ocatvia on rocky openstack environment does not work as expected
Michael Johnson
johnsomor at gmail.com
Mon Jun 17 20:52:58 UTC 2019
Hi Sergio,
If you include [<project>] in the subnet of the messages you send to
openstack-discuss it will highlight for the project teams. For exampe,
the octavia team uses [octavia].
For issue 1:
OpenStack in general requires users to be associated with a project.
The Octavia API requires this as well.
If you can create resources using this account with other services,
such as neutron or nova, I'm not 100% what is going on.
I would check that you have the appropriate credentials for the
openstack client by reading this section of the operations guide:
https://docs.openstack.org/operations-guide/ops-lay-of-the-land.html#getting-credentials
If the user has the OS_PROJECT_ID in their environment, it would be
helpful to us if you re-run the command with --debug and paste us the
results at http://paste.openstack.org. Note, that output will contain
security related content, so either scrub it or mark the paste private
and reply only to me.
This might also be an issue with the keystone_authtoken section of the
octavia.conf, but it seems unlikely.
For issue 2:
You are running the "noop drivers" which are used for testing instead
of live code. Please check the [controller_worker] section of your
octavia.conf and make sure you have enabled the "live" drivers as
opposed to the no-op drivers. Our No-Op drivers simulate parts of
OpenStack so that we don't have to allocate resources in a live cloud
for some of our cases. It's live code testing, without the cloud.
See the configuration reference here:
https://docs.openstack.org/octavia/latest/configuration/configref.html#controller_worker.amphora_driver
or see this section of the example configuration file:
https://opendev.org/openstack/octavia/src/branch/master/etc/octavia.conf#L232
The amphora_driver, compute_driver, and network_driver sections need
to be filled in.
As a general reference for the configuration, you can look at the
configuration file we use for our gate testing:
http://logs.openstack.org/32/665732/1/check/octavia-v2-dsvm-scenario/70a1089/controller/logs/etc/octavia/octavia_conf.txt.gz
Also note that the above link will expire in a week or two, but you
can view another one by clicking on our test job links in gerrit.
Note that not all of those timeout/retry values are appropriate for
every deployment or production use, so just use it as a reference to
the fields we configure and refer to the configuration reference and
sample configuration file for more information.
If you need more assistance, you can reply here or the team has a
channel on Freenode IRC called #openstack-lbaas
Good luck,
Michael
On Mon, Jun 17, 2019 at 10:49 AM Sergio Traldi <sergio.traldi at pd.infn.it> wrote:
>
> Hi,
>
> I installed using packstack 2 node 1 controller and 1 compute with rocky
> release in CentOS 7 OS. I define an external network and configure
> openvswitch and I can assign floating IP. Everythings works fine. (VMs
> creation, images upload, security group, key pair, ...) I tested
> neutron, glance, nova, keystone, ...
>
> I followed the documentation to install ad configure octavia, so I
> create the user, the endpoint, the db, the network lb-mgmt-net, the
> subnet, the neutron security group for amphorae and the rules, the image
> amphorae, I tagged the image,...
>
> I set the main values in /etc/octavia/octavia.conf for keystone for the
> bind, and so on ... and I started the services.
>
> I followed these documentations:
>
> https://docs.openstack.org/octavia/queens/contributor/guides/dev-quick-start.html
>
> http://sudomakeinstall.com/uncategorized/building-octavia-images-with-centos-7-and-haproxy
>
> https://blog.zufardhiyaulhaq.com/manual-instalation-octavia-openstack-queens
>
> At the end everything seems to work but I have two "problems"
>
> 1):
>
> I can not create a lb without a project from the openstack client if I do:
>
> [root at cld-ctrl-pa-02 ~(keystone_admin)]# openstack loadbalancer create
> --name lb --vip-subnet-id c5887a52-bddb-4e8b-8023-cd7c341194fa
> Validation failure: Missing project ID in request where one is required.
> (HTTP 400) (Request-ID: req-1b9307c5-8aee-472d-ac56-44b6f34b05ce)
>
>
> If I put the project the lb has been created:
>
> [root at cld-ctrl-pa-02 ~(keystone_admin)]# openstack loadbalancer create
> --name lb1 --vip-subnet-id c5887a52-bddb-4e8b-8023-cd7c341194fa
> --project c86066dd95e345c386ef5e095b83918a
> +---------------------+--------------------------------------+
> | Field | Value |
> +---------------------+--------------------------------------+
> | admin_state_up | True |
> | created_at | 2019-06-11T14:02:10 |
> | description | |
> | flavor | |
> | id | f740be24-edf1-459c-ac77-c93917cbca31 |
> | listeners | |
> | name | lb1 |
> | operating_status | OFFLINE |
> | pools | |
> | project_id | c86066dd95e345c386ef5e095b83918a |
> | provider | amphora |
> | provisioning_status | PENDING_CREATE |
> | updated_at | None |
> | vip_address | 198.51.100.1 |
> | vip_network_id | e4a02581-1d90-4ea2-9e73-681ff66a4328 |
> | vip_port_id | 1666d874-f1b5-437e-a989-ea49f65ba5a3 |
> | vip_qos_policy_id | None |
> | vip_subnet_id | c5887a52-bddb-4e8b-8023-cd7c341194fa |
> +---------------------+--------------------------------------+
>
>
> But the project has been not a mandatory value to pass to the client.
>
> 2)
>
> Second problem: all the loadbalancers I created lay on the
> lb-mgmt-subent and not in the subnet I passed. In the example above. My
> subnet is like this:
>
> [root at cld-ctrl-pa-02 ~(keystone_admin)]# openstack subnet list | grep
> c5887a52-bddb-4e8b-8023-cd7c341194fa
> | c5887a52-bddb-4e8b-8023-cd7c341194fa | private_subnet |
> 8d37ca14-47b8-4ce8-aa27-fb4f8267d9ab | 10.0.0.0/24 |
>
> But the VIP created is 198.51.100.1 and each loadbalancer I create have
> that IP as VIP and I think this is not correct:
>
> [root at cld-ctrl-pa-02 ~(keystone_admin)]# openstack loadbalancer list
> +--------------------------------------+----------+----------------------------------+--------------+---------------------+----------+
> | id | name |
> project_id | vip_address | provisioning_status |
> provider |
> +--------------------------------------+----------+----------------------------------+--------------+---------------------+----------+
> | 21d121fd-799f-4244-bf33-622e2fcd0060 | lb-demo |
> 78932a05499d4916bfd1895f7017cac1 | 198.51.100.1 | ACTIVE |
> amphora |
> | 94653251-849e-41c4-9071-f75382a46569 | lb-test |
> 78932a05499d4916bfd1895f7017cac1 | 198.51.100.1 | ACTIVE |
> amphora |
> | a76ccc28-0242-46e4-8ac5-b1410a29cf4a | lb1 |
> 78932a05499d4916bfd1895f7017cac1 | 198.51.100.1 | ACTIVE |
> amphora |
> | f740be24-edf1-459c-ac77-c93917cbca31 | lb789 |
> c86066dd95e345c386ef5e095b83918a | 198.51.100.1 | ACTIVE |
> amphora |
> | aeb6e964-fc24-4b04-aa94-9b5ccfe4eb09 | lb-test2 |
> 78932a05499d4916bfd1895f7017cac1 | 198.51.100.1 | ACTIVE |
> amphora |
> +--------------------------------------+----------+----------------------------------+--------------+---------------------+----------+
>
>
> I tried using different users and different projects and different
> networks but the result is the same in all loadbalancer created.
>
> In log file I dis not find anything useful for all of the problems.
>
> If someone has got some hints it could be great.
>
> For the first problem I found this (
> http://www.codeha.us/openstack-discuss/msg00906.html ) but nobody answer
> to this problem.
>
> The second may be is correct but I expect different VIP for each
> loadbalancer crerated and may be in the network I passed not int eh lb
> management subenet.
>
> Thanks in advance
>
> Cheers
>
> Sergio
>
>
More information about the openstack-discuss
mailing list