[Octavia] Network issue between amphora and health manager port
Hello, I try to install Octavia and i'm facing an issue with octavia-health- manager-listen-port interface. I use Openstack Ussuri on Ubuntu 18.04 with linuxbridge plugin I followed this procedure: https://docs.openstack.org/octavia/latest/install/install-ubuntu.html#instal... When I try to create my loadbalancer I got this error: WARNING octavia.amphorae.drivers.haproxy.rest_api_driver [-] Could not connect to instance. Retrying.: requests.exceptions.ConnectionError: HTTPSConnectionPool(host='10.244.3.243', port=9443): Max retries exceeded with url: // (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7fe1ec077080>: Failed to establish a new connection: [Errno 113] No route to host',)) From my interface "o-hm0" I cannot ping 10.244.3.243 but if I try to ping from DHCP namespace it works fine. I think the problem is my "octavia-health-manager-listen-port" port appears "DOWN" when I list every ports. I figured out than Neutron didnt update iptables rules, probably because the interface is DOWN but if I add these rules: iptables -A neutron-linuxbri-FORWARD -m physdev --physdev-out o-bhm0 -- physdev-is-bridged -m comment --comment "Accept all packets when port is trusted." -j ACCEPT iptables -A neutron-linuxbri-FORWARD -m physdev --physdev-in o-bhm0 -- physdev-is-bridged -m comment --comment "Accept all packets when port is trusted." -j ACCEPT Amphora is able to communication with health manager port then the loadbalancer becomes UP but now I got this WARNING: 2021-01-21 15:27:21.230 2999834 WARNING octavia.amphorae.drivers.health.heartbeat_udp [-] Health Manager experienced an exception processing a heartbeat message from ('10.244.3.243', 30684). Ignoring this packet. Exception: 'NoneType' object has no attribute 'encode' I guess it's all about the port being stuck in DOWN state. Do you have any input how to configure this port? Best regards, Romain
On 1/21/21 3:31 PM, CHANU ROMAIN wrote:
Hello,
I try to install Octavia and i'm facing an issue with octavia-health- manager-listen-port interface.
I use Openstack Ussuri on Ubuntu 18.04 with linuxbridge plugin I followed this procedure: https://docs.openstack.org/octavia/latest/install/install-ubuntu.html#instal...
When I try to create my loadbalancer I got this error:
WARNING octavia.amphorae.drivers.haproxy.rest_api_driver [-] Could not connect to instance. Retrying.: requests.exceptions.ConnectionError: HTTPSConnectionPool(host='10.244.3.243', port=9443): Max retries exceeded with url: // (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7fe1ec077080>: Failed to establish a new connection: [Errno 113] No route to host',))
From my interface "o-hm0" I cannot ping 10.244.3.243 but if I try to ping from DHCP namespace it works fine.
I think the problem is my "octavia-health-manager-listen-port" port appears "DOWN" when I list every ports.
I figured out than Neutron didnt update iptables rules, probably because the interface is DOWN but if I add these rules:
iptables -A neutron-linuxbri-FORWARD -m physdev --physdev-out o-bhm0 -- physdev-is-bridged -m comment --comment "Accept all packets when port is trusted." -j ACCEPT iptables -A neutron-linuxbri-FORWARD -m physdev --physdev-in o-bhm0 -- physdev-is-bridged -m comment --comment "Accept all packets when port is trusted." -j ACCEPT
Amphora is able to communication with health manager port then the loadbalancer becomes UP but now I got this WARNING: 2021-01-21 15:27:21.230 2999834 WARNING octavia.amphorae.drivers.health.heartbeat_udp [-] Health Manager experienced an exception processing a heartbeat message from ('10.244.3.243', 30684). Ignoring this packet. Exception: 'NoneType' object has no attribute 'encode'
I guess it's all about the port being stuck in DOWN state. Do you have any input how to configure this port?
Best regards, Romain
Hi Romain, Did you understand correctly that the servers containing your Octavia services must have connectivity to your load balancer management network? Also, did you configure correctly the security group of your load balancers? To setup Octavia in my CI, I use this script: https://salsa.debian.org/openstack-team/debian/openstack-cluster-installer/-... Specifically, look where it's setting-up the lb-mgmt-sec-grp and lb-health-mgr-sec-grp security groups. Maybe this will help? Cheers, Thomas Goirand (zigo)
participants (2)
-
CHANU ROMAIN
-
Thomas Goirand