Ask Your Question

Kevin's profile - activity

2017-04-25 02:13:06 -0600 received badge  Famous Question (source)
2017-03-03 00:01:36 -0600 received badge  Famous Question (source)
2017-03-03 00:01:36 -0600 received badge  Notable Question (source)
2017-03-03 00:01:36 -0600 received badge  Popular Question (source)
2017-02-01 07:30:54 -0600 received badge  Self-Learner (source)
2016-12-05 15:04:32 -0600 received badge  Popular Question (source)
2016-12-05 15:04:32 -0600 received badge  Famous Question (source)
2016-12-05 15:04:32 -0600 received badge  Notable Question (source)
2016-12-05 15:00:47 -0600 received badge  Notable Question (source)
2016-11-27 08:54:51 -0600 answered a question Can not ping outside world when using NAT-VM / VPN

Any ideas?

2016-11-24 15:34:50 -0600 received badge  Popular Question (source)
2016-11-22 17:45:11 -0600 commented question Tenant network dropping packets

Did you find a solution? I have the same problem here: https://ask.openstack.org/en/question...

2016-11-22 16:29:42 -0600 received badge  Editor (source)
2016-11-22 16:12:32 -0600 asked a question Can not ping outside world when using NAT-VM / VPN

Hi,

I am running several VMs directly attached to a VLAN in OpenStack Mitaka on CentOS 7. This VM has a public IP address and a private interface. It masquerades on eth0 (public) and gets packages from a client-VM. There also is an OpenVPN connection for external client to reach the client network.

I already set up such scenarios and they are working fine but now I have a compute-node which blocks all traffic when source address does not match (= forwarding). Packets (ICMP) leave the client-vm, arrive at the router-vm, get masqueraded, sent to the external server, I get the reply and forward it back to the client. I can see the packet leaving the router-vm (tcpdump) but not arriving at the client-vm. This effictively cuts the internet access for all client vm's.

As far as I can see, all nodes have the same nova configuration. I use arp-anti-spoof security provided by neutron but the scenario above was working in the past on other nodes (including a Windows VM running on the same node).

The default security group also lists 0.0.0.0/0 and ::/0 for all protocols ingress and egress.

I am not sure what I need to change or fix for this to work.

2016-08-18 02:33:49 -0600 received badge  Famous Question (source)
2016-08-15 11:52:53 -0600 answered a question Packstack: Does EXCLUDE_SERVERS realy work?

I justed rolled out the new members and it was working very well. EXCLUDE_SEVERS is reliable.

2016-08-15 04:32:51 -0600 received badge  Notable Question (source)
2016-08-15 00:00:09 -0600 received badge  Popular Question (source)
2016-08-14 17:43:22 -0600 asked a question Packstack: Does EXCLUDE_SERVERS realy work?

Hi!

I set EXCLUDE_SERVERS to servers I do not want to touch. I generated the puppet files (packstack --answer-file=packstack-answers.txt --dry-run -d) to check them before rollout (this cloud install is in production).

[root@ceph1833 manifests]# ls -l
total 260
-rw-------. 1 root root 6782 Aug 15 00:24 172.17.1.11_neutron.pp
-rw-------. 1 root root 6782 Aug 15 00:24 172.17.1.12_neutron.pp
-rw-------. 1 root root 3688 Aug 15 00:24 172.17.2.11_neutron.pp
-rw-------. 1 root root 9100 Aug 15 00:24 172.17.2.11_nova.pp
-rw-------. 1 root root 3688 Aug 15 00:24 172.17.2.12_neutron.pp
-rw-------. 1 root root 9100 Aug 15 00:24 172.17.2.12_nova.pp
-rw-------. 1 root root 3688 Aug 15 00:24 172.17.2.13_neutron.pp
-rw-------. 1 root root 9100 Aug 15 00:24 172.17.2.13_nova.pp
-rw-------. 1 root root 3688 Aug 15 00:24 172.17.2.14_neutron.pp
-rw-------. 1 root root 9100 Aug 15 00:24 172.17.2.14_nova.pp
-rw-------. 1 root root 2341 Aug 15 00:24 172.17.2.15_chrony.pp
-rw-------. 1 root root 1343 Aug 15 00:24 172.17.2.15_nagios_nrpe.pp
-rw-------. 1 root root 3688 Aug 15 00:24 172.17.2.15_neutron.pp
-rw-------. 1 root root 9100 Aug 15 00:24 172.17.2.15_nova.pp
-rw-------. 1 root root  836 Aug 15 00:24 172.17.2.15_prescript.pp
-rw-------. 1 root root 2341 Aug 15 00:24 172.17.2.16_chrony.pp
-rw-------. 1 root root 1343 Aug 15 00:24 172.17.2.16_nagios_nrpe.pp
-rw-------. 1 root root 3688 Aug 15 00:24 172.17.2.16_neutron.pp
-rw-------. 1 root root 9100 Aug 15 00:24 172.17.2.16_nova.pp
-rw-------. 1 root root  836 Aug 15 00:24 172.17.2.16_prescript.pp
-rw-------. 1 root root 2341 Aug 15 00:24 172.17.2.18_chrony.pp
-rw-------. 1 root root 1343 Aug 15 00:24 172.17.2.18_nagios_nrpe.pp
-rw-------. 1 root root 3688 Aug 15 00:24 172.17.2.18_neutron.pp
-rw-------. 1 root root 9100 Aug 15 00:24 172.17.2.18_nova.pp
-rw-------. 1 root root  836 Aug 15 00:24 172.17.2.18_prescript.pp

The directory contains files for _all_nodes, even if they are excluded.

172.17.2.11 -> excluded
172.17.2.15 -> to be installed

Will they be executed when I drop "--dry-run" or are they generated but skipped?

Can someone explain this behaviour and where to find the code, showing it is not going to be executed?

Thank you.

2016-07-28 03:50:04 -0600 received badge  Nice Question (source)
2016-07-28 03:49:57 -0600 received badge  Nice Answer (source)
2016-06-21 06:14:12 -0600 received badge  Famous Question (source)
2016-05-06 10:33:09 -0600 received badge  Taxonomist
2016-05-06 07:39:19 -0600 received badge  Famous Question (source)
2016-05-04 02:38:20 -0600 received badge  Notable Question (source)
2016-04-30 17:16:35 -0600 received badge  Popular Question (source)
2016-04-28 05:15:00 -0600 received badge  Famous Question (source)
2016-04-24 05:33:51 -0600 asked a question High CPU load VPNaaS and libreswan on CentOS 7

Hi,

when installing libreswan and neutron-vpnaas-agent, I get 100% cpu load on all cores. Problem exists in Liberty and Mitaka deployments via Packstack.

The process consuming the cpu-cycles is "certutil":

certutil -N -d sql:/etc/ipsec.d --empty-password

It spawns serveral times, sometimes the process dies when swap runs full. Running this command on root shell works flawlessly.

I don't get any more debug output, is this a known problem?

2016-04-22 08:38:18 -0600 received badge  Notable Question (source)
2016-04-21 06:56:07 -0600 received badge  Popular Question (source)
2016-04-19 17:25:43 -0600 answered a question Error writing to /var/lib/nova/instances/_base/ - how to avoid local file transaction?

Seems like setting show_image_direct_url to True is the only way to solve this. As I am only using ceph as my storage backend, this seems to be safe regarding image-urls.

https://bugzilla.redhat.com/show_bug....

2016-04-19 15:56:20 -0600 marked best answer Cinder - Caught error: Unknown Attribute: projects

Hey,

I just upgraded our CentOS deployment and experience some issues with cinder:

Horizon.log:

Error: Unable to retrieve volume limit information.

Cinder api.log:

Caught error: Unknown Attribute: projects

This happens when I try to start a new instance via Horizon. Before I met this problem, I needed to fix cinder.conf using this thread: https://ask.openstack.org/en/question...

It seems to be a problem with the current RDO-Liberty packages (problem startet after yum update) but without more debugging output, I am trapped here.

Is this a known problem?

2016-04-19 15:56:20 -0600 received badge  Scholar (source)
2016-04-19 15:55:40 -0600 asked a question Error writing to /var/lib/nova/instances/_base/ - how to avoid local file transaction?

Hi,

I am using Ceph for RBD storage and we are hosting hypervisors with 16GB of flash memory.

When I import an image which is saved in an isolated pool on the same cluster, my hypervisor node tries to download it before re-importing (see trace below). How can I modify this behavior?

2016-04-19 22:46:05.041 2747 ERROR nova.image.glance [req-7f1512f5-4cc7-44fe-bb90-a1527e3a341b 051f7eb0c4df40dda84a69d40ee86a48 3c297aff8cb44e618fb88356a2dd836b - - -] Error writing to /var/lib/nova/instances/_base/1cb800df157f685e900195a14c05d2d4decc2bc4.part: [Errno 28] No space left on device
2016-04-19 22:46:05.730 2747 ERROR nova.compute.manager [req-7f1512f5-4cc7-44fe-bb90-a1527e3a341b 051f7eb0c4df40dda84a69d40ee86a48 3c297aff8cb44e618fb88356a2dd836b - - -] [instance: 65bf98e0-a199-4493-82bb-3fee877d6ce7] Instance failed to spawn
2016-04-19 22:46:05.730 2747 ERROR nova.compute.manager [instance: 65bf98e0-a199-4493-82bb-3fee877d6ce7] Traceback (most recent call last):
2016-04-19 22:46:05.730 2747 ERROR nova.compute.manager [instance: 65bf98e0-a199-4493-82bb-3fee877d6ce7]   File "/usr/lib/python2.7/site-packages/nova/compute/manager.py", line 2218, in _build_resources
2016-04-19 22:46:05.730 2747 ERROR nova.compute.manager [instance: 65bf98e0-a199-4493-82bb-3fee877d6ce7]     yield resources
2016-04-19 22:46:05.730 2747 ERROR nova.compute.manager [instance: 65bf98e0-a199-4493-82bb-3fee877d6ce7]   File "/usr/lib/python2.7/site-packages/nova/compute/manager.py", line 2064, in _build_and_run_instance
2016-04-19 22:46:05.730 2747 ERROR nova.compute.manager [instance: 65bf98e0-a199-4493-82bb-3fee877d6ce7]     block_device_info=block_device_info)
2016-04-19 22:46:05.730 2747 ERROR nova.compute.manager [instance: 65bf98e0-a199-4493-82bb-3fee877d6ce7]   File "/usr/lib/python2.7/site-packages/nova/virt/libvirt/driver.py", line 2761, in spawn
2016-04-19 22:46:05.730 2747 ERROR nova.compute.manager [instance: 65bf98e0-a199-4493-82bb-3fee877d6ce7]     admin_pass=admin_password)
2016-04-19 22:46:05.730 2747 ERROR nova.compute.manager [instance: 65bf98e0-a199-4493-82bb-3fee877d6ce7]   File "/usr/lib/python2.7/site-packages/nova/virt/libvirt/driver.py", line 3179, in _create_image
2016-04-19 22:46:05.730 2747 ERROR nova.compute.manager [instance: 65bf98e0-a199-4493-82bb-3fee877d6ce7]     instance, size, fallback_from_host)
2016-04-19 22:46:05.730 2747 ERROR nova.compute.manager [instance: 65bf98e0-a199-4493-82bb-3fee877d6ce7]   File "/usr/lib/python2.7/site-packages/nova/virt/libvirt/driver.py", line 6739, in _try_fetch_image_cache
2016-04-19 22:46:05.730 2747 ERROR nova.compute.manager [instance: 65bf98e0-a199-4493-82bb-3fee877d6ce7]     size=size)
2016-04-19 22:46:05.730 2747 ERROR nova.compute.manager [instance: 65bf98e0-a199-4493-82bb-3fee877d6ce7]   File "/usr/lib/python2.7/site-packages/nova/virt/libvirt/imagebackend.py", line 251, in cache
2016-04-19 22:46:05.730 2747 ERROR nova.compute.manager [instance: 65bf98e0-a199-4493-82bb-3fee877d6ce7]     *args, **kwargs)
2016-04-19 22:46:05.730 2747 ERROR nova.compute.manager [instance: 65bf98e0-a199-4493-82bb-3fee877d6ce7]   File "/usr/lib/python2.7/site-packages/nova/virt/libvirt/imagebackend.py", line 874, in create_image
2016-04-19 22:46:05.730 2747 ERROR nova.compute.manager [instance: 65bf98e0-a199-4493-82bb-3fee877d6ce7]     prepare_template(target=base, max_size=size, *args, **kwargs)
2016-04-19 22:46:05.730 2747 ERROR nova.compute.manager [instance: 65bf98e0-a199-4493-82bb-3fee877d6ce7]   File "/usr/lib/python2.7/site-packages/oslo_concurrency/lockutils.py", line 271, in inner
2016-04-19 22:46:05.730 2747 ERROR nova.compute.manager [instance: 65bf98e0-a199-4493-82bb-3fee877d6ce7]     return f(*args, **kwargs)
2016-04-19 22:46:05.730 2747 ERROR nova.compute.manager [instance: 65bf98e0-a199-4493-82bb-3fee877d6ce7]   File "/usr/lib/python2.7/site-packages/nova/virt/libvirt/imagebackend.py", line 241, in fetch_func_sync
2016-04-19 22:46:05.730 2747 ERROR nova.compute.manager [instance: 65bf98e0-a199-4493-82bb-3fee877d6ce7]     fetch_func(target=target, *args, **kwargs)
2016-04-19 22:46:05.730 2747 ...
(more)
2016-04-18 02:05:42 -0600 asked a question NoSuchOptError: no such option in group neutron: auth_plugin

Hi,

I upgraded our environment from liberty to mitaka and get this error when watching the nova-api.log:

2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions [req-4fd8efa9-3e1f-477b-b0f1-574739f57cf2 051f7eb0c4df40dda84a69d40ee86a48 f2c5a09230a94a8a9ab714877c22948d - - -] Unexpected exception in API method
2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions Traceback (most recent call last):
2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions   File "/usr/lib/python2.7/site-packages/nova/api/openstack/extensions.py", line 478, in wrapped
2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions     return f(*args, **kwargs)
2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions   File "/usr/lib/python2.7/site-packages/nova/api/validation/__init__.py", line 73, in wrapper
2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions     return func(*args, **kwargs)
2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions   File "/usr/lib/python2.7/site-packages/nova/api/validation/__init__.py", line 73, in wrapper
2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions     return func(*args, **kwargs)
2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions   File "/usr/lib/python2.7/site-packages/nova/api/validation/__init__.py", line 73, in wrapper
2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions     return func(*args, **kwargs)
2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions   File "/usr/lib/python2.7/site-packages/nova/api/openstack/compute/servers.py", line 629, in create
2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions     **create_kwargs)
2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions   File "/usr/lib/python2.7/site-packages/nova/hooks.py", line 154, in inner
2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions     rv = f(*args, **kwargs)
2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions   File "/usr/lib/python2.7/site-packages/nova/compute/api.py", line 1556, in create
2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions     check_server_group_quota=check_server_group_quota)
2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions   File "/usr/lib/python2.7/site-packages/nova/compute/api.py", line 1139, in _create_instance
2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions     reservation_id, max_count)
2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions   File "/usr/lib/python2.7/site-packages/nova/compute/api.py", line 866, in _validate_and_build_base_options
2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions     pci_request_info, requested_networks)
2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions   File "/usr/lib/python2.7/site-packages/nova/network/neutronv2/api.py", line 1062, in create_pci_requests_for_sriov_ports
2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions     neutron = get_client(context, admin=True)
2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions   File "/usr/lib/python2.7/site-packages/nova/network/neutronv2/api.py", line 139, in get_client
2016-04-18 08:42:54.548 2477 ERROR nova.api.openstack.extensions     _ADMIN_AUTH = _load_auth_plugin(CONF)
2016-04-18 08:42:54.548 2477 ERROR nova.api ...
(more)
2016-04-11 14:22:50 -0600 received badge  Enthusiast
2016-04-08 16:55:22 -0600 answered a question Physnet VLAN: More than one external network exists

push push push

2016-04-06 15:07:13 -0600 received badge  Notable Question (source)
2016-04-05 17:56:30 -0600 received badge  Popular Question (source)
2016-04-05 17:32:30 -0600 commented answer Physnet VLAN: More than one external network exists

I want to do the following: https://developer.rackspace.com/blog/...

2016-04-05 17:21:56 -0600 commented answer Physnet VLAN: More than one external network exists

I don't get what you mean. We use QinQ for this, br-ex is only used for customer-networks. We can host many VLANs which we untag on our customer-switch (switch which the colo-racks are connected to).

2016-04-05 15:58:11 -0600 commented answer Physnet VLAN: More than one external network exists

Thanks for your answer. This workaround does not realy look like a good solution. Why do I need to setup an external connection per VLAN? This would mean, if I have 2.000 customers (each with one private tenant VLAN), I need to set up 2.000 physnets.