Ask Your Question
0

Software Deployment in Heat: Problem with os-collect-config

asked 2017-02-02 14:13:13 -0500

nrado gravatar image

updated 2017-02-03 09:15:08 -0500

mathias gravatar image

Hi all,

For the purpose of testing SoftwareConfig and SoftwareDeployments with Heat I started to build a custom Xenial image with Diskimage-builder. I followed this guide https://ask.openstack.org/en/question... (https://ask.openstack.org/en/question...) and ran disk-image-create like this:

diskimage-builder/bin/disk-image-create vm ubuntu os-collect-config os-refresh-config os-apply-config heat-config heat-config-script package-installs -t raw -o ubuntu-software-config.raw

When I tried to deploy my Heat stack applying software deployments, the deployment resources are stuck in "Create In Progress" state. I suppose that the stack is waiting for a signal via the Heat API notifying the service of success and this is not happening here.

This is the stack I test with: https://gist.github.com/mewald1/be31e...

I looked into the deployed machine and found out that the AUTH_URL in the [heat] section of os-collect-config.conf points to the internal URL of my Keystone service:

[DEFAULT]
command = os-refresh-config
collectors = ec2
collectors = heat
collectors = local

[heat]
auth_url = http://10.10.30.100:5000/v3/
user_id = a10a8bb5d98c49758ef672be40e37a60
password = e8624d4cd01748d599183eb7432c9c22
project_id = 24194fcc24264fcd8c2885093bdca553
stack_id = deploy-test/5423fe82-6457-4823-a958-259467efa3a5
resource_name = node

The address of 10.10.30.100 cannot be reached from an instance by design.

I want to understand two things:

  1. How does the auth_url get into the instance?
  2. Assuming it gets there by being injected by Heat in some way, how can I configure Heat to set the public URL?
edit retag flag offensive close merge delete

Comments

Added more information to initial post.

mathias gravatar imagemathias ( 2017-02-03 08:03:29 -0500 )edit

I want to share our heat.conf: https://gist.github.com/mewald1/3554d... I believe the clients_* sections might have to do with it but I struggle to find any documentation on that.

mathias gravatar imagemathias ( 2017-02-03 12:33:28 -0500 )edit
add a comment

3 answers

Sort by ยป oldest newest most voted
2

answered 2017-02-11 09:21:35 -0500

doka.ua gravatar image

updated 2017-02-11 14:50:22 -0500

Hi NRado,

"auth_url" comes from auth_uri variable in [clients_keystone] section of heat.conf, in my case it looks in the way:

auth_uri = http://lagavulin.domain.my:35357

Heat's "Software Deployment" configs are available from endpoints list (public one):

doka@lagavulin:~$ openstack endpoint list |grep heat
||| heat-cfn| cloudformation | | admin     | http://controller:8000/v1
||| heat    | orchestration  | | internal  | http://controller:8004/v1/%(tenant_id)s
||| heat-cfn| cloudformation | | internal  | http://controller:8000/v1
||| heat    | orchestration  | | admin     | http://controller:8004/v1/%(tenant_id)s
||| heat-cfn| cloudformation | | public    | http://lagavulin.domain.my:8000/v1
||| heat| orchestration  | | public    | http://lagavulin.domain.my:8004/v1/%(tenant_id)s

So, check your auth_uri@heat.conf variable and endpoints whether they contain accessible from your VM hostnames in URLs to make it possible to work Heat's software configuration.

Hope this'll help.

edit flag offensive delete link more

Comments

Hi Volodymyr,

I wanted to correct your first answer, but you beat me to it. I checked the code of os-collect-config (keystone.py) and came to the same conclusion as you. Indeed, it is the auth_uri from the clients_keystone section. Thanks anyway!

nrado gravatar imagenrado ( 2017-02-11 15:31:06 -0500 )edit

Hi NRado, thanks :)

doka.ua gravatar imagedoka.ua ( 2017-02-12 15:06:00 -0500 )edit
add a comment
0

answered 2019-03-22 07:56:48 -0500

Ange gravatar image

HI all do you have a clear solution to this problem? we have queens?

Tnks

edit flag offensive delete link more
add a comment
0

answered 2017-02-03 10:55:02 -0500

zaneb gravatar image

It looks like it uses the auth_url of the token that you pass to Heat when you create the stack. So if you're using the InternalURL in your local credentials when you connect to Heat, try using the PublicURL instead.

edit flag offensive delete link more

Comments

Thanks for you answer. I checked my rc file. OS_AUTH_URL points to the public URL of Keystone. I also ran "openstack stack create" with "--debug" and checked all curl commands. They all point to the public URL.

mathias gravatar imagemathias ( 2017-02-03 12:10:57 -0500 )edit

Hmm, I'm not sure where it's coming from then :(

zaneb gravatar imagezaneb ( 2017-02-03 13:58:53 -0500 )edit

HI all do you have a clear solution to this problem? we have queens. I don't undstu this post .

Ange gravatar imageAnge ( 2019-03-22 08:02:50 -0500 )edit
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2017-02-02 14:13:13 -0500

Seen: 1,405 times

Last updated: Feb 11 '17

Related questions

Debugging Heat Installation

Hi Guys? I want to know if is it possible attach and detach instances from a Heat AutoscalingGroup or ResourceGroup, an example of that in AWS [closed]

Robustly determine updated_time or time format

rename a heat stack

Include user data in stack creation over API

Remote error: CircularDependencyException heat

OS::Heat::Stack The template is not a JSON object or YAML mapping

Instance Name needs to be passed from template properties

HEAT Trigger with project creation

orchestration service heat command not found [Havana]