[Openstack] New cloud unable to provision instances

Hi Guys, I have a new openstack cloud that I am unable to provision any instances on. When provisioning via horizon the state of the instance gets stuck for a long time at the Scheduling state and then the Build state and never completes. I see the following time outs in the logs: Not really

Re: [Openstack] Single router connected to multiple networks

. Thanks. On Wed, May 11, 2016 at 10:19 PM, Remo Mattei <r...@italy1.com> wrote: > It is possible I have set it up today for a test without any issue on both > Liberty and mitaka > > Inviato da iPhone > > Il giorno 11 mag 2016, alle ore 21:44, Jagga Soorma <jagg

Re: [Openstack] instances without a floating ip address

ng gw. > > -Dileep > > On Mon, May 2, 2016 at 10:30 PM, Jagga Soorma <jagg...@gmail.com> wrote: > >> We us a external vm network of 10.36.6.0/23. Looks like I do have some >> snat rules but no idea what I should be specifically looking for in here: >> >

Re: [Openstack] instances without a floating ip address

The moment I assign a floating IP address I can also get out of that vm to our external net. On Mon, May 2, 2016 at 10:51 PM, Jagga Soorma <jagg...@gmail.com> wrote: > This is what my default security groups looks like just in case that has > anything to do with why it is

Re: [Openstack] instances without a floating ip address

link/ether fa:16:3e:52:dc:9a brd ff:ff:ff:ff:ff:ff inet 10.36.6.240/23 brd 10.36.7.255 scope global qg-09e400d1-28 valid_lft forever preferred_lft forever inet6 fe80::f816:3eff:fe52:dc9a/64 scope link valid_lft forever preferred_lft forever -- On Mon, May 2, 2016 at 10:3

Re: [Openstack] instances without a floating ip address

Ingress IPv6 Any Any - default Delete Rule Egress IPv4 Any Any 0.0.0.0/0 - Delete Rule Ingress IPv4 ICMP Any 0.0.0.0/0 - Delete Rule Ingress IPv4 TCP 22 0.0.0.0/0 - On Mon, May 2, 2016 at 10:49 PM, Jagga Soorma <jagg...@gmail.com> wrote: > Yes, I am able to ping the gateway address fr

Re: [Openstack] instances without a floating ip address

t, this should be done by SNAT by default as mentioned earlier, where all > the vm's internal ip space maps one external ip. > > Regards, > Dileep > > On Mon, May 2, 2016 at 8:32 PM, Jagga Soorma <jagg...@gmail.com> wrote: > >> Hi Guys, >> >> Need some clarificati

Re: [Openstack] instances without a floating ip address

Also I should mention our openstack environment is kilo based if that makes any difference. Thanks. On Mon, May 2, 2016 at 10:30 PM, Jagga Soorma <jagg...@gmail.com> wrote: > We us a external vm network of 10.36.6.0/23. Looks like I do have some > snat rules but no idea w

[Openstack] instances without a floating ip address

Hi Guys, Need some clarification regarding routing for instances without a floating ip address. Basically we have instances connected to a priv network that is also connected to our external network and our security group allows all egress traffic. However, we can't seem to get to any resource on

Re: [Openstack] priv network issue - possibly dhcp related

ptured 1121416 packets received by filter 368 packets dropped by kernel -- Any help with this would be appreciated. Thanks. On Thu, Apr 28, 2016 at 6:29 PM, Jagga Soorma <jagg...@gmail.com> wrote: > I see the mac address of the instance asking for a dhcp address from the > compute node: >

Re: [Openstack] priv network issue - possibly dhcp related

fa:16:3e:b2:0f:c0, length 300 ..snip.. -- On Thu, Apr 28, 2016 at 5:55 PM, Jagga Soorma <jagg...@gmail.com> wrote: > Hi Guys, > > I have a project with a priv network setup and any instance connected to > it can't seem to get to its meta data service and no network gets setup on > that i

[Openstack] priv network issue - possibly dhcp related

Hi Guys, I have a project with a priv network setup and any instance connected to it can't seem to get to its meta data service and no network gets setup on that instance. I created a new priv network in that project and was able to get communication on a new instance connected to that priv

[Openstack] redirect http requests to https

Hey Guys, We have enabled ssl on our kilo based openstack cloud and some users are still trying to access the cloud via http instead of https. Would it be possible to redirect http to https via openstack so that we can minimize confusion among some users :) This should be doable via the horizon

Re: [Openstack] list members of a project

ace.com>> wrote: > > I think keystone user-list does this. See > http://docs.openstack.org/developer/keystone/cli_examples.html#user-list > > <signature-with-mafia[2][14].png> > > From: Jagga Soorma <jagg...@gmail.com> > Date: Wednesday, April 20, 2016 at 6:20 P

[Openstack] list members of a project

Hi Guys, So I am able to find out what role a user has for a specific project, but have not been able to find a way to list all members in a given project. Is this doable? Is there a way I can get all members of a existing project from cli? Don't think horizon exposes this information either.

Re: [Openstack] list members of a project

BTW I should mention that my openstack instance has been integrated into active directory so horizon does not show any project member information. Thanks. On Wed, Apr 20, 2016 at 4:20 PM, Jagga Soorma <jagg...@gmail.com> wrote: > Hi Guys, > > So I am able to find out what

Re: [Openstack] Horizon - CSRF verification failed

not sure how to fix this issue and can't really tell my user to remove the .xxx.com cookie everytime they run into this issue and can't tell that site to create a proper cookie with fqdn domain. Any help with this would be appreciated! Thanks. On Mon, Apr 18, 2016 at 5:48 PM, Jagga Soorma <j

[Openstack] Horizon - CSRF verification failed

Hi Guys, We have a new kilo based openstack environment with ssl enabled. On most browsers when accessing the https link to horizon when users login they get the following error: -- Forbidden (403) CSRF verification failed. Request aborted. You are seeing this message because this site requires

[Openstack] security group rules

Hi Guys, There is a default security group rule that has the following entry: -- Direction: Ingress Ether Type: IPv4 IP Protocol: Any Port Range: Any Remote Prefix: - Remote Security Group: default -- Now this makes me think that it should basically allow all ingress ipv4 traffic (udp & tcp) on

[Openstack] Change the default # of floating ips and security groups

Hi Guys, I need to change the default # of floating ips and security groups in our kilo based openstack environment which has been integrated into AD. I don't see a Identity tab in the horizon ui (due to AD integration) and don't want to manually do this every time a new project is created.

Re: [Openstack] Disable Disaster Recovery tab in Horizon

This is exactly what I ended up doing. Setting Disabled=true in our _50_freezer.py and restarting apache. This seems to have disabled the DR section in horizon. Thanks. On Mon, Apr 4, 2016 at 11:21 PM, Matthias Runge wrote: > On 02/04/16 22:34, Fausto Marzi wrote: > > Hi

[Openstack] Image as Volume Source - Bootable volume issue

Hi Guys, When creating a bootable volume (volume source - image) within horizon ui by pointing it to one of our images we are getting a Error status without any further details. However, when I try to do the same thing with a cirros image that was downloaded from a external source it works just

Re: [Openstack] Disable Disaster Recovery tab in Horizon

which one should I be checking? I don't see anything of importance in horizon's or freezer's logs. On Thu, Mar 31, 2016 at 11:43 AM, Remo Mattei <r...@italy1.com> wrote: > What does the log say? > > Inviato da iPhone > > > Il giorno 31 mar 2016, alle ore 19:29, Jagga S

[Openstack] Disable Disaster Recovery tab in Horizon

Hi Guys, Looks like freezer integration in horizon is still buggy and every time our users click on one of the Backup and Recovery tabs under DR they get a "Something went wrong!" message. We get the same thing when logging into horizon using the hlm_backup credentials. Is there a way to

Re: [Openstack] Building a new CentOS 6.7 glance image

eck and see if you can ping the dhcp server but again make > sure rules are right. > > Inviato da iPhone > > Il giorno 26 mar 2016, alle ore 17:01, Jagga Soorma <jagg...@gmail.com> > ha scritto: > > Ahhh.. got further.. looks like eth0 was set to onboot=no :( r

Re: [Openstack] Building a new CentOS 6.7 glance image

emo > > > > On Mar 26, 2016, at 16:22, Jagga Soorma <jagg...@gmail.com> wrote: > > Hi Guys, > > I am building a new CentOS 6.7 based image for our kilo based openstack > environment. I have followed the instructions on > http://docs.openstack.org/image-guide/cento

[Openstack] Building a new CentOS 6.7 glance image

Hi Guys, I am building a new CentOS 6.7 based image for our kilo based openstack environment. I have followed the instructions on http://docs.openstack.org/image-guide/centos-image.html. However when I boot my new image in openstack it does not come all the way up and I see the following errors

Re: [Openstack] password in clear text

ers rather than the root admin on > the box you are using. > > Kerberos is very nice, if you have access to an active directory or a > local kerberos server, it’s worth a look. > > Tim > > > > On 23/03/16 16:40, "CARVER, PAUL" <pc2...@att.com> wrote: &g

[Openstack] Monasca web hooks

Hi Guys, I need to push out all alerts in Monasca to a external logfile on a linux server. Not very familiar with webhooks and was wondering if someone has already done something similar that I can get a starting point with. Thanks. ___ Mailing list:

[Openstack] password in clear text

Hi Guys, Currently when using the openstack api I have to save my password in clear text in the OS_PASSWORD environment variable. Is there a more secure way to use the openstack api without having to either store this password in clear text or enter the password manually every time I run a

Re: [Openstack] SSL cert issue on openstack client

> > > Instead of response 300, if you are still getting error here, it means the > cert is not correct or its unable to find the rootCA in the provided > location. > > *Rahul Sharma* > *MS in Computer Science, 2016* > College of Computer and Information Science, No

Re: [Openstack] SSL cert issue on openstack client

eyStone > server's certificate. > > [Errno 1] _ssl.c:504: error:14090086:SSL > routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed > > Interesting issue. > > Anthony. > -Original Message- > From: Jagga Soorma [mailto:jagg...@gmail.com] > S

[Openstack] SSL cert issue on openstack client

Hi Guys, I am new to openstack and currently have a openstack environment that seems to have ssl enabled. From my mac I am able to use the openstack api without any issues and without having to do anything for ssl. However, from my CentOS 7.1 server I get the following error message: --

[Openstack] Create a custom CentOS 7.x image

Hi Guys, I am new to openstack and have been using images provided by others in my test cloud. However, I am trying to so some customization and need to build my own image. I built CentOS 7.1 on my virtualbox instance and went through the following steps: -- /etc/default/grub - fixed this file