Ask Your Question
0

Octavia - instance is not reachable via the lb-mgmt-net

asked 2019-01-16 14:54:54 -0500

esxzawq gravatar image

updated 2019-01-18 13:56:21 -0500

hi all

I have configured octavia , when I run the following command :

openstack loadbalancer create --project admin --vip-subnet-id provider --name test1

I see two errors in the worker.log file :

1- The amphora is unavailable. Reason: [SSL: BAD_SIGNATURE] bad signature (_ssl.c:579)

2- the compute driver failed to fully boot the instance inside the timeout interval or the instance is not reachable via the lb-mgmt-net

what should be the lb-mgmt-net !

shoud I put it's ID for the amp_boot_network_list's value , in octavia.conf!

should it's subnet be in the range of the provider network or could be optional ... !!!

I have attached all of my three networks ( provider : 192.168.1.0/24 - selfservice: 172.16.31.0/24 and

lb-mgmt-net: 192.168.100.0/24) to the routern

alos

for TLS I have created a folder somehwere named x and at the end copied the proper files's to the /etc/octavia/certs

and

/var/lib/octavia/certs : what should this folder have ?!!

edit retag flag offensive close merge delete

2 answers

Sort by ยป oldest newest most voted
0

answered 2019-01-23 09:31:43 -0500

johnsom gravatar image

Hi there,

From a configuration perspective, yes, the lb-mgmt-net ID goes into the amp_boot_netowrk_list configuration setting in the octavia.conf.

As for the TLS configuration, there is a guide that covers the only required configuration for this: https://docs.openstack.org/octavia/la...

The /var/lib/octavia/certs folder is inside the amphora instances and is fully managed by the controller processes. There is no manual configuration required there.

edit flag offensive delete link more

Comments

Thanks micheal.

In this link I have explained what is my configuration.

Please take a look to find out where is my problem

esxzawq gravatar imageesxzawq ( 2019-01-24 10:00:53 -0500 )edit

Yes, I have commented there. The network message is likely due to the SSL error since I is not able to successfully connect to the instance due to the SSL issue.

johnsom gravatar imagejohnsom ( 2019-04-03 19:49:56 -0500 )edit
0

answered 2019-03-13 21:44:24 -0500

wby1089 gravatar image

It is depends on your network environment.

If you have only one controller which has octavia-health-manager, the controller should reach to lb-mgmt-net.

Here is easy way to check connectivity: - create an instance in lb-mgmt-net (cirros would be ok) - ping to the instance from the controller - ssh to the instance from the controller

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2019-01-16 14:54:54 -0500

Seen: 85 times

Last updated: Mar 13