Ask Your Question
0

MaaS JUJU OpenStack ICEHOUSE how to enable FWaaS LBaaS VPNaaS [closed]

asked 2014-11-08 09:18:56 -0500

anonymous user

Anonymous

My MaaS JuJu Openstack ICEHouse setup is working fine. Can create instance and access it from outside using floating ips after adding appropriate ssh rule under 'Security Group Rules".

How to enable FWaaS ? neutron.conf under controller node service_plugins = neutron.services.l3_router.l3_router_plugin.L3RouterPlugin,neutron.services.firewall.fwaas_plugin.FirewallPlugin,neutron.services.loadbalancer.plugin.LoadBalancerPlugin,neutron.services.vpn.plugin.VPNDriverPlugin,neutron.services.metering.metering_plugin.MeteringPlugin

[service_providers] service_provider=LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default service_provider=VPN:openswan:neutron.services.vpn.service_drivers.ipsec.IPsecVPNDriver:default service_provider=FIREWALL:Iptables:neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver:defaultroot@node0:/etc/neutron#

fwaas_driver.ini [fwaas] driver = neutron.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver enabled = True

OpenStack Dashboard doesn't display Firewall tab. Edited /etc/openstack-dashboard/local_settings.py to set enable_firewall : True. Restart apache2 and neutron server. Login back to dashboard and Firewall tab is listed, but upon rebooting the nodes Firewall tab disappears and even enable_firewall is set to false.

neutron agent list 1079efe3-d681-4dd1-a901-33cd179732be | Open vSwitch agent | node1 | :-) | True | | 1a316d6e-b196-4aa7-b78e-b391e9484114 | Open vSwitch agent | node2 | :-) | True | | 5368d222-eccc-486e-82a0-9ee80829b26a | Loadbalancer agent | node1 | :-) | True | | a4174311-4e7f-4a24-90c8-a64aa5385924 | Metering agent | node1 | :-) | True | | c5535d81-43b7-4de5-a7d4-68ee41ee7acc | L3 agent | node1 | :-) | True | | cb31b829-9f37-4e0b-bb07-df692dd97d5a | DHCP agent | node1 | :-) | True | | daee0eca-c696-4357-93e6-18891d8129b3 | Metadata agent | node1 | :-) | True

Also - All settings are controlled by juju (Configuration file maintained by Juju. Local changes may be overwritten.), how should neutron.conf be edited if required? It seems, through juju gui chrams -config-flags (sting), only nova.conf can be edited. (Comma separated list of key=value config flags to be set in nova.conf.)

enter code here

After getting firewall working. Shall update with LBaaS and VPNaaS

Thanks

edit retag flag offensive reopen merge delete

Closed for the following reason duplicate question by Mzoorikh
close date 2014-11-08 14:09:36.317142

1 answer

Sort by ยป oldest newest most voted
0

answered 2014-11-08 14:09:01 -0500

Duplicate Question. See this.

edit flag offensive delete link more

Comments

That was simple, didn't poke around earlier :) . From JUJU , OpenStack-dashboard charm service setting has options to enable the mentioned services.

astar gravatar imageastar ( 2014-11-11 02:12:01 -0500 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2014-11-08 09:18:56 -0500

Seen: 880 times

Last updated: Nov 08 '14