Ask Your Question

kirank's profile - activity

2016-09-04 18:41:27 -0500 received badge  Famous Question (source)
2015-10-02 09:46:21 -0500 received badge  Famous Question (source)
2015-08-30 06:52:18 -0500 received badge  Notable Question (source)
2015-08-25 00:18:19 -0500 received badge  Notable Question (source)
2015-08-21 00:15:12 -0500 commented question Some Cirros instances not getting ip.

Need to provide more debug information - What you did to determine VM, Router and network config was correct and packets are not blocked either by missing Security groups or IP tables.

2015-08-20 11:23:32 -0500 commented answer Project Deleted without Releasing Floating IP

Are you sure they can be assigned to other VMs? I did this test where project was delete without releasing the floating IP. In other projects the IP was not available (allocate IP just skips over the zombie IP)

2015-08-20 11:21:53 -0500 received badge  Popular Question (source)
2015-08-20 02:42:40 -0500 received badge  Famous Question (source)
2015-08-19 03:07:31 -0500 asked a question Project Deleted without Releasing Floating IP

On Kilo, I'm noticing that if a project/tenant has floating IPs and I delete that project, the floating IP is not released back to the pool? Asking since I see floatingip-list is still showing associated with the deleted tenant.

Is anybody noticing this?

2015-08-13 04:29:44 -0500 received badge  Self-Learner (source)
2015-08-13 04:29:37 -0500 received badge  Student (source)
2015-08-12 10:25:29 -0500 received badge  Popular Question (source)
2015-08-10 11:53:28 -0500 answered a question Trove Rabbit Config in RDO Packstack install

Solution for me was to set the rabbit_userid to amq_user which matched what was set by packstack in answer file.

In all all config (trove*.conf) files except trove-guestmanager.conf (ensure that yours already has the rabbit_userid & rabbit_password set):

rabbit_userid=amq_user
2015-08-10 11:50:50 -0500 asked a question Trove Rabbit Config in RDO Packstack install

Recently, I started looking into Trove install and saw a bunch of errors in trove-conductor.log and trove-taskmanager.log

trove-conductor.log:

ERROR oslo_messaging._drivers.impl_rabbit [-] AMQP server 172.0.0.7:5672 closed the connection. Check login credentials: Socket closed

trove-taskmanager.log:

ERROR oslo_messaging._drivers.impl_rabbit [req-03f2bd3e-9219-49b4-a079-5427edcf711c admin services - - -] AMQP server 172.16.10.97:5672 closed the connection. Check login credentials: Socket closed

No errors in trove-api.log.

I noticed that all config (trove*.conf) files except guestmanager.conf did not have rabbit_userid set. Packstack answer file had a user as amq_user. The password however was correct and matched amq_user. If the config file does not have rabbit_userid set, I would assume it would use guest user and will cause the above error.

Is this a known issue in packstack/RDO?

Thanks.

2015-08-07 18:36:33 -0500 answered a question No internet connectivity on Instances with each other and external Network

Loss of network generally means br-ex does not have an IP assigned on public. You may have to let Neutron know about your bridge. Have a look at the external network setup at the RDO project (info is not really specific to RDO) https://www.rdoproject.org/Neutron_wi...

2015-08-06 00:49:07 -0500 commented answer Can we create domains in Kilo?

Here's another tutorial I found, that allowed me to go past not authorized issue. As before, be aware that v3 + Horizon is not fully explored-atleast I haven't seen a fully working sample-- even tutorial above needs smart mods.

2015-07-31 00:48:25 -0500 received badge  Supporter (source)
2015-07-31 00:43:13 -0500 received badge  Enthusiast
2015-07-30 10:57:28 -0500 commented answer Can we create domains in Kilo?

After you login with cloud admin and created a new domain and admin members for that new domain, you still were not able to login with new domain & user? Do you have any error or logs from horizon / keystone?

2015-07-30 05:55:31 -0500 received badge  Teacher (source)
2015-07-30 04:38:23 -0500 answered a question Can we create domains in Kilo?

This is theoretically possible with keystone v3 using Domain Scoped Token. However horizon support for domain management is lacking in stock Kilo and requires experimentation. There is a workflow defined here in the wiki

https://wiki.openstack.org/wiki/Horizon/DomainWorkFlow

and

http://www.symantec.com/connect/blogs/how-use-horizon-keystone-v3

Kiran

2015-07-30 01:08:34 -0500 answered a question Neutron router can't reach external network - Kilo

Unitiger, Based on your debug, if the ARP reply was to sent neutron gateway's MAC (IP: 10.0.3.101) did the mac address match the qrouter's interface on br-ex? Assuming you're using OVS. Can you check the qrouter's interface is on br-ex with ovs-vsctl show command?

Other things to check is ensure your eth2 is on the br-ex. Better yet, ensure its on ifcfg-eth2 as it lasts across reboots.

As mentioned by previous answer, check that external network is specified. However, I would ensure in /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini

[ovs]
. . .
bridge_mappings =physnet1:br-ex

Of course, restart network node after this and check ovs-vsctl show.

Thanks, Kiran

2015-07-29 11:13:26 -0500 answered a question Why You are using OpenStack?

In short, we use it for ease of management and its open sourced-ness.

Those qualities allows us to control our destiny (no vendor lockin). Control for compliance like HIPAA. Within the org we can cleanly track how much of our resources are being used because its fairly easy to monitor the usage of the service - Openstack is nothing but Infrastructure as a Service.

2015-07-29 10:42:00 -0500 received badge  Editor (source)
2015-07-29 10:36:36 -0500 answered a question Can i have VPS based cloud with OpenStack?

Answer is Yes. Let me not question why to do or not do this. Lets assume you have all the info you need to decide that this the right thing for you. What happens then?

Sure you may possibly loose availability and performance if you created your entire Open Stack node on a single VM or Zone on your provider. However, if you spread your VMs across multiple availability zones offered by your service provider, then your availability also should increase.

One other aspect to consider if you hosted the compute node as a VM. This will make the instances launched by the compute node run in a fully emulated qemu --which gets slow. However, if your provider allows nested virtualization, you can get back a bunch of performance. Also consider another aspect where some software may not support you in nested virtualization cases - You should be concerned about this if some software depends on underlying drivers for correct functional operation and not just performance. Now if you're requirements are not high performance but general manageability or even product that can take few delayed execution / IO time then it should work. If your workloads fit into the "cattle" kind (See http://www.slideshare.net/randybias/architectures-for-open-and-scalable-clouds (Pets Vs. Cattle presentation)), then it should be no different (management wise) than hosting on dedicated hardware. Dedicated hardware breaks down too. Its a question of managing the frequency and type of breakdowns in VM and dedicated hardware.

2015-07-09 11:58:58 -0500 received badge  Popular Question (source)
2015-07-09 11:58:58 -0500 received badge  Notable Question (source)
2015-07-06 00:30:20 -0500 answered a question Can ping vm instance but can't ssh (ssh command halts, with no output)

From your description, it looks like you are able to get packets back and forth on port 22. Which might lead to suspect the SSH client. Have a look at this https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1311250 (bug and workaround.)

2015-07-05 12:32:23 -0500 answered a question Swift Config keystoneauth

I resolved why the unauthorized issue occurred. The admin_uri and identity_uri were pointing to the wrong server. It should point to the Keystone server. Instead they were incorrectly pointing to the swift proxy server.

Once they were updated, I could get container list and swift stat was working.

I would still like to understand how not using keystoneauth was allowing access to the containers. If anyone can throw more light on how the pipeline works, please post your comment.

2015-07-05 11:28:15 -0500 asked a question Swift Config keystoneauth

hi, What is the difference between using keystoneauth and not using it in the pipeline option of proxy-server.conf? Config: Openstack Kilo using RDO packstack. If I use keystoneauth as follows:

pipeline = catch_errors healthcheck cache authtoken  keystoneauth proxy-server

then I get

#swift list
Account GET failed: http://172.0.0.8:8080/v1/AUTH_ab7c4a02a02a02a02a02a02a02a02a02?format=json 401 Unauthorized

(the auth key is edited)

However, if I delete keystoneauth in the pipeline, everything is fine, I can see containers and there are no errors.

my keystoneauth section is:

[filter:keystoneauth]
use = egg:swift#keystoneauth
operator_roles = admin,member,SwiftOperator,_member_
is_admin = true
reseller_prefix = AUTH_

What does keystoneauth do and what do I lose by not including it in pipeline? Where should I look for clues as to why its failing? --debug option shows not much more info:

DEBUG:requests.packages.urllib3.connectionpool:"GET /v1/AUTH_ab7c4a02a02a02a02a02a02a02a02a02?format=json HTTP/1.1" 401 131
INFO:swiftclient:REQ: curl -i http://172.0.0.8:8080/v1/AUTH_ab7c4a02a02a02a02a02a02a02a02a02?format=json -X GET -H "X-Auth-Token: abcadd85dd85dd85dd85dd85dd85dd85dd85"
INFO:swiftclient:RESP STATUS: 401 Unauthorized

Service end points also look to be fine handling the correct "AUTH_" format.