neutron error on second controller : Failed to bind port when create instance

asked 2018-04-05 07:42:22 -0500

vercetty92 gravatar image

updated 2018-04-05 07:45:33 -0500

Hi Folks,

I have a 2 nodes openstack cluster ( & Both nodes are controller and compute.

I use a pacemaker Virtual IP ( to access the dashboard. All the services are running in active/active mode.

when the fist node own the VIP, I got no problem to create an instance. But when I move the VIP to the second controller, I can't create a new instance (no matter if I create it on the first node or the second node with --availability-zone.

I always have this error in neutron/server.log on the second controller:

ERROR neutron.plugins.ml2.managers [req-2f4a2cf5-7db8-416c-ae32-f6f3f558b898 6b2908509afa46b7bdd2706a6b30bbd6 e98b83da4c184979ba862611360ec45d - default default] Failed to bind port 0de77f5c-3bb1-439b-984e-981736968328 on host openstack-2 for vnic_type normal using segments [{'network_id': '8a70bed4-8a5b-41eb-a2bc-cff61d9836a9', 'segmentation_id': None, 'physical_network': u'provider', 'id': 'b22b146c-7402-46a2-a3b2-9443173808b6', 'network_type': u'flat'}]

I use network option 1, here are the changes I have applied in neutron.conf:

core_plugin = ml2
service_plugins =
transport_url = rabbit://openstack:xxxx@,openstack:xxxx@
auth_strategy = keystone
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true
dhcp_agents_per_network = 2
connection = mysql+pymysql://neutron:xxxx@
auth_uri =
auth_url =
memcached_servers =,
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = xxxxx [nova]
auth_url =
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = xxxx
lock_path = /var/lib/neutron/tmp

changes done on /etc/neutron/plugins/ml2/ml2_conf.ini:

type_drivers = flat,vlan
tenant_network_types =
mechanism_drivers = linuxbridge
extension_drivers = port_security
flat_networks = provider
enable_ipset = true

changes done on /etc/neutron/plugins/ml2/linuxbridge_agent.ini:

physical_interface_mappings = provider:bond0
enable_vxlan = false
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

changes done on /etc/neutron/dhcp_agent.ini:

interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true

changes done on /etc/neutron/metadata_agent.ini:

nova_metadata_host =
metadata_proxy_shared_secret = xxxx

The symlink /etc/neutron/plugin.ini have been created, net.bridge.bridge-nf-call-iptables and net.bridge.bridge-nf-call-ip6tables are set to "1", and b-netfilter module is loaded on both controllers.

this command have been done on each controllers:

su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

Network have been created like that:

openstack network create --share --external --provider-physical-network provider --provider-network-type flat provider

subnet have been created like that:

openstack subnet create --network provider --allocation-pool start=,end= --dns-nameserver --gateway --subnet-range provider

did I missed something?

Thx a lot in advance

answered 2018-04-06 04:55:32 -0500

Rupesh Chowdary gravatar image

Check the l3_agent.log log file once and capture the infor while you creating the instance.

Hi, I don't have any l3 service or log running. l3_agent is not only present when we use network option 2? thx

vercetty92 gravatar imagevercetty92 ( 2018-04-06 08:10:35 -0500 )edit

answered 2018-04-12 14:18:26 -0500

Can you please run crm_mon -1 or crm_mon -2 to see more details? Also, neutron agent-list might help us.

