openstack queens octavia security group not found

Ignazio Cassano ignaziocassano at gmail.com
Tue Jan 8 09:57:40 UTC 2019


It started in service project but service project not read securty groups
that  I created in admin project.
So I modified  /etc/octavia.conf secitons service_auth  and
keystone_authoken and I put
project_name = admin
instead of
project_name = service

With the above modifications the amphora instance starts in admin projects
abd can read from it the security group id.
But the load balancer remains in pending and then the ambora instance is
automatically deleted.

Another problem is that in both cases it does not start to create the
amphra instance when I specify
amp_ssh_key_name  in octavia.conf
In admin project case it shoud read  it, because this key is in the admin
project :-(
So I started without ssh_key.

Could you help me with my wrong configuration,please ?

Regards
Ignazio



Il giorno mar 8 gen 2019 alle ore 10:44 Fabian Zimmermann <dev.faz at gmail.com>
ha scritto:

> Hi,
>
> in which project should octavia start its amphora instances?
>
> In this project you should create a suitable sg.
>
>   Fabian
>
> Am 08.01.19 um 10:39 schrieb Ignazio Cassano:
> > Hello, I do not have an octavia project but only a service project.
> > Octavia user belongs to admin and service project :-(
> > Documentation  does not seem clear about it
> >
> > Il giorno mar 8 gen 2019 alle ore 10:30 Fabian Zimmermann
> > <dev.faz at gmail.com <mailto:dev.faz at gmail.com>> ha scritto:
> >
> >     Hi,
> >
> >     did you create the security group in the octavia project?
> >
> >     Can you see the sg if you login with the octavia credentials?
> >
> >
> >        Fabian
> >
> >     Am 08.01.19 um 09:11 schrieb Ignazio Cassano:
> >      > Hello everyone,
> >      > I installed octavia with centos 7 queens.
> >      > When I crreate a load balancer the amphora instance is not created
> >      > because nova conductor cannot find the security group specified in
> >      > octavia.conf.
> >      > I am sure the security group id is correct but the nova condictor
> >     reports:
> >      >
> >      > 2019-01-08 09:06:06.803 11872 ERROR nova.scheduler.utils
> >      > [req-75df2561-4bc3-4bde-86d0-40469058250c
> >      > 62ed0b7f336b479ebda6f8587c4dd608 2a33760772ab4b0381a27735443ec4bd
> -
> >      > default default] [instance: 83f2fd75-8069-47a5-9572-8949ec9b5cee]
> >     Error
> >      > from last host: tst2-kvm02 (node tst2-kvm02): [u'Traceback (most
> >     recent
> >      > call last):\n', u'  File
> >      > "/usr/lib/python2.7/site-packages/nova/compute/manager.py", line
> >     1828,
> >      > in _do_build_and_run_instance\n    filter_properties,
> >     request_spec)\n',
> >      > u'  File
> "/usr/lib/python2.7/site-packages/nova/compute/manager.py",
> >      > line 2108, in _build_and_run_instance\n
> >     instance_uuid=instance.uuid,
> >      > reason=six.text_type(e))\n', u'RescheduledException: Build of
> >     instance
> >      > 83f2fd75-8069-47a5-9572-8949ec9b5cee was re-scheduled: Security
> >     group
> >      > fdd1ab71-bcd2-4b65-b5f2-f4c110b65602 not found.\n']
> >      >
> >      > Please, what is wrong ?
> >      >
> >      > Regards
> >      > Ignazio
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20190108/ca6e185c/attachment.html>


More information about the openstack-discuss mailing list