neutronclient firewall v2 api return 404 in newton

asked 2016-11-23 22:39:28 -0600

zhangoic gravatar image

updated 2016-12-02 09:06:51 -0600

rbowen gravatar image

I hava installed firewall v2 and configed as fwaas-v2-scenario advised. But when I used neutronclient firewall command, neutron-server would return 404.

The only message in server.log is

INFO neutron.wsgi [req-cd3cc54e-8bc4-47df-bfd6-e73b64d0c692 b6772959def84a629e27f256e2e0aa36 f332909670c841abb78c2e30e8c50c68 - - -] 10.65.0.47 - - [24/Nov/2016 11:23:21] "POST /v2.0/fw/firewall_rules.json HTTP/1.1" 404 333 1.748158.

Does anyone meet the problem? Please give me any useful ideas. Thank you!

edit retag flag offensive close merge delete

Comments

Check corresponding tables/look into execution of neutron db-manage that you have done within installation of FWWAS. I think execution of that command has failed. Maybe having DEBUG logging and repeating the command will give you more insight.

volenbovsky gravatar imagevolenbovsky ( 2016-11-25 07:05:20 -0600 )edit

"neutron-db-manage --subproject neutron-fwaas upgrade head" is OK

zhangoic gravatar imagezhangoic ( 2016-11-29 20:23:42 -0600 )edit

l3 agent log would output "ERROR neutron_fwaas.services.firewall.agents.l3reference.firewall_l3_agent NoSuchMethod: Endpoint does not support RPC method get_firewalls_for_tenant" when it restarts. I think the fwaas config is not effectiv, because it doesn't use firewall_l3_agent_v2.py

zhangoic gravatar imagezhangoic ( 2016-11-29 20:33:31 -0600 )edit

zhangoic this error (NoSuchMehtod) is caused due to wrong configuration. You must have the same version drivers in both Server and Agent. So in your l3_agent.ini change the [AGENT]/extensions = fwaas_v2. In neutron.conf set [fwaas]/driver = iptables_v2 and [fwaas]/agent_version = v2.

tze gravatar imagetze ( 2016-12-05 07:13:07 -0600 )edit

Yes, you are right.

zhangoic gravatar imagezhangoic ( 2016-12-06 18:59:21 -0600 )edit

2 answers

Sort by ยป oldest newest most voted
1

answered 2016-12-05 07:17:54 -0600

tze gravatar image

updated 2016-12-06 05:20:40 -0600

I have met the same problem. For the beginning i had but configuration on server and l3-agent but now after a correct configuration no errors in the logs, but when i try firewall commands (e.x neutron firewall-list) 404 returns to me.

I have spent enough hours on github to search the code but i cannot find other details. I need the firewall feature to put the openstack newton on my production environment.

Finally i found the answer why 404 returns, the problem isn't problem, but no feature cover. In project neutronclient the fwaasV2 not supported. There is a new feature request but is in progress (https://bugs.launchpad.net/python-neutronclient/+bug/1609686 (https://bugs.launchpad.net/python-neu...)). So you must work with fwaasV2 with rest API because neutron client and openstack client works only with default firewall.

edit flag offensive delete link more

Comments

You are right ! I also find that the neutronclient doesn't support firewall v2. The official configuration of fwaas v2 has mistake either.

zhangoic gravatar imagezhangoic ( 2016-12-06 18:57:44 -0600 )edit
0

answered 2017-04-13 11:30:27 -0600

ignazio gravatar image

Please, could send me the correvo configuration for newton centos 7 ? The networking guide seems to have some errors. Ignazio

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2016-11-23 22:39:28 -0600

Seen: 521 times

Last updated: Dec 06 '16