MaaS JuJu Openstack ICEHouse enable FWaaS LBaaS VPNaaS [closed]

asked 2014-11-08 09:16:16 -0600

astar gravatar image

My MaaS JuJu Openstack ICEHouse setup is working fine. Can create instance and access it from outside using floating ips after adding appropriate ssh rule under 'Security Group Rules".

How to enable FWaaS ? neutron.conf under controller node service_plugins = neutron.services.l3_router.l3_router_plugin.L3RouterPlugin,neutron.services.firewall.fwaas_plugin.FirewallPlugin,neutron.services.loadbalancer.plugin.LoadBalancerPlugin,neutron.services.vpn.plugin.VPNDriverPlugin,neutron.services.metering.metering_plugin.MeteringPlugin

[service_providers] service_provider=LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default service_provider=VPN:openswan:neutron.services.vpn.service_drivers.ipsec.IPsecVPNDriver:default service_provider=FIREWALL:Iptables:neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver:defaultroot@node0:/etc/neutron#

fwaas_driver.ini [fwaas] driver = neutron.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver enabled = True

OpenStack Dashboard doesn't display Firewall tab. Edited /etc/openstack-dashboard/local_settings.py to set enable_firewall : True. Restart apache2 and neutron server. Login back to dashboard and Firewall tab is listed, but upon rebooting the nodes Firewall tab disappears and even enable_firewall is set to false.

neutron agent list 1079efe3-d681-4dd1-a901-33cd179732be | Open vSwitch agent | node1 | :-) | True | | 1a316d6e-b196-4aa7-b78e-b391e9484114 | Open vSwitch agent | node2 | :-) | True | | 5368d222-eccc-486e-82a0-9ee80829b26a | Loadbalancer agent | node1 | :-) | True | | a4174311-4e7f-4a24-90c8-a64aa5385924 | Metering agent | node1 | :-) | True | | c5535d81-43b7-4de5-a7d4-68ee41ee7acc | L3 agent | node1 | :-) | True | | cb31b829-9f37-4e0b-bb07-df692dd97d5a | DHCP agent | node1 | :-) | True | | daee0eca-c696-4357-93e6-18891d8129b3 | Metadata agent | node1 | :-) | True

Also - All settings are controlled by juju (Configuration file maintained by Juju. Local changes may be overwritten.), how should neutron.conf be edited if required? It seems, through juju gui chrams -config-flags (sting), only nova.conf can be edited. (Comma separated list of key=value config flags to be set in nova.conf.)

enter code here

After getting firewall working. Shall update with LBaaS and VPNaaS

Thanks

edit retag flag offensive reopen merge delete

Closed for the following reason duplicate question by astar
close date 2014-11-11 02:11:28.581755