Ask Your Question
0

How to make sure Heat creates router before floating ip association?

asked 2019-04-01 19:33:03 -0500

dlbewley gravatar image

How can I ensure the OS::Neutron::Router and OS::Neutron::RouterInterface resources are created before the OS::Neutron::FloatingIPAssociation resource in my stack?

Most times when I create this stack, I run into the following error. This indicates to me that the assocation is being made before the router has been (fully?) provisioned.

Clearly the router has an interface on the subnet 7e31 and the external network 9762. In fact, I can make the association by hand after the stack create fails.

$ openstack stack failures list ceph-test
ceph-test.floating_ip_assoc:
  resource_type: OS::Neutron::FloatingIPAssociation
  physical_resource_id:
  status: CREATE_FAILED
  status_reason: |
    NotFound: resources.floating_ip_assoc: External network 9762bfe2-443e-496f-ad92-3a650f4939f4 is not reachable from subnet 7e31c131-ca04-4b39-85ff-55c8f29d599f.  Therefore, cannot associate Port 06f02924-d398-484a-a5c5-7b4f5c56ab2f with a Floating IP.
    Neutron server returns request_ids: ['req-ba89d2e8-b15b-41b3-be6a-62a027195436']

$ openstack router show ceph-test-internal_router-ozwaclszqvgw -c external_gateway_info -c interfaces_info -f yaml
external_gateway_info: '{"network_id": "9762bfe2-443e-496f-ad92-3a650f4939f4", "enable_snat":
  true, "external_fixed_ips": [{"subnet_id": "0e81c736-a670-44ba-a026-d8df6fddae38",
  "ip_address": "10.37.179.14"}]}'
interfaces_info: '[{"port_id": "3e8aec07-de10-474a-9332-22e16b1c2e52", "ip_address":
  "192.168.1.1", "subnet_id": "7e31c131-ca04-4b39-85ff-55c8f29d599f"}]'

$ openstack stack resource list ceph-test
+------------------------+-------------------------------------------------------------------------------------+------------------------------------+-----------------+----------------------+
| resource_name          | physical_resource_id                                                                | resource_type                      | resource_status | updated_time         |
+------------------------+-------------------------------------------------------------------------------------+------------------------------------+-----------------+----------------------+
| server_init            | 32abadf5-bb34-45bc-97b8-d8ecf19a370f                                                | OS::Heat::MultipartMime            | CREATE_COMPLETE | 2019-04-02T00:06:29Z |
| new_net                | 5cf51a37-636d-4876-be1d-81323468ca6e                                                | OS::Neutron::Net                   | CREATE_COMPLETE | 2019-04-02T00:06:29Z |
| volume_provisioner     | d11a1979-0ed9-4694-8871-a4b8669a568c                                                | OS::Heat::SoftwareConfig           | CREATE_COMPLETE | 2019-04-02T00:06:29Z |
| resolv_conf            | b0ba5bb9-7e2f-41d5-874a-4535e6a440a5                                                | OS::Heat::CloudConfig              | CREATE_COMPLETE | 2019-04-02T00:06:29Z |
| internal_interface     | 4aa28b58-4768-4cc1-b8af-d767b0ef7c06:subnet_id=7e31c131-ca04-4b39-85ff-55c8f29d599f | OS::Neutron::RouterInterface       | CREATE_COMPLETE | 2019-04-02T00:06:29Z |
| floating_ip            | 73f35c25-1c6a-4c9d-8cf2-f7cdc1bb283e                                                | OS::Neutron::FloatingIP            | CREATE_COMPLETE | 2019-04-02T00:06:29Z |
| floating_ip_assoc      |                                                                                     | OS::Neutron::FloatingIPAssociation | CREATE_FAILED   | 2019-04-02T00:06:29Z |
| instance               | 17f04c07-60b6-4525-bb56-7457e37a1e58                                                | OS::Nova::Server                   | CREATE_COMPLETE | 2019-04-02T00:06:29Z |
| new_subnet             | 7e31c131-ca04-4b39-85ff-55c8f29d599f                                                | OS::Neutron::Subnet                | CREATE_COMPLETE | 2019-04-02T00:06:29Z |
| internal_router        | 4aa28b58-4768-4cc1-b8af-d767b0ef7c06                                                | OS::Neutron::Router                | CREATE_COMPLETE | 2019-04-02T00:06:29Z |
| data_volume_attachment |                                                                                     | OS::Cinder::VolumeAttachment       | INIT_COMPLETE   | 2019-04-02T00:06:29Z |
| security_group         | e2e02382-edeb-4e3c-bf7a-0629348127c9                                                | OS::Neutron::SecurityGroup         | CREATE_COMPLETE | 2019-04-02T00:06:29Z |
| playbook_runner        | 338ba07e-c059-4be0-9366-5c22068dc175                                                | OS::Heat::SoftwareConfig           | CREATE_COMPLETE | 2019-04-02T00:06:29Z |
| port                   | 06f02924-d398-484a-a5c5-7b4f5c56ab2f                                                | OS::Neutron::Port                  | CREATE_COMPLETE | 2019-04-02T00:06:29Z |
| data_volume            | 0be35af5-8003-4740-8845-c1a2b3fc35e2                                                | OS::Cinder::Volume                 | CREATE_COMPLETE | 2019-04-02T00:06:29Z |
+------------------------+-------------------------------------------------------------------------------------+------------------------------------+-----------------+----------------------+
edit retag flag offensive close merge delete

Comments

I discovered a couple things. Most importantly, I had some cruft in my template that was leading to ambiguous private network selection.

Also, I can avoid using an FloatingIPAssociation and just supply the port as a parameter to the FloatingIP resource.

dlbewley gravatar imagedlbewley ( 2019-04-01 22:59:25 -0500 )edit

1 answer

Sort by ยป oldest newest most voted
0

answered 2019-04-02 14:57:11 -0500

dlbewley gravatar image

Resource dependencies can be created using depends_on. https://docs.openstack.org/heat/queens/template_guide/hot_spec.html#hot-spec-resources-dependencies (Doc).

By causing the floating IP to depend on the router's internal interface, the resources will be created in appropriate order.

Example:

resources:
  private_network_r:
    type: OS::Neutron::Net
    properties:
      name: { get_param: private_network }

  private_subnet_r:
    type: OS::Neutron::Subnet
    properties:
      name: {get_param: private_network }
      network_id: { get_resource: private_network_r }
      cidr: { get_param: subnet_cidr }
      dns_nameservers: [ "1.1.1.1" ]
      ip_version: 4

  internal_router:
    type: OS::Neutron::Router
    properties:
      external_gateway_info:
        network: { get_param: public_network }

  server_port:
    type: OS::Neutron::Port
    properties:
      network: { get_resource: private_network_r }
      security_groups: ["default", { get_resource: security_group } ]

  floating_ip:
    type: OS::Neutron::FloatingIP
    depends_on:
      - internal_interface
    properties:
      floating_network: { get_param: public_network }
      port_id: { get_resource: server_port }
edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2019-04-01 19:33:03 -0500

Seen: 50 times

Last updated: Apr 02