Ask Your Question

Devstack / Quantum / Security Groups

asked 2013-04-02 10:03:03 -0500

Hello All,

I try to get Devstack / Quantum with NEC plugin working.

Currently I can create networks and the NEC PFC creates them on its side.

When I try to go launch an instance from Horizon I get an error "Error: An error occurred. Please try again" !

I found somewhere in the logs that there is a trouble with the security groups.

If I issue the nova secgroup-list command line I get : ERROR: The server has either erred or is incapable of performing the requested operation. (HTTP 500) (Request-ID: req-28840a89-f1d6-49de-a030-d95716234838)

Then If I try the quantum command line : quantum -v security-group-list I get : DEBUG: quantumclient.quantum.v2_0.securitygroup.ListSecurityGroup get_data(Namespace(columns=[], fields=[], formatter='table', page_size=None, quote_mode='nonnumeric', request_format='json', show_details=False, sort_dir=[], sort_key=[])) DEBUG: quantumclient.client REQ: curl -i -X POST -H "Content-Type: application/json" -H "Accept: application/json" -H "User-Agent: python-quantumclient" -d '{"auth": {"tenantName": "demo", "passwordCredentials": {"username": "admin", "password": "nw4cloud"}}}'

DEBUG: quantumclient.client RESP:{'date': 'Tue, 02 Apr 2013 09:57:39 GMT', 'vary': 'X-Auth-Token', 'content-length': '6538', 'status': '200', 'content-type': 'application/json'} {"access": {"token": {"issued_at": "2013-04-02T09:57:39.367054", "expires": "2013-04-03T09:57:39Z", "id": "MIILew ... cut to reduce the output length... mvgow", "tenant": {"description": null, "enabled": true, "id": "2e3091c87bbd46f7801bcdc0f73b7a00", "name": "demo"}}, "serviceCatalog": [{"endpoints": [{"adminURL": "", "region": "RegionOne", "internalURL": "", "id": "b50eb0bdadca4a2eae45121c3d9658f8", "publicURL": ""}], "endpoints_links": [], "type": "compute", "name": "nova"}, {"endpoints": [{"adminURL": "", "region": "RegionOne", "internalURL": "", "id": "00c2a1ef75944c3395fb2bea53a3bb66", "publicURL": ""}], "endpoints_links": [], "type": "network", "name": "quantum"}, {"endpoints": [{"adminURL": "", "region": "RegionOne", "internalURL": "", "id": "4e8e3d773b424651bf877d279867d4c1", "publicURL": ""}], "endpoints_links": [], "type": "s3", "name": "s3"}, {"endpoints": [{"adminURL": "", "region": "RegionOne", "internalURL": "", "id": "4cbb5a011d7e4569a4cb7e9a980af108", "publicURL": ""}], "endpoints_links": [], "type": "image", "name": "glance"}, {"endpoints": [{"adminURL": "", "region": "RegionOne", "internalURL": "", "id": "6b8461f0caa7478ca6079f564a5c36aa", "publicURL": ""}], "endpoints_links": [], "type": "volume", "name": "cinder"}, {"endpoints": [{"adminURL": "", "region": "RegionOne", "internalURL": "", "id": "0a6641c8df314ca89a4680bb70b860fd", "publicURL": ""}], "endpoints_links": [], "type": "ec2", "name": "ec2"}, {"endpoints": [{"adminURL": "", "region": "RegionOne", "internalURL": "", "id": "026eef3239a941689ca6f4bf4882f78c", "publicURL": ""}], "endpoints_links": [], "type": "identity", "name": "keystone"}], "user": {"username": "admin", "roles_links": [], "id": "3a2ef1e5af004121b7f820254808e6c6", "roles": [{"name": "admin"}], "name": "admin"}, "metadata": {"is_admin": 0, "roles": ["3e62bb7a12a6413292eb3e3a346bc749"]}}}

DEBUG: quantumclient.client REQ: curl -i ( -X GET -H "User-Agent ... (more)

edit retag flag offensive close merge delete

5 answers

Sort by ยป oldest newest most voted

answered 2013-04-02 10:27:23 -0500

Can you post /etc/quantum/quantum.conf as well as a piece of logs of quantum server at the moment when you send this request?

edit flag offensive delete link more

answered 2013-04-02 11:58:17 -0500

Here are some configuration files

quantum.conf file : [DEFAULT] auth_strategy = keystone allow_overlapping_ips = True policy_file = /etc/quantum/policy.json debug = True verbose = True

* Modif NEC *

core_plugin = quantum.plugins.openvswitch.ovs_quantum_plugin.OVSQuantumPluginV2

core_plugin =

* FIN Modif NEC *

rabbit_password = passwd rabbit_host = localhost rpc_backend = quantum.openstack.common.rpc.impl_kombu state_path = /opt/stack/data/quantum

Default log level is INFO

verbose and debug has the same result.

One of them will set DEBUG log level output

debug = False

verbose = False

Where to store Quantum state files. This directory must be writable by the

user executing the agent.

state_path = /var/lib/quantum

Where to store lock files

lock_path = $state_path/lock

log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s

log_date_format = %Y-%m-%d %H:%M:%S

use_syslog -> syslog

log_file and log_dir -> log_dir/log_file

(not log_file) and log_dir -> log_dir/{binary_name}.log

use_stderr -> stderr

(not user_stderr) and (not log_file) -> stdout

publish_errors -> notification system

use_syslog = False

syslog_log_facility = LOG_USER

use_stderr = True

log_file =

log_dir =

publish_errors = False

Address to bind the API server

bind_host =

Port the bind the API server to

bind_port = 9696

Path to the extensions. Note that this can be a colon-separated list of

paths. For example:

api_extensions_path = extensions:/path/to/more/extensions:/even/more/extensions

The __path__ of quantum.extensions is appended to this, so if your

extensions are in there you don't need to specify them here

api_extensions_path =

* Modif NEC *

api_extensions_path = /opt/stack/quantum/quantum/plugins/nec/extensions/

* FIN Modif NEC *

Quantum plugin provider module

core_plugin =

Advanced service modules

service_plugins =

Paste configuration file

api_paste_config = api-paste.ini

The strategy to be used for auth.

Supported values are 'keystone'(default), 'noauth'.

auth_strategy = keystone

Base MAC address. The first 3 octets will remain unchanged. If the

4h octet is not 00, it will also used. The others will be

randomly generated.

3 octet

base_mac = fa:16:3e:00:00:00

4 octet

base_mac = fa:16:3e:4f:00:00

Maximum amount of retries to generate a unique MAC address

mac_generation_retries = 16

DHCP Lease duration (in seconds)

dhcp_lease_duration = 120

Allow sending resource operation notification to DHCP agent

dhcp_agent_notification = True

Enable or disable bulk create/update/delete operations

allow_bulk = True

Enable or disable pagination

allow_pagination = False

Enable or disable sorting

allow_sorting = False

Enable or disable overlapping IPs for subnets

Attention: the following parameter MUST be set to False if Quantum is

being used in conjunction with nova security groups and/or metadata service.

allow_overlapping_ips = False

Ensure that configured gateway is on subnet

force_gateway_on_subnet = False

RPC configuration options. Defined in rpc __init__

The messaging module to use, defaults to kombu.

rpc_backend = quantum.openstack.common.rpc.impl_kombu

Size of RPC thread pool

rpc_thread_pool_size = 64,

Size of RPC connection pool

rpc_conn_pool_size = 30

Seconds to wait for a response from call or multicall

rpc_response_timeout = 60

Seconds to wait before a cast expires (TTL). Only supported by impl_zmq.

rpc_cast_timeout = 30

Modules of exceptions that are permitted to be recreated

upon receiving exception data from an rpc call.

allowed_rpc_exception_modules = quantum.openstack.common.exception, nova.exception

AMQP exchange to connect to ...

edit flag offensive delete link more

answered 2013-04-05 07:25:35 -0500

Hello, no one has idea(s) ?

edit flag offensive delete link more

answered 2013-04-09 08:55:15 -0500

It seems to be a NEC plugin trouble.

When I use the OVS plugins, everything works !!

edit flag offensive delete link more

answered 2013-04-09 11:58:41 -0500

I found the trouble.

I don't know why, but devstack/lib/quantum_plugin/nec was not in the devstack tree !!?

A new git clone solved my problem.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2013-04-02 10:03:03 -0500

Seen: 85 times

Last updated: Apr 09 '13