[Openstack] Need help on neutron network device!!
Narasimhan, Vivekanandan
vivekanandan.narasimhan at hp.com
Mon Apr 28 20:32:07 UTC 2014
Hi Sateesh/Koteswar,
I believe move from PENDING_STATE to active will happen only if atleast one router is created PLUS an interface is
added to that router.
Because only then the Firewall rules gets applied to that router interface (or namespace on the agent) and state of
that firewall will go to ACTIVE.
Please feel free to correct me, if am wrong.
--
Thanks,
Vivek
From: Sateesh Kolagani Kumar [mailto:Sateesh_Kumar at mindtree.com]
Sent: Thursday, April 03, 2014 12:56 AM
To: Kelam, Koteswara Rao; openstack at lists.openstack.org
Subject: Re: [Openstack] Need help on neutron network device!!
Hi,
Yes, done the same changes, need to look at logs why its showing as pending state.
BTW, I am using Havana ..
Thanks and Regards,
Sateesh Kolagani
Technical Architect, IMTS Consulting
Global village, RVCE post, Mysore road
Bangalore - 560 059, India
O +91 33957782
M + 91 9620224522
E sateesh_kumar at mindtree.com<mailto:sateesh_kumar at mindtree.com>
cid:image001.png at 01CF1E71.E9C08600
Planned vacation: Apr23rd-Apr25th
From: Kelam, Koteswara Rao [mailto:koteswara.kelam at hp.com]
Sent: Thursday, April 3, 2014 1:20 PM
To: Sateesh Kolagani Kumar; openstack at lists.openstack.org
Subject: RE: Need help on neutron network device!!
Hi Sateesh,
I read your previous mail but I want to clearly say that modify neutron.conf in controller and network nodes and restart neutron-server and neutron-l3-agent respectively.
When you create a firewall, it will be in PENDING_STATE initially but later moves to ACTIVE. In b/w I am using icehouse-2. If you are still facing the issue, check the neutron log files for any errors.
sdn at koteswar-ice-osc:~$ neutron firewall-create test_policy
Created a new firewall:
+--------------------+--------------------------------------+
| Field | Value |
+--------------------+--------------------------------------+
| admin_state_up | True |
| description | |
| firewall_policy_id | 94f03168-964c-46f3-85b5-297bc1428a98 |
| id | 0ad8224e-35af-4c71-bbf9-6afab29381f8 |
| name | |
| status | PENDING_CREATE |
| tenant_id | 2e3b38da3a8c41ba8feb3973ea88fae2 |
+--------------------+--------------------------------------+
sdn at koteswar-ice-osc:~$ neutron firewall-show 0ad8224e-35af-4c71-bbf9-6afab29381f8
+--------------------+--------------------------------------+
| Field | Value |
+--------------------+--------------------------------------+
| admin_state_up | True |
| description | |
| firewall_policy_id | 94f03168-964c-46f3-85b5-297bc1428a98 |
| id | 0ad8224e-35af-4c71-bbf9-6afab29381f8 |
| name | |
| status | ACTIVE |<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<Moved to ACTIVE state
| tenant_id | 2e3b38da3a8c41ba8feb3973ea88fae2 |
+--------------------+--------------------------------------+
Regards,
Koteswar
From: Sateesh Kolagani Kumar [mailto:Sateesh_Kumar at mindtree.com]
Sent: Thursday, April 03, 2014 12:56 PM
To: Kelam, Koteswara Rao; openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
Subject: RE: Need help on neutron network device!!
Kotesh,
Thanks for the response, if you look at my trail mail, done the same but its not working showing as PENDING_CREATE tried to create through dashboard as well CMD still issue persists.
Router also presented.
Thanks and Regards,
Sateesh Kolagani
From: Kelam, Koteswara Rao [mailto:koteswara.kelam at hp.com]
Sent: Thursday, April 3, 2014 12:47 PM
To: Sateesh Kolagani Kumar; openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
Subject: RE: Need help on neutron network device!!
* In the controller node, add the following line in neutron.conf and restart the neutron-server:
service_plugins = neutron.services.firewall.fwaas_plugin.FirewallPlugin
* In the network node, neutron.conf, add the following and restart the neutron-l3-agent:
[fwaas]
driver = neutron.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver
enabled = True
This worked for me.
Regards,
Koteswar
From: Sateesh Kolagani Kumar [mailto:Sateesh_Kumar at mindtree.com]
Sent: Saturday, March 29, 2014 11:23 AM
To: openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
Subject: [Openstack] Need help on neutron network device!!
Hi,
I have enabled firewall in neutron.conf at controller (where neutron server installed) and Neutron node(where agents are installed)..after I create a firewall in dashboard its showing as PENDING_CREATE State not showing as active, all basic networking is working fine (used GRE tunnel). The changes made in Controller and neutron node..
Controller:
service_plugins = neutron.services.firewall.fwaas_plugin.FirewallPlugin
Neutron Node:
[fwaas]
driver = neutron.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver
enabled = True
Is anything I am issuing here please suggest me.
Thanks and Regards,
Sateesh Kolagani
_____
http://www.mindtree.com/email/disclaimer.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140428/e4a5374e/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 13021 bytes
Desc: image001.png
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20140428/e4a5374e/attachment.png>
More information about the Openstack
mailing list