Ask Your Question

Marco Schuster's profile - activity

2019-08-28 07:07:11 -0500 received badge  Famous Question (source)
2019-08-28 07:07:11 -0500 received badge  Notable Question (source)
2019-08-28 07:07:11 -0500 received badge  Popular Question (source)
2019-08-23 02:24:44 -0500 received badge  Famous Question (source)
2019-05-08 11:28:15 -0500 received badge  Notable Question (source)
2019-03-14 18:01:56 -0500 received badge  Popular Question (source)
2019-03-04 04:19:01 -0500 received badge  Enthusiast
2019-03-03 12:30:32 -0500 received badge  Supporter (source)
2019-02-20 15:44:19 -0500 asked a question Neutron failing to deploy with "Policy DROP not allowed for user defined chains."

So, I managed to fix the neutron/nova/keystone integration from the previous question (running Rocky on a Debian Testing env with a controller and a compute node), but still I cannot spawn a "hello world" cirros instance.

I am using openstack server create --flavor 0 --image cirros --nic net-id=xxx provider-instance1 to create the instance, but after a couple of minutes it goes to ERROR status with the message nova.exception.BuildAbortException: Build of instance xxxx aborted: Failed to allocate the network(s), not rescheduling. in the logs on the compute node.

The problem seems to be somewhere in neutron:

2019-02-20 17:18:17.789 31660 DEBUG neutron.agent.linux.utils [req-00598802-3c30-472b-8ebb-503c35b3b082 - - - - -] Running command: ['sudo', 'neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ebtables', '-t', 'nat', '--concurrent', '-N', 'neutronMAC-tap88d37460-4b', '-P', 'DROP'] create_process /usr/lib/python3/dist-packages/neutron/agent/linux/utils.py:87
2019-02-20 17:18:18.017 31660 ERROR neutron.agent.linux.utils [req-00598802-3c30-472b-8ebb-503c35b3b082 - - - - -] Exit code: 255; Stdin: ; Stdout: ; Stderr: Policy DROP not allowed for user defined chains.

From a quick googling around, apparently neutron uses ebtables to do ARP spoof prevention. How do I either fix this error, or disable all kinds of "security" (as I am in a private demo cloud anyway and VLAN/routing separation is more than enough for me)?

2019-02-20 15:44:19 -0500 answered a question Unable to sync nova-manage db using the command su -s /bin/sh -c "nova-manage db sync" nova

Install a mysql client on the nova machine and try connecting to your host from there. Odds are that there is a firewall rule either on mysql-host preventing ingress traffic or on nova-host preventing egress traffic.

The other thing: check with netstat -lnp where the mysqld is listening. You might have run into the issue that distributions set bind-address to 127.0.0.1, change it to 0.0.0.0 for world-open listening or to the IP address of the management interface. If the mysql-host is connected directly to the Internet - install a firewall!

2019-02-20 15:44:19 -0500 asked a question Minimal rocky installation: creation of instances fails with keystoneauth1.exceptions.http.Unauthorized

On a Debian Testing setup consisting of one controller node and one compute node (set up per https://docs.openstack.org/install-guide/openstack-services.html#minimal-deployment-for-rocky (https://docs.openstack.org/install-gu...)) I have the problem that creation of instances fails with a keystone unauthorized error, no matter if running with admin or demo credentials.

All four installed services (keystone, glance, nova, neutron) pass the respective checks in the "Verify operation" part of their installation guidelines, but a simple openstack server create --flavor 0 --image cirros --nic net-id=xxxxx --debug provider-instance1 (or creating an instance in the horizon UI) fails with:

novaclient.exceptions.ClientException: Unexpected API Error. Please report this at http://bugs.launchpad.net/nova/ and attach the Nova API log if possible.
<class 'keystoneauth1.exceptions.http.Unauthorized'> (HTTP 500) (Request-ID: req-456d1aff-a3a4-428b-8e0b-b2b14bdefd97)

The call that fails is:

curl -g -i -X POST http://10.161.14.20:8774/v2.1/servers -H "Accept: application/json" -H "Content-Type: application/json" -H "User-Agent: python-novaclient" -H "X-Auth-Token: {SHA1}32169a085723fd18387e910054fc13850461498c" -d '{"server": {"name": "provider-instance1", "imageRef": "4c2761a0-0d04-4ded-9ba5-8bf58ddcc05c", "flavorRef": "0", "min_count": 1, "max_count": 1, "networks": [{"uuid": "d80a8a4c-16b6-4f7f-ab2e-0720e0b6ab9e"}]}}'

What is broken here?

The nova-api.log:

2019-02-20 15:08:06.798 15816 ERROR nova.api.openstack.wsgi [req-456d1aff-a3a4-428b-8e0b-b2b14bdefd97 cc77fa29ff2f40aa81cab569859d6f99 ad5fd5c572aa41aea707e9bcc82ce03a - default default] Unexpected exception in API method: keystoneauth1.exceptions.http.Unauthorized: The request you have made requires authentication. (HTTP 401) (Request-ID: req-d8c2b9d6-41f1-4eed-a65f-2360efa1b831)
2019-02-20 15:08:06.798 15816 ERROR nova.api.openstack.wsgi Traceback (most recent call last):
2019-02-20 15:08:06.798 15816 ERROR nova.api.openstack.wsgi   File "/usr/lib/python3/dist-packages/nova/api/openstack/wsgi.py", line 801, in wrapped
2019-02-20 15:08:06.798 15816 ERROR nova.api.openstack.wsgi     return f(*args, **kwargs)
2019-02-20 15:08:06.798 15816 ERROR nova.api.openstack.wsgi   File "/usr/lib/python3/dist-packages/nova/api/validation/__init__.py", line 110, in wrapper
2019-02-20 15:08:06.798 15816 ERROR nova.api.openstack.wsgi     return func(*args, **kwargs)
2019-02-20 15:08:06.798 15816 ERROR nova.api.openstack.wsgi   File "/usr/lib/python3/dist-packages/nova/api/validation/__init__.py", line 110, in wrapper
2019-02-20 15:08:06.798 15816 ERROR nova.api.openstack.wsgi     return func(*args, **kwargs)
2019-02-20 15:08:06.798 15816 ERROR nova.api.openstack.wsgi   File "/usr/lib/python3/dist-packages/nova/api/validation/__init__.py", line 110, in wrapper
2019-02-20 15:08:06.798 15816 ERROR nova.api.openstack.wsgi     return func(*args, **kwargs)
2019-02-20 15:08:06.798 15816 ERROR nova.api.openstack.wsgi   [Previous line repeated 7 more times]
2019-02-20 15:08:06.798 15816 ERROR nova.api.openstack.wsgi   File "/usr/lib/python3/dist-packages/nova/api/openstack/compute/servers.py", line 576, in create
2019-02-20 15:08:06.798 15816 ERROR nova.api.openstack.wsgi     **create_kwargs)
2019-02-20 15:08:06.798 15816 ERROR nova.api.openstack.wsgi   File "/usr/lib/python3/dist-packages/nova/hooks.py", line 154, in inner
2019-02-20 15:08:06.798 15816 ERROR nova.api.openstack.wsgi     rv = f(*args, **kwargs)
2019-02-20 15:08:06.798 15816 ERROR nova ...
(more)