<div dir="ltr">Miguel Angel, the entry on the sudoers file made the trick. Thanks!<br></div><div class="gmail_extra"><br clear="all"><div><span style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:16px">-- </span><br style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:16px">
<b style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:16px">Hugo R Hernández-Mora</b><div><font color="#888888" face="arial, sans-serif"><span style="font-size:16px"><b><br></b></span></font><span style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:16px">"Se seus esforços foram vistos com indeferença, não desanime que o sol faze um espectacolo maravilhoso todas as manhãs enquanto a maioria das pessoas ainda estão dormindo"</span></div>
<div><span style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:16px">- Anónimo brasileiro</span></div></div>
<br><br><div class="gmail_quote">On Thu, Apr 18, 2013 at 2:34 AM, Miguel Angel Diaz Corchero <span dir="ltr"><<a href="mailto:miguelangel.diaz@externos.ciemat.es" target="_blank">miguelangel.diaz@externos.ciemat.es</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Hi Hugo,<br>
<br>
In folsom, I fixed the error that you showed in log by adding the
line:<br>
<br>
nova ALL = (root) NOPASSWD: /usr/bin/nova-rootwrap
/etc/nova/rootwrap.conf *<br>
<br>
in /etc/sudoers<br>
<br>
Regards<br>
Miguel.<br>
<br>
<br>
El 17/04/13 19:53, Hugo R Hernandez escribió:<br>
</div>
<blockquote type="cite"><div><div class="h5">
<div dir="ltr">Hello Openstack operators,
<div>I'm experiencing a similar problem to what is posted on Fri
Jun 1 18:07:26 2012 about "Network Configuration - Centos 6.2"
on this mailing list (<a href="http://lists.openstack.org/pipermail/openstack-operators/2012-June/001740.html" target="_blank">http://lists.openstack.org/pipermail/openstack-operators/2012-June/001740.html</a>).
I have spent now almost two weeks to have this working without
any luck. <br>
<br>
Essentially, I have a controller node plus a compute node for
this project and I expect to include a second compute node.
All of these servers have four network interfaces so initially
I would like to use:<br>
<br>
<blockquote>
<blockquote><small><small>eth0 for 'public' access (<a href="http://10.12.10.0/23" target="_blank">10.12.10.0/23</a>)<br>
eth3 for private access (<a href="http://192.168.10.192/26" target="_blank">192.168.10.192/26</a>)<br>
</small></small></blockquote>
</blockquote>
<br>
I have been working on different options by using eth3 for
bridge (br3 or br100 - not sure if I'm forced to use br100 but
anyways I have used both of them with and without assigning
IP), but in any case, I'm not able to have this working....<br>
<br>
Actually, things are worse as I had at least a service
listening between the two servers, controller and compute
node, but not anymore (State XXX):<br>
<br>
<blockquote>
<blockquote><small><small><b>[root@euler ~]# nova-manage
service list</b><br>
Binary Host
Zone Status State Updated_At<br>
nova-conductor <a href="http://euler.example.com" target="_blank">euler.example.com</a>
internal enabled :-)
2013-04-17 16:10:24<br>
nova-cert <a href="http://euler.example.com" target="_blank">euler.example.com</a>
internal enabled :-)
2013-04-17 16:10:25<br>
nova-scheduler <a href="http://euler.example.com" target="_blank">euler.example.com</a>
internal enabled :-)
2013-04-17 16:10:25<br>
<font color="#ff0000"><b>nova-compute <a href="http://fibonacci.example.com" target="_blank">fibonacci.example.com</a>
nova enabled XXX
2013-04-17 15:30:09</b></font><br>
</small></small></blockquote>
</blockquote>
<br>
Installed packages are:<br>
<blockquote>
<blockquote><small><small><b>[root@euler ~]# rpm -qa | grep
openstack</b><br>
openstack-utils-2013.1-6.el6.noarch<br>
openstack-glance-2013.1-1.el6.noarch<br>
openstack-nova-api-2013.1-2.el6.noarch<br>
openstack-nova-console-2013.1-2.el6.noarch<br>
openstack-keystone-2013.1-1.el6.noarch<br>
openstack-nova-scheduler-2013.1-2.el6.noarch<br>
openstack-nova-conductor-2013.1-2.el6.noarch<br>
openstack-nova-2013.1-2.el6.noarch<br>
openstack-nova-common-2013.1-2.el6.noarch<br>
openstack-nova-network-2013.1-2.el6.noarch<br>
openstack-nova-cert-2013.1-2.el6.noarch<br>
openstack-nova-objectstore-2013.1-2.el6.noarch<br>
openstack-nova-compute-2013.1-2.el6.noarch<br>
</small></small></blockquote>
</blockquote>
<br>
When following default documentation I got this error when
trying to create a network:<br>
<br>
<blockquote>
<blockquote><small><small><b>[root@euler ~]# nova
network-create private --fixed-range-v4=<a href="http://192.168.10.192/26" target="_blank">192.168.10.192/26</a>
--bridge-interface=br3</b><br>
ERROR: The server has either erred or is incapable of
performing the requested operation. (HTTP 500)
(Request-ID: req-7b4227e8-ebd4-444f-84de-4bcc0f42b0dd)<br>
</small></small></blockquote>
</blockquote>
<br>
For details, here is my nova.conf file as explained on
documentation for RHEL-based distros version 6 (Openstack
Grizzly):<br>
<br>
<blockquote>
<blockquote><small><small><b>[root@euler ~]# cat
/etc/nova/nova.conf </b><br>
[DEFAULT] <br>
<br>
# LOGS/STATE<br>
verbose = True<br>
logdir = /var/log/nova<br>
state_path = /var/lib/nova<br>
lock_path = /var/lib/nova/tmp<br>
rootwrap_config = /etc/nova/rootwrap.conf<br>
<br>
# SCHEDULER<br>
compute_scheduler_driver =
nova.scheduler.filter_scheduler.FilterScheduler<br>
<br>
# VOLUMES<br>
volume_driver = nova.volume.driver.ISCSIDriver<br>
volume_group = nova-volumes <br>
volume_name_template = volume-%s <br>
iscsi_helper = tgtadm <br>
volumes_dir = /etc/nova/volumes <br>
<br>
# DATABASE<br>
sql_connection = <a href="mailto:mysql://nova:mySecretPass@10.12.10.35/nova" target="_blank">mysql://nova:mySecretPass@10.12.10.35/nova</a><br>
<br>
# COMPUTE<br>
libvirt_type = kvm<br>
compute_driver = libvirt.LibvirtDriver<br>
instance_name_template = instance-%08x<br>
api_paste_config = /etc/nova/api-paste.ini<br>
<br>
# COMPUTE/APIS: if you have separate configs for
separate services<br>
# this flag is required for both nova-api and
nova-compute <br>
allow_resize_to_same_host =
True <br>
<br>
# APIS<br>
osapi_compute_extension =
nova.api.openstack.compute.contrib.standard_extensions<br>
ec2_dmz_host =
10.12.10.35
<br>
s3_host =
10.12.10.35
<br>
<br>
# QPID<br>
qpid_hostname = 10.12.10.35<br>
<br>
# GLANCE<br>
image_service = nova.image.glance.GlanceImageService<br>
glance_api_servers = <a href="http://10.12.10.35:9292" target="_blank">10.12.10.35:9292</a>
<br>
<br>
# NETWORK<br>
network_manager = nova.network.manager.FlatDHCPManager<br>
force_dhcp_release = True
<br>
dhcpbridge_flagfile = /etc/nova/nova.conf<br>
dhcpbridge = /usr/bin/nova-dhcpbridge<br>
firewall_driver =
nova.virt.libvirt.firewall.IptablesFirewallDriver<br>
# Change my_ip to match each host<br>
my_ip = 10.12.10.35<br>
public_interface = eth3<br>
flat_network_bridge = br3<br>
flat_interface = eth3<br>
fixed_range = <a href="http://192.168.10.192/26" target="_blank">192.168.10.192/26</a><br>
<br>
# NOVNC CONSOLE<br>
novncproxy_base_url = <a href="http://10.12.10.35:6080/vnc_auto.html" target="_blank">http://10.12.10.35:6080/vnc_auto.html</a><br>
# Change vncserver_proxyclient_address and
vncserver_listen to match each compute host<br>
vncserver_proxyclient_address = 10.12.10.35<br>
vncserver_listen = 10.12.10.35<br>
<br>
# GENERAL<br>
injected_network_template =
/usr/share/nova/interfaces.template<br>
libvirt_nonblocking = True<br>
libvirt_inject_partition = -1<br>
rpc_backend = nova.openstack.common.rpc.impl_qpid<br>
<br>
# AUTHENTICATION<br>
auth_strategy = keystone<br>
[keystone_authtoken]<br>
auth_host = 127.0.0.1<br>
auth_port = 35357<br>
auth_protocol = http<br>
admin_tenant_name = service<br>
admin_user = nova<br>
admin_password = mySecretPass<br>
signing_dirname = /tmp/keystone-signing-nova<br>
</small></small></blockquote>
</blockquote>
<br>
When I check status for the nova-network service I get this on
both controller and compute node:<br>
<br>
<blockquote>
<blockquote><small><small><b>[root@euler ~]#
/etc/init.d/openstack-nova-network status</b><br>
openstack-nova-network dead but pid file exists</small></small><br>
</blockquote>
</blockquote>
<br>
And, on the syslogs I have these entries:<br>
<br>
<blockquote>
<blockquote><small><small>2013-04-17 11:54:01.447 4026 TRACE
nova Traceback (most recent call
last):
<br>
2013-04-17 11:54:01.447 4026 TRACE nova File
"/usr/bin/nova-network", line 54, in
<module>
<br>
2013-04-17 11:54:01.447 4026 TRACE nova
service.wait()
<br>
2013-04-17 11:54:01.447 4026 TRACE nova File
"/usr/lib/python2.6/site-packages/nova/service.py",
line 689, in wait <br>
2013-04-17 11:54:01.447 4026 TRACE nova
_launcher.wait()
<br>
2013-04-17 11:54:01.447 4026 TRACE nova File
"/usr/lib/python2.6/site-packages/nova/service.py",
line 209, in wait <br>
2013-04-17 11:54:01.447 4026 TRACE nova
super(ServiceLauncher,
self).wait()
<br>
2013-04-17 11:54:01.447 4026 TRACE nova File
"/usr/lib/python2.6/site-packages/nova/service.py",
line 179, in wait <br>
2013-04-17 11:54:01.447 4026 TRACE nova
service.wait()
<br>
2013-04-17 11:54:01.447 4026 TRACE nova File
"/usr/lib/python2.6/site-packages/eventlet/greenthread.py",
line 166, in wait <br>
2013-04-17 11:54:01.447 4026 TRACE nova return
self._exit_event.wait()
<br>
2013-04-17 11:54:01.447 4026 TRACE nova File
"/usr/lib/python2.6/site-packages/eventlet/event.py",
line 116, in wait <br>
2013-04-17 11:54:01.447 4026 TRACE nova return
hubs.get_hub().switch()
<br>
2013-04-17 11:54:01.447 4026 TRACE nova File
"/usr/lib/python2.6/site-packages/eventlet/hubs/hub.py",
line 177, in switch<br>
2013-04-17 11:54:01.447 4026 TRACE nova return
self.greenlet.switch()<br>
2013-04-17 11:54:01.447 4026 TRACE nova File
"/usr/lib/python2.6/site-packages/eventlet/greenthread.py",
line 192, in main<br>
2013-04-17 11:54:01.447 4026 TRACE nova result =
function(*args, **kwargs)<br>
2013-04-17 11:54:01.447 4026 TRACE nova File
"/usr/lib/python2.6/site-packages/nova/service.py",
line 147, in run_server<br>
2013-04-17 11:54:01.447 4026 TRACE nova
server.start()<br>
2013-04-17 11:54:01.447 4026 TRACE nova File
"/usr/lib/python2.6/site-packages/nova/service.py",
line 429, in start<br>
2013-04-17 11:54:01.447 4026 TRACE nova
self.manager.init_host()<br>
2013-04-17 11:54:01.447 4026 TRACE nova File
"/usr/lib/python2.6/site-packages/nova/network/manager.py",
line 1601, in init_host<br>
2013-04-17 11:54:01.447 4026 TRACE nova
self.l3driver.initialize(fixed_range=CONF.fixed_range)<br>
2013-04-17 11:54:01.447 4026 TRACE nova File
"/usr/lib/python2.6/site-packages/nova/network/l3.py",
line 88, in initialize<br>
2013-04-17 11:54:01.447 4026 TRACE nova
linux_net.init_host()<br>
2013-04-17 11:54:01.447 4026 TRACE nova File
"/usr/lib/python2.6/site-packages/nova/network/linux_net.py",
line 642, in init_host<br>
2013-04-17 11:54:01.447 4026 TRACE nova
add_snat_rule(ip_range)<br>
2013-04-17 11:54:01.447 4026 TRACE nova File
"/usr/lib/python2.6/site-packages/nova/network/linux_net.py",
line 632, in add_snat_rule<br>
2013-04-17 11:54:01.447 4026 TRACE nova
iptables_manager.apply()<br>
2013-04-17 11:54:01.447 4026 TRACE nova File
"/usr/lib/python2.6/site-packages/nova/network/linux_net.py",
line 393, in apply<br>
2013-04-17 11:54:01.447 4026 TRACE nova
self._apply()<br>
2013-04-17 11:54:01.447 4026 TRACE nova File
"/usr/lib/python2.6/site-packages/nova/openstack/common/lockutils.py",
line 228, in inner<br>
2013-04-17 11:54:01.447 4026 TRACE nova retval =
f(*args, **kwargs)<br>
2013-04-17 11:54:01.447 4026 TRACE nova File
"/usr/lib/python2.6/site-packages/nova/network/linux_net.py",
line 411, in _apply<br>
2013-04-17 11:54:01.447 4026 TRACE nova
attempts=5)<br>
2013-04-17 11:54:01.447 4026 TRACE nova File
"/usr/lib/python2.6/site-packages/nova/network/linux_net.py",
line 1146, in _execute<br>
2013-04-17 11:54:01.447 4026 TRACE nova return
utils.execute(*cmd, **kwargs)<br>
2013-04-17 11:54:01.447 4026 TRACE nova File
"/usr/lib/python2.6/site-packages/nova/utils.py", line
239, in execute<br>
2013-04-17 11:54:01.447 4026 TRACE nova cmd='
'.join(cmd))<br>
2013-04-17 11:54:01.447 4026 TRACE nova
ProcessExecutionError: Unexpected error while running
command.<br>
2013-04-17 11:54:01.447 4026 TRACE nova Command: sudo
nova-rootwrap /etc/nova/rootwrap.conf iptables-save -c<br>
2013-04-17 11:54:01.447 4026 TRACE nova Exit code: 1<br>
2013-04-17 11:54:01.447 4026 TRACE nova Stdout: ''<br>
2013-04-17 11:54:01.447 4026 TRACE nova Stderr: 'sudo:
sorry, you must have a tty to run sudo\n'<br>
<br>
</small></small></blockquote>
</blockquote>
I'm not sure about the last lines as you can see I'm running
everything as root. Anyways, I have disabled iptables with
same results. Also, I have disabled selinux by default. At
this point, documentation is not that helpful but anyways, I
have been trying to use the following:<br>
<br>
<blockquote>
<blockquote><small><small><a href="http://docs.openstack.org/trunk/openstack-compute/install/yum/content/index.html" target="_blank">http://docs.openstack.org/trunk/openstack-compute/install/yum/content/index.html</a><br>
<a href="http://fedorapeople.org/%7Erussellb/openstack-lab-rhsummit-2012/index.html" target="_blank">http://fedorapeople.org/~russellb/openstack-lab-rhsummit-2012/index.html</a><br>
<a href="http://docs.openstack.org/trunk/openstack-compute/admin/content/index.html" target="_blank">http://docs.openstack.org/trunk/openstack-compute/admin/content/index.html</a><br>
</small></small></blockquote>
</blockquote>
<br>
I have a deadline to abandon this project if there is no
progress *but* actually, I don't want to do that so I will
greatly appreciate any help/hint you can provide to me.<br>
<br>
Thanks in advance,<br>
-Hugo<br clear="all">
<div><span style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:16px">-- </span><br style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:16px">
<b style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:16px">Hugo
R Hernández-Mora</b>
<div>
<font face="arial, sans-serif" color="#888888"><span style="font-size:16px"><b><br>
</b></span></font><span style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:16px">"Se
seus esforços foram vistos com indeferença, não desanime
que o sol faze um espectacolo maravilhoso todas as
manhãs enquanto a maioria das pessoas ainda estão
dormindo"</span></div>
<div><span style="color:rgb(136,136,136);font-family:arial,sans-serif;font-size:16px">-
Anónimo brasileiro</span></div>
</div>
</div>
</div>
<br>
<fieldset></fieldset>
<br>
</div></div><pre>_______________________________________________
OpenStack-operators mailing list
<a href="mailto:OpenStack-operators@lists.openstack.org" target="_blank">OpenStack-operators@lists.openstack.org</a>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators</a><span class="HOEnZb"><font color="#888888">
</font></span></pre><span class="HOEnZb"><font color="#888888">
</font></span></blockquote><span class="HOEnZb"><font color="#888888">
<br>
<br>
<div>-- <br>
<i><font><span style><span style="font-family:Century Gothic,sans-serif,10">Miguel
Angel Díaz Corchero</span></span></font></i><font><br>
<i><b><span style="font-family:Century Gothic,sans-serif">System
Administrator / Researcher</span></b></i><br>
<i><span style="font-family:Century Gothic,sans-serif">c/ Sola
nº 1; 10200 TRUJILLO, SPAIN</span></i><br>
<i><span style="font-family:Century Gothic,sans-serif">Tel: +34
927 65 93 17 Fax: <a href="tel:%2B34%20927%2032%2032%2037" value="+34927323237" target="_blank">+34 927 32 32 37</a></span></i>
<p><span><a href="http://www.ceta-ciemat.es/" target="_blank"><img src="cid:part16.05080209.05010408@externos.ciemat.es" alt="CETA-Ciemat logo" height="76" width="383" border="0"></a></span></p>
</font></div>
</font></span></div>
</blockquote></div><br></div>