Help me how to access them!

From your network topology screenshot, I guess that you used Devstack to create the cloud. Can you confirm that?
The external network named public is not connected to the world outside the cloud in any way. This is so because by default, Devstack creates an isolated external network for testing purposes. You should be able to access the instance from the Azure VM, however. The information given is not sufficient to explain why you can't.
See the Devstack networking page. It states that the
br-ex interface (...) is not connected to any physical interfaces
This is the technical reason for not being able to access instances.
The Shared Guest Interface section of the above page documents how to connect a Devstack cloud to a real external network.
EDIT:
The Shared Guest Interface instructions ask you to set this:
PUBLIC_INTERFACE= NIC connected to external network. *eth0* in your case.
HOST_IP= *192.168.0.4* for you
FLOATING_RANGE= Your netmask is 255.255.255.128, which translates to a network prefix of 25,
I think. If I am right, the value is *192.168.0.0/25*.
PUBLIC_NETWORK_GATEWAY= The IP address of the router on the *192.168.0.0/25* network.
Q_FLOATING_ALLOCATION_POOL= The range of addresses from FLOATING_RANGE
that you want to use as floating IPs for
your OpenStack instances.
FLAT_INTERFACE might be an old setting for the defunct Nova-Network service. I don't see it mentioned at all in the Ussuri version of Devstack.

Related

Changing the IP address of Azure Virtual Network cloud service

I have 2 different virtual networks set up in azure. The first of these virtual networks contains virtual machines in which I am able to set the internal virtual network IP as 10.101.1.4, 10.101.1.5, 10.101.1.6 on the virtual machines by using the preview portal to set the IP address
In my other virtual network I have a VPN connection and from the virtual network I add a Cloud service which we have informed the other side of the VPN will be available on 10.103.1.4 but for some reason this has now changed to 10.103.1.5
Is there any means of ensuring that the cloud service will always be deployed to the 10.103.1.4 IP address within the virtual network?
an compute instance or an azureVM get an IP-Adresse via DHCP and the lease time is 100+ years. to set a specific IP-Adresse to an azureVM/compute instance you can define a "static ip reservation" in your own VNET to this instance. e.g. via powershell, the new portal or via your cloud service configuration schema.
check out this link: https://azure.microsoft.com/en-us/blog/reserved-ip-addresses/
regards
patrick

Install openstack on vm windows azure

I just installed Openstack on Windows azure virtual machine.
But basicly Openstack need fixed ip(ip address which used to communicate between vm and openstack) and float ip(which used to communicate vm and network outside or internet)
But on windows Azure, VM just gave one private ip and one public ip for my azure virtual machine which i've installed Openstack.
So that VM which i created using openstack can't get both of fixed ip and float ip.
How i can configure this on windows azure vm so that my vm which i created using openstack can get fixed and float ip?
Thanks
I believe you cannot get around IP limitations that your VM gets from Azure. However that being said, depending on what O/S you run, you have always options to introduce more IP-addresses at O/S level.
Now depending of the O/S you can bridge/tunnel those IP addresses to access that VM in a manner that those IPs are exposed to clients. VPN is one good example of such functionality - which you may use different tools (again specific details rely on the O/S).
This is the only solution that comes to my mind; I've faced (and dealt with) the Azure only-one-IP limitation on other scenarios...

Azure VMs Virtual Network inter-communication

I'm new to Azure (strike 1) and totally suck at networking (strike 2).
Nevertheless, I've got two VMs up and running in the same virtual network; one will act as a web server and the other will act as a SQL database server.
While I can see that their internal IP addresses are both in the same network I'm unable to verify that the machines can communicate with each other and am sort of confused regarding the appropriate place to address this.
Microsoft's own documentation says
All virtual machines that you create in Windows Azure can
automatically communicate using a private network channel with other
virtual machines in the same cloud service or virtual network.
However, you need to add an endpoint to a machine for other resources
on the Internet or other virtual networks to communicate with it. You
can associate specific ports and a protocol to endpoints. Resources
can connect to an endpoint by using a protocol of TCP or UDP. The TCP
protocol includes HTTP and HTTPS communication.
So why can't the machines at least ping each other via internal IPs? Is it Windows Firewall getting in the way? I'm starting to wonder if I've chose the wrong approach for a simple web server/database server setup. Please forgive my ignorance. Any help would be greatly appreciated.
If both the machines are in the same Virtual Network, then just turn off Windows Firewall and they will be able to ping each other. Other way is to just allow all incoming ICMP traffic in Windows Firewall with Advanced Settings.
However there is a trick. Both the machines will see each other by IP Addresses, but there will be no name resolution in so defined Virtual Network. Meaning that you won't be able to ping by name, but only by direct IP address. So, if want your Website (on VM1) to connect to SQL Server (on VM2), you have to address it by full IP Address, not machine name.
The only way to make name resolution within a Virtual Network is to use a dedicated DNS server, which you maintain and configure on-premises.
This article describes in details name resolution scenarios in Windows Azure. Your particular case is this:
Name resolution between virtual machines and role instances located in
the same virtual network, but different cloud services
You could potentially achieve name resolution, if you put your VMs is same cloud service. Thus you will not even require dedicated virtual network.
If your VMs are inside a Virtual Network in Azure, then you have to make sure two things.
Required Port is enabled.
Firewall is disabled on the server.
I was trying to connect to one VM where SQL Server DB was installed, from another VM. I Had to enable 1433 port in the VM where SQL was installed. For this you need to add an MSSQL endpoint to the VM on the azure management portal. After that i disabled windows firewall. Then i was able to connect to the VM from another.

Connecting Windows Azure to On-Premise Active Directory

I am trying to connect my Windows Azure Virtual machines to my On Premise network. I have established a site to site VPN tunnel, and have created the appropriate subnets and placed a virtual machine in one of the subnets that isn't the gateway subnet.
My on premise test network is 192.168.9.x/24 my Azure Network is 10.4.x.x/16 with a subnet for DMZ - 10.4.2.x/24 and ServerNetwork at 10.4.3.x/24.
I have confirmed that the tunnel is up and running both on the Windows Azure side, as well as on my Cisco ASA 5505.
I want my servers to be able to communicate across the tunnel, however currently they cannot see each other. I am missing something, I tried static routes between the two servers, and have not had any success. Has anyone gotten this to work? If so what did you do on the networking side of the config to make it work?
Thanks,
Steve
Windows Azure Virtual Network enables you to create secure site-to-site connectivity, as well as protected private virtual networks in the cloud.
You can specify the address space that will be used for both your virtual network and the virtual network gateway.
Additionally, new name resolution features allow you to connect directly to role instances and virtual machines by hostname.
These features allow you to use Windows Azure as you would a branch office, or as a protected private virtual network in the cloud.
You can read more about it here:
http://msdn.microsoft.com/en-us/library/windowsazure/jj156007.aspx
Here is a lab exercise to walk you through the process:
http://www.windowsazure.com/en-us/manage/services/networking/create-a-virtual-network/

Virtual IP and Internal IP of Windows Azure Virtual Machines

Is it possible for a virtual machine to communicate with another virtual machine created in a different location using internal IP ?
How to obtain the external vip of a azure virtual machine after login to that paticular virtual machine ?
Having in mind the first comment to the question, and the fact that it is not yet updated with more details, here are my two cents.
The only way to communicate via internal IP address is to create 2 sets of Virtual Networks, and connect both of them to on-premises Virtual Network. That is the only way I see that the two VMs, hosted in different geographic location to see each other.
As for obtainign the external VIP of a Virtual machine, you can use the Windows Azure Management API (GetVirtualMachine) to get the VPI of a VM programatically. Or just trace the [vmname].cloudapp.net to see the IP address.

Resources