Hi Sergio, If you include [<project>] in the subnet of the messages you send to openstack-discuss it will highlight for the project teams. For exampe, the octavia team uses [octavia]. For issue 1: OpenStack in general requires users to be associated with a project. The Octavia API requires this as well. If you can create resources using this account with other services, such as neutron or nova, I'm not 100% what is going on. I would check that you have the appropriate credentials for the openstack client by reading this section of the operations guide: https://docs.openstack.org/operations-guide/ops-lay-of-the-land.html#getting... If the user has the OS_PROJECT_ID in their environment, it would be helpful to us if you re-run the command with --debug and paste us the results at http://paste.openstack.org. Note, that output will contain security related content, so either scrub it or mark the paste private and reply only to me. This might also be an issue with the keystone_authtoken section of the octavia.conf, but it seems unlikely. For issue 2: You are running the "noop drivers" which are used for testing instead of live code. Please check the [controller_worker] section of your octavia.conf and make sure you have enabled the "live" drivers as opposed to the no-op drivers. Our No-Op drivers simulate parts of OpenStack so that we don't have to allocate resources in a live cloud for some of our cases. It's live code testing, without the cloud. See the configuration reference here: https://docs.openstack.org/octavia/latest/configuration/configref.html#contr... or see this section of the example configuration file: https://opendev.org/openstack/octavia/src/branch/master/etc/octavia.conf#L23... The amphora_driver, compute_driver, and network_driver sections need to be filled in. As a general reference for the configuration, you can look at the configuration file we use for our gate testing: http://logs.openstack.org/32/665732/1/check/octavia-v2-dsvm-scenario/70a1089... Also note that the above link will expire in a week or two, but you can view another one by clicking on our test job links in gerrit. Note that not all of those timeout/retry values are appropriate for every deployment or production use, so just use it as a reference to the fields we configure and refer to the configuration reference and sample configuration file for more information. If you need more assistance, you can reply here or the team has a channel on Freenode IRC called #openstack-lbaas Good luck, Michael On Mon, Jun 17, 2019 at 10:49 AM Sergio Traldi <sergio.traldi@pd.infn.it> wrote:
Hi,
I installed using packstack 2 node 1 controller and 1 compute with rocky release in CentOS 7 OS. I define an external network and configure openvswitch and I can assign floating IP. Everythings works fine. (VMs creation, images upload, security group, key pair, ...) I tested neutron, glance, nova, keystone, ...
I followed the documentation to install ad configure octavia, so I create the user, the endpoint, the db, the network lb-mgmt-net, the subnet, the neutron security group for amphorae and the rules, the image amphorae, I tagged the image,...
I set the main values in /etc/octavia/octavia.conf for keystone for the bind, and so on ... and I started the services.
I followed these documentations:
https://docs.openstack.org/octavia/queens/contributor/guides/dev-quick-start...
http://sudomakeinstall.com/uncategorized/building-octavia-images-with-centos...
https://blog.zufardhiyaulhaq.com/manual-instalation-octavia-openstack-queens
At the end everything seems to work but I have two "problems"
1):
I can not create a lb without a project from the openstack client if I do:
[root@cld-ctrl-pa-02 ~(keystone_admin)]# openstack loadbalancer create --name lb --vip-subnet-id c5887a52-bddb-4e8b-8023-cd7c341194fa Validation failure: Missing project ID in request where one is required. (HTTP 400) (Request-ID: req-1b9307c5-8aee-472d-ac56-44b6f34b05ce)
If I put the project the lb has been created:
[root@cld-ctrl-pa-02 ~(keystone_admin)]# openstack loadbalancer create --name lb1 --vip-subnet-id c5887a52-bddb-4e8b-8023-cd7c341194fa --project c86066dd95e345c386ef5e095b83918a +---------------------+--------------------------------------+ | Field | Value | +---------------------+--------------------------------------+ | admin_state_up | True | | created_at | 2019-06-11T14:02:10 | | description | | | flavor | | | id | f740be24-edf1-459c-ac77-c93917cbca31 | | listeners | | | name | lb1 | | operating_status | OFFLINE | | pools | | | project_id | c86066dd95e345c386ef5e095b83918a | | provider | amphora | | provisioning_status | PENDING_CREATE | | updated_at | None | | vip_address | 198.51.100.1 | | vip_network_id | e4a02581-1d90-4ea2-9e73-681ff66a4328 | | vip_port_id | 1666d874-f1b5-437e-a989-ea49f65ba5a3 | | vip_qos_policy_id | None | | vip_subnet_id | c5887a52-bddb-4e8b-8023-cd7c341194fa | +---------------------+--------------------------------------+
But the project has been not a mandatory value to pass to the client.
2)
Second problem: all the loadbalancers I created lay on the lb-mgmt-subent and not in the subnet I passed. In the example above. My subnet is like this:
[root@cld-ctrl-pa-02 ~(keystone_admin)]# openstack subnet list | grep c5887a52-bddb-4e8b-8023-cd7c341194fa | c5887a52-bddb-4e8b-8023-cd7c341194fa | private_subnet | 8d37ca14-47b8-4ce8-aa27-fb4f8267d9ab | 10.0.0.0/24 |
But the VIP created is 198.51.100.1 and each loadbalancer I create have that IP as VIP and I think this is not correct:
[root@cld-ctrl-pa-02 ~(keystone_admin)]# openstack loadbalancer list +--------------------------------------+----------+----------------------------------+--------------+---------------------+----------+ | id | name | project_id | vip_address | provisioning_status | provider | +--------------------------------------+----------+----------------------------------+--------------+---------------------+----------+ | 21d121fd-799f-4244-bf33-622e2fcd0060 | lb-demo | 78932a05499d4916bfd1895f7017cac1 | 198.51.100.1 | ACTIVE | amphora | | 94653251-849e-41c4-9071-f75382a46569 | lb-test | 78932a05499d4916bfd1895f7017cac1 | 198.51.100.1 | ACTIVE | amphora | | a76ccc28-0242-46e4-8ac5-b1410a29cf4a | lb1 | 78932a05499d4916bfd1895f7017cac1 | 198.51.100.1 | ACTIVE | amphora | | f740be24-edf1-459c-ac77-c93917cbca31 | lb789 | c86066dd95e345c386ef5e095b83918a | 198.51.100.1 | ACTIVE | amphora | | aeb6e964-fc24-4b04-aa94-9b5ccfe4eb09 | lb-test2 | 78932a05499d4916bfd1895f7017cac1 | 198.51.100.1 | ACTIVE | amphora | +--------------------------------------+----------+----------------------------------+--------------+---------------------+----------+
I tried using different users and different projects and different networks but the result is the same in all loadbalancer created.
In log file I dis not find anything useful for all of the problems.
If someone has got some hints it could be great.
For the first problem I found this ( http://www.codeha.us/openstack-discuss/msg00906.html ) but nobody answer to this problem.
The second may be is correct but I expect different VIP for each loadbalancer crerated and may be in the network I passed not int eh lb management subenet.
Thanks in advance
Cheers
Sergio