[Openstack] [openstack-dev] Havana neutron security groups config issue

Leandro Reox leandro.reox at gmail.com
Fri Oct 18 19:28:47 UTC 2013


Yes it is, but i found that is not reading the parameter from the nova.conf
, i forced on the code on /network/manager.py and took the argument finally
but stacks cause says that the neutron_url and if i fix it it stacks on the
next neutron parameter like timeout :

File "/usr/local/lib/python2.7/dist-packages/oslo/config/cfg.py", line
1648, in __getattr__
2013-10-18 15:21:04.397 30931 TRACE nova.api.openstack     raise
NoSuchOptError(name)
2013-10-18 15:21:04.397 30931 TRACE nova.api.openstack NoSuchOptError: no
such option: neutron_url

and then

File "/usr/local/lib/python2.7/dist-packages/oslo/config/cfg.py", line
1648, in __getattr__
2013-10-18 15:25:20.811 31305 TRACE nova.api.openstack     raise
NoSuchOptError(name)
2013-10-18 15:25:20.811 31305 TRACE nova.api.openstack NoSuchOptError: no
such option: neutron_url_timeout

Its really weird, like its not reading the nova.conf neutron parameter at
all ...

If i hardcode all the settings on the neutronv2/init.py .. at least it
works, and bring all the secgroup details from netruon



On Fri, Oct 18, 2013 at 3:48 PM, Aaron Rosen <arosen at nicira.com> wrote:

> Hi Leandro,
>
>
> I don't believe the setting of:  security_group_api=neutron in nova.conf
> actually doesn't matter at all on the compute nodes (still good to set it
> though). But it matters on the nova-api node. can you confirm that your
> nova-api node has: security_group_api=neutron in it's nova.conf?
>
> Thanks,
>
> Aaron
>
>
> On Fri, Oct 18, 2013 at 10:32 AM, Leandro Reox <leandro.reox at gmail.com>wrote:
>
>> Dear all,
>>
>> Im struggling with centralized sec groups on nova, were using OVS, it
>> seems like no matter what flag i change on nova conf, the node still
>> searchs the segroups on nova region local db
>>
>> We added :
>>
>>
>> [compute node]
>>
>> *nova.conf*
>>
>> firewall_driver=neutron.agent.firewall.NoopFirewallDriver
>> security_group_api=neutron
>>
>>
>> *ovs_neutron_plugin.ini*
>>
>> [securitygroup]
>> firewall_driver =
>> neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
>>
>>
>> Restarted the agent, nova-compute services ... still the same, are we
>> missing something ?
>>
>> NOTE: we're using dockerIO as virt system
>>
>> Best
>> Leitan
>>
>> _______________________________________________
>> OpenStack-dev mailing list
>> OpenStack-dev at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>
>>
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20131018/8377f27c/attachment.html>


More information about the Openstack mailing list