Ask Your Question
0

Software Deployment in Heat: Problem with os-collect-config

asked 2017-02-02 14:13:13 -0600

nrado gravatar image

updated 2017-02-03 09:15:08 -0600

mathias gravatar image

Hi all,

For the purpose of testing SoftwareConfig and SoftwareDeployments with Heat I started to build a custom Xenial image with Diskimage-builder. I followed this guide https://ask.openstack.org/en/question... (https://ask.openstack.org/en/question...) and ran disk-image-create like this:

diskimage-builder/bin/disk-image-create vm ubuntu os-collect-config os-refresh-config os-apply-config heat-config heat-config-script package-installs -t raw -o ubuntu-software-config.raw

When I tried to deploy my Heat stack applying software deployments, the deployment resources are stuck in "Create In Progress" state. I suppose that the stack is waiting for a signal via the Heat API notifying the service of success and this is not happening here.

This is the stack I test with: https://gist.github.com/mewald1/be31e...

I looked into the deployed machine and found out that the AUTH_URL in the [heat] section of os-collect-config.conf points to the internal URL of my Keystone service:

[DEFAULT]
command = os-refresh-config
collectors = ec2
collectors = heat
collectors = local

[heat]
auth_url = http://10.10.30.100:5000/v3/
user_id = a10a8bb5d98c49758ef672be40e37a60
password = e8624d4cd01748d599183eb7432c9c22
project_id = 24194fcc24264fcd8c2885093bdca553
stack_id = deploy-test/5423fe82-6457-4823-a958-259467efa3a5
resource_name = node

The address of 10.10.30.100 cannot be reached from an instance by design.

I want to understand two things:

  1. How does the auth_url get into the instance?
  2. Assuming it gets there by being injected by Heat in some way, how can I configure Heat to set the public URL?
edit retag flag offensive close merge delete

Comments

Added more information to initial post.

mathias gravatar imagemathias ( 2017-02-03 08:03:29 -0600 )edit

I want to share our heat.conf: https://gist.github.com/mewald1/3554d... I believe the clients_* sections might have to do with it but I struggle to find any documentation on that.

mathias gravatar imagemathias ( 2017-02-03 12:33:28 -0600 )edit
add a comment

2 answers

Sort by ยป oldest newest most voted
2

answered 2017-02-11 09:21:35 -0600

doka.ua gravatar image

updated 2017-02-11 14:50:22 -0600

Hi NRado,

"auth_url" comes from auth_uri variable in [clients_keystone] section of heat.conf, in my case it looks in the way:

auth_uri = http://lagavulin.domain.my:35357

Heat's "Software Deployment" configs are available from endpoints list (public one):

doka@lagavulin:~$ openstack endpoint list |grep heat
||| heat-cfn| cloudformation | | admin     | http://controller:8000/v1
||| heat    | orchestration  | | internal  | http://controller:8004/v1/%(tenant_id)s
||| heat-cfn| cloudformation | | internal  | http://controller:8000/v1
||| heat    | orchestration  | | admin     | http://controller:8004/v1/%(tenant_id)s
||| heat-cfn| cloudformation | | public    | http://lagavulin.domain.my:8000/v1
||| heat| orchestration  | | public    | http://lagavulin.domain.my:8004/v1/%(tenant_id)s

So, check your auth_uri@heat.conf variable and endpoints whether they contain accessible from your VM hostnames in URLs to make it possible to work Heat's software configuration.

Hope this'll help.

edit flag offensive delete link more

Comments

Hi Volodymyr,

I wanted to correct your first answer, but you beat me to it. I checked the code of os-collect-config (keystone.py) and came to the same conclusion as you. Indeed, it is the auth_uri from the clients_keystone section. Thanks anyway!

nrado gravatar imagenrado ( 2017-02-11 15:31:06 -0600 )edit

Hi NRado, thanks :)

doka.ua gravatar imagedoka.ua ( 2017-02-12 15:06:00 -0600 )edit
add a comment
0

answered 2017-02-03 10:55:02 -0600

zaneb gravatar image

It looks like it uses the auth_url of the token that you pass to Heat when you create the stack. So if you're using the InternalURL in your local credentials when you connect to Heat, try using the PublicURL instead.

edit flag offensive delete link more

Comments

Thanks for you answer. I checked my rc file. OS_AUTH_URL points to the public URL of Keystone. I also ran "openstack stack create" with "--debug" and checked all curl commands. They all point to the public URL.

mathias gravatar imagemathias ( 2017-02-03 12:10:57 -0600 )edit

Hmm, I'm not sure where it's coming from then :(

zaneb gravatar imagezaneb ( 2017-02-03 13:58:53 -0600 )edit
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2017-02-02 14:13:13 -0600

Seen: 1,045 times

Last updated: Feb 11 '17

Related questions

Maximum Heat Stack Create Requests

Sahara Launch vanilla_hadoop_2.7.1 cluster is failed

TripleO: Error in baremetal installation (permission denied) [closed]

HEAT template support for disabling port security with providernet

How fault tolerance is addressed in Openstack

Return VM to the initial state using HEAT

Heat-api startup Error

Autoscaling with Heat and Ceilometer

HEAT HOT parameter can be optional?

Heat SoftwareDeployment resource and timing out