Unable to Retrieve Security Groups Havana [closed]

asked 2013-12-18 07:52:39 -0500

anshul tripathi gravatar image

updated 2013-12-20 16:29:03 -0500

smaffulli gravatar image

Hi I am doing a single node installation of Havana on ubuntu 13.10 server. Initially I used Nova-Network. After that I Installed neutron with openvswitch plugin. Now when I try to create a new instance it says unable to retrieve security groups. What might be the problem. I am posting the nova.conf file settings below- nova.conf

[DEFAULT]
neutron_metadata_proxy_shared_secret = XXXX
service_neutron_metadata_proxy = true
rabbit_host=controller
dhcpbridge_flagfile=/etc/nova/nova.conf
dhcpbridge=/usr/bin/nova-dhcpbridge
logdir=/var/log/nova
state_path=/var/lib/nova
lock_path=/var/lock/nova
force_dhcp_release=True
iscsi_helper=tgtadm
libvirt_use_virtio_for_bridges=True
connection_type=libvirt
root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf
verbose=True
ec2_private_dns_show_ip=True
api_paste_config=/etc/nova/api-paste.ini
volumes_path=/var/lib/nova/volumes
enabled_apis=ec2,osapi_compute,metadata
rpc_backend = nova.rpc.impl_kombu
rabbit_host = controller
rabbit_password = XXXX
auth_strategy=keystone

network_api_class=nova.network.neutronv2.api.API
neutron_url=http://controller:9696
neutron_auth_strategy=keystone
neutron_admin_tenant_name=service
neutron_admin_username=neutron
neutron_admin_password=XXXXX
neutron_admin_auth_url=http://controller:35357/v2.0

security_group_api=neutron
firewall_driver=nova.virt.firewall.NoopFirewallDriver
vnc_enabled=true
my_ip=10.35.141.240
novncproxy_base_url=http://10.35.141.240:6080/vnc_auto.html
vncserver_listen=10.35.141.240
vncserver_proxyclient_address=10.35.141.240

[database]
connection = mysql://nova:XXXX@controller/nova
[keystone_authtoken]
auth_host = controller
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = nova
admin_password = XXXX
edit retag flag offensive reopen merge delete

Closed for the following reason too localized by dheeru
close date 2013-12-21 05:23:05.602514

Comments

dheeru gravatar imagedheeru ( 2013-12-18 07:59:12 -0500 )edit

Saw it but i am not having the same problem

anshul tripathi gravatar imageanshul tripathi ( 2013-12-20 00:12:02 -0500 )edit

Edit the original question and specify the error, check logs, etc because without it we can't help you.

smaffulli gravatar imagesmaffulli ( 2013-12-20 16:30:03 -0500 )edit

found the error i had firewall_driver=nova.virt.firewall.NoopFirewallDriver in neutron but had specified security_group_api=neutron in nova. Removing this solved the problem

anshul tripathi gravatar imageanshul tripathi ( 2013-12-21 01:17:24 -0500 )edit

This entries should have been in in nova.conf. Is that right ?. It is specifically meant to by-pass compute security group and using the networking security group. Ideally nova.conf should have following nova.conf firewall_driver=nova.virt.firewall.NoopFirewallDriver security_group_api=neutron

dheeru gravatar imagedheeru ( 2013-12-21 07:31:11 -0500 )edit