neutron-rootwrap fails to executed iptables-restore [closed]
Hi,
I'm trying to setup a small testlab, so far everything looked good, but after I created the external networks and tenant networks neutron started to spam the log.
Looks like it's screwing up the line
-A POSTROUTING_ZONES -o enp6s0f1 -i br-ex -g POST_public
to
-A POSTROUTING_ZONES -o enp6s0f1
br-ex -g POST_public
But that's just a guess.
Output:
2014-12-24 12:39:17.176 5579 INFO neutron.agent.securitygroups_rpc [req-d42df24f-f3cf-4f59-b51d-02e094d959ad None] Preparing filters for devices set([u'a43ab24c-af72-4f8c-a083-5ffe3e227b0b'])
2014-12-24 12:39:17.344 5579 ERROR neutron.agent.linux.utils [req-d42df24f-f3cf-4f59-b51d-02e094d959ad None]
Command: ['sudo', 'neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'iptables-restore', '-c']
Exit code: 2
Stdout: ''
Stderr: "Bad argument `br-ex'\nError occurred at line: 52\nTry `iptables-restore -h' or 'iptables-restore --help' for more information.\n"
2014-12-24 12:39:17.345 5579 ERROR neutron.agent.linux.iptables_manager [req-d42df24f-f3cf-4f59-b51d-02e094d959ad None] IPTablesManager.apply failed to apply the following set of iptables rules:
1. # Generated by iptables-save v1.4.21 on Wed Dec 24 12:39:17 2014
2. *nat
3. :PREROUTING ACCEPT [485:96708]
4. :INPUT ACCEPT [1:64]
5. :OUTPUT ACCEPT [84:5132]
6. :POSTROUTING ACCEPT [84:5132]
7. :OUTPUT_direct - [0:0]
8. :POSTROUTING_ZONES - [0:0]
9. :POSTROUTING_ZONES_SOURCE - [0:0]
10. :POSTROUTING_direct - [0:0]
11. :POST_public - [0:0]
12. :POST_public_allow - [0:0]
13. :POST_public_deny - [0:0]
14. :POST_public_log - [0:0]
15. :PREROUTING_ZONES - [0:0]
16. :PREROUTING_ZONES_SOURCE - [0:0]
17. :PREROUTING_direct - [0:0]
18. :PRE_public - [0:0]
19. :PRE_public_allow - [0:0]
20. :PRE_public_deny - [0:0]
21. :PRE_public_log - [0:0]
22. :nova-api-OUTPUT - [0:0]
23. :nova-api-POSTROUTING - [0:0]
24. :nova-api-PREROUTING - [0:0]
25. :nova-api-float-snat - [0:0]
26. :nova-api-snat - [0:0]
27. :nova-postrouting-bottom - [0:0]
28. :neutron-postrouting-bottom - [0:0]
29. :neutron-openvswi-OUTPUT - [0:0]
30. :neutron-openvswi-POSTROUTING - [0:0]
31. :neutron-openvswi-PREROUTING - [0:0]
32. :neutron-openvswi-float-snat - [0:0]
33. :neutron-openvswi-snat - [0:0]
34. [0:0] -A PREROUTING -j neutron-openvswi-PREROUTING
35. [0:0] -A OUTPUT -j neutron-openvswi-OUTPUT
36. [0:0] -A POSTROUTING -j neutron-openvswi-POSTROUTING
37. [0:0] -A POSTROUTING -j neutron-postrouting-bottom
38. [0:0] -A neutron-postrouting-bottom -j neutron-openvswi-snat
39. [0:0] -A neutron-openvswi-snat -j neutron-openvswi-float-snat
40. [603:114570] -A PREROUTING -j nova-api-PREROUTING
41. [608:116210] -A PREROUTING -j PREROUTING_direct
42. [608:116210] -A PREROUTING -j PREROUTING_ZONES_SOURCE
43. [608:116210] -A PREROUTING -j PREROUTING_ZONES
44. [168:10172] -A OUTPUT -j nova-api-OUTPUT
45. [216:13390] -A OUTPUT -j OUTPUT_direct
46. [168:10172] -A POSTROUTING -j nova-api-POSTROUTING
47. [168:10172] -A POSTROUTING -j nova-postrouting-bottom
48. [216:13390] -A POSTROUTING -j POSTROUTING_direct
49. [216:13390] -A POSTROUTING -j POSTROUTING_ZONES_SOURCE
50. [216:13390] -A POSTROUTING -j POSTROUTING_ZONES
51. [0:0] -A POSTROUTING_ZONES -o enp6s0f1
52. br-ex -g POST_public
53. [11:909] -A POSTROUTING_ZONES -o enp6s0f0 -g POST_public
54. [203:12204] -A POSTROUTING_ZONES -g POST_public
55. [216:13390] -A POST_public -j POST_public_log
56. [216:13390] -A POST_public -j POST_public_deny
57. [216:13390] -A POST_public -j POST_public_allow
58. [0:0] -A PREROUTING_ZONES -i enp6s0f1
59. br-ex -g PRE_public
60. [304:57973] -A PREROUTING_ZONES -i enp6s0f0 -g PRE_public
61. [304:58237] -A PREROUTING_ZONES -g PRE_public
62. [608:116210] -A PRE_public -j PRE_public_log
63. [608:116210] -A PRE_public ...Closed for the following reason
the question is answered, right answer was accepted by
Thoro
close date 2014-12-24 05:32:14.077820
add a comment