date:20141118

[Openstack] Unwanted multiple IPs sometimes

2014-11-18 Thread Sławek Kapłoński


Hello,

I'm using Havana release of openstack with two neutron-server nodes. 
Sometimes when I spawn many (8 or 10 or more) instances at once with 
"--num-instances X" parameter than some of them got more than one IP 
(each on different neutron port) assigned. Do You know maybe why it can 
happend? Is it some bug in havana release?


--
Best regards
Sławek Kapłoński
sla...@kaplonski.pl

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

[Openstack] Query regarding Nova Compute Ceilometer readings

2014-11-18 Thread Vivek Varghese Cherian

Hi,

I have configured ceilometer on Juno running on Ubuntu 14.04.

I would like to know if the following Nova meters are supported
in Juno, as I cannot view them in the ceilometer meter-list.

The meters are as follows,

disk.device.read.requests.rate

disk.device.write.requests.rate

disk.device.read.bytes.rate

disk.device.write.bytes.rate

The complete meter list is available at
http://docs.openstack.org/developer/ceilometer/measurements.html and I am
using this as the reference.

Currently I have the following snippet in my nova.conf for ceilometer
integration.

instance_usage_audit = True
instance_usage_audit_period = hour
notify_on_state_change = vm_and_task_state
notification_driver = nova.openstack.common.notifier.rpc_notifier
notification_driver = ceilometer.compute.nova_notifier

Is there any additional configuration that has to be done to obtain the
above meters ?


Regards,
-- 
Vivek Varghese Cherian
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] Live migration no longer working after Icehouse -> Juno upgrade

2014-11-18 Thread Darren Worrall

I failed to mention that this was for volume backed images, there is a
genuine issue and we're making progress in a bug report:
https://bugs.launchpad.net/bugs/1392773

--
Darren

On 17 November 2014 22:48, Gangur, Hrushikesh (R & D HP Cloud)
 wrote:
> You need to use block migration. Default is set to false:
>
> usage: nova live-migration [--block-migrate] [--disk-over-commit]
> []
>
> Migrate running server to a new machine.
>
> Positional arguments:
>   Name or ID of server.
> destination host name.
>
> Optional arguments:
>   --block-migrate True in case of block_migration.
>   (Default=False:live_migration)
>   --disk-over-commit  Allow overcommit.(Default=False)
>
> -Original Message-
> From: Darren Worrall [mailto:dar...@iweb.co.uk]
> Sent: Friday, November 14, 2014 5:54 AM
> To: openstack@lists.openstack.org
> Subject: [Openstack] Live migration no longer working after Icehouse -> Juno 
> upgrade
>
> Hi all,
>
> I'm experimenting in a multi-node lab environment, and have an
> LVM+iSCSI cinder volume service behind 2 compute nodes. On Icehouse, I
> was able to live migrate instances between the compute nodes apparently 
> without issue, but after an upgrade to Juno I get:
>
> InvalidSharedStorage: compute2 is not on shared storage: Live migration can 
> not be used without shared storage.
>
> [compute2 being the source node of the migration]
>
> It's true that /var/lib/nova/instances/ is not on shared storage, but it 
> wasnt before and it was apparently still fine. Here's the nova.conf[0], and 
> the cinder.conf[1]
>
> Can anyone help?
>
> Darren
>
> [0]: http://pastebin.com/Vcug4WJG
> [1]: http://pastebin.com/CB2LZZzX
>
> ___
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to : openstack@lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] Ceilometer Api error in Juno: Resolved

2014-11-18 Thread m.channappa.negalur

Hello Eoghan,

Thanks for the update.

1.Openstack Document link : 
http://docs.openstack.org/trunk/install-guide/install/apt/content/ceilometer-controller-install.html
 

2. ceilometer packages installed :  apt-get install ceilometer-api 
ceilometer-collector ceilometer-agent-central  ceilometer-agent-notification 
ceilometer-alarm-evaluator ceilometer-alarm-notifier  python-ceilometerclient


I have installed 'python-pymongo' as per your suggestion  and commented 
ceilometer.sqlite db usage in /etc/ceilometer/ceilometer.conf and pointed it to 
use mongodb database.

Now  I can see ceilometer-api is running and listening on 8777. 

Thanks again for your solution .

Regards,
Malleshi CN

-Original Message-
From: Eoghan Glynn [mailto:egl...@redhat.com] 
Sent: Tuesday, November 18, 2014 12:43 AM
To: Channappa Negalur, M.
Cc: openstack@lists.openstack.org
Subject: RE: [Openstack] Ceilometer Api error in Juno


> Hello Eoghan,
> 
> I have installed mongodb using below command as per the document.

Which document exactly?

> 1. apt-get install mongodb-server   ( this case mongodb will not be installed)
> 
> 2. apt-get install mongodb   :  if I use this , mongodb-server will 
> automatically installed as a dependencies.  

I suspect install this mongodb meta-package caused mongodb-clients to installed.

Whereas the actual client-side dependency that ceilometer has is on 
python-pymongo, as opposed mongodb-clients.

This can be clearly seen from:

  http://packages.ubuntu.com/trusty/python-ceilometer  

[...]
 
> If I won't delete sqlite db, all ceilometer data will be stored in sqlitedb. 
> If I am wrong correct me , because I can see the size of the file increasing  
> .

Deleting is not the key here, rather stopping ceilometer using sql-a to store 
data is what you need:

 1. Ensure the connection_url in the ceilometer.conf is using a 
mongodb URL[1]

 2. Ensure the python-pymongo package is installed

 3. Restart the services that use the metering store (ceilometer-api,
collector and notification-agent)

Cheers,
Eoghan

[1] http://docs.openstack.org/developer/ceilometer/install/manual.html#mongodb
 
> root@Control:/var/lib/ceilometer# du -sh *
> 312Kceilometer.sqlite
> root@Control:/var/lib/ceilometer#
> 
> 
> Thanks for your assistance.
> 
> Regards,
> Malleshi CN
> 
> 
> -Original Message-
> From: Eoghan Glynn [mailto:egl...@redhat.com]
> Sent: Monday, November 17, 2014 7:17 PM
> To: Channappa Negalur, M.
> Cc: openstack@lists.openstack.org
> Subject: RE: [Openstack] Ceilometer Api error in Juno
> 
> 
> You don't need to delete the sqlite DB, just configure the ceilometer.conf to 
> use a mongodb connection URL.
> 
> However it seems like you don't have all the mongodb client-side dependencies 
> all installed.
> 
> BTW how did you install mongodb?
> 
> Looking at the Trusty packaging for python-ceilometer:
> 
>   http://packages.ubuntu.com/trusty-updates/python/python-ceilometer
> 
> I see that it depends on python-pymongo:
> 
>   http://packages.ubuntu.com/trusty/python-pymongo
> 
> which in turn depends on python-bson as expected:
> 
>   http://packages.ubuntu.com/trusty/python-bson
> 
> Can you check if those packages are installed?
> 
>   $ sudo dpkg -s python-pymongo
> 
> Cheers,
> Eoghan
> 
> - m channappa negalur  wrote:
> > Hello Eoghan,
> > 
> > Thanks for your reply. I have installed Juno on Ubuntu 14.04 .
> > 
> > 1.How did you install ceilometer, using packages or direct from git?.
> > Ans: I have installed it from Juno repsiotory.
> > 
> > 
> > I want to configure ceilometer to use mongodb as a backend. Is it require 
> > to delete ceilometer.sqlite db  under /var/lib/ceilometer and also I need 
> > to remove it from the configuration /etc/ceilometer/ceilometer.conf.. ?
> > 
> > If your answer is yes, then it will start throwing error as I mentioned 
> > below and ceilometer-api will stop running and 8777 port will stop 
> > listening to ceilometer-api.
> > 
> > Please let me know how I can proceed further.
> > 
> > 
> > This is the error I have received again.
> > 
> > ==> ceilometer-collector.log <==
> > 2014-11-17 13:05:26.808 937 ERROR stevedore.extension [-] Could not 
> > load 'database': No module named bson.code
> > 2014-11-17 13:05:26.809 937 ERROR stevedore.extension [-] No module 
> > named bson.code
> > 2014-11-17 13:05:26.809 937 TRACE stevedore.extension Traceback (most 
> > recent call last):
> > 2014-11-17 13:05:26.809 937 TRACE stevedore.extension   File 
> > "/usr/lib/python2.7/dist-packages/stevedore/extension.py", line 162, in 
> > _load_plugins
> > 2014-11-17 13:05:26.809 937 TRACE stevedore.extension 
> > verify_requirements,
> > 2014-11-17 13:05:26.809 937 TRACE stevedore.extension   File 
> > "/usr/lib/python2.7/dist-packages/stevedore/named.py", line 123, in 
> > _load_one_plugin
> > 2014-11-17 13:05:26.809 937 TRACE stevedore.extension 
> > verify_requirements,
> > 2014-11-17 13:05:26.809 937 TRACE stevedore.extension   File 
>

[Openstack] Not able to attach Cinder volume to instances

2014-11-18 Thread varun bhatnagar

Hi,

I have multinode setup of Openstack Icehouse on SLES 11 SP3 host OS.
I am having problems while attaching cinder volumes to my instances.
When I check my /var/log/messages file it is continuously getting flooded
with the messages pasted below:

Nov 18 07:06:27 network-node sudo:   cinder : TTY=unknown ; PWD=/ ;
USER=root ; COMMAND=/usr/bin/cinder-rootwrap /etc/cinder/rootwrap.conf env
LC_ALL=C vgs --noheadings --unit=g -o name,size,free,lv_count,uuid
--separator : --nosuffix cinder-volumes
Nov 18 07:06:27 network-node sudo:   cinder : TTY=unknown ; PWD=/ ;
USER=root ; COMMAND=/usr/bin/cinder-rootwrap /etc/cinder/rootwrap.conf env
LC_ALL=C lvs --noheadings --unit=g -o vg_name,name,size --nosuffix
cinder-volumes
Nov 18 07:06:27 network-node sudo:   cinder : TTY=unknown ; PWD=/ ;
USER=root ; COMMAND=/usr/bin/cinder-rootwrap /etc/cinder/rootwrap.conf env
LC_ALL=C lvs --noheadings --unit=g -o size,data_percent --separator :
--nosuffix /dev/cinder-volumes/cinder-volumes-pool
Nov 18 07:06:27 network-node tgtd: conn_close(103) connection closed,
0x6927018 1
Nov 18 07:06:28 network-node tgtd: conn_close(103) connection closed,
0xcedb018 1
Nov 18 07:06:29 network-node tgtd: conn_close(103) connection closed,
0x5f6b5f8 1

Can anyone please tell me what is going wrong here.

BR,
Varun
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

[Openstack] nova list --all-tenants fails, nova sends bad request to neutron

2014-11-18 Thread Teun Docter

Hello,

I'm struggling with what seems like a nova problem on an Icehouse RDO
deployment. As an admin, I wanted to list all instances, but nova gives
me an error:

# nova list --all-tenants
ERROR: The server has either erred or is incapable of performing the
requested operation. (HTTP 500) (Request-ID:
req-9564f90e-e3db-4b2d-90a8-16bc7e7408c2)

Upon investigating the debug logs, I noticed that nova seems to be
making a request to neutron, but gets a status 400. It seems that nova
includes the device_id's of all instances in the request to neutron.

It looks something like this in the nova logs:

OpenStack[nova:31337] DEBUG: REQ: curl -i
http://master:9696//v2.0/ports.json?device_id=fab4dac9-2de5-478b-be92-2a9f8694e6f6&device_id=5b87a0f4-2d6e-4161-bc5a-0f31a373e893&;
<~150 more ID's here> -X GET -H "X-Auth-Token: " -H
"Content-Type: application/json" -H "Accept: application/json" -H
"User-Agent: python-neutronclient" [-] http_log_req
/usr/lib/python2.6/site-packages/neutronclient/common/utils.py:173
OpenStack[nova:31337] DEBUG: RESP:{'status': '400', 'connection':
'close', 'content-type': 'text/html', 'cache-control': 'no-cache'}
400 Bad request

Your browser sent an invalid request.
[-] http_log_resp
/usr/lib/python2.6/site-packages/neutronclient/common/utils.py:179

Things have been working fine with smaller amounts of instances on the
system.

What I've found is that the same error occurs when I use the python nova
API and don't specify pagination. With a pagination limit of 80, the
error does not occur. However with a limit of 81 it does cause this
error. I'm wondering where this limit of 80 instances comes from though.

All of the above leads me to believe this might be a bug in nova that
causes it to generate a bad (to large?) request to neutron? Or does this
point to some sort of configuration issue?

Best regards,
Teun Docter

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] nova list --all-tenants fails, nova sends bad request to neutron

2014-11-18 Thread Robert van Leeuwen

> I'm struggling with what seems like a nova problem on an Icehouse RDO
> deployment. As an admin, I wanted to list all instances, but nova gives
> me an error:
>
> # nova list --all-tenants
> ERROR: The server has either erred or is incapable of performing the

Running Icehouse RDO here on SL6.

I do not see this error when running this command on our production environment.
As a test I also spawned 100 vm's in dev on a single hypervisor, also no issues.
Running neutron with ML2 plugin and openvswitch.

Cheers,
Robert van Leeuwen
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] nova list --all-tenants fails, nova sends bad request to neutron

2014-11-18 Thread Teun Docter


On 2014-11-18 16:06, Robert van Leeuwen wrote:

I do not see this error when running this command on our production environment.
As a test I also spawned 100 vm's in dev on a single hypervisor, also no issues.
Running neutron with ML2 plugin and openvswitch.


Thanks Robert. I guess that might suggest some configuration issue on 
our end then. I'm curious, do you have any specific settings in terms of 
pagination limits in your nova and neutron configuration files?


Best regards,
Teun


___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] (Juno) Neutron router-create 404 error

2014-11-18 Thread Salvatore Orlando

I think you do not have a l3 plugin configured in your neutron.conf -
therefore the l3 extension is not being loaded and the router resource does
not exist.
If the l3 plugin is not there just add it to service_plugins.

If the diagnosis is correct, can you post this question to ask.openstack.org
(if it's not already there).
This is probably a typical problem that many users face when they start
deploying neutron.

Salvatore

On 18 November 2014 22:08, Amit Anand  wrote:

> All,
>
> So been following the Juno guide and now have arrived to the point where I
> need to create the demo-router - but when I run the command this is what I
> get:
>
> [root@controller ~]# source demo-openrc.sh
> [root@controller ~]# neutron router-create demo-router
> Not Found (HTTP 404) (Request-ID: req-00fa2ff1-dfb6-4d28-976c-be0f3d500e64
>
> There is not much more in --debug or logs than that error above. I have no
> idea why this is happening. I DID notice one strange thing and maybe
> somebody will be able to tell me whats wrong. I configured the controller
> and network nodes per guide and to test, run neutron ext-list for
> controller node when finished and neutron agent-list for both compute and
> network nodes when they are finished. So the weird thing is, for the
> network and compute node this is the output:
>
>  neutron agent-list
>
> +--++--+---++---+
> | id   | agent_type | host |
> alive | admin_state_up | binary|
>
> +--++--+---++---+
> | 037f3155-4518-4e67-994f-6703bb860a78 | Metadata agent | network  |
> :-)   | True   | neutron-metadata-agent|
> | 3463361e-bf7a-4b01-afa8-9a4752992a17 | Open vSwitch agent | network  |
> :-)   | True   | neutron-openvswitch-agent |
> | 561e337e-cb7e-4c98-991a-3a08873464ad | Open vSwitch agent | compute1 |
> :-)   | True   | neutron-openvswitch-agent |
> | fd1100dd-470c-44ba-b017-3ccd08c3f8fe | DHCP agent | network  |
> :-)   | True   | neutron-dhcp-agent|
>
> +--++--+---++---+
>
> But in the guide it shows neutron-l3-agent running as well! And for the
> controller the output is:
>
>
> [root@controller ~]# neutron ext-list
> +---+--+
> | alias | name |
> +---+--+
> | security-group| security-group   |
> | provider  | Provider Network |
> | binding   | Port Binding |
> | quotas| Quota management support |
> | agent | agent|
> | dhcp_agent_scheduler  | DHCP Agent Scheduler |
> | external-net  | Neutron external network |
> | multi-provider| Multi Provider Network   |
> | allowed-address-pairs | Allowed Address Pairs|
> | extra_dhcp_opt| Neutron Extra DHCP opts  |
> +---+--+
>
> As you can see, there a few things missing that are in the Juno guide
> example such as l3_agent_scheduler and ext-gw-mode and router among
> others...Am I not turning them on somehow? I dont think I missed anything
> as Ive done this twice already now and I dont think I can do all the
> configuring again without going crazy :-) Appreciate any help!
>
> neutron ext-list
> +---+---+
> | alias | name  |
> +---+---+
> | security-group| security-group|
> | l3_agent_scheduler| L3 Agent Scheduler|
> | ext-gw-mode   | Neutron L3 Configurable external gateway mode |
> | binding   | Port Binding  |
> | provider  | Provider Network  |
> | agent | agent |
> | quotas| Quota management support  |
> | dhcp_agent_scheduler  | DHCP Agent Scheduler  |
> | l3-ha | HA Router extension   |
> | multi-provider| Multi Provider Network|
> | external-net  | Neutron external network  |
> | router| Neutron L3 Router |
> | allowed-address-pairs | Allowed Address Pairs |
> | extraroute| Neutron Extra Route   |
> | extra_dhcp_opt| Neutr

[Openstack] (Juno) Neutron router-create 404 error

2014-11-18 Thread Amit Anand

All,

So been following the Juno guide and now have arrived to the point where I
need to create the demo-router - but when I run the command this is what I
get:

[root@controller ~]# source demo-openrc.sh
[root@controller ~]# neutron router-create demo-router
Not Found (HTTP 404) (Request-ID: req-00fa2ff1-dfb6-4d28-976c-be0f3d500e64

There is not much more in --debug or logs than that error above. I have no
idea why this is happening. I DID notice one strange thing and maybe
somebody will be able to tell me whats wrong. I configured the controller
and network nodes per guide and to test, run neutron ext-list for
controller node when finished and neutron agent-list for both compute and
network nodes when they are finished. So the weird thing is, for the
network and compute node this is the output:

 neutron agent-list
+--++--+---++---+
| id   | agent_type | host |
alive | admin_state_up | binary|
+--++--+---++---+
| 037f3155-4518-4e67-994f-6703bb860a78 | Metadata agent | network  |
:-)   | True   | neutron-metadata-agent|
| 3463361e-bf7a-4b01-afa8-9a4752992a17 | Open vSwitch agent | network  |
:-)   | True   | neutron-openvswitch-agent |
| 561e337e-cb7e-4c98-991a-3a08873464ad | Open vSwitch agent | compute1 |
:-)   | True   | neutron-openvswitch-agent |
| fd1100dd-470c-44ba-b017-3ccd08c3f8fe | DHCP agent | network  |
:-)   | True   | neutron-dhcp-agent|
+--++--+---++---+

But in the guide it shows neutron-l3-agent running as well! And for the
controller the output is:


[root@controller ~]# neutron ext-list
+---+--+
| alias | name |
+---+--+
| security-group| security-group   |
| provider  | Provider Network |
| binding   | Port Binding |
| quotas| Quota management support |
| agent | agent|
| dhcp_agent_scheduler  | DHCP Agent Scheduler |
| external-net  | Neutron external network |
| multi-provider| Multi Provider Network   |
| allowed-address-pairs | Allowed Address Pairs|
| extra_dhcp_opt| Neutron Extra DHCP opts  |
+---+--+

As you can see, there a few things missing that are in the Juno guide
example such as l3_agent_scheduler and ext-gw-mode and router among
others...Am I not turning them on somehow? I dont think I missed anything
as Ive done this twice already now and I dont think I can do all the
configuring again without going crazy :-) Appreciate any help!

neutron ext-list
+---+---+
| alias | name  |
+---+---+
| security-group| security-group|
| l3_agent_scheduler| L3 Agent Scheduler|
| ext-gw-mode   | Neutron L3 Configurable external gateway mode |
| binding   | Port Binding  |
| provider  | Provider Network  |
| agent | agent |
| quotas| Quota management support  |
| dhcp_agent_scheduler  | DHCP Agent Scheduler  |
| l3-ha | HA Router extension   |
| multi-provider| Multi Provider Network|
| external-net  | Neutron external network  |
| router| Neutron L3 Router |
| allowed-address-pairs | Allowed Address Pairs |
| extraroute| Neutron Extra Route   |
| extra_dhcp_opt| Neutron Extra DHCP opts   |
| dvr   | Distributed Virtual Router|
+---+
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] (Juno) Neutron router-create 404 error

2014-11-18 Thread Amit Anand

Hi Salvatore,

Thanks for emailing! So from what I can see from the guide, Im only
supposed to edit the l3_agent.ini file on the network node. There is
nothing for l3_agent.ini on controller to edit from the guide. I did see
this as I continued to troubleshoot after my original email on the
controller node:

 systemctl status neutron-l3-agent.service
neutron-l3-agent.service - OpenStack Neutron Layer 3 Agent
   Loaded: loaded (/usr/lib/systemd/system/neutron-l3-agent.service;
disabled)
   Active: failed (Result: exit-code) since Tue 2014-11-18 16:29:19 EST;
22min ago
  Process: 6063 ExecStart=/usr/bin/neutron-l3-agent --config-file
/usr/share/neutron/neutron-dist.conf --config-file
/etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini
--config-file /etc/neutron/fwaas_driver.ini --log-file
/var/log/neutron/l3-agent.log (code=exited, status=1/FAILURE)
 Main PID: 6063 (code=exited, status=1/FAILURE)

Nov 18 16:29:19 controller systemd[1]: Started OpenStack Neutron Layer 3
Agent.
Nov 18 16:29:19 controller systemd[1]: neutron-l3-agent.service: main
process exited, code=exited, status=1/FAILURE
Nov 18 16:29:19 controller systemd[1]: Unit neutron-l3-agent.service
entered failed state.
Nov 18 16:31:18 controller systemd[1]: Stopped OpenStack Neutron Layer 3
Agent.

And when I went and looked at these logs I see:

[root@controller neutron]# more l3-agent.log
2014-11-18 16:29:19.519 6063 INFO neutron.common.config [-] Logging enabled!
2014-11-18 16:29:19.520 6063 ERROR neutron.agent.l3_agent [-] An interface
driver must be specified

So Im not sure if thats what you are talking about - Am I supposed to do
what I did for the controller node l3_agent.ini I did for the network node
(below)? What about the compute node? Am I not sure what you mean by having
l3 plugin not configured in my neutron.conf.  How do I do that? I have
 service_plugins = router currently. And which neutron.conf do I need to
edit as I have 3, one for each node.  I will def post this answer up and
answered when finished on openstack as I cant find any relevant question
asked about this. Thank you very much!!

*To configure the Layer-3 (L3) agent*

The Layer-3 (L3) agent

provides
routing services for virtual networks.

   -

   Edit the /etc/neutron/l3_agent.ini file and complete the following
   actions:
   1.

  In the [DEFAULT] section, configure the driver, enable network
  namespaces

,
  and configure the external network bridge:
  [image: Select Text]
  1
  2
  3
  4
  5
  [DEFAULT]
  ...
  interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
  use_namespaces = True
  external_network_bridge = br-ex
  2.

  (Optional) To assist with troubleshooting, enable verbose logging in
  the [DEFAULT] section:
  [image: Select Text]
  1
  2
  3
  [DEFAULT]
  ...
  verbose = True

On Tue, Nov 18, 2014 at 4:18 PM, Salvatore Orlando 
wrote:

> I think you do not have a l3 plugin configured in your neutron.conf -
> therefore the l3 extension is not being loaded and the router resource does
> not exist.
> If the l3 plugin is not there just add it to service_plugins.
>
> If the diagnosis is correct, can you post this question to
> ask.openstack.org (if it's not already there).
> This is probably a typical problem that many users face when they start
> deploying neutron.
>
> Salvatore
>
> On 18 November 2014 22:08, Amit Anand  wrote:
>
>> All,
>>
>> So been following the Juno guide and now have arrived to the point where
>> I need to create the demo-router - but when I run the command this is what
>> I get:
>>
>> [root@controller ~]# source demo-openrc.sh
>> [root@controller ~]# neutron router-create demo-router
>> Not Found (HTTP 404) (Request-ID: req-00fa2ff1-dfb6-4d28-976c-be0f3d500e64
>>
>> There is not much more in --debug or logs than that error above. I have
>> no idea why this is happening. I DID notice one strange thing and maybe
>> somebody will be able to tell me whats wrong. I configured the controller
>> and network nodes per guide and to test, run neutron ext-list for
>> controller node when finished and neutron agent-list for both compute and
>> network nodes when they are finished. So the weird thing is, for the
>> network and compute node this is the output:
>>
>>  neutron agent-list
>>
>> +--++--+---++---+
>> | id   | agent_type | host |
>> alive | admin_state_up | binary|
>>
>> +--++--+---++---+
>> | 037f3155-4518-4e67-994f-6703bb860a78 | Metadata agen

[Openstack] Havana / LDAP(AD) / You are not authorized for any projects.

2014-11-18 Thread ethan

After difficulty and downtime spent with Icehouse we rolled back to 
Havana as we had a once-working config that was integrated with our Active 
Directory server.


Everything was rebuilt, and things work fine with the exception of LDAP, 
again.


I'm fairly confident the system is passing the username/password 
validation part, but fails with a "You are not authorized for any 
projects."


I've read pretty much every page on the internet related to LDAP and 
OpenStack over the past week, and do know there is notes about this error 
on the earlier Grizzly version but they were corrected by the time Havana 
was deployed here.


When a valid account is supplied, the front Web end replies with a "You 
are not authorized for any projects."


In the database tables, the user is assigned to the admin project. The 
admin project under_project_metadata table has two user IDs assigned to it 
including the account I'm trying to use.


On the LDAP side there are accounts for all of the services, but I am not 
sure if the tokens are making it through.


The setup has the ldap driver enabled for identity and sql driver enabled 
for Assignment and Catalog.



Any help is greatly appreciated. My coworkers went to the redhat openstack 
courses and such but I don't' believe the LDAP stuff was covered and this 
seems more like a bug. I really wish I had saved a copy of the LDAP 
core.py module from the working install so I could narrow down when in 
time the code was from :-(


The logging in Icehouse is of course improved over Havana:


2014-11-18 22:15:40.573 17771 WARNING keystone.common.wsgi [-] 
Authorization failed. The request you have made requires authentication. 
from 10.100.x.x
2014-11-18 22:16:06.848 17771 WARNING keystone.common.wsgi [-] 
Authorization failed. The request you have made requires authentication. 
from 10.100.x.x
2014-11-18 22:18:21.515 17771 WARNING keystone.common.wsgi [-] 
Authorization failed. The request you have made requires authentication. 
from 10.100.x.x
2014-11-18 22:18:32.477 17771 WARNING keystone.common.wsgi [-] 
Authorization failed. The request you have made requires authentication. 
from 10.100.x.x



___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] (Juno) Neutron router-create 404 error

2014-11-18 Thread Kevin Benton

The issue isn't with the configuration of the L3 agent. It's loading the l3
plugin on the Neutron server.

In /etc/neutron/neutron.conf you need to enable the router service
plugin.[1]
service_plugins = router

https://github.com/openstack/neutron/blob/c2b1594ad878b1897468210ccb89fc0d0c4146c4/etc/neutron.conf#L72

On Tue, Nov 18, 2014 at 2:10 PM, Amit Anand  wrote:

> Hi Salvatore,
>
> Thanks for emailing! So from what I can see from the guide, Im only
> supposed to edit the l3_agent.ini file on the network node. There is
> nothing for l3_agent.ini on controller to edit from the guide. I did see
> this as I continued to troubleshoot after my original email on the
> controller node:
>
>  systemctl status neutron-l3-agent.service
> neutron-l3-agent.service - OpenStack Neutron Layer 3 Agent
>Loaded: loaded (/usr/lib/systemd/system/neutron-l3-agent.service;
> disabled)
>Active: failed (Result: exit-code) since Tue 2014-11-18 16:29:19 EST;
> 22min ago
>   Process: 6063 ExecStart=/usr/bin/neutron-l3-agent --config-file
> /usr/share/neutron/neutron-dist.conf --config-file
> /etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini
> --config-file /etc/neutron/fwaas_driver.ini --log-file
> /var/log/neutron/l3-agent.log (code=exited, status=1/FAILURE)
>  Main PID: 6063 (code=exited, status=1/FAILURE)
>
> Nov 18 16:29:19 controller systemd[1]: Started OpenStack Neutron Layer 3
> Agent.
> Nov 18 16:29:19 controller systemd[1]: neutron-l3-agent.service: main
> process exited, code=exited, status=1/FAILURE
> Nov 18 16:29:19 controller systemd[1]: Unit neutron-l3-agent.service
> entered failed state.
> Nov 18 16:31:18 controller systemd[1]: Stopped OpenStack Neutron Layer 3
> Agent.
>
>
> And when I went and looked at these logs I see:
>
> [root@controller neutron]# more l3-agent.log
> 2014-11-18 16:29:19.519 6063 INFO neutron.common.config [-] Logging
> enabled!
> 2014-11-18 16:29:19.520 6063 ERROR neutron.agent.l3_agent [-] An interface
> driver must be specified
>
> So Im not sure if thats what you are talking about - Am I supposed to do
> what I did for the controller node l3_agent.ini I did for the network node
> (below)? What about the compute node? Am I not sure what you mean by having
> l3 plugin not configured in my neutron.conf.  How do I do that? I have
>  service_plugins = router currently. And which neutron.conf do I need to
> edit as I have 3, one for each node.  I will def post this answer up and
> answered when finished on openstack as I cant find any relevant question
> asked about this. Thank you very much!!
>
> *To configure the Layer-3 (L3) agent*
>
> The Layer-3 (L3) agent
> 
>  provides
> routing services for virtual networks.
>
>-
>
>Edit the /etc/neutron/l3_agent.ini file and complete the following
>actions:
>1.
>
>   In the [DEFAULT] section, configure the driver, enable network
>   namespaces
>   
> ,
>   and configure the external network bridge:
>   [image: Select Text]
>   1
>   2
>   3
>   4
>   5
>   [DEFAULT]
>   ...
>   interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
>   use_namespaces = True
>   external_network_bridge = br-ex
>   2.
>
>   (Optional) To assist with troubleshooting, enable verbose logging
>   in the [DEFAULT] section:
>   [image: Select Text]
>   1
>   2
>   3
>   [DEFAULT]
>   ...
>   verbose = True
>
>
>
> On Tue, Nov 18, 2014 at 4:18 PM, Salvatore Orlando 
> wrote:
>
>> I think you do not have a l3 plugin configured in your neutron.conf -
>> therefore the l3 extension is not being loaded and the router resource does
>> not exist.
>> If the l3 plugin is not there just add it to service_plugins.
>>
>> If the diagnosis is correct, can you post this question to
>> ask.openstack.org (if it's not already there).
>> This is probably a typical problem that many users face when they start
>> deploying neutron.
>>
>> Salvatore
>>
>> On 18 November 2014 22:08, Amit Anand  wrote:
>>
>>> All,
>>>
>>> So been following the Juno guide and now have arrived to the point where
>>> I need to create the demo-router - but when I run the command this is what
>>> I get:
>>>
>>> [root@controller ~]# source demo-openrc.sh
>>> [root@controller ~]# neutron router-create demo-router
>>> Not Found (HTTP 404) (Request-ID:
>>> req-00fa2ff1-dfb6-4d28-976c-be0f3d500e64
>>>
>>> There is not much more in --debug or logs than that error above. I have
>>> no idea why this is happening. I DID notice one strange thing and maybe
>>> somebody will be able to tell me whats wrong. I configured the controller
>>> and network nodes per guide and to test, run neutron ext-list for
>>> controller node when finished and neutron agent-list for both compute and
>>> network nodes when th

Re: [Openstack] Havana / LDAP(AD) / You are not authorized for any projects.

2014-11-18 Thread Michael Petersen

Ethan,

If you are going back and setting this up again you'll have to run the same
steps you would with a normal keystone configuration. You'll need to make
sure that you have applied the role Admin to the cloudadmin user. Then
you'll need to make sure it is associated with the correct tenant again.

When I set this up originally I was doing a recursive search for groups as
well so you'll need to look into that. I also had to make modifications to
openssl to allow TLS to work with LDAPS and import certs so you should test
this with ldap if you don't have the same configuration.

Did you actually save the keystone.conf with the original search strings
and configuration? It took me a little while to get it to the correct state
for Havana.

Regards,

Michael Petersen



On Tue, Nov 18, 2014 at 2:37 PM,  wrote:

> After difficulty and downtime spent with Icehouse we rolled back to Havana
> as we had a once-working config that was integrated with our Active
> Directory server.
>
> Everything was rebuilt, and things work fine with the exception of LDAP,
> again.
>
> I'm fairly confident the system is passing the username/password
> validation part, but fails with a "You are not authorized for any projects."
>
> I've read pretty much every page on the internet related to LDAP and
> OpenStack over the past week, and do know there is notes about this error
> on the earlier Grizzly version but they were corrected by the time Havana
> was deployed here.
>
> When a valid account is supplied, the front Web end replies with a "You
> are not authorized for any projects."
>
> In the database tables, the user is assigned to the admin project. The
> admin project under_project_metadata table has two user IDs assigned to it
> including the account I'm trying to use.
>
> On the LDAP side there are accounts for all of the services, but I am not
> sure if the tokens are making it through.
>
> The setup has the ldap driver enabled for identity and sql driver enabled
> for Assignment and Catalog.
>
>
> Any help is greatly appreciated. My coworkers went to the redhat openstack
> courses and such but I don't' believe the LDAP stuff was covered and this
> seems more like a bug. I really wish I had saved a copy of the LDAP core.py
> module from the working install so I could narrow down when in time the
> code was from :-(
>
> The logging in Icehouse is of course improved over Havana:
>
>
> 2014-11-18 22:15:40.573 17771 WARNING keystone.common.wsgi [-]
> Authorization failed. The request you have made requires authentication.
> from 10.100.x.x
> 2014-11-18 22:16:06.848 17771 WARNING keystone.common.wsgi [-]
> Authorization failed. The request you have made requires authentication.
> from 10.100.x.x
> 2014-11-18 22:18:21.515 17771 WARNING keystone.common.wsgi [-]
> Authorization failed. The request you have made requires authentication.
> from 10.100.x.x
> 2014-11-18 22:18:32.477 17771 WARNING keystone.common.wsgi [-]
> Authorization failed. The request you have made requires authentication.
> from 10.100.x.x
>
>
> ___
> Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/
> openstack
> Post to : openstack@lists.openstack.org
> Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/
> openstack
>



-- 
Michael Petersen
OpenStack Operations Engineer
Mirantis, Inc.
(650) 963-9828 x1041
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] (Juno) Neutron router-create 404 error

2014-11-18 Thread Amit Anand

Hi Kevin,

Thanks but I have service_plugins = router on /etc/neutron.conf already on
all three nodes

On Tue, Nov 18, 2014 at 5:52 PM, Kevin Benton  wrote:

> The issue isn't with the configuration of the L3 agent. It's loading the
> l3 plugin on the Neutron server.
>
> In /etc/neutron/neutron.conf you need to enable the router service
> plugin.[1]
> service_plugins = router
>
>
> https://github.com/openstack/neutron/blob/c2b1594ad878b1897468210ccb89fc0d0c4146c4/etc/neutron.conf#L72
>
> On Tue, Nov 18, 2014 at 2:10 PM, Amit Anand  wrote:
>
>> Hi Salvatore,
>>
>> Thanks for emailing! So from what I can see from the guide, Im only
>> supposed to edit the l3_agent.ini file on the network node. There is
>> nothing for l3_agent.ini on controller to edit from the guide. I did see
>> this as I continued to troubleshoot after my original email on the
>> controller node:
>>
>>  systemctl status neutron-l3-agent.service
>> neutron-l3-agent.service - OpenStack Neutron Layer 3 Agent
>>Loaded: loaded (/usr/lib/systemd/system/neutron-l3-agent.service;
>> disabled)
>>Active: failed (Result: exit-code) since Tue 2014-11-18 16:29:19 EST;
>> 22min ago
>>   Process: 6063 ExecStart=/usr/bin/neutron-l3-agent --config-file
>> /usr/share/neutron/neutron-dist.conf --config-file
>> /etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini
>> --config-file /etc/neutron/fwaas_driver.ini --log-file
>> /var/log/neutron/l3-agent.log (code=exited, status=1/FAILURE)
>>  Main PID: 6063 (code=exited, status=1/FAILURE)
>>
>> Nov 18 16:29:19 controller systemd[1]: Started OpenStack Neutron Layer 3
>> Agent.
>> Nov 18 16:29:19 controller systemd[1]: neutron-l3-agent.service: main
>> process exited, code=exited, status=1/FAILURE
>> Nov 18 16:29:19 controller systemd[1]: Unit neutron-l3-agent.service
>> entered failed state.
>> Nov 18 16:31:18 controller systemd[1]: Stopped OpenStack Neutron Layer 3
>> Agent.
>>
>>
>> And when I went and looked at these logs I see:
>>
>> [root@controller neutron]# more l3-agent.log
>> 2014-11-18 16:29:19.519 6063 INFO neutron.common.config [-] Logging
>> enabled!
>> 2014-11-18 16:29:19.520 6063 ERROR neutron.agent.l3_agent [-] An
>> interface driver must be specified
>>
>> So Im not sure if thats what you are talking about - Am I supposed to do
>> what I did for the controller node l3_agent.ini I did for the network node
>> (below)? What about the compute node? Am I not sure what you mean by having
>> l3 plugin not configured in my neutron.conf.  How do I do that? I have
>>  service_plugins = router currently. And which neutron.conf do I need to
>> edit as I have 3, one for each node.  I will def post this answer up and
>> answered when finished on openstack as I cant find any relevant question
>> asked about this. Thank you very much!!
>>
>> *To configure the Layer-3 (L3) agent*
>>
>> The Layer-3 (L3) agent
>> 
>>  provides
>> routing services for virtual networks.
>>
>>-
>>
>>Edit the /etc/neutron/l3_agent.ini file and complete the following
>>actions:
>>1.
>>
>>   In the [DEFAULT] section, configure the driver, enable network
>>   namespaces
>>   
>> ,
>>   and configure the external network bridge:
>>   [image: Select Text]
>>   1
>>   2
>>   3
>>   4
>>   5
>>   [DEFAULT]
>>   ...
>>   interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
>>   use_namespaces = True
>>   external_network_bridge = br-ex
>>   2.
>>
>>   (Optional) To assist with troubleshooting, enable verbose logging
>>   in the [DEFAULT] section:
>>   [image: Select Text]
>>   1
>>   2
>>   3
>>   [DEFAULT]
>>   ...
>>   verbose = True
>>
>>
>>
>> On Tue, Nov 18, 2014 at 4:18 PM, Salvatore Orlando 
>> wrote:
>>
>>> I think you do not have a l3 plugin configured in your neutron.conf -
>>> therefore the l3 extension is not being loaded and the router resource does
>>> not exist.
>>> If the l3 plugin is not there just add it to service_plugins.
>>>
>>> If the diagnosis is correct, can you post this question to
>>> ask.openstack.org (if it's not already there).
>>> This is probably a typical problem that many users face when they start
>>> deploying neutron.
>>>
>>> Salvatore
>>>
>>> On 18 November 2014 22:08, Amit Anand  wrote:
>>>
 All,

 So been following the Juno guide and now have arrived to the point
 where I need to create the demo-router - but when I run the command this is
 what I get:

 [root@controller ~]# source demo-openrc.sh
 [root@controller ~]# neutron router-create demo-router
 Not Found (HTTP 404) (Request-ID:
 req-00fa2ff1-dfb6-4d28-976c-be0f3d500e64

 There is not much more in --debug or logs than that error above. I have
 no idea why this is

Re: [Openstack] (Juno) Neutron router-create 404 error

2014-11-18 Thread Kevin Benton

This config goes on whichever ones are running the neutron server process.

Can you include a neutron server.log file that begins from a server process
restart (service neutron-server restart)?

On Tue, Nov 18, 2014 at 3:33 PM, Amit Anand  wrote:

> Hi Kevin,
>
> Thanks but I have service_plugins = router on /etc/neutron.conf already on
> all three nodes
>
> On Tue, Nov 18, 2014 at 5:52 PM, Kevin Benton  wrote:
>
>> The issue isn't with the configuration of the L3 agent. It's loading the
>> l3 plugin on the Neutron server.
>>
>> In /etc/neutron/neutron.conf you need to enable the router service
>> plugin.[1]
>> service_plugins = router
>>
>>
>> https://github.com/openstack/neutron/blob/c2b1594ad878b1897468210ccb89fc0d0c4146c4/etc/neutron.conf#L72
>>
>> On Tue, Nov 18, 2014 at 2:10 PM, Amit Anand  wrote:
>>
>>> Hi Salvatore,
>>>
>>> Thanks for emailing! So from what I can see from the guide, Im only
>>> supposed to edit the l3_agent.ini file on the network node. There is
>>> nothing for l3_agent.ini on controller to edit from the guide. I did see
>>> this as I continued to troubleshoot after my original email on the
>>> controller node:
>>>
>>>  systemctl status neutron-l3-agent.service
>>> neutron-l3-agent.service - OpenStack Neutron Layer 3 Agent
>>>Loaded: loaded (/usr/lib/systemd/system/neutron-l3-agent.service;
>>> disabled)
>>>Active: failed (Result: exit-code) since Tue 2014-11-18 16:29:19 EST;
>>> 22min ago
>>>   Process: 6063 ExecStart=/usr/bin/neutron-l3-agent --config-file
>>> /usr/share/neutron/neutron-dist.conf --config-file
>>> /etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini
>>> --config-file /etc/neutron/fwaas_driver.ini --log-file
>>> /var/log/neutron/l3-agent.log (code=exited, status=1/FAILURE)
>>>  Main PID: 6063 (code=exited, status=1/FAILURE)
>>>
>>> Nov 18 16:29:19 controller systemd[1]: Started OpenStack Neutron Layer 3
>>> Agent.
>>> Nov 18 16:29:19 controller systemd[1]: neutron-l3-agent.service: main
>>> process exited, code=exited, status=1/FAILURE
>>> Nov 18 16:29:19 controller systemd[1]: Unit neutron-l3-agent.service
>>> entered failed state.
>>> Nov 18 16:31:18 controller systemd[1]: Stopped OpenStack Neutron Layer 3
>>> Agent.
>>>
>>>
>>> And when I went and looked at these logs I see:
>>>
>>> [root@controller neutron]# more l3-agent.log
>>> 2014-11-18 16:29:19.519 6063 INFO neutron.common.config [-] Logging
>>> enabled!
>>> 2014-11-18 16:29:19.520 6063 ERROR neutron.agent.l3_agent [-] An
>>> interface driver must be specified
>>>
>>> So Im not sure if thats what you are talking about - Am I supposed to do
>>> what I did for the controller node l3_agent.ini I did for the network node
>>> (below)? What about the compute node? Am I not sure what you mean by having
>>> l3 plugin not configured in my neutron.conf.  How do I do that? I have
>>>  service_plugins = router currently. And which neutron.conf do I need to
>>> edit as I have 3, one for each node.  I will def post this answer up and
>>> answered when finished on openstack as I cant find any relevant question
>>> asked about this. Thank you very much!!
>>>
>>> *To configure the Layer-3 (L3) agent*
>>>
>>> The Layer-3 (L3) agent
>>> 
>>>  provides
>>> routing services for virtual networks.
>>>
>>>-
>>>
>>>Edit the /etc/neutron/l3_agent.ini file and complete the following
>>>actions:
>>>1.
>>>
>>>   In the [DEFAULT] section, configure the driver, enable network
>>>   namespaces
>>>   
>>> ,
>>>   and configure the external network bridge:
>>>   [image: Select Text]
>>>   1
>>>   2
>>>   3
>>>   4
>>>   5
>>>   [DEFAULT]
>>>   ...
>>>   interface_driver =
>>>   neutron.agent.linux.interface.OVSInterfaceDriver
>>>   use_namespaces = True
>>>   external_network_bridge = br-ex
>>>   2.
>>>
>>>   (Optional) To assist with troubleshooting, enable verbose logging
>>>   in the [DEFAULT] section:
>>>   [image: Select Text]
>>>   1
>>>   2
>>>   3
>>>   [DEFAULT]
>>>   ...
>>>   verbose = True
>>>
>>>
>>>
>>> On Tue, Nov 18, 2014 at 4:18 PM, Salvatore Orlando 
>>> wrote:
>>>
 I think you do not have a l3 plugin configured in your neutron.conf -
 therefore the l3 extension is not being loaded and the router resource does
 not exist.
 If the l3 plugin is not there just add it to service_plugins.

 If the diagnosis is correct, can you post this question to
 ask.openstack.org (if it's not already there).
 This is probably a typical problem that many users face when they start
 deploying neutron.

 Salvatore

 On 18 November 2014 22:08, Amit Anand  wrote:

> All,
>
> So been following the Juno guide and now have arrived to the point
> where

Re: [Openstack] (Juno) Neutron router-create 404 error

2014-11-18 Thread Amit Anand

Ok well the neutron server is running on my controller node. Here is the
log from a restart I just did:

2014-11-18 19:32:23.139 10165 INFO neutron.common.config [-] Logging
enabled!
2014-11-18 19:32:23.143 10165 INFO neutron.common.config [-] Config paste
file: /usr/share/neutron/api-paste.ini
2014-11-18 19:32:23.325 10165 INFO neutron.manager [-] Loading core plugin:
ml2
2014-11-18 19:32:23.399 10165 INFO neutron.plugins.ml2.managers [-]
Configured type driver names: ['flat', 'gre']
2014-11-18 19:32:23.401 10165 INFO neutron.plugins.ml2.drivers.type_flat
[-] Allowable flat physical_network names: []
2014-11-18 19:32:23.405 10165 INFO neutron.plugins.ml2.managers [-] Loaded
type driver names: ['flat', 'gre']
2014-11-18 19:32:23.405 10165 INFO neutron.plugins.ml2.managers [-]
Registered types: ['flat', 'gre']
2014-11-18 19:32:23.406 10165 INFO neutron.plugins.ml2.managers [-] Tenant
network_types: ['gre']
2014-11-18 19:32:23.406 10165 INFO neutron.plugins.ml2.managers [-]
Configured extension driver names: []
2014-11-18 19:32:23.406 10165 INFO neutron.plugins.ml2.managers [-] Loaded
extension driver names: []
2014-11-18 19:32:23.407 10165 INFO neutron.plugins.ml2.managers [-]
Registered extension drivers: []
2014-11-18 19:32:23.407 10165 INFO neutron.plugins.ml2.managers [-]
Configured mechanism driver names: ['openvswitch']
2014-11-18 19:32:23.408 10165 INFO neutron.plugins.ml2.managers [-] Loaded
mechanism driver names: ['openvswitch']
2014-11-18 19:32:23.408 10165 INFO neutron.plugins.ml2.managers [-]
Registered mechanism drivers: ['openvswitch']
2014-11-18 19:32:23.419 10165 INFO neutron.plugins.ml2.managers [-]
Initializing driver for type 'flat'
2014-11-18 19:32:23.420 10165 INFO neutron.plugins.ml2.drivers.type_flat
[-] ML2 FlatTypeDriver initialization complete
2014-11-18 19:32:23.420 10165 INFO neutron.plugins.ml2.managers [-]
Initializing driver for type 'gre'
2014-11-18 19:32:23.420 10165 INFO neutron.plugins.ml2.drivers.type_tunnel
[-] gre ID ranges: [(1, 1000)]
2014-11-18 19:32:23.503 10165 INFO neutron.plugins.ml2.managers [-]
Initializing mechanism driver 'openvswitch'
2014-11-18 19:32:23.504 10165 INFO neutron.plugins.ml2.plugin [-] Modular
L2 Plugin initialization complete
2014-11-18 19:32:23.505 10165 INFO neutron.manager [-] Loading Plugin:
router
2014-11-18 19:32:23.533 10165 INFO oslo.messaging._drivers.impl_rabbit [-]
Connecting to AMQP server on controller:5672
2014-11-18 19:32:23.546 10165 INFO oslo.messaging._drivers.impl_rabbit [-]
Connected to AMQP server on controller:5672
2014-11-18 19:32:23.551 10165 INFO neutron.db.l3_agentschedulers_db [-]
Skipping period L3 agent status check because automatic router re
scheduling is disabled.
2014-11-18 19:32:23.552 10165 INFO neutron.api.extensions [-] Initializing
extension manager.
2014-11-18 19:32:23.553 10165 INFO neutron.api.extensions [-] Loaded
extension: agent
2014-11-18 19:32:23.555 10165 INFO neutron.api.extensions [-] Loaded
extension: allowed-address-pairs
2014-11-18 19:32:23.557 10165 INFO neutron.api.extensions [-] Loaded
extension: dhcp_agent_scheduler
2014-11-18 19:32:23.558 10165 INFO neutron.api.extensions [-] Loaded
extension: dvr
2014-11-18 19:32:23.559 10165 INFO neutron.api.extensions [-] Loaded
extension: external-net
2014-11-18 19:32:23.560 10165 INFO neutron.api.extensions [-] Loaded
extension: extra_dhcp_opt
2014-11-18 19:32:23.561 10165 INFO neutron.api.extensions [-] Loaded
extension: extraroute
2014-11-18 19:32:23.567 10165 WARNING neutron.api.extensions [-] Extension
fwaas not supported by any of loaded plugins
2014-11-18 19:32:23.568 10165 WARNING neutron.api.extensions [-] Extension
flavor not supported by any of loaded plugins
2014-11-18 19:32:23.570 10165 INFO neutron.api.extensions [-] Loaded
extension: router
2014-11-18 19:32:23.571 10165 INFO neutron.api.extensions [-] Loaded
extension: ext-gw-mode
2014-11-18 19:32:23.573 10165 INFO neutron.api.extensions [-] Loaded
extension: l3-ha
2014-11-18 19:32:23.575 10165 INFO neutron.api.extensions [-] Loaded
extension: l3_agent_scheduler
2014-11-18 19:32:23.578 10165 WARNING neutron.api.extensions [-] Extension
lbaas_agent_scheduler not supported by any of loaded plugins
2014-11-18 19:32:23.581 10165 WARNING neutron.api.extensions [-] Extension
lbaas not supported by any of loaded plugins
2014-11-18 19:32:23.583 10165 WARNING neutron.api.extensions [-] Extension
metering not supported by any of loaded plugins
2014-11-18 19:32:23.584 10165 INFO neutron.api.extensions [-] Loaded
extension: multi-provider
2014-11-18 19:32:23.585 10165 INFO neutron.api.extensions [-] Loaded
extension: binding
2014-11-18 19:32:23.586 10165 WARNING neutron.api.extensions [-] Extension
port-security not supported by any of loaded plugins
2014-11-18 19:32:23.587 10165 INFO neutron.api.extensions [-] Loaded
extension: provider
2014-11-18 19:32:23.588 10165 INFO neutron.api.extensions [-] Loaded
extension: quotas
2014-11-18 19:32:23.589 10165 WARNING neutron.api.extensions [-] Extension

Re: [Openstack] (Juno) Neutron router-create 404 error

2014-11-18 Thread Kevin Benton

So now if you run the ext-list command, is 'router' still missing?

On Tue, Nov 18, 2014 at 4:35 PM, Amit Anand  wrote:

> Ok well the neutron server is running on my controller node. Here is the
> log from a restart I just did:
>
> 2014-11-18 19:32:23.139 10165 INFO neutron.common.config [-] Logging
> enabled!
> 2014-11-18 19:32:23.143 10165 INFO neutron.common.config [-] Config paste
> file: /usr/share/neutron/api-paste.ini
> 2014-11-18 19:32:23.325 10165 INFO neutron.manager [-] Loading core
> plugin: ml2
> 2014-11-18 19:32:23.399 10165 INFO neutron.plugins.ml2.managers [-]
> Configured type driver names: ['flat', 'gre']
> 2014-11-18 19:32:23.401 10165 INFO neutron.plugins.ml2.drivers.type_flat
> [-] Allowable flat physical_network names: []
> 2014-11-18 19:32:23.405 10165 INFO neutron.plugins.ml2.managers [-] Loaded
> type driver names: ['flat', 'gre']
> 2014-11-18 19:32:23.405 10165 INFO neutron.plugins.ml2.managers [-]
> Registered types: ['flat', 'gre']
> 2014-11-18 19:32:23.406 10165 INFO neutron.plugins.ml2.managers [-] Tenant
> network_types: ['gre']
> 2014-11-18 19:32:23.406 10165 INFO neutron.plugins.ml2.managers [-]
> Configured extension driver names: []
> 2014-11-18 19:32:23.406 10165 INFO neutron.plugins.ml2.managers [-] Loaded
> extension driver names: []
> 2014-11-18 19:32:23.407 10165 INFO neutron.plugins.ml2.managers [-]
> Registered extension drivers: []
> 2014-11-18 19:32:23.407 10165 INFO neutron.plugins.ml2.managers [-]
> Configured mechanism driver names: ['openvswitch']
> 2014-11-18 19:32:23.408 10165 INFO neutron.plugins.ml2.managers [-] Loaded
> mechanism driver names: ['openvswitch']
> 2014-11-18 19:32:23.408 10165 INFO neutron.plugins.ml2.managers [-]
> Registered mechanism drivers: ['openvswitch']
> 2014-11-18 19:32:23.419 10165 INFO neutron.plugins.ml2.managers [-]
> Initializing driver for type 'flat'
> 2014-11-18 19:32:23.420 10165 INFO neutron.plugins.ml2.drivers.type_flat
> [-] ML2 FlatTypeDriver initialization complete
> 2014-11-18 19:32:23.420 10165 INFO neutron.plugins.ml2.managers [-]
> Initializing driver for type 'gre'
> 2014-11-18 19:32:23.420 10165 INFO neutron.plugins.ml2.drivers.type_tunnel
> [-] gre ID ranges: [(1, 1000)]
> 2014-11-18 19:32:23.503 10165 INFO neutron.plugins.ml2.managers [-]
> Initializing mechanism driver 'openvswitch'
> 2014-11-18 19:32:23.504 10165 INFO neutron.plugins.ml2.plugin [-] Modular
> L2 Plugin initialization complete
> 2014-11-18 19:32:23.505 10165 INFO neutron.manager [-] Loading Plugin:
> router
> 2014-11-18 19:32:23.533 10165 INFO oslo.messaging._drivers.impl_rabbit [-]
> Connecting to AMQP server on controller:5672
> 2014-11-18 19:32:23.546 10165 INFO oslo.messaging._drivers.impl_rabbit [-]
> Connected to AMQP server on controller:5672
> 2014-11-18 19:32:23.551 10165 INFO neutron.db.l3_agentschedulers_db [-]
> Skipping period L3 agent status check because automatic router re
> scheduling is disabled.
> 2014-11-18 19:32:23.552 10165 INFO neutron.api.extensions [-] Initializing
> extension manager.
> 2014-11-18 19:32:23.553 10165 INFO neutron.api.extensions [-] Loaded
> extension: agent
> 2014-11-18 19:32:23.555 10165 INFO neutron.api.extensions [-] Loaded
> extension: allowed-address-pairs
> 2014-11-18 19:32:23.557 10165 INFO neutron.api.extensions [-] Loaded
> extension: dhcp_agent_scheduler
> 2014-11-18 19:32:23.558 10165 INFO neutron.api.extensions [-] Loaded
> extension: dvr
> 2014-11-18 19:32:23.559 10165 INFO neutron.api.extensions [-] Loaded
> extension: external-net
> 2014-11-18 19:32:23.560 10165 INFO neutron.api.extensions [-] Loaded
> extension: extra_dhcp_opt
> 2014-11-18 19:32:23.561 10165 INFO neutron.api.extensions [-] Loaded
> extension: extraroute
> 2014-11-18 19:32:23.567 10165 WARNING neutron.api.extensions [-] Extension
> fwaas not supported by any of loaded plugins
> 2014-11-18 19:32:23.568 10165 WARNING neutron.api.extensions [-] Extension
> flavor not supported by any of loaded plugins
> 2014-11-18 19:32:23.570 10165 INFO neutron.api.extensions [-] Loaded
> extension: router
> 2014-11-18 19:32:23.571 10165 INFO neutron.api.extensions [-] Loaded
> extension: ext-gw-mode
> 2014-11-18 19:32:23.573 10165 INFO neutron.api.extensions [-] Loaded
> extension: l3-ha
> 2014-11-18 19:32:23.575 10165 INFO neutron.api.extensions [-] Loaded
> extension: l3_agent_scheduler
> 2014-11-18 19:32:23.578 10165 WARNING neutron.api.extensions [-] Extension
> lbaas_agent_scheduler not supported by any of loaded plugins
> 2014-11-18 19:32:23.581 10165 WARNING neutron.api.extensions [-] Extension
> lbaas not supported by any of loaded plugins
> 2014-11-18 19:32:23.583 10165 WARNING neutron.api.extensions [-] Extension
> metering not supported by any of loaded plugins
> 2014-11-18 19:32:23.584 10165 INFO neutron.api.extensions [-] Loaded
> extension: multi-provider
> 2014-11-18 19:32:23.585 10165 INFO neutron.api.extensions [-] Loaded
> extension: binding
> 2014-11-18 19:32:23.586 10165 WARNING neutron.api.extensions [-] Extension
>

[Openstack] How to build and use

2014-11-18 Thread kyawthu win

I am beginner in building openstack cloud. I try to build a private
cloud only use for our university. In my design. I use three machine
like this:
1. Main Server that holds the codes of my application and run on it.
2. Key Storage Machine that keeps the keys to decrypt.
3. Storage Machine that store the user data and other related
information to access the stored data.
So, I want to know:
How to use my web based application (written in jsp) in openstack cloud?
How to build  Storage Machine to store the user data step by step?
Please, help me.
Thanks

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

[Openstack] DVR IRC meeting cancelled for Wednesday 19th 2014

2014-11-18 Thread Swaminathan Vasudevan

Hi Folks,
 The DVR meeting on Wednesday the 19th 2014 will be cancelled.
if anything urgent we can discuss in l3 meeting.
Thanks
swami

Sent from my iPad

___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

Re: [Openstack] Havana / LDAP(AD) / You are not authorized for any projects.

2014-11-18 Thread ethan


If you are going back and setting this up again you'll have to run the same
steps you would with a normal keystone configuration. You'll need to make
sure that you have applied the role Admin to the cloudadmin user. Then
you'll need to make sure it is associated with the correct tenant again.

When I set this up originally I was doing a recursive search for groups as
well so you'll need to look into that. I also had to make modifications to
openssl to allow TLS to work with LDAPS and import certs so you should test
this with ldap if you don't have the same configuration.


I backed up the ldaps stuff, but validated it is possible to run in 
non-SSL mode as well (for troubleshooting.) I have the certs backed up.



Did you actually save the keystone.conf with the original search strings
and configuration? It took me a little while to get it to the correct state
for Havana.


Yep, 100%!

After chatting with Adam Young and others on IRC they helped me work it 
out.


I did not do the OpenStack installs, I haven't installed it myself. I only 
chimed in when there were issues (mainly with the LDAP/AD portion.)


The software all installed and setup, and by default it's setup using SQL 
database for autehntication. My coworker had setup a 2nd admin account 
that matched what was in the LDAP (Active Directory) server on my request, 
and put it in the admin group.


But in the database the user ID is set to the hash string that matches the 
user table in SQL, when it should have the field from LDAP.


I think the ldap module might be backwards when used with AD? With the 
name and ID fields set right with cn/sAMAccountName so it's possible to 
pass authentication (because AD requires the bind operation, then I think 
client needs to use sAMAccountName to look up the Common Name, then uses 
Common Name for further lookups) I think in Openstack the user name and 
user ID end up backwards. The login screen in Horizon is fine but when it 
comes to the DB tables I ended up having to use the CN which is 
technically at risk for name collision in large environment but not so 
much an issue for us.


There should be a way to change the ID assignment using keystone commands 
as long as you do not assign tenant variable in environment, as before 
things are fully setup that will block access.


I'm going to try to write it all up tomorrow and post it somewhere online 
to add to LDAP/AD knowledge pool online.


Thanks again to Adam Young and others in the IRC channel for helping. It's 
been a mess and high stress issue at work!


- Ethan





Regards,

Michael Petersen



On Tue, Nov 18, 2014 at 2:37 PM,  wrote:


After difficulty and downtime spent with Icehouse we rolled back to Havana
as we had a once-working config that was integrated with our Active
Directory server.

Everything was rebuilt, and things work fine with the exception of LDAP,
again.

I'm fairly confident the system is passing the username/password
validation part, but fails with a "You are not authorized for any projects."

I've read pretty much every page on the internet related to LDAP and
OpenStack over the past week, and do know there is notes about this error
on the earlier Grizzly version but they were corrected by the time Havana
was deployed here.

When a valid account is supplied, the front Web end replies with a "You
are not authorized for any projects."

In the database tables, the user is assigned to the admin project. The
admin project under_project_metadata table has two user IDs assigned to it
including the account I'm trying to use.

On the LDAP side there are accounts for all of the services, but I am not
sure if the tokens are making it through.

The setup has the ldap driver enabled for identity and sql driver enabled
for Assignment and Catalog.


Any help is greatly appreciated. My coworkers went to the redhat openstack
courses and such but I don't' believe the LDAP stuff was covered and this
seems more like a bug. I really wish I had saved a copy of the LDAP core.py
module from the working install so I could narrow down when in time the
code was from :-(

The logging in Icehouse is of course improved over Havana:


2014-11-18 22:15:40.573 17771 WARNING keystone.common.wsgi [-]
Authorization failed. The request you have made requires authentication.
from 10.100.x.x
2014-11-18 22:16:06.848 17771 WARNING keystone.common.wsgi [-]
Authorization failed. The request you have made requires authentication.
from 10.100.x.x
2014-11-18 22:18:21.515 17771 WARNING keystone.common.wsgi [-]
Authorization failed. The request you have made requires authentication.
from 10.100.x.x
2014-11-18 22:18:32.477 17771 WARNING keystone.common.wsgi [-]
Authorization failed. The request you have made requires authentication.
from 10.100.x.x


___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/
openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.opens

Re: [Openstack] nova list --all-tenants fails, nova sends bad request to neutron

2014-11-18 Thread Robert van Leeuwen

> Thanks Robert. I guess that might suggest some configuration issue on
> our end then. I'm curious, do you have any specific settings in terms of
> pagination limits in your nova and neutron configuration files?

I do not remember having to set any in the past.
Do you proxy requests through e.g. a load-balancer?
Maybe that has some issues with larger requests...

Cheers,
Robert van Leeuwen
___
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to : openstack@lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

[Openstack] Unwanted multiple IPs sometimes

[Openstack] Query regarding Nova Compute Ceilometer readings

Re: [Openstack] Live migration no longer working after Icehouse -> Juno upgrade

Re: [Openstack] Ceilometer Api error in Juno: Resolved

[Openstack] Not able to attach Cinder volume to instances

[Openstack] nova list --all-tenants fails, nova sends bad request to neutron

Re: [Openstack] nova list --all-tenants fails, nova sends bad request to neutron

Re: [Openstack] nova list --all-tenants fails, nova sends bad request to neutron

Re: [Openstack] (Juno) Neutron router-create 404 error

[Openstack] (Juno) Neutron router-create 404 error

Re: [Openstack] (Juno) Neutron router-create 404 error

[Openstack] Havana / LDAP(AD) / You are not authorized for any projects.

Re: [Openstack] (Juno) Neutron router-create 404 error

Re: [Openstack] Havana / LDAP(AD) / You are not authorized for any projects.

Re: [Openstack] (Juno) Neutron router-create 404 error

Re: [Openstack] (Juno) Neutron router-create 404 error

Re: [Openstack] (Juno) Neutron router-create 404 error

Re: [Openstack] (Juno) Neutron router-create 404 error

[Openstack] How to build and use

[Openstack] DVR IRC meeting cancelled for Wednesday 19th 2014

Re: [Openstack] Havana / LDAP(AD) / You are not authorized for any projects.

Re: [Openstack] nova list --all-tenants fails, nova sends bad request to neutron

22 matches

Site Navigation

Mail list logo

Footer information