Tacker openwrt driver not working in kolla pike

asked 2018-04-16 02:40:15 -0600

Alexey Elokhov gravatar image

updated 2018-04-16 02:41:33 -0600

Hello!

I'm trying to launch VNF using tacker in Kolla (ansible) Pike version.

I was able to deploy cirros image with noop driver as in example, but when I tried to launch VNF with openwrt driver, I received an error that tacker can't communicate with instance (ssh timeout).

As I understand, there is no network connectivity between tacker-server container and VNF.

Here is the debug log from tacker-server:

2018-04-16 00:35:58.507 37 DEBUG tacker.vnfm.infra_drivers.openstack.openstack [req-f0f4f128-ef06-427e-959d-93ab55e4bc93 51201dd3725e4ad5b1c82b80a60b56b9 0c6bf7040b304b499e1dd78d80a63bd7 - - -] yaml orig  update vdus:
  VDU1:
    config: {firewall: "package firewall\n\nconfig rule\n    option name 'Web'\n \
        \   option src 'wan'\n    option proto 'tcp'\n    option dest_port '80'\n\
        \    option target 'ACCEPT'\n    option family 'ipv4'\n"}
 update /var/lib/kolla/venv/local/lib/python2.7/site-packages/tacker/vnfm/infra_drivers/openstack/openstack.py:201
2018-04-16 00:35:58.510 37 DEBUG tacker.vnfm.infra_drivers.openstack.openstack [req-f0f4f128-ef06-427e-959d-93ab55e4bc93 51201dd3725e4ad5b1c82b80a60b56b9 0c6bf7040b304b499e1dd78d80a63bd7 - - -] dict orig {} update {'vdus': {'VDU1': {'config': {'firewall': "package firewall\n\nconfig rule\n    option name 'Web'\n
option src 'wan'\n    option proto 'tcp'\n    option dest_port '80'\n    option target 'ACCEPT'\n    option family 'ipv4'\n"}}}} update /var/lib/kolla/venv/local/lib/python2.7/site-packages/tacker/vnfm/infra_drivers/openstack/openstack.py:214
2018-04-16 00:35:58.511 37 DEBUG tacker.vnfm.infra_drivers.openstack.openstack [req-f0f4f128-ef06-427e-959d-93ab55e4bc93 51201dd3725e4ad5b1c82b80a60b56b9 0c6bf7040b304b499e1dd78d80a63bd7 - - -] dict new {'vdus': {'VDU1': {'config': {'firewall': "package firewall\n\nconfig rule\n    option name 'Web'\n    option src
'wan'\n    option proto 'tcp'\n    option dest_port '80'\n    option target 'ACCEPT'\n    option family 'ipv4'\n"}}}} update {'vdus': {'VDU1': {'config': {'firewall': "package firewall\n\nconfig rule\n    option name 'Web'\n    option src 'wan'\n    option proto 'tcp'\n    option dest_port '80'\n    option target 'A
CCEPT'\n    option family 'ipv4'\n"}}}} update /var/lib/kolla/venv/local/lib/python2.7/site-packages/tacker/vnfm/infra_drivers/openstack/openstack.py:217
2018-04-16 00:35:58.515 37 INFO tacker.wsgi [req-f0f4f128-ef06-427e-959d-93ab55e4bc93 51201dd3725e4ad5b1c82b80a60b56b9 0c6bf7040b304b499e1dd78d80a63bd7 - - -] 10.10.70.3 - - [16/Apr/2018 00:35:58] "PUT /v1.0/vnfs/9521863d-90e2-48d1-8c74-ad08af4b7bdd.json HTTP/1.1" 200 2005 1.005671
2018-04-16 00:35:58.516 37 DEBUG tacker.common.log [-] tacker.vnfm.infra_drivers.openstack.openstack.OpenStack method update_wait called with arguments () {'plugin': <tacker.vnfm.plugin.vnfmplugin object="" at="" 0x7f5f498eee50="">, 'vnf_id': u'1a338c4e-5006-466a-b051-3b817a2fa21a', 'region_name': None, 'context': <tacker.co ntext.context="" object="" at="" 0x7f5f48450550="">, 'auth_attr': {u'username': u'admin', 'password': '***', u'project_name': u'admin', u'user_domain_name': u'Default', u'auth_url': u'http://10.10.70.3:35357/v3', u'project_id': None, u'project_domain_name': u'Default'}} wrapper /var/lib/kolla/venv/local/lib/python2.7/site-packa
ges/tacker/common/log.py:34
2018-04-16 00:35:59.140 37 DEBUG tacker.common.log [-] tacker.vnfm.mgmt_drivers.openwrt.openwrt.DeviceMgmtOpenWRT method mgmt_call called with arguments () {'vnf': {'status': 'PENDING_UPDATE', 'created_at': datetime.datetime(2018, 4, 16, 7, 33, 52), 'description': u'OpenWRT with services', 'vnfd': {'template_source'
: u'onboarded', 'service_types': [u'vnfd'], 'description': u'OpenWRT with services', 'tenant_id': u'0c6bf7040b304b499e1dd78d80a63bd7', 'created_at': datetime.datetime(2018, 4, 16, 7, 27, 23), 'updated_at': None ...
(more)
edit retag flag offensive close merge delete

Comments

Does your net_mgmt network allows ssh and icmp to instances, is public or private? If private tacker-server doesnt have connectivity to instances unless you apply some network rules/packet flows to the controller nodes

Eduardo Gonzalez gravatar imageEduardo Gonzalez ( 2018-04-16 04:48:24 -0600 )edit

It is a private network with icmp and ssh allowed. Can you please give me an idea how I can make connectivity between tacker-server container and that network?

Alexey Elokhov gravatar imageAlexey Elokhov ( 2018-04-16 05:51:29 -0600 )edit