<div dir="ltr">Hi -<div><br></div><div style>Very much excited for the help on testing of LBaaS.</div><div style><br></div><div style>Can you guide me/the enthusiasts on how to test the LBaaS, and Which code base to download. Because I find, more branches about LBaaS.</div>
<div style><br></div><div style>I Have the folsom code installed with me. Can any one guide me on how to integrate and test LBaaS in the folsom setup I have. </div><div style><br></div><div style>Please help me integrate the LBaaS into the folsom installation.</div>
<div style><br></div><div style>thanks in advance.</div><div style><br></div><div style><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Feb 19, 2013 at 12:45 AM, Eugene Nikanorov <span dir="ltr"><<a href="mailto:enikanorov@mirantis.com" target="_blank">enikanorov@mirantis.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi Dan, Mark, folks,<div><br></div><div>I know you have been working on reviewing and testing of LBaaS patches and run into several problems preventing the service to provide complete solution.</div>
<div>We're currently putting all our efforts into integration testing. Please find the updated instruction on how to setup/run the service: </div>
<div><br></div><div>Let me step through the list of problems that Dan has identified:</div><div>1. Strict key checking.</div><div>By default ssh and scp use strict key checking, so once host fingerprint is changed for the known host, ssh/scp switch into interactive mode and ask if it is ok.</div>
<div>We've fixed it via ssh/scp option that disables strict key checking.</div><div><br></div><div>2. "VM getting deleted, but then lbaas code not realizing it was deleted"</div><div>There was I bug in the code, which incorrectly updated device status in case of error and didn't delete it from DB.</div>
<div>We've fixed it.</div>
<div><br></div><div>3. File permissions on key file</div><div>Key file is used in ssh/scp that are being run with "sudo ip netns exec <ns> ssh -i keyfile_path ..."</div><div>I guess ssh/scp are getting sudo priviledges in this case, so I wonder, what issues could be experienced here.</div>
<div><br></div><div>4. Keypair injection not working </div><div>We also has hit this issue several times without stable repro, e.g. sometimes it worked and sometimes it didn't.</div><div>Currently it's our primary concern, which however could be solved by injecting keys into the image manually.</div>
<div><br></div><div>As an alternative we tried to use pexpect library to access VM via login/password in pseudo-interactive mode but later decided that using key pairs is a more reliable way to access VM.</div>
<div><br></div><div>5. Security groups</div><div>As far as I uderstood the concern - it's possible that security group that agent is using to access balancer VM could prohibit icmp packets that we use for liveliness check.</div>
<div>So it was changed to netcat making probe on 22 port.</div><div><br></div><div>Latest code with all these fixes was just posted on review (HAProxy driver) <a href="https://review.openstack.org/#/c/20985/" target="_blank">https://review.openstack.org/#/c/20985/</a></div>
<div><br></div><div>Thanks,</div><div>Eugene.</div>
<br>_______________________________________________<br>
OpenStack-dev mailing list<br>
<a href="mailto:OpenStack-dev@lists.openstack.org">OpenStack-dev@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br>Regards,<br>----------------------------------------------<br>Trinath Somanchi,<div>+91 9866 235 130</div>
</div>