Ask Your Question
0

Issues configuring linuxbridge firewall

asked 2013-11-11 10:18:16 -0600

anonymous user

Anonymous

updated 2013-11-13 03:09:10 -0600

darragh-oreilly gravatar image

I am having issues configuring quantum firewall using linuxbridge plugin. After configuring and restarting all services I see the following error:

**root@ubuntu-s0:~# quantum security-group-list
404 Not Found

The resource could not be found.**

I have searched for this issue and have verified my configuration but its obvious I am missing something. Will appreciate if someone can help me out. Here is my Log and configuration information.

Configuration:

root@ubuntu-s0:~# egrep -v '#|^$' /etc/quantum/quantum.conf

[DEFAULT]
verbose = True
lock_path = $state_path/lock
bind_host = 0.0.0.0
bind_port = 9696
core_plugin = quantum.plugins.linuxbridge.lb_quantum_plugin.LinuxBridgePluginV2
api_paste_config = /etc/quantum/api-paste.ini
control_exchange = quantum
notification_driver = quantum.openstack.common.notifier.rpc_notifier
default_notification_level = INFO
notification_topics = notifications
[QUOTAS]
[DEFAULT_SERVICETYPE]
[AGENT]
root_helper = sudo quantum-rootwrap /etc/quantum/rootwrap.conf
[keystone_authtoken]
auth_host = 10.10.100.51
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = quantum
admin_password = service_pass
signing_dir = /var/lib/quantum/keystone-signing

root@ubuntu-s0:~# egrep -v '#|^$' /etc/quantum/plugins/linuxbridge/linuxbridge_conf.ini

[VLANS]
tenant_network_type = vlan
network_vlan_ranges = physnet1:1000:2999
[DATABASE]
sql_connection = mysql://quantumUser:quantumPass@10.10.100.51/quantum
reconnect_interval = 2
[LINUX_BRIDGE]
physical_interface_mappings = physnet1:p4p1
[AGENT]
polling_interval = 2
[SECURITYGROUP]
firewall_driver = quantum.agent.linux.iptables_firewall.IptablesFirewallDriver

root@ubuntu-s0:~# egrep -v '#|^$' /etc/nova/nova.conf

[DEFAULT]
logdir=/var/log/nova
state_path=/var/lib/nova
lock_path=/run/lock/nova
verbose=True
debug=True
api_paste_config=/etc/nova/api-paste.ini
compute_scheduler_driver=nova.scheduler.simple.SimpleScheduler
rabbit_host=10.10.100.51
nova_url=http://10.10.100.51:8774/v1.1/
sql_connection=mysql://novaUser:novaPass@10.10.100.51/nova
root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf
use_deprecated_auth=false
auth_strategy=keystone
glance_api_servers=10.10.100.51:9292
image_service=nova.image.glance.GlanceImageService
novnc_enabled=true
novncproxy_base_url=http://192.168.100.51:6080/vnc_auto.html
novncproxy_port=6080
vncserver_proxyclient_address=10.10.100.51
vncserver_listen=0.0.0.0
service_quantum_metadata_proxy = True
quantum_metadata_proxy_shared_secret = helloOpenStack
network_api_class=nova.network.quantumv2.api.API
quantum_url=http://10.10.100.51:9696
quantum_auth_strategy=keystone
quantum_admin_tenant_name=service
quantum_admin_username=quantum
quantum_admin_password=service_pass
quantum_admin_auth_url=http://10.10.100.51:35357/v2.0
libvirt_vif_driver = nova.virt.libvirt.vif.LibvirtGenericVIFDriver
linuxnet_interface_driver=nova.network.linux_net.LinuxBridgeInterfaceDriver
security_group_api=quantum
firewall_driver=nova.virt.firewall.NoopFirewallDriver
compute_driver=libvirt.LibvirtDriver
volume_api_class=nova.volume.cinder.API
osapi_volume_listen_port=5900

Log Information:

**nova-api.log:**
----------------------
2013-11-10 22:40:31.997 2756 TRACE nova.api.openstack
2013-11-10 22:40:31.999 INFO nova.api.openstack [req-7912a233-0293-4afe-b588-83e25c07465f 318c627ef27d48a3b0177997587fcc45 f0dfacc4610c4735a723390ac3e4051f] http://192.168.100.51:8774/v2/f0dfacc4610c4735a723390ac3e4051f/servers/detail?project_id=f0dfacc4610c4735a723390ac3e4051f returned with HTTP 500
2013-11-10 22:40:32.000 DEBUG nova.api.openstack.wsgi [req-7912a233-0293-4afe-b588-83e25c07465f 318c627ef27d48a3b0177997587fcc45 f0dfacc4610c4735a723390ac3e4051f] Returning 500 to user: The server has either erred or is incapable of performing the requested operation. __call__ /usr/lib/python2.7/dist-packages/nova/api/openstack/wsgi.py:1165
2013-11-10 22:40:32.001 INFO nova.osapi_compute.wsgi.server [req-7912a233-0293-4afe-b588-83e25c07465f 318c627ef27d48a3b0177997587fcc45 f0dfacc4610c4735a723390ac3e4051f] 192.168.100.51 "GET /v2/f0dfacc4610c4735a723390ac3e4051f/servers/detail?project_id=f0dfacc4610c4735a723390ac3e4051f HTTP/1.1" status: 500 len: 335 time: 0.0522921

2013-11-10 22:40:34.757 2756 INFO nova.osapi_compute.wsgi.server [-] (2756) accepted ('192.168.100.51', 37177)

2013-11-10 22:40:34.760 DEBUG nova.api.openstack.wsgi [req-41ef86ab-2b4d-4942-a30a-5005c2a44b0e 318c627ef27d48a3b0177997587fcc45 f0dfacc4610c4735a723390ac3e4051f ...
(more)
edit retag flag offensive close merge delete

Comments

I don't see an actual question here. There is really too much information here and the formatting makes it impossible to read. Please clearly state your question and consider removing most of the log and config information unless someone asks for specific information.

larsks gravatar imagelarsks ( 2013-11-11 11:15:10 -0600 )edit

can you append the output of egrep -v '#|^$' /etc/quantum/quantum.conf to the question

darragh-oreilly gravatar imagedarragh-oreilly ( 2013-11-11 14:08:34 -0600 )edit

1 answer

Sort by ยป oldest newest most voted
0

answered 2013-11-13 03:21:47 -0600

darragh-oreilly gravatar image

The config seems ok now. But it may not have been ok when you created the network for the tenant. Maybe the default security group for a tenant gets created at the time their first network is created - I don't know. So try creating a new network for the tenant and maybe that will create the default sg now. There should be more info in the quantum server log about what resource it cannot find. If that does not work, then try creating a a new security group.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2013-11-11 10:18:16 -0600

Seen: 272 times

Last updated: Nov 13 '13