Ask Your Question

thomas.oneill's profile - activity

2019-05-20 11:47:50 -0500 received badge  Student (source)
2018-02-26 04:11:56 -0500 received badge  Self-Learner (source)
2018-02-26 04:11:56 -0500 received badge  Teacher (source)
2018-02-08 07:34:08 -0500 received badge  Famous Question (source)
2017-07-31 08:30:00 -0500 received badge  Famous Question (source)
2017-03-31 04:45:13 -0500 received badge  Famous Question (source)
2017-03-30 00:50:15 -0500 received badge  Notable Question (source)
2017-03-30 00:50:15 -0500 received badge  Famous Question (source)
2017-03-30 00:50:00 -0500 received badge  Famous Question (source)
2017-02-22 01:09:20 -0500 received badge  Notable Question (source)
2017-02-22 01:09:20 -0500 received badge  Popular Question (source)
2017-02-13 12:03:03 -0500 received badge  Notable Question (source)
2017-02-10 02:21:49 -0500 received badge  Notable Question (source)
2017-02-04 22:23:13 -0500 received badge  Taxonomist
2017-01-24 11:01:00 -0500 answered a question kolla-ansible deploy error - /run not a shared mount

Ah, I'd deleted the /etc/systemd/system/docker.service.d/kolla.confconfiguration documented here: https://github.com/openstack/kolla/blob/master/doc/quickstart.rst#install-dependencies (https://github.com/openstack/kolla/bl...)

2017-01-24 04:33:38 -0500 asked a question kolla-ansible deploy error - /run not a shared mount
fatal: [compute01]: FAILED! => {"changed": true, "failed": true, "msg": "'Traceback (most recent call last):
  File "/tmp/ansible_kBrnte/ansible_module_kolla_docker.py", line 742, in main
    result = bool(getattr(dw, module.params.get('action'))())
  File "/tmp/ansible_kBrnte/ansible_module_kolla_docker.py", line 572, in start_container
    self.dc.start(container=self.params.get('name'))
  File "/usr/lib/python2.7/site-packages/docker/utils/decorators.py", line 21, in wrapped
    return f(self, resource_id, *args, **kwargs)
  File "/usr/lib/python2.7/site-packages/docker/api/container.py", line 383, in start
    self._raise_for_status(res)
  File "/usr/lib/python2.7/site-packages/docker/client.py", line 174, in _raise_for_status
    raise errors.APIError(e, response, explanation=explanation)
APIError: 500 Server Error: Internal Server Error ("linux mounts: Path /run is mounted on /run but it is not a shared mount.")
'"}

This is on CentOS 7. I was having some separate issues with SELinux before, I've disabled that now and have tried destroying and then deploying again, have also rebooted. Here's how it goes when I jump on compute01 and try manually:

stack@compute01:~ $ sudo docker ps -a
CONTAINER ID        IMAGE                                                      COMMAND             CREATED  STATUS              PORTS               NAMES
09a69d0b107d        10.10.20.10:4000/kolla/centos-binary-kolla-toolbox:3.0.3   "kolla_start"       10 minutes ago  Created                                 kolla_toolbox
2288bcca5e7d        10.10.20.10:4000/kolla/centos-binary-heka:3.0.3            "kolla_start"       10 minutes ago  Up 10 minutes                           heka
stack@compute01:~ $ sudo docker start kolla_toolbox
Error response from daemon: linux mounts: Path /run is mounted on /run but it is not a shared mount.
Error: failed to start containers: kolla_toolbox
stack@compute01:~ $ sudo docker version
Client:
 Version:      1.11.2
 API version:  1.23
 Go version:   go1.5.4
 Git commit:   b9f10c9
 Built:        Wed Jun  1 21:23:11 2016
 OS/Arch:      linux/amd64

Update: Have tried deleting and re-building the kolla-toolbox image and deleting the /var/lib/docker directory, still no good.

2017-01-19 05:44:34 -0500 received badge  Popular Question (source)
2017-01-19 00:14:05 -0500 received badge  Notable Question (source)
2017-01-18 12:47:22 -0500 answered a question CommandError: An error occurred during rendering /opt/stack/horizon/openstack_dashboard/templates/_stylesheets.html

Is this your problem? https://github.com/openstack-dev/devstack/blob/master/stack.sh#L92-L95 (https://github.com/openstack-dev/devs...)

Have you followed the steps here properly? http://docs.openstack.org/developer/devstack/ (http://docs.openstack.org/developer/d...)

It looks like you're trying to run stack.sh as root. You need to run as the stack user and also configure sudoers so you can sudo from the stack user without a password.

2017-01-18 12:40:31 -0500 commented question Openstack newton connection refused

Are you using Open vSwitch or a Linux bridge, or what? You could use tcpdump to packet capture the relevant interfaces whilst this is occurring, and you could also check the relevant logs.

2017-01-18 05:40:10 -0500 received badge  Popular Question (source)
2017-01-18 05:34:54 -0500 received badge  Popular Question (source)
2017-01-18 03:14:20 -0500 received badge  Editor (source)
2017-01-18 02:44:53 -0500 answered a question Establishing Instance Internet Connectivity with Kolla

I established network connectivity yesterday evening!

The main problem I was having was that both br-ex and br-tun were down, which seems to be the behaviour every time I deploy OpenStack using Kolla/Ansible, as well as on reboot.

Strangely however, with my successful ping I am not seeing the traffic on either br-ex or br-tun when packet capturing either interface during the successful ping from the instance. I am seeing the traffic on:

  • Both sides of the veth pair (looks like qvb73d1a05c-a9@qvo73d1a05c-a9 for me in ip addr, the @ is the separator).
  • The TAP device.
  • My external interface which OVS's br-ex is supposedly bridged to for Neutron's external connectivity (neutron_external_interface), for me this is ens2f0.
  • Both interfaces of the router if I ip netns exec [router_id] bash to check.

I'll do some more investigation and then potentially post a further question(s) to work out exactly what is going on here.

2017-01-17 05:54:32 -0500 asked a question Establishing Instance Internet Connectivity with Kolla

Hello,

This is my current architecture: https://www.lucidchart.com/invitations/accept/43422ede-d5cd-4ca1-bd85-e1066dd7ac36 (https://www.lucidchart.com/invitation...)

Here's the output of my ip addr on my compute node:

stack@compute00:~ $ ip a
1: lo: <loopback,up,lower_up> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eno1: <broadcast,multicast> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 0c:c4:7a:6c:1a:a0 brd ff:ff:ff:ff:ff:ff
3: eno2: <broadcast,multicast> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 0c:c4:7a:6c:1a:a1 brd ff:ff:ff:ff:ff:ff
4: ens2f0: <broadcast,multicast> mtu 1500 qdisc noop master ovs-system state DOWN group default qlen 1000
    link/ether 0c:c4:7a:bb:96:4c brd ff:ff:ff:ff:ff:ff
5: ens2f1: <broadcast,multicast,up,lower_up> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 0c:c4:7a:bb:96:4d brd ff:ff:ff:ff:ff:ff
    inet 10.10.10.11/24 brd 10.10.10.255 scope global ens2f1
       valid_lft forever preferred_lft forever
    inet 10.10.10.12/32 scope global ens2f1
       valid_lft forever preferred_lft forever
    inet6 fe80::ec4:7aff:febb:964d/64 scope link
       valid_lft forever preferred_lft forever
6: docker0: <no-carrier,broadcast,multicast,up> mtu 1500 qdisc noqueue state DOWN group default
    link/ether 02:42:6f:2a:3e:d8 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 scope global docker0
       valid_lft forever preferred_lft forever
7: ovs-system: <broadcast,multicast> mtu 1500 qdisc noop state DOWN group default qlen 1
    link/ether 42:f8:8d:4d:3a:36 brd ff:ff:ff:ff:ff:ff
8: br-ex: <broadcast,multicast> mtu 1500 qdisc noop state DOWN group default qlen 1
    link/ether 0c:c4:7a:bb:96:4c brd ff:ff:ff:ff:ff:ff
9: br-int: <broadcast,multicast> mtu 1450 qdisc noop state DOWN group default qlen 1
    link/ether 8e:13:f0:66:e8:45 brd ff:ff:ff:ff:ff:ff
13: br-tun: <broadcast,multicast> mtu 1500 qdisc noop state DOWN group default qlen 1
    link/ether ba:f5:cb:4b:06:4e brd ff:ff:ff:ff:ff:ff
14: qbr1eeaa859-bc: <broadcast,multicast,up,lower_up> mtu 1450 qdisc noqueue state UP group default qlen 1000
    link/ether fa:65:a3:35:17:ab brd ff:ff:ff:ff:ff:ff
15: qvo1eeaa859-bc@qvb1eeaa859-bc: <broadcast,multicast,promisc,up,lower_up> mtu 1450 qdisc noqueue master ovs-system state UP group default qlen 1000
    link/ether d2:2f:d6:d7:d2:a5 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::d02f:d6ff:fed7:d2a5/64 scope link
       valid_lft forever preferred_lft forever
16: qvb1eeaa859-bc@qvo1eeaa859-bc: <broadcast,multicast,promisc,up,lower_up> mtu 1450 qdisc noqueue master ...
(more)
2017-01-17 05:33:57 -0500 answered a question Confused About neutron_external_interface

Folks in the #openstack-kolla channel answered this for me saying that the neutron_external_interface should be an interface that will be able to reach the internet, it will be added to the br-ex bridge interface (layer 2), the IP (layer 3) configuration will be managed by Neutron/OpenVSwitch.

I'm still having problems at the moment though, my br-ex is showing as DOWN in my IP configuration, I'm going to post a new question about this and link to that from this answer when I've posted it.

Edit: This was follow-up question: https://ask.openstack.org/en/question/101599/establishing-instance-internet-connectivity-with-kolla/ (https://ask.openstack.org/en/question...)

2017-01-17 05:19:09 -0500 received badge  Enthusiast
2017-01-16 06:44:46 -0500 asked a question Confused About neutron_external_interface

Hello,

About this neutron_external_interface in etc/kolla/globals.yml the following is stated:

This is the raw interface given to neutron as its external network port. Even though an IP address can exist on this interface, it will be unusable in most configurations. It is recommended this interface not be configured with any IP addresses for that reason.

https://github.com/openstack/kolla-ansible/blob/master/etc/kolla/globals.yml#L81-L85 (https://github.com/openstack/kolla-an...)

I'm trying to figure out how I'm supposed to interpret this in terms of how I can actually implement this to get my instances online.

At the moment I have a multinode setup with a controller and a compute node. I've used kolla-ansible to deploy. I have 2 interfaces on each host, ens2f0 and ens2f1. The ens2f0's are the external public interfaces with public IP addresses. The ens2f1's are the internal interfaces and have an RFC 1918 address on.

Looking at what it says I guess I'm not supposed to just make the neutron_external_interface the ens2f0? I actually tried this and it broke connectivity to the compute node I think. So am I supposed to make a loopback or bridge interface and use that, or what?

2017-01-10 02:55:45 -0500 received badge  Supporter (source)
2017-01-10 02:55:41 -0500 received badge  Scholar (source)
2017-01-09 09:22:12 -0500 asked a question Docker Module ImportError with kolla-ansible

Hello,

I don't seem to be able to shake the following ImportError:

(env) stack@control00:~/kolla-ansible$ kolla-ansible prechecks -i ansible/inventory/multinode -p ansible/site.yml --configdir /etc/kolla -e ansible_become=true -e ansible_become_method=sudo
Pre-deployment checking : ansible-playbook -i ansible/inventory/multinode -e @/etc/kolla/globals.yml -e @/etc/kolla/passwords.yml -e CONFIG_DIR=/etc/kolla  -e ansible_become=true -e ansible_become_method=
sudo -e action=precheck ansible/site.yml

PLAY [Gather facts for all hosts] **********************************************

[ ... irrelevant output omitted ... ]

TASK [prechecks : Checking docker-py version] **********************************
fatal: [control00]: FAILED! => {"changed": false, "cmd": ["python", "-c", "import docker; print docker.__version__"], "delta": "0:00:00.019425", "end": "2017-01-09 15:12:25.822150", "failed": true, "failed_when_result": true, "rc": 1, "start": "2017-01-09 15:12:25.802725", "stderr": "Traceback (most recent call last):\n  File \"<string>\", line 1, in <module>\nImportError: No module named docker", "stdout": "", "stdout_lines": [], "warnings": []}
        to retry, use: --limit @/home/stack/kolla-ansible/ansible/site.retry

PLAY RECAP *********************************************************************
compute00                  : ok=1    changed=0    unreachable=0    failed=0
control00                  : ok=22   changed=0    unreachable=0    failed=1

Command failed ansible-playbook -i ansible/inventory/multinode -e @/etc/kolla/globals.yml -e @/etc/kolla/passwords.yml -e CONFIG_DIR=/etc/kolla  -e ansible_become=true -e ansible_become_method=sudo -e action=precheck ansible/site.yml

I've tried with virtual environments using both Python 2 and 3, all I've done on this Ubuntu 16.04 box so far is:

sudo apt-get install build-essential libssl-dev libffi-dev python-dev
git clone https://github.com/openstack/kolla-ansible.git
pip install kolla-ansible/requirements.txt
pip install kolla-ansible
pip install ansible

And also to install the latest version of Docker as documented https://docs.docker.com/engine/installation/linux/ubuntulinux/ (here).

The docker-py module is installed from the requirements.txt file, but I've also tried installing the regular docker module in pip, and also switching between either of these being installed as well as both.

2017-01-09 09:10:22 -0500 received badge  Popular Question (source)
2016-12-20 20:59:19 -0500 answered a question Kolla Ansible User Privileges Best Practice

Running kolla-ansible with -e 'ansible_become=true' -e 'ansible_become_method=sudo' works for me and seems reasonable.

2016-12-20 20:59:16 -0500 asked a question Kolla Ansible User Privileges Best Practice

I was wondering what the best practice was in terms of which user to use for kolla-ansible and how to escalate privileges to sudo/root. I know that in Ansible there is the become playbook feature, and also that in the inventory you can specify ansible_user=$USERNAME after the hostname to perform operations on that host with that user.

Just running as my user, which is part of the docker group on the relevant hosts, has resulted in these errors:

TASK [haproxy : Setting sysctl values] *****************************************
failed: [network01] (item={u'name': u'net.ipv4.ip_nonlocal_bind', u'value': 1}) => {"failed": true, "item": {"name": "net.ipv4.ip_nonlocal_bind", "value": 1}, "module_stderr": "Shared connection to network01 closed.
", "module_stdout": "Traceback (most recent call last):
  File \"/tmp/ansible__d5Ird/ansible_module_sysctl.py\", line 371, in <module>
    main()
  File \"/tmp/ansible__d5Ird/ansible_module_sysctl.py\", line 364, in main
    result = SysctlModule(module)
  File \"/tmp/ansible__d5Ird/ansible_module_sysctl.py\", line 124, in __init__
    self.process()
  File \"/tmp/ansible__d5Ird/ansible_module_sysctl.py\", line 172, in process
    self.write_sysctl()
  File \"/tmp/ansible__d5Ird/ansible_module_sysctl.py\", line 330, in write_sysctl
    fd, tmp_path = tempfile.mkstemp('.conf', '.ansible_m_sysctl_', os.path.dirname(self.sysctl_file))
  File \"/usr/lib/python2.7/tempfile.py\", line 314, in mkstemp
    return _mkstemp_inner(dir, prefix, suffix, flags)
  File \"/usr/lib/python2.7/tempfile.py\", line 244, in _mkstemp_inner
    fd = _os.open(file, flags, 0600)
OSError: [Errno 13] Permission denied: '/etc/.ansible_m_sysctl_u8SELB.conf'
", "msg": "MODULE FAILURE"}
failed: [network01] (item={u'name': u'net.unix.max_dgram_qlen', u'value': 128}) => {"failed": true, "item": {"name": "net.unix.max_dgram_qlen", "value": 128}, "module_stderr": "Shared connection to network01 closed.
", "module_stdout": "Traceback (most recent call last):
  File \"/tmp/ansible_jG46m0/ansible_module_sysctl.py\", line 371, in <module>
    main()
  File \"/tmp/ansible_jG46m0/ansible_module_sysctl.py\", line 364, in main
    result = SysctlModule(module)
  File \"/tmp/ansible_jG46m0/ansible_module_sysctl.py\", line 124, in __init__
    self.process()
  File \"/tmp/ansible_jG46m0/ansible_module_sysctl.py\", line 172, in process
    self.write_sysctl()
  File \"/tmp/ansible_jG46m0/ansible_module_sysctl.py\", line 330, in write_sysctl
    fd, tmp_path = tempfile.mkstemp('.conf', '.ansible_m_sysctl_', os.path.dirname(self.sysctl_file))
  File \"/usr/lib/python2.7/tempfile.py\", line 314, in mkstemp
    return _mkstemp_inner(dir, prefix, suffix, flags)
  File \"/usr/lib/python2.7/tempfile.py\", line 244, in _mkstemp_inner
    fd = _os.open(file, flags, 0600)
OSError: [Errno 13] Permission denied: '/etc/.ansible_m_sysctl_IQU7c9.conf'
", "msg": "MODULE FAILURE"}
        to retry, use: --limit @/home/stack/kolla-ansible/ansible/site.retry

Running as root and configuring SSH for this is viable but seems nasty, any recommendations?