Ask Your Question
0

VPNaaS, FWaaS and LBaaS on Openstack Icehouse

asked 2014-06-24 00:20:50 -0500

ed gravatar image

I have Icehouse installed on 3x Ubuntu 14.04 servers (controller/compute/network) and followed all the steps on https://gist.github.com/cloudnull/885... but I still cannot get any of those services to work. Here's what I get in the logs:

2014-06-24 15:09:23.619 3496 ERROR neutron.agent.l3_agent [-] Failed synchronizing routers due to RPC error

2014-06-24 15:06:22.093 3496 ERROR neutron.services.firewall.agents.l3reference.firewall_l3_agent [-] Failed fwaas process services sync
2014-06-24 15:08:22.937 3496 ERROR neutron.services.firewall.agents.l3reference.firewall_l3_agent [-] Failed fwaas process services sync

2014-06-24 15:07:22.754 3496 TRACE neutron.agent.l3_agent   File "/usr/lib/python2.7/dist-packages/neutron/services/vpn/agent.py", line 143, in _process_routers
2014-06-24 15:07:22.754 3496 TRACE neutron.agent.l3_agent   File "/usr/lib/python2.7/dist-packages/neutron/services/vpn/device_drivers/ipsec.py", line 680, in sync
2014-06-24 15:07:22.754 3496 TRACE neutron.agent.l3_agent   File "/usr/lib/python2.7/dist-packages/neutron/services/vpn/device_drivers/ipsec.py", line 461, in get_vpn_services_on_host
2014-06-24 15:07:22.754 3496 TRACE neutron.agent.l3_agent Timeout: Timeout while waiting on RPC response - topic: "ipsec_driver", RPC method: "get_vpn_services_on_host" info: "<unknown>"

2014-06-24 15:10:03.091 1217 TRACE neutron.services.loadbalancer.agent.agent_manager   File "/usr/lib/python2.7/dist-packages/neutron/openstack/common/rpc/proxy.py", line 129, in call
2014-06-24 15:10:03.091 1217 TRACE neutron.services.loadbalancer.agent.agent_manager     exc.info, real_topic, msg.get('method'))
2014-06-24 15:10:03.091 1217 TRACE neutron.services.loadbalancer.agent.agent_manager Timeout: Timeout while waiting on RPC response - topic: "n-lbaas-plugin", RPC method: "get_ready_devices" info: "<unknown>"
2014-06-24 15:07:02.945 1217 ERROR neutron.services.loadbalancer.agent.agent_manager [req-e46ba9db-1b4a-4c35-9e14-cbb2e2e25950 None] Unable to retrieve ready devices
2014-06-24 15:08:02.991 1217 ERROR neutron.services.loadbalancer.agent.agent_manager [req-e46ba9db-1b4a-4c35-9e14-cbb2e2e25950 None] Unable to retrieve ready devices
2014-06-24 15:09:03.042 1217 ERROR neutron.services.loadbalancer.agent.agent_manager [req-e46ba9db-1b4a-4c35-9e14-cbb2e2e25950 None] Unable to retrieve ready devices

When I try to create any objects on the controller:

root@stack-controller:~# neutron vpn-ikepolicy-create ikepolicy1
404 Not Found

The resource could not be found.


root@stack-controller:~# neutron firewall-list
404 Not Found

The resource could not be found.

It's like the controller is not aware of the new service providers.

Any ideas?

edit retag flag offensive close merge delete

Comments

For loadbalancer configuration, please check the link: http://itinsteps.blogspot.in/2014/06/steps-to-configure-neutron-lbaas-agent.html (http://itinsteps.blogspot.in/2014/06/...)

KunalTPatil gravatar imageKunalTPatil ( 2014-06-24 02:24:58 -0500 )edit

Any idea on how to setup VPNaaS? I'm trying to use it to connect to a OpenSwan box running on an Ubuntu instance at AWS via IPSec however I'm having a hard time finding any guides.

ed gravatar imageed ( 2014-06-26 00:54:45 -0500 )edit

1 answer

Sort by ยป oldest newest most voted
1

answered 2014-06-25 00:55:44 -0500

ed gravatar image

updated 2014-06-25 00:57:24 -0500

I followed some extra steps from http://hj192837.blog.51cto.com/655995... and it seems adding "service_plugins=router,lbaas,fwaas,vpnaas" to neutron.conf at the controller node and restarting the neutron-server service did the trick:

root@stack-controller:~# neutron vpn-ikepolicy-create ikepolicy1
Created a new ikepolicy:
+-------------------------+--------------------------------------+
| Field                   | Value                                |
+-------------------------+--------------------------------------+
| auth_algorithm          | sha1                                 |
| description             |                                      |
| encryption_algorithm    | aes-128                              |
| id                      | b4209b1d-3f2b-441a-9466-4099bae4695c |
| ike_version             | v1                                   |
| lifetime                | {"units": "seconds", "value": 3600}  |
| name                    | ikepolicy1                           |
| pfs                     | group5                               |
| phase1_negotiation_mode | main                                 |
| tenant_id               | 714204eeeffe49d09cdcdf9a55e8d3a2     |
+-------------------------+--------------------------------------+
edit flag offensive delete link more

Comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2014-06-24 00:20:50 -0500

Seen: 3,371 times

Last updated: Jun 25 '14