[Openstack-operators] Openstack-ansible and HAProxy
Matteo Gerola
mgerola at fbk.eu
Wed Oct 18 06:40:29 UTC 2017
Dear all,
Hope this is the right ML for this question, otherwise please let me know.
I have setup an openstack-ansible based infrastructure (pike) with 3 controllers and 8 computes. Everything works fine except when i configure a dedicated IP to be shared between the ctrls.
There are several bridges, but the one involved here are:
br-public (bridge toward internet)
I have one public ip for each ctrl (x.x.x.1, x.x.x.2, x.x.x.3) configured on each bridge
br-mgmt (default internal bridge for OS ansible setup)
I have one private ip for each ctrl (y.y.y.1, y.y.y.2, y.y.y.3) configured on each bridge
Then, I have configured the openstack-ansible files like:
/etc/openstack_deploy/openstack_user_config.yml
internal_lb_vip_address: y.y.y.1
I’m using the first ctrl ip for the internal network, but I’m not sure if it’s the right config
external_lb_vip_address: x.x.x.4
I’m using a free IP in the public network to be shared by the controllers
/etc/openstack_deploy/user_variables.yml
haproxy_keepalived_external_vip_cidr: "{{external_lb_vip_address}}/24”
Here do I have to put /32 (default) or /24 (mi CIDR)?
haproxy_keepalived_internal_vip_cidr: "{{internal_lb_vip_address}}/24”
Here do I have to put /32 (default) or /24 (mi CIDR)?
haproxy_keepalived_external_interface: br-public
haproxy_keepalived_internal_interface: br-mgmt
With netstat, I see HAProxy binding all the service ports in the ctrls, but I cannot ping (and access horizon or the other services) using the public ip x.x.x.4.
Any suggestion?
Thanks a lot,
Matteo
Matteo Gerola, Dott.
Research Engineer
--------------------------------------------------------
CREATE-NET Research Center
Fondazione Bruno Kessler (FBK)
via alla Cascata 56D
38123 Povo, Trento (Italy)
F: +39 0461 312425
e-mail: mgerola at fbk.eu <--- THIS HAS CHANGED!
www: http://create-net.fbk.eu
--------------------------------------------------------
The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited according to the Italian Law 196/2003 of the Legislature. If you received this in error, please contact the sender and delete the material from any computer.
Le informazioni contenute in questo messaggio di posta elettronica e nei file allegati sono da considerarsi strettamente riservate. Il loro utilizzo e' consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceveste questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla cancellazione del messaggio stesso dal Vostro sistema. Trattenere il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D. Lgs. 196/2003.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20171018/e2f2f603/attachment.html>
More information about the OpenStack-operators
mailing list