[openstack-dev] Implementing VPNaas in Openstack Grizzly release
Ashwini Babureddy
AB0078468 at TechMahindra.com
Fri Jan 10 07:31:03 UTC 2014
Hi Paul,
Thanks for the info provided.
There is IPSEC_AGENT_TOPIC defined and that is imported in service_driver/ipsec.py. Code is present.
As I have not installed Openstack Grizzly set up using devstack, I do not have access to q-vpn process log.
So if the RPC is timing out waiting for the response back from device_driver to service_driver, does this mean that the callback (IPsecVpnDriverCallBack get_vpn_services_on_host) is having an issue.
Currently I am debugging this issue using /var/log/quantum/* logs.
Are there any other debugging tools that I can use in this scenario? Could Eclipse using PyDev be another option for debugging this issue?
Thanks,
Ashwini
From: Paul Michali [mailto:pcm at cisco.com]
Sent: Thursday, January 09, 2014 6:01 PM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] Implementing VPNaas in Openstack Grizzly release
Just some ideas to look into...
You could look at the q-vpn process log. With devstack, there is a screen-q-vpn.log that might give more info on the failure.
The commands that are working, are ones that strictly deal with the database. The IPSec site connection command is the first one that actually does messaging from the service driver to the device driver. Once at the device driver, it will do an RPC back to the service driver to get the all the information on the services/connections on that host.
Maybe some things are to check that the IPSEC_AGENT_TOPIC is defined (IPSEC_AGENT_TOPIC = 'ipsec_agent'), and that the code is there in the service driver (service_dirvers/ipsec.py) to handle the callback (IPsecVpnDriverCallBack get_vpn_services_on_host). This will call the plugin (VPNPluginRpcDbMixin _get_agent_hosting_vpn_services).
It seems like the RPC from the device driver back to the service driver is timing out, so making sure they are all set up OK, would be useful.
HTHs,
PCM (Paul Michali)
MAIL pcm at cisco.com<mailto:pcm at cisco.com>
IRC pcm_ (irc.freenode.net<http://irc.freenode.net>)
TW @pmichali
GPG key 4525ECC253E31A83
Fingerprint 307A 96BB 1A4C D2C7 931D 8D2D 4525 ECC2 53E3 1A83
On Jan 9, 2014, at 5:12 AM, Ashwini Babureddy <AB0078468 at TechMahindra.com<mailto:AB0078468 at TechMahindra.com>> wrote:
Hi,
I am trying to implement VPNaas in openstack grizzly release 2013.1 by taking Havana release as a reference. This is basically a single node set up by following the below link :
https://github.com/mseknibilel/OpenStack-Grizzly-Install-Guide/blob/master/OpenStack_Grizzly_Install_Guide.rst
Currently all the vpn related files from Havana moved to Grizzly as follows:
* /quantum/services/vpn/*
* /quantum/db/vpn/*
* /quantum/extensions/vpnaas.py
* /etc/quantum/vpn_agent.ini
* /etc/quantum/quantum.conf -> service_plugins = quantum.services.vpn.plugin.VPNPlugin
* /quantumclient/quantum/v2_0/vpn/*
* Installed Openswan
* Made changes in /quantumclient/shell.py
* /usr/bin/quantum-vpn-agent
* /etc/init.d/quantum-plugin-vpn-agent
* /etc/init/quantum-plugin-vpn-agent.conf
Current status:
* Commands running successfully
o Vpn-ikepolicy-create/list/delete
o Vpn-ipsecpolicy-create/list/delete
o Vpn-service-create/list/delete
* Ipsec-site-connection-create command is failing with an HTTP Error. [Request Failed: internal server error while processing your request.]
* /var/log/quantum/vpn-agent.log has logs as follows:
2014-01-09 23:32:30 ERROR [quantum.agent.l3_agent] Failed synchronizing routers : _sync_routers_task
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/quantum/agent/l3_agent.py", line 694, in _sync_routers_task
self._process_routers(routers, all_routers=True)
File "/usr/lib/python2.7/dist-packages/quantum/services/vpn/agent.py", line 150, in _process_routers
device.sync(self.context, routers)
File "/usr/lib/python2.7/dist-packages/quantum/openstack/common/lockutils.py", line 242, in inner
retval = f(*args, **kwargs)
File "/usr/lib/python2.7/dist-packages/quantum/services/vpn/device_drivers/ipsec.py", line 652, in sync
context, self.host)
File "/usr/lib/python2.7/dist-packages/quantum/services/vpn/device_drivers/ipsec.py", line 453, in get_vpn_services_on_host
topic=self.topic)
File "/usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/proxy.py", line 80, in call
return rpc.call(context, self._get_topic(topic), msg, timeout)
File "/usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/__init__.py", line 140, in call
return _get_impl().call(CONF, context, topic, msg, timeout)
File "/usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/impl_kombu.py", line 798, in call
rpc_amqp.get_connection_pool(conf, Connection))
File "/usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/amqp.py", line 613, in call
rv = list(rv)
File "/usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/amqp.py", line 555, in __iter__
self.done()
File "/usr/lib/python2.7/contextlib.py", line 24, in __exit__
self.gen.next()
File "/usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/amqp.py", line 552, in __iter__
self._iterator.next()
File "/usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/impl_kombu.py", line 648, in iterconsume
yield self.ensure(_error_callback, _consume)
File "/usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/impl_kombu.py", line 566, in ensure
error_callback(e)
File "/usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/impl_kombu.py", line 629, in _error_callback
raise rpc_common.Timeout()
Timeout: Timeout while waiting on RPC response.
2014-01-09 23:32:30 WARNING [quantum.openstack.common.loopingcall] task run outlasted interval by 21.531911 sec
Can anyone please help on this issue. Could this issue be due to an incomplete quantum-plugin-vpn-agent [as we have no such standard package].
What else can be done further to make this work?
Thanks,
Ashwini
________________________________
============================================================================================================================
Disclaimer: This message and the information contained herein is proprietary and confidential and subject to the Tech Mahindra policy statement, you may review the policy at http://www.techmahindra.com/Disclaimer.html externally http://tim.techmahindra.com/tim/disclaimer.html internally within TechMahindra.
============================================================================================================================
_______________________________________________
OpenStack-dev mailing list
OpenStack-dev at lists.openstack.org<mailto:OpenStack-dev at lists.openstack.org>
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
============================================================================================================================
Disclaimer: This message and the information contained herein is proprietary and confidential and subject to the Tech Mahindra policy statement, you may review the policy at http://www.techmahindra.com/Disclaimer.html externally http://tim.techmahindra.com/tim/disclaimer.html internally within TechMahindra.
============================================================================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140110/d722c5e4/attachment.html>
More information about the OpenStack-dev
mailing list