Open Stack

Hi all,

Thank you,
So the amphora will use a provider network. but how we can access this load
balancer externally? via IP assign into amphora (provider network IP)?

Another question, I am facing a problem with a keypair. I am generating a
keypair with `create_certificates.sh`
source /tmp/octavia/bin/create_certificates.sh /etc/octavia/certs
/tmp/octavia/etc/certificates/openssl.cnf

but when creating the load balancer service, I got this error from
/var/log/octavia/worker.log
ERROR oslo_messaging.rpc.server CertificateGenerationException: Could not
sign the certificate request: Failed to load CA Private Key
/etc/octavia/certs/private/cakey.pem.

I am using this configuration under octavia.conf
[certificates]

ca_certificate = /etc/octavia/certs/ca_01.pem

ca_private_key = /etc/octavia/certs/private/cakey.pem

ca_private_key_passphrase = foobar

Anyone know this issue?
I am following Mr. Lingxian Kong blog in
https://lingxiankong.github.io/2016-06-07-octavia-deployment-prerequisites.html

Best Regards,
Zufar Dhiyaulhaq


On Wed, Dec 5, 2018 at 4:35 AM Lingxian Kong <anlin.kong at gmail.com> wrote:

> On Wed, Dec 5, 2018 at 6:27 AM Gaël THEROND <gael.therond at gmail.com>
> wrote:
>
>> You can do it with any routed network that you’ll load as a provider
>> network too.
>>
>> Way more simpler, no need for ovs manipulation, just get your network
>> team to give you a vlan both available from computer node and controller
>> plan. It can be a network subnet and vlan completely unknown from you
>> controller as long as you get an intermediary equipment that route your
>> traffic or that you add the proper route on your controllers.
>>
>
> Yeah, that's also how we did for our Octavia service in production thanks
> to our ops team.
>
> Cheers,
> Lingxian Kong
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20181205/62996fdd/attachment-0001.html>