[openstack-dev] Implementing VPNaas in Openstack Grizzly release
Ashwini Babureddy
AB0078468 at TechMahindra.com
Fri Jan 10 10:14:50 UTC 2014
Along with the attached outlook item. Here are the following updates:
With the help of few logs written manually, it is seen that RPC call is waiting on "IPSEC_DRIVER_TOPIC = ipsec_driver" :
2014-01-10 23:35:15 INFO [quantum.openstack.common.rpc.proxy] Inside proxy.RpcProxy : msg [{'args': {'host': 'ubuntu'}, 'method': 'get_vpn_services_on_host'}], topic [ipsec_driver]
2014-01-10 23:35:15 INFO [quantum.openstack.common.rpc.amqp] Making synchronous call on ipsec_driver ...
2014-01-10 23:35:15 INFO [quantum.openstack.common.rpc.amqp] MSG_ID is df6c8e6ff7ca48cca239a84959a61fb7
2014-01-10 23:35:15 INFO [quantum.openstack.common.rpc.amqp] Inside if not case
2014-01-10 23:36:15 ERROR [quantum.agent.l3_agent] Failed synchronizing routers : _sync_routers_task
And queues created :
root at ubuntu:/var/log/quantum# rabbitmqctl list_queues | more
Listing queues ...
consoleauth_fanout_36b3f71c6ea64616a69c0b2e2ed3d7c0 0
l3_agent_fanout_e398e651d8d44303a4826fd2a3faedf4 0
cert_fanout_c04d42ce4ab249f4b050241bbe79caa3 0
q-agent-notifier-tunnel-update_fanout_5f77bce1a09348b0b6927553d0646bc6 0
l3_agent.ubuntu 0
consoleauth.ubuntu 0
cinder-scheduler 0
conductor_fanout_7c10c5e7371340d18af3588dccbc76b3 0
notifications.info 11
cinder-scheduler.ubuntu 0
cinder-scheduler_fanout_5d4e9f0e60c4413fabec3ecf9fce164f 0
q-agent-notifier-port-update_fanout_6043fca215d54263b74c058f33e29a74 0
q-agent-notifier-network-delete_fanout_12e2c4b4670c4455b4192413e8990166 0
conductor.ubuntu 0
dhcp_agent.ubuntu 0
cert.ubuntu 0
ipsec_agent.ubuntu 0
q-plugin 0
dhcp_agent 0
compute 0
scheduler 0
q-agent-notifier-security_group-update_fanout_794f378ea54a495d938fa347f99a6c8d 0
scheduler_fanout_2fc00a8c896a46ecac6f57df6abc8f70 0
l3_agent_fanout_fce1b317fff94b5aaba36dad6a0a9575 0
compute_fanout_ee1f3d0427244a35891c7cf707da1542 0
cert 0
conductor 0
compute.ubuntu 0
5ef01edd61d64f19937d4544b341b0e9 0
scheduler.ubuntu 0
dhcp_agent_fanout_5bd979a41d9a48aaa2f6639bcc079389 0
l3_agent 0
consoleauth 0
...done.
Thanks,
Ashwini
From: Paul Michali [mailto:pcm at cisco.com]
Sent: Thursday, January 09, 2014 6:01 PM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] Implementing VPNaas in Openstack Grizzly release
Just some ideas to look into...
You could look at the q-vpn process log. With devstack, there is a screen-q-vpn.log that might give more info on the failure.
The commands that are working, are ones that strictly deal with the database. The IPSec site connection command is the first one that actually does messaging from the service driver to the device driver. Once at the device driver, it will do an RPC back to the service driver to get the all the information on the services/connections on that host.
Maybe some things are to check that the IPSEC_AGENT_TOPIC is defined (IPSEC_AGENT_TOPIC = 'ipsec_agent'), and that the code is there in the service driver (service_dirvers/ipsec.py) to handle the callback (IPsecVpnDriverCallBack get_vpn_services_on_host). This will call the plugin (VPNPluginRpcDbMixin _get_agent_hosting_vpn_services).
It seems like the RPC from the device driver back to the service driver is timing out, so making sure they are all set up OK, would be useful.
HTHs,
PCM (Paul Michali)
MAIL pcm at cisco.com<mailto:pcm at cisco.com>
IRC pcm_ (irc.freenode.net<http://irc.freenode.net>)
TW @pmichali
GPG key 4525ECC253E31A83
Fingerprint 307A 96BB 1A4C D2C7 931D 8D2D 4525 ECC2 53E3 1A83
On Jan 9, 2014, at 5:12 AM, Ashwini Babureddy <AB0078468 at TechMahindra.com<mailto:AB0078468 at TechMahindra.com>> wrote:
Hi,
I am trying to implement VPNaas in openstack grizzly release 2013.1 by taking Havana release as a reference. This is basically a single node set up by following the below link :
https://github.com/mseknibilel/OpenStack-Grizzly-Install-Guide/blob/master/OpenStack_Grizzly_Install_Guide.rst
Currently all the vpn related files from Havana moved to Grizzly as follows:
* /quantum/services/vpn/*
* /quantum/db/vpn/*
* /quantum/extensions/vpnaas.py
* /etc/quantum/vpn_agent.ini
* /etc/quantum/quantum.conf -> service_plugins = quantum.services.vpn.plugin.VPNPlugin
* /quantumclient/quantum/v2_0/vpn/*
* Installed Openswan
* Made changes in /quantumclient/shell.py
* /usr/bin/quantum-vpn-agent
* /etc/init.d/quantum-plugin-vpn-agent
* /etc/init/quantum-plugin-vpn-agent.conf
Current status:
* Commands running successfully
o Vpn-ikepolicy-create/list/delete
o Vpn-ipsecpolicy-create/list/delete
o Vpn-service-create/list/delete
* Ipsec-site-connection-create command is failing with an HTTP Error. [Request Failed: internal server error while processing your request.]
* /var/log/quantum/vpn-agent.log has logs as follows:
2014-01-09 23:32:30 ERROR [quantum.agent.l3_agent] Failed synchronizing routers : _sync_routers_task
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/quantum/agent/l3_agent.py", line 694, in _sync_routers_task
self._process_routers(routers, all_routers=True)
File "/usr/lib/python2.7/dist-packages/quantum/services/vpn/agent.py", line 150, in _process_routers
device.sync(self.context, routers)
File "/usr/lib/python2.7/dist-packages/quantum/openstack/common/lockutils.py", line 242, in inner
retval = f(*args, **kwargs)
File "/usr/lib/python2.7/dist-packages/quantum/services/vpn/device_drivers/ipsec.py", line 652, in sync
context, self.host)
File "/usr/lib/python2.7/dist-packages/quantum/services/vpn/device_drivers/ipsec.py", line 453, in get_vpn_services_on_host
topic=self.topic)
File "/usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/proxy.py", line 80, in call
return rpc.call(context, self._get_topic(topic), msg, timeout)
File "/usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/__init__.py", line 140, in call
return _get_impl().call(CONF, context, topic, msg, timeout)
File "/usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/impl_kombu.py", line 798, in call
rpc_amqp.get_connection_pool(conf, Connection))
File "/usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/amqp.py", line 613, in call
rv = list(rv)
File "/usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/amqp.py", line 555, in __iter__
self.done()
File "/usr/lib/python2.7/contextlib.py", line 24, in __exit__
self.gen.next()
File "/usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/amqp.py", line 552, in __iter__
self._iterator.next()
File "/usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/impl_kombu.py", line 648, in iterconsume
yield self.ensure(_error_callback, _consume)
File "/usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/impl_kombu.py", line 566, in ensure
error_callback(e)
File "/usr/lib/python2.7/dist-packages/quantum/openstack/common/rpc/impl_kombu.py", line 629, in _error_callback
raise rpc_common.Timeout()
Timeout: Timeout while waiting on RPC response.
2014-01-09 23:32:30 WARNING [quantum.openstack.common.loopingcall] task run outlasted interval by 21.531911 sec
Can anyone please help on this issue. Could this issue be due to an incomplete quantum-plugin-vpn-agent [as we have no such standard package].
What else can be done further to make this work?
Thanks,
Ashwini
________________________________
============================================================================================================================
Disclaimer: This message and the information contained herein is proprietary and confidential and subject to the Tech Mahindra policy statement, you may review the policy at http://www.techmahindra.com/Disclaimer.html externally http://tim.techmahindra.com/tim/disclaimer.html internally within TechMahindra.
============================================================================================================================
_______________________________________________
OpenStack-dev mailing list
OpenStack-dev at lists.openstack.org<mailto:OpenStack-dev at lists.openstack.org>
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
============================================================================================================================
Disclaimer: This message and the information contained herein is proprietary and confidential and subject to the Tech Mahindra policy statement, you may review the policy at http://www.techmahindra.com/Disclaimer.html externally http://tim.techmahindra.com/tim/disclaimer.html internally within TechMahindra.
============================================================================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140110/5ea056d5/attachment-0001.html>
-------------- next part --------------
An embedded message was scrubbed...
From: Ashwini Babureddy <AB0078468 at TechMahindra.com>
Subject: RE: [openstack-dev] Implementing VPNaas in Openstack Grizzly release
Date: Fri, 10 Jan 2014 13:01:03 +0530
Size: 41271
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140110/5ea056d5/attachment-0001.mht>
More information about the OpenStack-dev
mailing list