date:20141119

Re: [Openstack] Failing to upload image via glance.

2014-11-19 Thread Remo Mattei

Check users and passwords with mysql for the glance and keystone

Inviato da iPhone ()

> Il giorno 19/nov/2014, alle ore 20:11, Ken D'Ambrosio  ha 
> scritto:
> 
> Hi, all.  Stepping through the Juno install docs for Ubuntu, trying to fire 
> up my first-time install.  At page 41 in the PDF, where it has me:
> 
> * Source my credentials file, then
> * lance image-create --name "cirros-0.3.3-x86_64" --file 
> cirros-0.3.3-x86_64-disk.img --disk-format qcow2 --container-format bare 
> --is-public True --progress
> 
> I'm getting:
> [=>] 100%
> Request returned failure status 401.
> Invalid OpenStack Identity credentials.
> 
> My /var/log/glance/api.log file gives me:
> 2014-11-19 22:46:04.493 9961 INFO urllib3.connectionpool [-] Starting new 
> HTTP connection (1): openstack-controller
> 2014-11-19 22:46:04.580 9961 INFO keystonemiddleware.auth_token [-] Auth 
> Token confirmed use of v2.0 apis
> 2014-11-19 22:46:04.583 9961 INFO urllib3.connectionpool [-] Starting new 
> HTTP connection (1): openstack-controller
> 2014-11-19 22:46:04.784 9961 WARNING keystonemiddleware.auth_token [-] 
> Unexpected response from keystone service: {u'error': {u'message': u'The 
> request you have made requires authentication.', u'code': 401, u'title': 
> u'Unauthorized'}}
> 2014-11-19 22:46:04.785 9961 WARNING keystonemiddleware.auth_token [-] 
> Authorization failed for token
> 2014-11-19 22:46:04.787 9961 INFO keystonemiddleware.auth_token [-] Invalid 
> user token - deferring reject downstream
> 2014-11-19 22:46:04.888 9961 INFO glance.wsgi.server [-] 192.168.21.169 - - 
> [19/Nov/2014 22:46:04] "POST /v1/images HTTP/1.1" 401 485 0.427956
> 
> keystone-all.log gives me:
> 2014-11-19 23:05:07.856 6039 WARNING keystone.common.wsgi [-] Authorization 
> failed. The request you have made requires authentication. from 192.168.21.169
> 
> Clearly, something isn't (no duh) authenticating properly.  Since there were 
> roughly 10 zillion steps leading up to this verification step, can anyone 
> point me in the direction of the file(s) I should be paying special attention 
> to?
> 
> Thanks!
> 
> -Ken
> 
> ___
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack@lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> 
> !DSPAM:1,546d6c7667811733861235!
> 

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

[Openstack] Failing to upload image via glance.

2014-11-19 Thread Ken D'Ambrosio

Hi, all.  Stepping through the Juno install docs for Ubuntu, trying to 
fire up my first-time install.  At page 41 in the PDF, where it has me:


* Source my credentials file, then
* lance image-create --name "cirros-0.3.3-x86_64" --file 
cirros-0.3.3-x86_64-disk.img --disk-format qcow2 --container-format bare 
--is-public True --progress


I'm getting:
[=>] 100%
Request returned failure status 401.
Invalid OpenStack Identity credentials.

My /var/log/glance/api.log file gives me:
2014-11-19 22:46:04.493 9961 INFO urllib3.connectionpool [-] Starting 
new HTTP connection (1): openstack-controller
2014-11-19 22:46:04.580 9961 INFO keystonemiddleware.auth_token [-] Auth 
Token confirmed use of v2.0 apis
2014-11-19 22:46:04.583 9961 INFO urllib3.connectionpool [-] Starting 
new HTTP connection (1): openstack-controller
2014-11-19 22:46:04.784 9961 WARNING keystonemiddleware.auth_token [-] 
Unexpected response from keystone service: {u'error': {u'message': u'The 
request you have made requires authentication.', u'code': 401, u'title': 
u'Unauthorized'}}
2014-11-19 22:46:04.785 9961 WARNING keystonemiddleware.auth_token [-] 
Authorization failed for token
2014-11-19 22:46:04.787 9961 INFO keystonemiddleware.auth_token [-] 
Invalid user token - deferring reject downstream
2014-11-19 22:46:04.888 9961 INFO glance.wsgi.server [-] 192.168.21.169 
- - [19/Nov/2014 22:46:04] "POST /v1/images HTTP/1.1" 401 485 0.427956


keystone-all.log gives me:
2014-11-19 23:05:07.856 6039 WARNING keystone.common.wsgi [-] 
Authorization failed. The request you have made requires authentication. 
from 192.168.21.169


Clearly, something isn't (no duh) authenticating properly.  Since there 
were roughly 10 zillion steps leading up to this verification step, can 
anyone point me in the direction of the file(s) I should be paying 
special attention to?


Thanks!

-Ken

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] Απάντηση: Re: Documentation Error??

2014-11-19 Thread Aaron Segura

Okay, I believe I see what you're going for now.  Are you planning on
assigning 133.* addresses directly to your guest instances?

On Wed Nov 19 2014 at 5:53:36 PM Dimitrakakis Georgios 
wrote:

> Sorry about the confusion!
>
> I have two nodes, with two network interfaces each. One configured with
> 192.* IP and one with 133.*
> I can access them with SSH directly at 133.*
>
> Both nodes can ping one another and both nodes can ping Internet addresses
> e.g.  google. com
>
> No other router available for configuration.
> No openstack yet.
>
> So, my question is the following :
>
> If I want to install openstack should I modify the external network
> interface so that it doesn't have an IP address?  If I do that how can I
> access the server then?
>
> I was under the impression that the document was talking about a situation
> like the above when it clearly doesn't. That's why I am looking for new
> guidelines.
>
> All the best,
>
> George
>
>
>  Ο χρήστης Aaron Segura έγραψε 
>
> I'm not sure I understand.  Are you able to ping from your nodes out to
> the internet at all?
>
> On Wed Nov 19 2014 at 3:29:54 PM Georgios Dimitrakakis <
> gior...@acmac.uoc.gr> wrote:
>
>>  Aaron it helps a lot and thank you for that.
>>
>>  Unfortunately in my setup there is no router for the management
>>  interface since it is much simpler and has two interfaces: one that has
>>  an external IP and connects directly to the internet and a second one
>>  with internal (management) network that cannot be reached from the
>>  outside. In such a case can you recommend a setup or point me at a
>>  documentation?
>>
>>  Thanks a lot again,
>>
>>
>>  George
>>
>>
>>
>>  On Wed, 19 Nov 2014 20:39:10 +, Aaron Segura wrote:
>> > When the documentation refers to testing external connectivity from
>> > the nodes, it does not mean to test connectivity via the External
>> > Interface, irself.  It means that you should be able to reach the
>> > external network (Internet) and the other nodes, from each node, via
>> > the Management Interface.  The Management Interface is how you will
>> > log in to the nodes via SSH, as well.  The network attached to your
>> > Management Interface should have a route out to the Internet and
>> > provide all the connectivity you need to manage the node, install
>> > software, etc...
>> >
>> > Hope that helps!
>> >
>> > On Wed Nov 19 2014 at 2:19:07 PM Georgios Dimitrakakis  wrote:
>> >
>> >>  First of all let me thank you very much for your clear replies!
>> >>
>> >>  Yes! That makes sense indeed for the Virtual Machines!
>> >>
>> >>  What about the compute node itself? If I am not wrong at that
>> >> point of
>> >>  documentation nova-network hasnt been installed or configured. So
>> >> how
>> >>  is it possible the connectivity tests with the external network
>> >> to be
>> >>  successful as shown at that point?
>> >>
>> >>  Furthermore if someone wants to have direct SSH access to the
>> >> node from
>> >>  the external network how is that achieved? In general how does
>> >> the
>> >>  physical node itself access the external network?
>> >>
>> >>  All the best,
>> >>
>> >>  George
>> >>
>> >>  On Wed, 19 Nov 2014 14:25:29 +, Aaron Segura wrote:
>> >> > Think of your external interface as if it were a switch. The
>> >> guests
>> >> > are plugged in to the switch. They will have IP addresses that
>> >> allow
>> >> > them to communicate on the network. The physical interface just
>> >> ships
>> >> > packets back and forth between physical and virtual networks, and
>> >> > doesnt need its own address. Make more sense?
>> >> >
>> >> > On Wed, Nov 19, 2014, 07:53 Georgios Dimitrakakis  wrote:
>> >> >
>> >> >>  Hello stackers!
>> >> >>
>> >> >>  In OpenStack documentation and specifically on Legacy
>> >> Networking
>> >> >>
>> >> >>
>> >> >
>> >> >
>> >>
>> >
>> >  http://docs.openstack.org/juno/install-guide/install/yum/co
>> ntent/ch_basic_environment.html#basics-networking-nova
>> >> [1]
>> >> >> [1]
>> >> >>
>> >> >>  says clearly that for a two node installation the interface
>> >> >> dedicated
>> >> >>  to the external network should not be configured with an IP
>> >> >> address.
>> >> >>
>> >> >>  Is this correct??
>> >> >>
>> >> >>  Furthermore at the "Verify Connectivity" part is pinging
>> >> >> successfully
>> >> >>  on the external network and my question is how is this
>> >> happening?
>> >> >> Does
>> >> >>  it assume that there is a third interface already connected on
>> >> >> the
>> >> >>  external network??
>> >> >>
>> >> >>  How is accessing the external network without even configuring
>> >> >> the
>> >> >>  interface dedicated at it?? Does it assume that the internal
>> >> >> network
>> >> >>  somehow performs a routing??
>> >> >>
>> >> >>  Best regards,
>> >> >>
>> >> >>  G.
>> >> >>
>> >> >> ___
>> >> >> Mailing list:
>> >> >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>> >> [2] [2]
>> >> >> Post to : openst

[Openstack] [infra] [storyboard] Goodbye Infra on Launchpad, Hello Infra on StoryBoard

2014-11-19 Thread Michael Krotscheck

The OpenStack Infrastructure team has successfully migrated all of the 
openstack-infra project bugs from LaunchPad to StoryBoard. With the exception 
of openstack-ci bugs tracked by elastic recheck, all bugs, tickets, and work 
tracked for OpenStack Infrastructure projects must now be submitted and 
accessed at https://storyboard.openstack.org. If you file a ticket on 
LaunchPad, the Infrastructure team no longer guarantees that it will be 
addressed. Note that only the infrastructure projects have moved, no other 
OpenStack projects have been migrated.

This is part of a long-term plan to migrate OpenStack from Launchpad to 
StoryBoard.  At this point we feel that StoryBoard meets the needs of the 
OpenStack infrastructure team and plan to use this migration to further 
exercise the project while we continue its development.

As you may notice, Development on StoryBoard is ongoing, and we have not yet 
reached feature parity with those parts of LaunchPad which are needed for the 
rest of OpenStack. Contributions are always welcome, and the team may be 
contacted in the #storyboard or #openstack-infra channels on freenode, via the 
openstack-dev list using the [storyboard] subject, or via StoryBoard itself by 
creating a story. Feel free to report any bugs, ask any questions, or make any 
improvement suggestions that you come up with at: 
https://storyboard.openstack.org/#!/project/456 


We are always looking for more contributors! If you have skill in AngularJS or 
Pecan, or would like to fill in some of our documentation for us, we are happy 
to accept patches. If your project is interested in moving to StoryBoard, 
please contact us directly. While we are hesitant to move new projects to 
storyboard at this point, we would love working with you to determine which 
features are needed to support you.

Relevant links:
• Storyboard: https://storyboard.openstack.org 

• Team Wiki: https://wiki.openstack.org/wiki/StoryBoard 
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

[Openstack] Απάντηση: Re: Documentation Error??

2014-11-19 Thread Dimitrakakis Georgios

Sorry about the confusion!

I have two nodes, with two network interfaces each. One configured with 192.* 
IP and one with 133.*
I can access them with SSH directly at 133.*

Both nodes can ping one another and both nodes can ping Internet addresses e.g. 
 google. com 

No other router available for configuration. 
No openstack yet.

So, my question is the following :

If I want to install openstack should I modify the external network interface 
so that it doesn't have an IP address?  If I do that how can I access the 
server then?

I was under the impression that the document was talking about a situation like 
the above when it clearly doesn't. That's why I am looking for new guidelines. 

All the best,

George

 Ο χρήστης Aaron Segura έγραψε 

>I'm not sure I understand.  Are you able to ping from your nodes out to the 
>internet at all?
>
>
>On Wed Nov 19 2014 at 3:29:54 PM Georgios Dimitrakakis  
>wrote:
>
> Aaron it helps a lot and thank you for that.
>
> Unfortunately in my setup there is no router for the management
> interface since it is much simpler and has two interfaces: one that has
> an external IP and connects directly to the internet and a second one
> with internal (management) network that cannot be reached from the
> outside. In such a case can you recommend a setup or point me at a
> documentation?
>
> Thanks a lot again,
>
>
> George
>
>
>
> On Wed, 19 Nov 2014 20:39:10 +, Aaron Segura wrote:
>> When the documentation refers to testing external connectivity from
>> the nodes, it does not mean to test connectivity via the External
>> Interface, irself.  It means that you should be able to reach the
>> external network (Internet) and the other nodes, from each node, via
>> the Management Interface.  The Management Interface is how you will
>> log in to the nodes via SSH, as well.  The network attached to your
>> Management Interface should have a route out to the Internet and
>> provide all the connectivity you need to manage the node, install
>> software, etc...
>>
>> Hope that helps!
>>
>> On Wed Nov 19 2014 at 2:19:07 PM Georgios Dimitrakakis  wrote:
>>
>>>  First of all let me thank you very much for your clear replies!
>>>
>>>  Yes! That makes sense indeed for the Virtual Machines!
>>>
>>>  What about the compute node itself? If I am not wrong at that
>>> point of
>>>  documentation nova-network hasnt been installed or configured. So
>>> how
>>>  is it possible the connectivity tests with the external network
>>> to be
>>>  successful as shown at that point?
>>>
>>>  Furthermore if someone wants to have direct SSH access to the
>>> node from
>>>  the external network how is that achieved? In general how does
>>> the
>>>  physical node itself access the external network?
>>>
>>>  All the best,
>>>
>>>  George
>>>
>>>  On Wed, 19 Nov 2014 14:25:29 +, Aaron Segura wrote:
>>> > Think of your external interface as if it were a switch. The
>>> guests
>>> > are plugged in to the switch. They will have IP addresses that
>>> allow
>>> > them to communicate on the network. The physical interface just
>>> ships
>>> > packets back and forth between physical and virtual networks, and
>>> > doesnt need its own address. Make more sense?
>>> >
>>> > On Wed, Nov 19, 2014, 07:53 Georgios Dimitrakakis  wrote:
>>> >
>>> >>  Hello stackers!
>>> >>
>>> >>  In OpenStack documentation and specifically on Legacy
>>> Networking
>>> >>
>>> >>
>>> >
>>> >
>>>
>>
>>  
>> http://docs.openstack.org/juno/install-guide/install/yum/content/ch_basic_environment.html#basics-networking-nova
>>> [1]
>>> >> [1]
>>> >>
>>> >>  says clearly that for a two node installation the interface
>>> >> dedicated
>>> >>  to the external network should not be configured with an IP
>>> >> address.
>>> >>
>>> >>  Is this correct??
>>> >>
>>> >>  Furthermore at the "Verify Connectivity" part is pinging
>>> >> successfully
>>> >>  on the external network and my question is how is this
>>> happening?
>>> >> Does
>>> >>  it assume that there is a third interface already connected on
>>> >> the
>>> >>  external network??
>>> >>
>>> >>  How is accessing the external network without even configuring
>>> >> the
>>> >>  interface dedicated at it?? Does it assume that the internal
>>> >> network
>>> >>  somehow performs a routing??
>>> >>
>>> >>  Best regards,
>>> >>
>>> >>  G.
>>> >>
>>> >> ___
>>> >> Mailing list:
>>> >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>> [2] [2]
>>> >> Post to     : openstack@lists.openstack.org [3] [3]
>>> >> Unsubscribe :
>>> >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>> [4] [4]
>>> >
>>> >
>>> > Links:
>>> > --
>>> > [1]
>>> >
>>> >
>>>
>>
>> http://docs.openstack.org/juno/install-guide/install/yum/content/ch_basic_environment.html#basics-networking-nova
>>> [5]
>>> > [2] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>>> [6]
>>> > [3] mailto:openstack@lists.openstack.org [7]
>>> > [4] http

Re: [Openstack] Documentation Error??

2014-11-19 Thread Aaron Segura

I'm not sure I understand.  Are you able to ping from your nodes out to the
internet at all?

On Wed Nov 19 2014 at 3:29:54 PM Georgios Dimitrakakis 
wrote:

>  Aaron it helps a lot and thank you for that.
>
>  Unfortunately in my setup there is no router for the management
>  interface since it is much simpler and has two interfaces: one that has
>  an external IP and connects directly to the internet and a second one
>  with internal (management) network that cannot be reached from the
>  outside. In such a case can you recommend a setup or point me at a
>  documentation?
>
>  Thanks a lot again,
>
>
>  George
>
>
>
>  On Wed, 19 Nov 2014 20:39:10 +, Aaron Segura wrote:
> > When the documentation refers to testing external connectivity from
> > the nodes, it does not mean to test connectivity via the External
> > Interface, irself.  It means that you should be able to reach the
> > external network (Internet) and the other nodes, from each node, via
> > the Management Interface.  The Management Interface is how you will
> > log in to the nodes via SSH, as well.  The network attached to your
> > Management Interface should have a route out to the Internet and
> > provide all the connectivity you need to manage the node, install
> > software, etc...
> >
> > Hope that helps!
> >
> > On Wed Nov 19 2014 at 2:19:07 PM Georgios Dimitrakakis  wrote:
> >
> >>  First of all let me thank you very much for your clear replies!
> >>
> >>  Yes! That makes sense indeed for the Virtual Machines!
> >>
> >>  What about the compute node itself? If I am not wrong at that
> >> point of
> >>  documentation nova-network hasnt been installed or configured. So
> >> how
> >>  is it possible the connectivity tests with the external network
> >> to be
> >>  successful as shown at that point?
> >>
> >>  Furthermore if someone wants to have direct SSH access to the
> >> node from
> >>  the external network how is that achieved? In general how does
> >> the
> >>  physical node itself access the external network?
> >>
> >>  All the best,
> >>
> >>  George
> >>
> >>  On Wed, 19 Nov 2014 14:25:29 +, Aaron Segura wrote:
> >> > Think of your external interface as if it were a switch. The
> >> guests
> >> > are plugged in to the switch. They will have IP addresses that
> >> allow
> >> > them to communicate on the network. The physical interface just
> >> ships
> >> > packets back and forth between physical and virtual networks, and
> >> > doesnt need its own address. Make more sense?
> >> >
> >> > On Wed, Nov 19, 2014, 07:53 Georgios Dimitrakakis  wrote:
> >> >
> >> >>  Hello stackers!
> >> >>
> >> >>  In OpenStack documentation and specifically on Legacy
> >> Networking
> >> >>
> >> >>
> >> >
> >> >
> >>
> >
> >  http://docs.openstack.org/juno/install-guide/install/yum/
> content/ch_basic_environment.html#basics-networking-nova
> >> [1]
> >> >> [1]
> >> >>
> >> >>  says clearly that for a two node installation the interface
> >> >> dedicated
> >> >>  to the external network should not be configured with an IP
> >> >> address.
> >> >>
> >> >>  Is this correct??
> >> >>
> >> >>  Furthermore at the "Verify Connectivity" part is pinging
> >> >> successfully
> >> >>  on the external network and my question is how is this
> >> happening?
> >> >> Does
> >> >>  it assume that there is a third interface already connected on
> >> >> the
> >> >>  external network??
> >> >>
> >> >>  How is accessing the external network without even configuring
> >> >> the
> >> >>  interface dedicated at it?? Does it assume that the internal
> >> >> network
> >> >>  somehow performs a routing??
> >> >>
> >> >>  Best regards,
> >> >>
> >> >>  G.
> >> >>
> >> >> ___
> >> >> Mailing list:
> >> >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> >> [2] [2]
> >> >> Post to : openstack@lists.openstack.org [3] [3]
> >> >> Unsubscribe :
> >> >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> >> [4] [4]
> >> >
> >> >
> >> > Links:
> >> > --
> >> > [1]
> >> >
> >> >
> >>
> >
> > http://docs.openstack.org/juno/install-guide/install/yum/
> content/ch_basic_environment.html#basics-networking-nova
> >> [5]
> >> > [2] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> >> [6]
> >> > [3] mailto:openstack@lists.openstack.org [7]
> >> > [4] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> >> [8]
> >> > [5] mailto:gior...@acmac.uoc.gr [9]
> >
> >
> > Links:
> > --
> > [1]
> >
> > http://docs.openstack.org/juno/install-guide/install/yum/
> content/ch_basic_environment.html#basics-networking-nova
> > [2] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> > [3] mailto:openstack@lists.openstack.org
> > [4] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> > [5]
> >
> > http://docs.openstack.org/juno/install-guide/install/yum/
> content/ch_basic_environment.html#basics-networking-nova
> > [6] http://lists.openstack.org/cgi-bin/mailman/listinfo/op

[Openstack] [devstack] [Neutron] Multi host installation cannot ping VM from compute node

2014-11-19 Thread Mark Kirkwood


Hi,

I have a small multi host devstack setup running from from 2 Ubuntu 
14.04 hosts (themselves VMs):

- controller node (stack1) running everything except compute
- compute node (stack2) running compute only

If I amend the default security group to allow ping and start a VM:

stack1 $ neutron security-group-rule-create --protocol icmp 
--direction ingress default

stack1 $ nova boot --image cirros-0.3.2-x86_64-uec --flavor 1 cirros0
stack1 $ nova list
+--+-+++-+--+
| ID   | Name| Status | Task State | 
Power State | Networks |

+--+-+++-+--+
| 2bebd3c2-0bab-41b7-b0dd-555b49fd147a | cirros0 | ACTIVE | -  | 
Running | private=10.0.0.2 |

+--+-+++-+--+

stack1 $ ping 10.0.0.2
PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
64 bytes from 10.0.0.2: icmp_seq=1 ttl=63 time=2.99 ms


But from the compute node:

stack2 $ ping 10.0.0.2
(hangs)

It looks like I'm missing a route or nat rule of some kind:

stack1 $ route
$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric RefUse 
Iface

default 192.168.122.1   0.0.0.0 UG0  00 eth0
10.0.0.0172.24.4.2  255.255.255.0   UG0  00 
br-ex
172.24.4.0  *   255.255.255.0   U 0  00 
br-ex

192.168.122.0   *   255.255.255.0   U 0  00 eth0


stack2 $ route
$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric RefUse 
Iface

default 192.168.122.1   0.0.0.0 UG0  00 eth0
192.168.122.0   *   255.255.255.0   U 0  00 eth0


My local.conf config for the two hosts are:

stack1 $ cat local.conf
[[local|localrc]]
ADMIN_PASSWORD=password
MYSQL_PASSWORD=password
RABBIT_PASSWORD=password
SERVICE_PASSWORD=password
SERVICE_TOKEN=tokentoken
ENABLED_SERVICES=rabbit,mysql,key
ENABLED_SERVICES+=,-n-net
ENABLED_SERVICES+=,n-api,n-crt,n-obj,n-cond,n-sch,n-novnc,n-cauth
ENABLED_SERVICES+=,neutron,q-svc,q-agt,q-dhcp,q-l3,q-meta
ENABLED_SERVICES+=,g-api,g-reg
ENABLED_SERVICES+=,cinder,c-api,c-vol,c-sch,c-bak
ENABLED_SERVICES+=,horizon

# Multi host stuff
MULTI_HOST=True
HOST_IP=192.168.122.31


stack2 $ cat local.conf
[[local|localrc]]
ADMIN_PASSWORD=password
MYSQL_PASSWORD=password
RABBIT_PASSWORD=password
SERVICE_PASSWORD=password
SERVICE_TOKEN=tokentoken
ENABLED_SERVICES=rabbit
ENABLED_SERVICES+=,n-cpu
ENABLED_SERVICES+=,neutron,q-agt

# Multi host stuff
MULTI_HOST=True
HOST_IP=192.168.122.32
DATABASE_TYPE=mysql
SERVICE_HOST=192.168.122.31
MYSQL_HOST=192.168.122.31
RABBIT_HOST=192.168.122.31
GLANCE_HOSTPORT=192.168.122.31:9292
Q_HOST=192.168.122.31


The interfaces and ovs setup for each host are:

stack1 $ ifconfig
br-ex Link encap:Ethernet  HWaddr 46:c4:42:d3:44:4f
  inet addr:172.24.4.1  Bcast:0.0.0.0  Mask:255.255.255.0
  UP BROADCAST RUNNING  MTU:1500  Metric:1
  RX packets:18 errors:0 dropped:0 overruns:0 frame:0
  TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:0
  RX bytes:1280 (1.2 KB)  TX bytes:550 (550.0 B)

br-intLink encap:Ethernet  HWaddr 5e:c1:4f:ab:13:4e
  inet6 addr: fe80::f8e7:1aff:fe6e:b38d/64 Scope:Link
  UP BROADCAST RUNNING  MTU:1500  Metric:1
  RX packets:37 errors:0 dropped:0 overruns:0 frame:0
  TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:0
  RX bytes:3348 (3.3 KB)  TX bytes:648 (648.0 B)

br-tunLink encap:Ethernet  HWaddr f6:bf:2d:bc:ec:43
  inet6 addr: fe80::f8a9:c6ff:fe7e:c1e6/64 Scope:Link
  UP BROADCAST RUNNING  MTU:1500  Metric:1
  RX packets:0 errors:0 dropped:0 overruns:0 frame:0
  TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:0
  RX bytes:0 (0.0 B)  TX bytes:648 (648.0 B)

eth0  Link encap:Ethernet  HWaddr 52:54:00:54:45:8a
  inet addr:192.168.122.31  Bcast:192.168.122.255 
Mask:255.255.255.0

  inet6 addr: fe80::5054:ff:fe54:458a/64 Scope:Link
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:15438 errors:0 dropped:379 overruns:0 frame:0
  TX packets:21504 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:1000
  RX bytes:1890780 (1.8 MB)  TX bytes:37703250 (37.7 MB)

loLink encap:Local Loopback
  inet addr:127.0.0.1  Mask:255.0.0.0
  inet6 addr: ::1/128 Scope:Host
  UP LOOPBACK RUNNING  MTU:65536  Metric:1
  RX packets:47756 errors:0 dropped:0 overruns:0 frame:0
  TX packets:47756 errors:

[Openstack] [OSSA 2014-039] Neutron DoS through invalid DNS configuration (CVE-2014-7821)

2014-11-19 Thread Tristan Cacqueray

OpenStack Security Advisory: 2014-039
CVE: CVE-2014-7821
Date: November 19, 2014
Title: Neutron DoS through invalid DNS configuration
Reporter: Henry Yamauchi, Charles Neill and Michael Xin (Rackspace)
Products: Neutron
Versions: up to 2014.1.3 and 2014.2

Description:
Henry Yamauchi, Charles Neill and Michael Xin from Rackspace reported
a vulnerability in Neutron. By configuring a maliciously crafted
dns_nameservers an authenticated user may crash Neutron service
resulting in a denial of service attack. All Neutron setups are affected.

Kilo (development branch) fix:
https://review.openstack.org/135616

Juno fix:
https://review.openstack.org/135623

Icehouse fix:
https://review.openstack.org/135624

Notes:
This fix will be included in future 2014.1.4 and 2014.2.1 releases.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7821
https://launchpad.net/bugs/1378450

-- 
Tristan Cacqueray
OpenStack Vulnerability Management Team



signature.asc
Description: OpenPGP digital signature
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

[Openstack] Swift

2014-11-19 Thread Sandhya S

Dear all,

I have a page requesting for a video. I have stored video in my swift
cointainer.
How to make it available to the client and the vm's?


Regards
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] Documentation Error??

2014-11-19 Thread Georgios Dimitrakakis

Aaron it helps a lot and thank you for that.

Unfortunately in my setup there is no router for the management 
interface since it is much simpler and has two interfaces: one that has 
an external IP and connects directly to the internet and a second one 
with internal (management) network that cannot be reached from the 
outside. In such a case can you recommend a setup or point me at a 
documentation?

Thanks a lot again,

George

On Wed, 19 Nov 2014 20:39:10 +, Aaron Segura wrote:

When the documentation refers to testing external connectivity from
the nodes, it does not mean to test connectivity via the External
Interface, irself.  It means that you should be able to reach the
external network (Internet) and the other nodes, from each node, via
the Management Interface.  The Management Interface is how you will
log in to the nodes via SSH, as well.  The network attached to your
Management Interface should have a route out to the Internet and
provide all the connectivity you need to manage the node, install
software, etc...

Hope that helps!

On Wed Nov 19 2014 at 2:19:07 PM Georgios Dimitrakakis  wrote:

 First of all let me thank you very much for your clear replies!

 Yes! That makes sense indeed for the Virtual Machines!

 What about the compute node itself? If I am not wrong at that
point of
 documentation nova-network hasnt been installed or configured. So
how
 is it possible the connectivity tests with the external network
to be
 successful as shown at that point?

 Furthermore if someone wants to have direct SSH access to the
node from
 the external network how is that achieved? In general how does
the
 physical node itself access the external network?

 All the best,

 George

 On Wed, 19 Nov 2014 14:25:29 +, Aaron Segura wrote:
> Think of your external interface as if it were a switch. The
guests
> are plugged in to the switch. They will have IP addresses that
allow
> them to communicate on the network. The physical interface just
ships
> packets back and forth between physical and virtual networks, and
> doesnt need its own address. Make more sense?
>
> On Wed, Nov 19, 2014, 07:53 Georgios Dimitrakakis  wrote:
>
>>  Hello stackers!
>>
>>  In OpenStack documentation and specifically on Legacy
Networking
>>
>>
>
>

http://docs.openstack.org/juno/install-guide/install/yum/content/ch_basic_environment.html#basics-networking-nova

[1]
>> [1]
>>
>>  says clearly that for a two node installation the interface
>> dedicated
>>  to the external network should not be configured with an IP
>> address.
>>
>>  Is this correct??
>>
>>  Furthermore at the "Verify Connectivity" part is pinging
>> successfully
>>  on the external network and my question is how is this
happening?
>> Does
>>  it assume that there is a third interface already connected on
>> the
>>  external network??
>>
>>  How is accessing the external network without even configuring
>> the
>>  interface dedicated at it?? Does it assume that the internal
>> network
>>  somehow performs a routing??
>>
>>  Best regards,
>>
>>  G.
>>
>> ___
>> Mailing list:
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[2] [2]
>> Post to     : openstack@lists.openstack.org [3] [3]
>> Unsubscribe :
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[4] [4]
>
>
> Links:
> --
> [1]
>
>

http://docs.openstack.org/juno/install-guide/install/yum/content/ch_basic_environment.html#basics-networking-nova

[5]
> [2] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[6]
> [3] mailto:openstack@lists.openstack.org [7]
> [4] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[8]
> [5] mailto:gior...@acmac.uoc.gr [9]

Links:
--
[1]

http://docs.openstack.org/juno/install-guide/install/yum/content/ch_basic_environment.html#basics-networking-nova
[2] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[3] mailto:openstack@lists.openstack.org
[4] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[5]

http://docs.openstack.org/juno/install-guide/install/yum/content/ch_basic_environment.html#basics-networking-nova
[6] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[7] mailto:openstack@lists.openstack.org
[8] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[9] mailto:gior...@acmac.uoc.gr
[10] mailto:gior...@acmac.uoc.gr

--

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] Documentation Error??

2014-11-19 Thread Aaron Segura

When the documentation refers to testing external connectivity from the
nodes, it does not mean to test connectivity via the External Interface,
irself.  It means that you should be able to reach the external network
(Internet) and the other nodes, from each node, via the Management
Interface.  The Management Interface is how you will log in to the nodes
via SSH, as well.  The network attached to your Management Interface should
have a route out to the Internet and provide all the connectivity you need
to manage the node, install software, etc...

Hope that helps!

On Wed Nov 19 2014 at 2:19:07 PM Georgios Dimitrakakis 
wrote:

>  First of all let me thank you very much for your clear replies!
>
>  Yes! That makes sense indeed for the Virtual Machines!
>
>  What about the compute node itself? If I am not wrong at that point of
>  documentation nova-network hasn't been installed or configured. So how
>  is it possible the connectivity tests with the external network to be
>  successful as shown at that point?
>
>  Furthermore if someone wants to have direct SSH access to the node from
>  the external network how is that achieved? In general how does the
>  physical node itself access the external network?
>
>
>  All the best,
>
>
>  George
>
>
>
>  On Wed, 19 Nov 2014 14:25:29 +, Aaron Segura wrote:
> > Think of your external interface as if it were a switch. The guests
> > are plugged in to the switch. They will have IP addresses that allow
> > them to communicate on the network. The physical interface just ships
> > packets back and forth between physical and virtual networks, and
> > doesnt need its own address. Make more sense?
> >
> > On Wed, Nov 19, 2014, 07:53 Georgios Dimitrakakis  wrote:
> >
> >>  Hello stackers!
> >>
> >>  In OpenStack documentation and specifically on Legacy Networking
> >>
> >>
> >
> >  http://docs.openstack.org/juno/install-guide/install/yum/
> content/ch_basic_environment.html#basics-networking-nova
> >> [1]
> >>
> >>  says clearly that for a two node installation the interface
> >> dedicated
> >>  to the external network should not be configured with an IP
> >> address.
> >>
> >>  Is this correct??
> >>
> >>  Furthermore at the "Verify Connectivity" part is pinging
> >> successfully
> >>  on the external network and my question is how is this happening?
> >> Does
> >>  it assume that there is a third interface already connected on
> >> the
> >>  external network??
> >>
> >>  How is accessing the external network without even configuring
> >> the
> >>  interface dedicated at it?? Does it assume that the internal
> >> network
> >>  somehow performs a routing??
> >>
> >>  Best regards,
> >>
> >>  G.
> >>
> >> ___
> >> Mailing list:
> >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack [2]
> >> Post to : openstack@lists.openstack.org [3]
> >> Unsubscribe :
> >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack [4]
> >
> >
> > Links:
> > --
> > [1]
> >
> > http://docs.openstack.org/juno/install-guide/install/yum/
> content/ch_basic_environment.html#basics-networking-nova
> > [2] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> > [3] mailto:openstack@lists.openstack.org
> > [4] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> > [5] mailto:gior...@acmac.uoc.gr
>
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] Documentation Error??

2014-11-19 Thread Georgios Dimitrakakis


First of all let me thank you very much for your clear replies!

Yes! That makes sense indeed for the Virtual Machines!

What about the compute node itself? If I am not wrong at that point of 
documentation nova-network hasn't been installed or configured. So how 
is it possible the connectivity tests with the external network to be 
successful as shown at that point?


Furthermore if someone wants to have direct SSH access to the node from 
the external network how is that achieved? In general how does the 
physical node itself access the external network?



All the best,


George



On Wed, 19 Nov 2014 14:25:29 +, Aaron Segura wrote:

Think of your external interface as if it were a switch. The guests
are plugged in to the switch. They will have IP addresses that allow
them to communicate on the network. The physical interface just ships
packets back and forth between physical and virtual networks, and
doesnt need its own address. Make more sense?

On Wed, Nov 19, 2014, 07:53 Georgios Dimitrakakis  wrote:


 Hello stackers!

 In OpenStack documentation and specifically on Legacy Networking




 
http://docs.openstack.org/juno/install-guide/install/yum/content/ch_basic_environment.html#basics-networking-nova

[1]

 says clearly that for a two node installation the interface
dedicated
 to the external network should not be configured with an IP
address.

 Is this correct??

 Furthermore at the "Verify Connectivity" part is pinging
successfully
 on the external network and my question is how is this happening?
Does
 it assume that there is a third interface already connected on
the
 external network??

 How is accessing the external network without even configuring
the
 interface dedicated at it?? Does it assume that the internal
network
 somehow performs a routing??

 Best regards,

 G.

___
Mailing list:
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack [2]
Post to     : openstack@lists.openstack.org [3]
Unsubscribe :
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack [4]



Links:
--
[1]

http://docs.openstack.org/juno/install-guide/install/yum/content/ch_basic_environment.html#basics-networking-nova
[2] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[3] mailto:openstack@lists.openstack.org
[4] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
[5] mailto:gior...@acmac.uoc.gr


___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] (Juno) Neutron router-create 404 error

2014-11-19 Thread Amit Anand

Ok so I went ahead and rebooted everything just to clear everything out and
start up all the services - now it looks like everything is working. Go
figure. I still have no idea why wasnt starting but working now. I will try
and figure out why i couldnt start it manually and then when i rebooted ALL
the nodes it worked but that is really really weird..

On Wed, Nov 19, 2014 at 11:09 AM, Amit Anand  wrote:

> Kevin/Antonio
>
> Yeah router is still missing. The l3 agent is nto starting and I dont know
> why. Im confident that I followed the guide exactly but when i start the
> neutron server (systemctl start neutron-server.service) on the controller
> node it wont start the l3 service...
>
>
> [root@controller neutron]#  service neutron-l3-agent status -l
> Redirecting to /bin/systemctl status  -l neutron-l3-agent.service
> neutron-l3-agent.service - OpenStack Neutron Layer 3 Agent
>Loaded: loaded (/usr/lib/systemd/system/neutron-l3-agent.service;
> disabled)
>Active: failed (Result: exit-code) since Tue 2014-11-18 16:29:19 EST;
> 18h ago
>   Process: 6063 ExecStart=/usr/bin/neutron-l3-agent --config-file
> /usr/share/neutron/neutron-dist.conf --config-file
> /etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini
> --config-file /etc/neutron/fwaas_driver.ini --log-file
> /var/log/neutron/l3-agent.log (code=exited, status=1/FAILURE)
>  Main PID: 6063 (code=exited, status=1/FAILURE)
>CGroup: /system.slice/neutron-l3-agent.service
>
> Nov 18 16:29:19 controller systemd[1]: Started OpenStack Neutron Layer 3
> Agent.
> Nov 18 16:29:19 controller systemd[1]: neutron-l3-agent.service: main
> process exited, code=exited, status=1/FAILURE
> Nov 18 16:29:19 controller systemd[1]: Unit neutron-l3-agent.service
> entered failed state.
> Nov 18 16:31:18 controller systemd[1]: Stopped OpenStack Neutron Layer 3
> Agent.
>
>
> But it is running on network node fine:
>
>
> [root@network neutron]# service neutron-l3-agent status
> Redirecting to /bin/systemctl status  neutron-l3-agent.service
> neutron-l3-agent.service - OpenStack Neutron Layer 3 Agent
>Loaded: loaded (/usr/lib/systemd/system/neutron-l3-agent.service;
> enabled)
>Active: active (running) since Wed 2014-11-19 11:07:43 EST; 4s ago
>  Main PID: 23862 (neutron-l3-agen)
>CGroup: /system.slice/neutron-l3-agent.service
>└─23862 /usr/bin/python /usr/bin/neutron-l3-agent --config-file
> /usr/share/neutron/neutron-dist.conf --config-file /etc/neut...
>
> Nov 19 11:07:43 network systemd[1]: Starting OpenStack Neutron Layer 3
> Agent...
> Nov 19 11:07:43 network systemd[1]: Started OpenStack Neutron Layer 3
> Agent.
>
>
> On Wed, Nov 19, 2014 at 6:10 AM, Antonio Messina <
> antonio.s.mess...@gmail.com> wrote:
>
>> Sorry, maybe it's a stupid question, but is the l3-agent daemon
>> actually running?
>>
>> root@cloud3:~# service neutron-l3-agent status
>> neutron-l3-agent start/running, process 17696
>>
>> root@cloud3:~# neutron agent-list
>>
>> +--++---+---++---+
>> | id   | agent_type | host
>>  | alive | admin_state_up | binary|
>>
>> +--++---+---++---+
>> | 445ddf44-cc25-422c-84d2-b356909273ad | L3 agent   |
>> cloud3.gc3| :-)   | True   | neutron-l3-agent
>> |
>>
>>
>> .a.
>>
>> --
>> antonio.s.mess...@gmail.com
>> antonio.mess...@uzh.ch +41 (0)44 635 42 22
>> S3IT: Service and Support for Science IT   http://www.s3it.uzh.ch/
>> University of Zurich
>> Winterthurerstrasse 190
>> CH-8057 Zurich Switzerland
>>
>
>
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] Understanding Neutron/ML2/Openvswitch/VXLAN

2014-11-19 Thread Erik McCormick

This uses VLANs in the examples, but everything should still generally
apply to your question:

http://masimum.inf.um.es/fjrm/2013/12/26/the-journey-of-a-packet-within-an-openstack-cloud/

Basically the TAP interface attaches to the qvb interface which links it to
a veth pair (qvr and qvo) with qvo attached to the integration bridge
(br-int) which then goes to patch-tun and into br-tun. Fun right? ;).

On Wed, Nov 19, 2014 at 10:12 AM, Stinner, Thomas <
thomas.stin...@schweickertgruppe.de> wrote:

> Hi,
>
> i would like to understand how Neutron is configuring OpenVswitch when
> using ML2.
>
> For example, on one of the compute nodes I have a VM that is called
> host-vxlan2. Instance name is instance-0e7.
>
> This VM has the following network interface:
>
> 
>   
>   
>   
>   
>   
>function='0x0'/>
> 
>
> The bridge has two interfaces, a tap device that is connected to the vm
> and another interface.
>
> qbrea4f9446-76  8000.6683237a7c4d   no
> qvbea4f9446-76
>
>  tapea4f9446-76
>
> OVs has three bridges - br-ex, br-int, br-tun.
>
> However, none of these bridges contain qbrea4f9446-76 or qvbea4f9446-76.
> But they contain a Port "qvoea4f9446-76" (similar name!).
>
> Which command defines the connection between "qvoea4f9446-76" and
> "qbrea4f9446-76"?
>
> Thanks in advance
> Thomas
>
>
> ___
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack@lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] (Juno) Neutron router-create 404 error

2014-11-19 Thread Amit Anand

Kevin/Antonio

Yeah router is still missing. The l3 agent is nto starting and I dont know
why. Im confident that I followed the guide exactly but when i start the
neutron server (systemctl start neutron-server.service) on the controller
node it wont start the l3 service...

[root@controller neutron]#  service neutron-l3-agent status -l
Redirecting to /bin/systemctl status  -l neutron-l3-agent.service
neutron-l3-agent.service - OpenStack Neutron Layer 3 Agent
   Loaded: loaded (/usr/lib/systemd/system/neutron-l3-agent.service;
disabled)
   Active: failed (Result: exit-code) since Tue 2014-11-18 16:29:19 EST;
18h ago
  Process: 6063 ExecStart=/usr/bin/neutron-l3-agent --config-file
/usr/share/neutron/neutron-dist.conf --config-file
/etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini
--config-file /etc/neutron/fwaas_driver.ini --log-file
/var/log/neutron/l3-agent.log (code=exited, status=1/FAILURE)
 Main PID: 6063 (code=exited, status=1/FAILURE)
   CGroup: /system.slice/neutron-l3-agent.service

Nov 18 16:29:19 controller systemd[1]: Started OpenStack Neutron Layer 3
Agent.
Nov 18 16:29:19 controller systemd[1]: neutron-l3-agent.service: main
process exited, code=exited, status=1/FAILURE
Nov 18 16:29:19 controller systemd[1]: Unit neutron-l3-agent.service
entered failed state.
Nov 18 16:31:18 controller systemd[1]: Stopped OpenStack Neutron Layer 3
Agent.

But it is running on network node fine:

[root@network neutron]# service neutron-l3-agent status
Redirecting to /bin/systemctl status  neutron-l3-agent.service
neutron-l3-agent.service - OpenStack Neutron Layer 3 Agent
   Loaded: loaded (/usr/lib/systemd/system/neutron-l3-agent.service;
enabled)
   Active: active (running) since Wed 2014-11-19 11:07:43 EST; 4s ago
 Main PID: 23862 (neutron-l3-agen)
   CGroup: /system.slice/neutron-l3-agent.service
   └─23862 /usr/bin/python /usr/bin/neutron-l3-agent --config-file
/usr/share/neutron/neutron-dist.conf --config-file /etc/neut...

Nov 19 11:07:43 network systemd[1]: Starting OpenStack Neutron Layer 3
Agent...
Nov 19 11:07:43 network systemd[1]: Started OpenStack Neutron Layer 3 Agent.

On Wed, Nov 19, 2014 at 6:10 AM, Antonio Messina <
antonio.s.mess...@gmail.com> wrote:

> Sorry, maybe it's a stupid question, but is the l3-agent daemon
> actually running?
>
> root@cloud3:~# service neutron-l3-agent status
> neutron-l3-agent start/running, process 17696
>
> root@cloud3:~# neutron agent-list
>
> +--++---+---++---+
> | id   | agent_type | host
>  | alive | admin_state_up | binary|
>
> +--++---+---++---+
> | 445ddf44-cc25-422c-84d2-b356909273ad | L3 agent   |
> cloud3.gc3| :-)   | True   | neutron-l3-agent
> |
>
>
> .a.
>
> --
> antonio.s.mess...@gmail.com
> antonio.mess...@uzh.ch +41 (0)44 635 42 22
> S3IT: Service and Support for Science IT   http://www.s3it.uzh.ch/
> University of Zurich
> Winterthurerstrasse 190
> CH-8057 Zurich Switzerland
>
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] Ceilometer Arithmetic Transformer

2014-11-19 Thread Eoghan Glynn


> Hi all,
> 
> I am using ceilometer with arithmetic transformer to combine two meters. 
> Here is an extract of my pipeline.yaml (it's just a dummy test)
> 
> sources:
>  - name: disk_source
>interval: 600
>meters:
>- "disk.read.bytes"
>- "disk.read.requests"
>- "disk.write.bytes"
>- "disk.write.requests"
>sinks:
>- disk_sink
>- disk_read_write_sink
> 
> sinks:
>  - name: disk_read_write_sink
>transformers:
>- name: "arithmetic"
>  parameters:
>  target:
>  name: "disk.read.write.bytes"
>  unit: "B"
>  type: "cumulative"
>  expr: "2*$(disk.read.bytes) + 2*$(disk.write.bytes)"
>publishers:
>- rpc://
> 
> 
> I get this error:
> "Unable to perform calculation, not all of {_disk_write_bytes_ESC, 
> _disk_read_bytes_ESC} are present"

That warning indicates that not all the meters referred to the expression
are available in the transformer cache when the pipeline is flushed.

It's not obvious why that's occurring in your case, as the config looks
correct.

Can I ask if both the disk.read.bytes and disk.read.bytes meters are
being successfully published via the disk_sink?

Cheers,
Eoghan
 
> Anyone using this transformer?
> 
> Thanks!
> 
> Claudio
> 
> ___
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack@lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

[Openstack] Understanding Neutron/ML2/Openvswitch/VXLAN

2014-11-19 Thread Stinner, Thomas

Hi,

i would like to understand how Neutron is configuring OpenVswitch when using 
ML2.

For example, on one of the compute nodes I have a VM that is called 
host-vxlan2. Instance name is instance-0e7.

This VM has the following network interface:


  
  
  
  
  
  


The bridge has two interfaces, a tap device that is connected to the vm and 
another interface.

qbrea4f9446-76  8000.6683237a7c4d   no  qvbea4f9446-76
   
tapea4f9446-76

OVs has three bridges - br-ex, br-int, br-tun. 

However, none of these bridges contain qbrea4f9446-76 or qvbea4f9446-76. But 
they contain a Port "qvoea4f9446-76" (similar name!). 

Which command defines the connection between "qvoea4f9446-76" and 
"qbrea4f9446-76"?

Thanks in advance
Thomas


___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] Documentation Error??

2014-11-19 Thread Aaron Segura

Think of your external interface as if it were a switch. The guests are
plugged in to the switch. They will have IP addresses that allow them to
communicate on the network. The physical interface just ships packets back
and forth between physical and virtual networks, and doesn't need its own
address. Make more sense?

On Wed, Nov 19, 2014, 07:53 Georgios Dimitrakakis 
wrote:

>  Hello stackers!
>
>  In OpenStack documentation and specifically on Legacy Networking
>
>  http://docs.openstack.org/juno/install-guide/install/
> yum/content/ch_basic_environment.html#basics-networking-nova
>
>  says clearly that for a two node installation the interface dedicated
>  to the external network should not be configured with an IP address.
>
>  Is this correct??
>
>  Furthermore at the "Verify Connectivity" part is pinging successfully
>  on the external network and my question is how is this happening? Does
>  it assume that there is a third interface already connected on the
>  external network??
>
>  How is accessing the external network without even configuring the
>  interface dedicated at it?? Does it assume that the internal network
>  somehow performs a routing??
>
>
>  Best regards,
>
>  G.
>
> ___
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/
> openstack
> Post to : openstack@lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/
> openstack
>
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] Documentation Error??

2014-11-19 Thread Tom Fifield

On 19/11/14 21:38, Georgios Dimitrakakis wrote:
> Hello stackers!
> 
> In OpenStack documentation and specifically on Legacy Networking
> 
> http://docs.openstack.org/juno/install-guide/install/yum/content/ch_basic_environment.html#basics-networking-nova
> 
> 
> says clearly that for a two node installation the interface dedicated to
> the external network should not be configured with an IP address.
> 
> Is this correct??

That is correct. Nova-network will take care of it all.

> Furthermore at the "Verify Connectivity" part is pinging successfully on
> the external network and my question is how is this happening? Does it
> assume that there is a third interface already connected on the external
> network??
> 
> How is accessing the external network without even configuring the
> interface dedicated at it?? Does it assume that the internal network
> somehow performs a routing??
> 
> 
> Best regards,
> 
> G.
> 
> ___
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack@lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack


___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

[Openstack] Documentation Error??

2014-11-19 Thread Georgios Dimitrakakis


Hello stackers!

In OpenStack documentation and specifically on Legacy Networking

http://docs.openstack.org/juno/install-guide/install/yum/content/ch_basic_environment.html#basics-networking-nova

says clearly that for a two node installation the interface dedicated 
to the external network should not be configured with an IP address.


Is this correct??

Furthermore at the "Verify Connectivity" part is pinging successfully 
on the external network and my question is how is this happening? Does 
it assume that there is a third interface already connected on the 
external network??


How is accessing the external network without even configuring the 
interface dedicated at it?? Does it assume that the internal network 
somehow performs a routing??



Best regards,

G.

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] Fail to ssh into trusty-server ubuntu cloud-image instance

2014-11-19 Thread George Mihaiescu

I would also add that you have start the instance by providing the name of
the ssh key you created before, otherwise the public ssh key won't be
injected in the instance.
On 19 Nov 2014 04:33, "Michaël Van de Borne" 
wrote:

>  Hi Du,
>
>
> You have to create a keypair (ssh-keygen -t rsa) then upload the public
> key to nova. Then, use "ssh -i private.key" to log in.
>
> hope this helps,
>
> cheers,
>
> michaël
>
>
> Le 19/11/14 09:55, Du Jun a écrit :
>
>Hi all,
>
>  I launch an instance based on ubuntu cloud-image and head a problem:
>
> "Permission denied (publickey)."
>
>  My work steps are:
>
>  1. download a ubuntu cloud-image(qcow2 file format):
>
> $ wget
> http://uec-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-disk1.img
>
>  2. upload the image using glance client:
>
> $ glance image-create --name trusty-server-cloudimg-amd64 --disk-format
> qcow2 --container-format bare --is-public True --file
> ~/images/trusty-server-cloudimg-amd64-disk1.img
>
>  I can see the image details below:
>
> vcap@ubuntu:~/.ssh$ glance image-show trusty-server-cloudimg-amd64
> +--+--+
> | Property | Value|
> +--+--+
> | checksum | c6427f0b07535e843aa03a1367b1f3d9 |
> | container_format | bare |
> | created_at   | 2014-11-19T07:31:23  |
> | deleted  | False|
> | disk_format  | qcow2|
> | id   | db872d0d-4fd5-4955-93fd-41df8fe0c8fa |
> | is_public| True |
> | min_disk | 0|
> | min_ram  | 0|
> | name | trusty-server-cloudimg-amd64 |
> | owner| 9af1b4244f324b9d8ba42bffb9c3c9a8 |
> | protected| False|
> | size | 255918592|
> | status   | active   |
> | updated_at   | 2014-11-19T07:31:26  |
> +--+--+
>
>  3. launch an instance basing on the image:
>
> nova boot newServer --image db872d0d-4fd5-4955-93fd-41df8fe0c8fa --flavor 2
>
>  nova list
>
>
> +--+---+++-++
> | ID   | Name  | Status | Task State |
> Power State | Networks   |
>
> +--+---+++-++
> | 261e4fec-dc96-429d-9239-65dfe3732eca | newServer | ACTIVE | -  |
> Running | private=10.254.1.3 |
>
> +--+---+++-++
>
> After configuring security group(all tcp 22 port):
>
> vcap@ubuntu:~/.ssh$ telnet 10.254.1.3 22
> Trying 10.254.1.3...
> Connected to 10.254.1.3.
> Escape character is '^]'.
> SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
>
> vcap@ubuntu:~/.ssh$ ssh ubuntu@10.254.1.3
> Permission denied (publickey).
>
>  I guess the newServer is configured to be accessed via ssh key. But, I
> have no idea what's the private key.
>
>  BTW, from the log of web console, I can see:
>
> newserver login: Cloud-init v. 0.7.5 running 'modules:final' at Wed, 19 Nov 
> 2014 08:09:02 +. Up 480.40 seconds.
> ci-info: no authorized ssh keys fingerprints found for user ubuntu.
> ci-info: no authorized ssh keys fingerprints found for user ubuntu.
> ec2:
> ec2: #
> ec2: -BEGIN SSH HOST KEY FINGERPRINTS-
> ec2: 1024 e5:46:98:ac:f1:a0:5d:2d:eb:2b:a5:c7:af:0d:3b:91  root@newserver 
> (DSA)
> ec2: 256 ed:37:dd:5a:c5:3e:94:1a:6d:6a:d7:f7:a6:3c:77:24  root@newserver 
> (ECDSA)
> ec2: 2048 12:21:cf:11:ee:fc:e5:40:97:1f:ed:f4:1b:79:69:f3  root@newserver 
> (RSA)
> ec2: -END SSH HOST KEY FINGERPRINTS-
> ec2: #
> -BEGIN SSH HOST KEY KEYS-
> ecdsa-sha2-nistp256 
> E2VjZHNhLXNoYTItbmlzdHAyNTYIbmlzdHAyNTYAAABBBHjWoLKvRYpqeetH9LwUikGPAX5gkVbGbvUcfEM5TpNG5A8PHyvsC+qcEaFvBj/TSO3CGpaEEHrnclA5tA8V9/A=
>  root@newserver
> ssh-rsa 
> B3NzaC1yc2EDAQABAAABAQC384S4T8GNLW88LbtQlTVACG6WWKl34wnlmU0FYU18hE/fL27GoXxi94hIZGzKg6oFJ420VUKPKOOzv/H51oNgqVKmHqf03v7ljzDp2gJ4pJrMI9+rxeQ5VCgcZ/C3VNPhh1rJc6jKDCWni3A+NOUkgD2oo1kruxc4rJmtQ4A4xCU22l8myg6/odMr7FAPUJT1N4BWjXwnglbfOJOjaQ5vWMNyIYBcmooEaGDmLeovSuX0N6k6Un2YccwhQ87vxNt3QCiu6cPR5ljEL4xXTUgUBVNRLqxSFqEDZy9Y5LrM6Fl5W/b0IaK8soHVacKuThW1d5IpXUknlSwTK7gG41ep
>  root@newserver
> -END SSH HOST KEY KEYS-
> Cloud-init v. 0.7.5 finished at Wed, 19 Nov 2014 08:09:08 +. Datasource 
> DataSourceConfigDriveNet [net,ver=2][source

[Openstack] using UUID instead of instance name

2014-11-19 Thread mad Engineer

Hi,
I am using icehouse with legacy network model ie nova-network  and in
this model instance name becomes DNS entry which was ok until tenants
started creating instance with same name and started complaining about DNS
issue.I am aware that in neutron it uses host-ip-address format and not
instance name as DNS entry.

1. Is there any way that  i can force instance name to be UUID as default?
[This is working if instance count is more than 1,it randomly generates an
instance name]
 i tried not to put any entry in instance-name but it asks for instance
name and without that it will not proceed,But this is not the case with
more than one instance count and is working as expected.

2. If above is not possible any way to use neutron DNS entry format with
nova-network


Thanks
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

[Openstack] Ceilometer Arithmetic Transformer

2014-11-19 Thread Claudio Pupparo


Hi all,

I am using ceilometer with arithmetic transformer to combine two meters. 
Here is an extract of my pipeline.yaml (it's just a dummy test)


sources:
- name: disk_source
  interval: 600
  meters:
  - "disk.read.bytes"
  - "disk.read.requests"
  - "disk.write.bytes"
  - "disk.write.requests"
  sinks:
  - disk_sink
  - disk_read_write_sink

sinks:
- name: disk_read_write_sink
  transformers:
  - name: "arithmetic"
parameters:
target:
name: "disk.read.write.bytes"
unit: "B"
type: "cumulative"
expr: "2*$(disk.read.bytes) + 2*$(disk.write.bytes)"
  publishers:
  - rpc://


I get this error:
"Unable to perform calculation, not all of {_disk_write_bytes_ESC, 
_disk_read_bytes_ESC} are present"


Anyone using this transformer?

Thanks!

Claudio

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] (Juno) Neutron router-create 404 error

2014-11-19 Thread Antonio Messina

Sorry, maybe it's a stupid question, but is the l3-agent daemon
actually running?

root@cloud3:~# service neutron-l3-agent status
neutron-l3-agent start/running, process 17696

root@cloud3:~# neutron agent-list

+--++---+---++---+
| id   | agent_type | host
 | alive | admin_state_up | binary|

+--++---+---++---+
| 445ddf44-cc25-422c-84d2-b356909273ad | L3 agent   |
cloud3.gc3| :-)   | True   | neutron-l3-agent
|


.a.

--
antonio.s.mess...@gmail.com
antonio.mess...@uzh.ch +41 (0)44 635 42 22
S3IT: Service and Support for Science IT   http://www.s3it.uzh.ch/
University of Zurich
Winterthurerstrasse 190
CH-8057 Zurich Switzerland

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

[Openstack] [Ironic] Not able to deploy images using Ironic devstack setup

2014-11-19 Thread Peeyush Gupta

Hi all,

I have been trying to deploy a physical node using Ironic devstack
setup. The Ironic server is running on a VM, that has two interfaces,
one public and one private. Now Ironic is running on private network and
my physical node is also connected to private network. I am able to add
the node and validate it. The node successfully connects to the Ironic
and DHCP server, I am able to get the ip and pings are going all the way.

When I am trying to boot the image, I get the following error:

[   59.231810] sd 5:2:1:0: [sdf] Attached SCSI disk
[   59.261786] sd 5:2:2:0: [sdg] Attached SCSI disk
[   59.301778] sd 5:2:3:0: [sdh] Attached SCSI disk
Error getting IP address for eth0 with MAC  
Troubleshooting required, press t to launch shell...
route: fscanf
obtained the following from dhcp:
 ip address =
 netmask =
 gateway =
network ready
start iSCSI target on /dev/sda
waiting for tgtd socket...not found
waiting for tgtd socket...found
BusyBox v1.19.4 (2014-07-23 21:28:14 UTC) multi-call binary.

Usage: tftp [OPTIONS] HOST [PORT]

Transfer a file from/to tftp server

-l FILELocal FILE
-r FILERemote FILE
-gGet file
-pPut file
-b SIZETransfer blocks of SIZE octets

tftp: invalid option -- 'c'
BusyBox v1.19.4 (2014-07-23 21:28:14 UTC) multi-call binary.

Usage: tftp [OPTIONS] HOST [PORT]

Transfer a file from/to tftp server

-l FILELocal FILE
-r FILERemote FILE
-gGet file
-pPut file
-b SIZETransfer blocks of SIZE octets

request Ironic API to deploy image
curl: (7) Failed to connect to 10.0.1.248: Network is unreachable
waiting for notice of complete

Now, my physical node has 15 ethernet ports and my private n/w cable is
connected on eth15 and that's the port that has been provided to Ironic
server. So, before the booting if I check the shell, eth15 is up and
gets the 10.0.1.xxx ip, but at the booting time that's not happening.

I am not able to understand why is it trying to get info about eth0
while it is not even connected. Please help me out to resolve this.

Thanks,

-- 
Peeyush Gupta
gpeey...@linux.vnet.ibm.com



___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] How to build and use

2014-11-19 Thread Duan, Li-Gong (Gary@HPServers-Core-OE-PSC)

I assume that you want to build a cloud storage services which store user's 
data/files.
If so, maybe you want to take a look at Swift, an Openstack project which 
provides object storage services.

https://www.swiftstack.com/openstack-swift/
http://docs.openstack.org/developer/swift/howto_installmultinode.html
 
Regards,
Gary

-Original Message-
From: kyawthu win [mailto:ktwcs2...@gmail.com] 
Sent: Wednesday, November 19, 2014 12:55 PM
To: openstack@lists.openstack.org
Subject: [Openstack] How to build and use

I am beginner in building openstack cloud. I try to build a private
cloud only use for our university. In my design. I use three machine
like this:
1. Main Server that holds the codes of my application and run on it.
2. Key Storage Machine that keeps the keys to decrypt.
3. Storage Machine that store the user data and other related
information to access the stored data.
So, I want to know:
How to use my web based application (written in jsp) in openstack cloud?
How to build  Storage Machine to store the user data step by step?
Please, help me.
Thanks

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] nova list --all-tenants fails, nova sends bad request to neutron

2014-11-19 Thread Teun Docter


On 2014-11-19 09:01, Xav Paice wrote:

I do not remember having to set any in the past.
Do you proxy requests through e.g. a load-balancer?
Maybe that has some issues with larger requests...


Great call - we had to add tune.bufsize to our haproxy config for that
very reason.


Thank you both so much! We're also running haproxy and indeed, when we 
increase tune.bufsize the problem goes away. (Don't know how I managed 
to overlook haproxy, but yay!) Of course now the next question is what a 
sensible value for this tunable would be?


Cheers,
Teun


___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] Fail to ssh into trusty-server ubuntu cloud-image instance

2014-11-19 Thread Michaël Van de Borne


Hi Du,


You have to create a keypair (ssh-keygen -t rsa) then upload the public 
key to nova. Then, use "ssh -i private.key" to log in.


hope this helps,

cheers,

michaël


Le 19/11/14 09:55, Du Jun a écrit :

Hi all,

I launch an instance based on ubuntu cloud-image and head a problem:

"Permission denied (publickey)."

My work steps are:

1. download a ubuntu cloud-image(qcow2 file format):

$ wget 
http://uec-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-disk1.img


2. upload the image using glance client:

$ glance image-create --name trusty-server-cloudimg-amd64 
--disk-format qcow2 --container-format bare --is-public True --file 
~/images/trusty-server-cloudimg-amd64-disk1.img


I can see the image details below:

vcap@ubuntu:~/.ssh$ glance image-show trusty-server-cloudimg-amd64
+--+--+
| Property | Value|
+--+--+
| checksum | c6427f0b07535e843aa03a1367b1f3d9 |
| container_format | bare |
| created_at   | 2014-11-19T07:31:23  |
| deleted  | False|
| disk_format  | qcow2|
| id   | db872d0d-4fd5-4955-93fd-41df8fe0c8fa |
| is_public| True |
| min_disk | 0|
| min_ram  | 0|
| name | trusty-server-cloudimg-amd64 |
| owner| 9af1b4244f324b9d8ba42bffb9c3c9a8 |
| protected| False|
| size | 255918592|
| status   | active   |
| updated_at   | 2014-11-19T07:31:26  |
+--+--+

3. launch an instance basing on the image:

nova boot newServer --image db872d0d-4fd5-4955-93fd-41df8fe0c8fa 
--flavor 2


nova list

+--+---+++-++
| ID   | Name  | Status | Task 
State | Power State | Networks   |

+--+---+++-++
| 261e4fec-dc96-429d-9239-65dfe3732eca | newServer | ACTIVE | 
-  | Running | private=10.254.1.3 |

+--+---+++-++

After configuring security group(all tcp 22 port):

vcap@ubuntu:~/.ssh$ telnet 10.254.1.3 22
Trying 10.254.1.3...
Connected to 10.254.1.3.
Escape character is '^]'.
SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2

vcap@ubuntu:~/.ssh$ ssh ubuntu@10.254.1.3 
Permission denied (publickey).

I guess the newServer is configured to be accessed via ssh key. But, I 
have no idea what's the private key.


BTW, from the log of web console, I can see:

newserver login: Cloud-init v. 0.7.5 running 'modules:final' at Wed, 19 Nov 
2014 08:09:02 +. Up 480.40 seconds.
ci-info: no authorized ssh keys fingerprints found for user ubuntu.
ci-info: no authorized ssh keys fingerprints found for user ubuntu.
ec2:
ec2: #
ec2: -BEGIN SSH HOST KEY FINGERPRINTS-
ec2: 1024 e5:46:98:ac:f1:a0:5d:2d:eb:2b:a5:c7:af:0d:3b:91  root@newserver (DSA)
ec2: 256 ed:37:dd:5a:c5:3e:94:1a:6d:6a:d7:f7:a6:3c:77:24  root@newserver (ECDSA)
ec2: 2048 12:21:cf:11:ee:fc:e5:40:97:1f:ed:f4:1b:79:69:f3  root@newserver (RSA)
ec2: -END SSH HOST KEY FINGERPRINTS-
ec2: #
-BEGIN SSH HOST KEY KEYS-
ecdsa-sha2-nistp256 
E2VjZHNhLXNoYTItbmlzdHAyNTYIbmlzdHAyNTYAAABBBHjWoLKvRYpqeetH9LwUikGPAX5gkVbGbvUcfEM5TpNG5A8PHyvsC+qcEaFvBj/TSO3CGpaEEHrnclA5tA8V9/A=
 root@newserver
ssh-rsa 
B3NzaC1yc2EDAQABAAABAQC384S4T8GNLW88LbtQlTVACG6WWKl34wnlmU0FYU18hE/fL27GoXxi94hIZGzKg6oFJ420VUKPKOOzv/H51oNgqVKmHqf03v7ljzDp2gJ4pJrMI9+rxeQ5VCgcZ/C3VNPhh1rJc6jKDCWni3A+NOUkgD2oo1kruxc4rJmtQ4A4xCU22l8myg6/odMr7FAPUJT1N4BWjXwnglbfOJOjaQ5vWMNyIYBcmooEaGDmLeovSuX0N6k6Un2YccwhQ87vxNt3QCiu6cPR5ljEL4xXTUgUBVNRLqxSFqEDZy9Y5LrM6Fl5W/b0IaK8soHVacKuThW1d5IpXUknlSwTK7gG41ep
 root@newserver
-END SSH HOST KEY KEYS-
Cloud-init v. 0.7.5 finished at Wed, 19 Nov 2014 08:09:08 +. Datasource 
DataSourceConfigDriveNet [net,ver=2][source=/dev/sr0].  Up 486.38 seconds
 Any help will be appreciated, thanks!

--
Regards,
Frank


___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack


--
Michaël Van de Borne
R&D Engineer, SOA team, CETIC
Phone: +32

[Openstack] Fail to ssh into trusty-server ubuntu cloud-image instance

2014-11-19 Thread Du Jun

Hi all,

I launch an instance based on ubuntu cloud-image and head a problem:

"Permission denied (publickey)."

My work steps are:

1. download a ubuntu cloud-image(qcow2 file format):

$ wget
http://uec-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-disk1.img

2. upload the image using glance client:

$ glance image-create --name trusty-server-cloudimg-amd64 --disk-format
qcow2 --container-format bare --is-public True --file
~/images/trusty-server-cloudimg-amd64-disk1.img

I can see the image details below:

vcap@ubuntu:~/.ssh$ glance image-show trusty-server-cloudimg-amd64
+--+--+
| Property | Value|
+--+--+
| checksum | c6427f0b07535e843aa03a1367b1f3d9 |
| container_format | bare |
| created_at   | 2014-11-19T07:31:23  |
| deleted  | False|
| disk_format  | qcow2|
| id   | db872d0d-4fd5-4955-93fd-41df8fe0c8fa |
| is_public| True |
| min_disk | 0|
| min_ram  | 0|
| name | trusty-server-cloudimg-amd64 |
| owner| 9af1b4244f324b9d8ba42bffb9c3c9a8 |
| protected| False|
| size | 255918592|
| status   | active   |
| updated_at   | 2014-11-19T07:31:26  |
+--+--+

3. launch an instance basing on the image:

nova boot newServer --image db872d0d-4fd5-4955-93fd-41df8fe0c8fa --flavor 2

nova list

+--+---+++-++
| ID   | Name  | Status | Task State |
Power State | Networks   |
+--+---+++-++
| 261e4fec-dc96-429d-9239-65dfe3732eca | newServer | ACTIVE | -  |
Running | private=10.254.1.3 |
+--+---+++-++

After configuring security group(all tcp 22 port):

vcap@ubuntu:~/.ssh$ telnet 10.254.1.3 22
Trying 10.254.1.3...
Connected to 10.254.1.3.
Escape character is '^]'.
SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2

vcap@ubuntu:~/.ssh$ ssh ubuntu@10.254.1.3
Permission denied (publickey).

I guess the newServer is configured to be accessed via ssh key. But, I have
no idea what's the private key.

BTW, from the log of web console, I can see:

newserver login: Cloud-init v. 0.7.5 running 'modules:final' at Wed,
19 Nov 2014 08:09:02 +. Up 480.40 seconds.
ci-info: no authorized ssh keys fingerprints found for user ubuntu.
ci-info: no authorized ssh keys fingerprints found for user ubuntu.
ec2:
ec2: #
ec2: -BEGIN SSH HOST KEY FINGERPRINTS-
ec2: 1024 e5:46:98:ac:f1:a0:5d:2d:eb:2b:a5:c7:af:0d:3b:91  root@newserver (DSA)
ec2: 256 ed:37:dd:5a:c5:3e:94:1a:6d:6a:d7:f7:a6:3c:77:24  root@newserver (ECDSA)
ec2: 2048 12:21:cf:11:ee:fc:e5:40:97:1f:ed:f4:1b:79:69:f3  root@newserver (RSA)
ec2: -END SSH HOST KEY FINGERPRINTS-
ec2: #
-BEGIN SSH HOST KEY KEYS-
ecdsa-sha2-nistp256
E2VjZHNhLXNoYTItbmlzdHAyNTYIbmlzdHAyNTYAAABBBHjWoLKvRYpqeetH9LwUikGPAX5gkVbGbvUcfEM5TpNG5A8PHyvsC+qcEaFvBj/TSO3CGpaEEHrnclA5tA8V9/A=
root@newserver
ssh-rsa 
B3NzaC1yc2EDAQABAAABAQC384S4T8GNLW88LbtQlTVACG6WWKl34wnlmU0FYU18hE/fL27GoXxi94hIZGzKg6oFJ420VUKPKOOzv/H51oNgqVKmHqf03v7ljzDp2gJ4pJrMI9+rxeQ5VCgcZ/C3VNPhh1rJc6jKDCWni3A+NOUkgD2oo1kruxc4rJmtQ4A4xCU22l8myg6/odMr7FAPUJT1N4BWjXwnglbfOJOjaQ5vWMNyIYBcmooEaGDmLeovSuX0N6k6Un2YccwhQ87vxNt3QCiu6cPR5ljEL4xXTUgUBVNRLqxSFqEDZy9Y5LrM6Fl5W/b0IaK8soHVacKuThW1d5IpXUknlSwTK7gG41ep
root@newserver
-END SSH HOST KEY KEYS-
Cloud-init v. 0.7.5 finished at Wed, 19 Nov 2014 08:09:08 +.
Datasource DataSourceConfigDriveNet [net,ver=2][source=/dev/sr0].  Up
486.38 seconds

 Any help will be appreciated, thanks!

--
Regards,
Frank
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

[Openstack] [icehouse][neutron]-Iptables

2014-11-19 Thread Chinasubbareddy M

Hi all,

I would like to know where the iptables at  compute side will get saved, I mean 
they will get saved in any configuration file or not.
When I change an iptable and restart the ovs agent , changes are going away and 
original iptables coming up.

I would like to understand deep into iPtables in opernstack ,please suggest me 
any working guides or blogs.

Regards,
Subbareddy,
Persistent systems ltd.
Hyderbad.

DISCLAIMER
==
This e-mail may contain privileged and confidential information which is the 
property of Persistent Systems Ltd. It is intended only for the use of the 
individual or entity to which it is addressed. If you are not the intended 
recipient, you are not authorized to read, retain, copy, print, distribute or 
use this message. If you have received this communication in error, please 
notify the sender and delete all copies of this message. Persistent Systems 
Ltd. does not accept any liability for virus infected mails.

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] nova list --all-tenants fails, nova sends bad request to neutron

2014-11-19 Thread Xav Paice

On 19/11/14 20:30, Robert van Leeuwen wrote:
>> Thanks Robert. I guess that might suggest some configuration issue on
>> our end then. I'm curious, do you have any specific settings in terms of
>> pagination limits in your nova and neutron configuration files?
> I do not remember having to set any in the past.
> Do you proxy requests through e.g. a load-balancer?
> Maybe that has some issues with larger requests...

Great call - we had to add tune.bufsize to our haproxy config for that
very reason.

> Cheers,
> Robert van Leeuwen
> ___
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack@lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack


___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] Failing to upload image via glance.

[Openstack] Failing to upload image via glance.

Re: [Openstack] Απάντηση: Re: Documentation Error??

[Openstack] [infra] [storyboard] Goodbye Infra on Launchpad, Hello Infra on StoryBoard

[Openstack] Απάντηση: Re: Documentation Error??

Re: [Openstack] Documentation Error??

[Openstack] [devstack] [Neutron] Multi host installation cannot ping VM from compute node

[Openstack] [OSSA 2014-039] Neutron DoS through invalid DNS configuration (CVE-2014-7821)

[Openstack] Swift

Re: [Openstack] Documentation Error??

Re: [Openstack] Documentation Error??

Re: [Openstack] Documentation Error??

Re: [Openstack] (Juno) Neutron router-create 404 error

Re: [Openstack] Understanding Neutron/ML2/Openvswitch/VXLAN

Re: [Openstack] (Juno) Neutron router-create 404 error

Re: [Openstack] Ceilometer Arithmetic Transformer

[Openstack] Understanding Neutron/ML2/Openvswitch/VXLAN

Re: [Openstack] Documentation Error??

Re: [Openstack] Documentation Error??

[Openstack] Documentation Error??

Re: [Openstack] Fail to ssh into trusty-server ubuntu cloud-image instance

[Openstack] using UUID instead of instance name

[Openstack] Ceilometer Arithmetic Transformer

Re: [Openstack] (Juno) Neutron router-create 404 error

[Openstack] [Ironic] Not able to deploy images using Ironic devstack setup

Re: [Openstack] How to build and use

Re: [Openstack] nova list --all-tenants fails, nova sends bad request to neutron

Re: [Openstack] Fail to ssh into trusty-server ubuntu cloud-image instance

[Openstack] Fail to ssh into trusty-server ubuntu cloud-image instance

[Openstack] [icehouse][neutron]-Iptables

Re: [Openstack] nova list --all-tenants fails, nova sends bad request to neutron

31 matches

Site Navigation

Mail list logo

Footer information