Hi all, Thank you, So the amphora will use a provider network. but how we can access this load balancer externally? via IP assign into amphora (provider network IP)? Another question, I am facing a problem with a keypair. I am generating a keypair with `create_certificates.sh` source /tmp/octavia/bin/create_certificates.sh /etc/octavia/certs /tmp/octavia/etc/certificates/openssl.cnf but when creating the load balancer service, I got this error from /var/log/octavia/worker.log ERROR oslo_messaging.rpc.server CertificateGenerationException: Could not sign the certificate request: Failed to load CA Private Key /etc/octavia/certs/private/cakey.pem. I am using this configuration under octavia.conf [certificates] ca_certificate = /etc/octavia/certs/ca_01.pem ca_private_key = /etc/octavia/certs/private/cakey.pem ca_private_key_passphrase = foobar Anyone know this issue? I am following Mr. Lingxian Kong blog in https://lingxiankong.github.io/2016-06-07-octavia-deployment-prerequisites.h... Best Regards, Zufar Dhiyaulhaq On Wed, Dec 5, 2018 at 4:35 AM Lingxian Kong <anlin.kong@gmail.com> wrote:
On Wed, Dec 5, 2018 at 6:27 AM Gaël THEROND <gael.therond@gmail.com> wrote:
You can do it with any routed network that you’ll load as a provider network too.
Way more simpler, no need for ovs manipulation, just get your network team to give you a vlan both available from computer node and controller plan. It can be a network subnet and vlan completely unknown from you controller as long as you get an intermediary equipment that route your traffic or that you add the proper route on your controllers.
Yeah, that's also how we did for our Octavia service in production thanks to our ops team.
Cheers, Lingxian Kong