ignaziocassano at gmail.com
Sat Mar 7 20:45:52 UTC 2020
Slawek, forgive me if I take advantage of your patience.
Before rebooting nodes, I modified nodes and controllers with security
groups logs, modifying neutron.conf, ml2 and openvswitch agents, moving
from iptables_hybrid to openvswitch firewall etc etc.....
I only restarted neutron components and before rebooting nodes and
controllers, I saw security groups logs and I was able to migrate instances.
Why after rebooting not ?
And, please, what about “multiple port bindings” ?
Il giorno sab 7 mar 2020 alle ore 19:02 Slawek Kaplonski <
skaplons at redhat.com> ha scritto:
> > On 7 Mar 2020, at 18:45, Ignazio Cassano <ignaziocassano at gmail.com>
> > Hello, I have queens installation based on centos7.
> > Before implementing security groups logs, I had the following
> configuration in
> > /etc/neutron/plugins/ml2/openvswitch_agent.ini:
> > firewall_driver = iptables_hybrid
> > Enabling security groups log I had to change it in :
> > firewall_driver = openvswitch
> > It seems to work end security logs are logged .
> > After restarting kvm nodes and controllers, virtual machines do not live
> > The firewall driver change could be the cause of my problem ?
> Yes, In queens there wasn’t yet migration between various firewall drivers
> so that can be an issue. It should works fine since Rocky release with
> “multiple port bindings” feature.
> > firewall_driver = openvswitch is mandatory for security groups log ?
> Yes, logging isn’t supported by iptables_hybrid driver.
> > Please, any help ?
> > I cannot reproduce the problem rebooting all my nodes.
> > I rebooted them because I hat to transfer from a rack to another.
> > Ignazio
> Slawek Kaplonski
> Senior software engineer
> Red Hat
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openstack-discuss