Description of problem: The default settings of packstack creates a demo tenant (and user) with a private network. The private network is marked as external, so when it is used by the demo user (and likely other users in demo tenant), the instance is moved into the error state and the following error can be seen in nova-compute logs: Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/nova/compute/manager.py", line 2442, in _build_resources yield resources File "/usr/lib/python2.7/site-packages/nova/compute/manager.py", line 2314, in _build_and_run_instance block_device_info=block_device_info) File "/usr/lib/python2.7/site-packages/nova/virt/libvirt/driver.py", line 2347, in spawn admin_pass=admin_password) File "/usr/lib/python2.7/site-packages/nova/virt/libvirt/driver.py", line 2839, in _create_image instance, network_info, admin_pass, files, suffix) File "/usr/lib/python2.7/site-packages/nova/virt/libvirt/driver.py", line 2636, in _inject_data network_info, libvirt_virt_type=CONF.libvirt.virt_type) File "/usr/lib/python2.7/site-packages/nova/virt/netutils.py", line 87, in get_injected_network_template if not (network_info and template): File "/usr/lib/python2.7/site-packages/nova/network/model.py", line 476, in __len__ return self._sync_wrapper(fn, *args, **kwargs) File "/usr/lib/python2.7/site-packages/nova/network/model.py", line 463, in _sync_wrapper self.wait() File "/usr/lib/python2.7/site-packages/nova/network/model.py", line 495, in wait self[:] = self._gt.wait() File "/usr/lib/python2.7/site-packages/eventlet/greenthread.py", line 175, in wait return self._exit_event.wait() File "/usr/lib/python2.7/site-packages/eventlet/event.py", line 125, in wait current.throw(*self._exc) File "/usr/lib/python2.7/site-packages/eventlet/greenthread.py", line 214, in main result = function(*args, **kwargs) File "/usr/lib/python2.7/site-packages/nova/compute/manager.py", line 1770, in _allocate_network_async dhcp_options=dhcp_options) File "/usr/lib/python2.7/site-packages/nova/network/neutronv2/api.py", line 485, in allocate_for_instance self._check_external_network_attach(context, nets) File "/usr/lib/python2.7/site-packages/nova/network/neutronv2/api.py", line 342, in _check_external_network_attach network_uuid=net['id']) ExternalNetworkAttachForbidden: It is not allowed to create an interface on external network 30e389bc-658f-42dd-beff-b1ceba435baf When the external attribute is removed, instances can be created successfully with that network: neutron net-update private --router:external=False The following upstream review should fix this problem: https://review.openstack.org/#/c/159548/ Thanks Javier Peña for the hints. Tested on RHEL 7.1. Version-Release number of selected component (if applicable): openstack-puppet-modules-2015.1.0-1.el7.noarch openstack-packstack-2015.1-0.1.dev1537.gba5183c.el7.noarch
The private network of the demo tenant as deployed by packstack is not marked as external. Verified on an up-to-date CentOS 7, with: RDO Kilo: openstack-packstack-2015.1-0.14.dev1616.g5526c38.el7.noarch openstack-packstack-puppet-2015.1-0.14.dev1616.g5526c38.el7.noarch openstack-puppet-modules-2015.1.12-6.el7.noarch RDO Liberty: openstack-packstack-7.0.0-0.10.dev1682.g42b3426.el7.noarch openstack-packstack-puppet-7.0.0-0.10.dev1682.g42b3426.el7.noarch openstack-puppet-modules-7.0.1-1.el7.noarch RDO Mitaka (DLRN snapshot): openstack-packstack-8.0.0-0.20160303124552.0476b9b.el7.centos.noarch openstack-packstack-puppet-8.0.0-0.20160303124552.0476b9b.el7.centos.noarch openstack-puppet-modules-8.0.0a0-0.20160304203011.7dc7e93.el7.centos.noarch