Ask Your Question

Prateek K's profile - activity

2017-07-26 02:41:05 -0600 received badge  Nice Answer (source)
2017-06-01 06:10:56 -0600 received badge  Famous Question (source)
2017-05-18 15:44:22 -0600 received badge  Famous Question (source)
2016-12-29 23:08:08 -0600 received badge  Notable Question (source)
2016-12-29 10:17:47 -0600 received badge  Popular Question (source)
2016-12-29 07:37:57 -0600 commented question openstack magnum conductor authorization failed mitaka

RegionOne it gives

2016-12-29 03:51:01 -0600 asked a question openstack magnum conductor authorization failed mitaka

I am using Mitaka version of opestack and I have configured Magnum on it.

  1. Magnum baymodel gets created
  2. Magnum Bay commands gets accepted however the bay status is stuck in CREATE_IN_PROGRESS state.

After checking the logs magnum conductor reports that the service is unable to fetch state as authorization failed:-

 log_http_response /usr/lib/python2.7/dist-packages/heatclient/common/
2016-12-29 01:43:55.289 24881 DEBUG oslo_service.periodic_task [-] Running periodic task MagnumPeriodicTasks.sync_bay_status run_periodic_tasks /usr/local/lib/python2.7/dist-packages/oslo_service/
2016-12-29 01:43:55.290 24881 DEBUG magnum.service.periodic [req-695a33ec-39f8-4685-bc85-d9ffd4f3809a - - - - -] Starting to sync up bay status sync_bay_status /usr/lib/python2.7/dist-packages/magnum/service/
2016-12-29 01:43:55.298 24881 DEBUG keystoneclient.v3.client [req-695a33ec-39f8-4685-bc85-d9ffd4f3809a - - - - -] Authorization failed. get_raw_token_from_identity_service /usr/lib/python2.7/dist-packages/keystoneclient/v3/
2016-12-29 01:43:55.298 24881 WARNING magnum.service.periodic [req-695a33ec-39f8-4685-bc85-d9ffd4f3809a - - - - -] Ignore error [reason: A user and password or token is required.] when syncing up bay status.
2016-12-29 01:43:55.298 24881 ERROR magnum.service.periodic Traceback (most recent call last):
2016-12-29 01:43:55.298 24881 ERROR magnum.service.periodic   File "/usr/lib/python2.7/dist-packages/magnum/service/", line 82, in sync_bay_status
2016-12-29 01:43:55.298 24881 ERROR magnum.service.periodic     stacks = osc.heat().stacks.list(global_tenant=True,
2016-12-29 01:43:55.298 24881 ERROR magnum.service.periodic   File "/usr/lib/python2.7/dist-packages/magnum/common/", line 173, in wrapped
2016-12-29 01:43:55.298 24881 ERROR magnum.service.periodic     client=func.__name__, message="reason: %s" % sys.exc_info()[1])
2016-12-29 01:43:55.298 24881 ERROR magnum.service.periodic AuthorizationFailure: reason: A user and password or token is required.
2016-12-29 01:43:55.298 24881 ERROR magnum.service.periodic
2016-12-29 01:43:55.388 24881 DEBUG heatclient.common.http [-] curl -g -i -X GET -H 'X-Auth-Token: {SHA1}9294feeaee720d16a772e0843e796fd74a101421' -H 'Content-Type: application/json' -H 'X-Auth-Url: http://A1-39978-controller:5000/v3' -H 'Accept: application/json' -H 'User-Agent: python-heatclient' http://A1-39978-controller:8004/v1/1f4ff4d2c3684ffab7d983f3740e7411/stacks/d7c36067-0f9a-48f0-8b16-aeea3f8e2bb0 log_curl_request /usr/lib/python2.7/dist-packages/heatclient/common/
2016-12-29 01:43:55.440 24881 DEBUG heatclient.common.http [-]
HTTP/1.1 302 Found
Location: http://controller:8004/v1/1f4ff4d2c3684ffab7d983f3740e7411/stacks/k8sbay-uf7z6n3omt4j/d7c36067-0f9a-48f0-8b16-aeea3f8e2bb0
Content-Length: 211

Any clue ?

here is the magnum.conf file

transport_url = rabbit://openstack:password@controller
periodic_global_stack_list= True
pybasedir = /usr/lib/python2.7/dist-packages/magnum
bindir = /usr/bin
state_path = /var/lib/magnum
periodic_enable = true
run_external_periodic_tasks = true

host =

cert_manager_type = local

region_name = RegionOne

connection = mysql+pymysql://magnum:password@controller/magnum

auth_uri = http://controller:5000/v3
auth_url = http://controller:35357/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = magnum
password = password


lock_path = /var/lock/magnum

driver = messaging

rabbit_host = localhost
rabbit_userid = guest
rabbit_password = guest

2016-12-21 02:57:41 -0600 commented answer Magnum commands return ERROR: Not Authorized

Thanks a lot... U saved me from debugging it.... Worked like a charm

2016-12-18 03:16:36 -0600 received badge  Notable Question (source)
2016-12-16 07:29:52 -0600 received badge  Popular Question (source)
2016-12-15 03:25:19 -0600 asked a question Does anyone have ansible scripts for installing Openstack Mitaka

I am not taking about openstack-ansible project where opestack is deployed in lxc-containers. I want to deploy multi-node openstack Mitaka non-container plain version using ansible playbooks.

Unfortunately the playbooks that are available to deploy simple openstack on the internet are till havana release.

Does by chance anyone has that ?

2016-11-09 01:04:47 -0600 received badge  Famous Question (source)
2016-03-17 13:47:05 -0600 received badge  Great Answer (source)
2016-03-17 13:47:05 -0600 received badge  Guru (source)
2016-02-23 14:24:56 -0600 received badge  Famous Question (source)
2016-01-28 01:04:44 -0600 commented answer Liberty RDO "Neutron with existing external network"

Too much to see :P ... Can we setup a call where we can debug this further.... It will be great if we can have a team-viewer session... My email id is ...

2016-01-21 03:56:36 -0600 answered a question Liberty RDO "Neutron with existing external network"

Based on what I read in the post I see that the interface on the VM is not getting the IP from dhcp server running for your internal network..

Do s ps -aef |grep dnsmasq on the neutron node and check weather a dhcp server is running for the internal network or not.

If the dhcp server is running check the flows in both compute and neutorn node of OVS via command ovs-ofctl dump-flows <bridge> ....

If the flows are also fine then do a tcpdump on the interfaces and see weather neutorn node is actually receving the DHCP broadcast message from teh VM or not.

2016-01-19 00:43:53 -0600 commented question openstack HA: sometimes getting unable to establish connection error

we need to debug this step by step... I guess the VIP that you have configured is on HAProxy... Enable the debugging logs of HA proxy and see what it has to say when the "Unable to establish connection happens"

2016-01-15 04:20:50 -0600 answered a question how to add kvm and vcenter in single compute-node

2 hypervisors cannot work on a same physical machine. Openstack can support different compute nodes having different hypevisors. So you can have KVM/QEMU on compute node 1 and ESXI(Vmware) hypervisor on compute node2.

Vcenter is a manager which connects to esxi hypervisor but its not a hypervisor in itself

2016-01-14 04:12:45 -0600 commented answer DevStack Installation Error

we can close this question now as the problem got solved :)

2016-01-11 23:08:47 -0600 commented answer RDO - Reference setup for server with 2 NICs

See this image ... Here the data Network(blue line) and Management Network(Red Line) are separate, in your case it would be same ... Configuration wise it depends upon which net topology you are using ..Can you please tell me that

2016-01-11 23:04:08 -0600 commented answer Instance resets to default after stop/start

Great ... You were able to solve the problem ... :)

2016-01-11 03:16:52 -0600 commented answer Instance resets to default after stop/start

What are the specs being provided while creating the flavor ?.. Also while launching the instances there would be logs of nova-compute coming can you please provide that.. Make sure debug is set to true in the config file

2016-01-11 02:19:32 -0600 answered a question Instance resets to default after stop/start

This is not a default design kind of thing. Can you tell which hypervisor you are using . What is happening is the disk that is created for the VM is not in good shape as whatever you are writing on it is getting erased.

Also provide weather Cinder is also involved in your setup ?

2016-01-11 02:16:12 -0600 answered a question RDO - Reference setup for server with 2 NICs

if you want to setup openstack then you need the following networks:-

  1. Management network - internal API calls, internal communication of services via AMQP server and also Datbase qeuries.

  2. Data Network- For traffic between VM's and Network node.

  3. Public Netwok- External network which will be used to access VM's from outside (external world)

Ideally for each network it is recommend to have separate Interfaces so 3 NIC's are used but as you mentioned you have 2 NIC's there in this case you Data and Management network will be clubbed on the same interface. It is possible and there are no errors encountered but the only thing is its only good for PoC or testing kind of things and not good for Production Setups

2016-01-11 00:24:21 -0600 answered a question how to perform change SID for windows in openstack with KVM hypervisor

Windows templates must be prepared with Sysprep before they can be provisioned on multiple machines. Sysprep allows you to create a generic Windows template and avoid any possible SID conflicts.

For more info refer to this link. .

Basically you need cloud-init package inside your windows machine plus you need to create a template of your own as described in the link above

2016-01-10 23:13:00 -0600 commented answer DevStack Installation Error

My mail id is ... Please send me the logs there so that I can have a better look at it

2016-01-08 07:21:32 -0600 commented answer i am getting error "something went wrong" error when i am trying to log on to horizon dashboard .... Reach me on this email id... Lets have a talk about this

2016-01-08 00:53:46 -0600 commented answer lbaas v2 with haproxy as reference implementation

Yes that can also be done... In that case you have to go to the lbaas config file and enable HA proxy drivers and disable octavia .. Follow the same openstack lbaasv1 guide to configure it and it should work fine

2016-01-07 03:59:19 -0600 answered a question restart openstack service

There are two ways to resolve this:

1. Sign out and properly connect / sign in as the user you wish to use.(In your case login with stack itself, dont go with root and then su to stack)
2. (Only use when step 1 does not work) Run script /dev/null to own the shell ; then try screen again.
2016-01-07 00:06:57 -0600 answered a question lbaas v2 with haproxy as reference implementation

I recently got a chance to work on both lbaas and lbaasv2... So it goes like this

  1. lbaas - it uses HAProxy inside. This runs as a process inside the network namespace. This namespace is present in the network node of the openstack setup. When the user hits the lbaas IP it goes to the network namespace where HAproxy is running and then its al HAproxy working with its pools, members and crazy load balancing stuff

  2. lbaasv2- Ot uses an image known as Amphora inside. When we talk about image its actually a VM getting created on the compute node. This entire project is known as Octavia. In layman terms a virtual machine is created instead of a network namespace. Inside this VM the LBAAS service is running and will have its pools, members and crazy load balancing stuff

Why have we done it :-

  • This is an operator grade LbaaS
  • Suppose you see that the performance of load balancer is not good and you require more resources. This can be easily done by providing a new flavor to the VM.
2016-01-06 23:24:08 -0600 answered a question OVS setup with VLAN provider network

I think what we you want it an ARP responder which actually works in the following ways:-

  • OVS at L2 creates a table known as arp table where the MAC address of machines is learned
  • Whenever ARP request comes instead of treating it as a broadcast and sending to all VM's the tables are used and a arp response is created by OVS at l2 itself and sent
  • Prevent kind of ARP request attacks and flooding etc.

Check this value in the ml2_conf.ini file of the neutron node:- arp_responder = False

One thing that we have to note here is currently only networks such as VXLAN and GRE(Overlay networks) support ARP responder in OVS. There is already a bug raised for getting this feature in vlan :-

What I can suggest you is if you are worried about the network congrestion and dont want such things to happen then convert your network topology to VXLAN or GRE and then the arp responder will work and will prevent flooding

2016-01-06 23:10:01 -0600 answered a question rules not working properly on security groups

Hmm... this is strange , what my wild guess would be to check the configurations files of neutron and see weather the firewall variable has been set correctly in security groups sections:-


enable_security_group = True

enable_ipset = True

firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

Let me know how it goes

2016-01-06 23:04:51 -0600 commented answer i am getting error "something went wrong" error when i am trying to log on to horizon dashboard

Can you post some more logs... I am unable to figure out what has changed in the logs

2016-01-06 03:51:02 -0600 commented question keystone error

Can you provide the httpd service logs as well

2016-01-06 03:49:29 -0600 commented question Instance console is currently unavailable

Are you able to get console for instances which do have Windows ?

2016-01-06 03:48:54 -0600 commented question keystone error

Can you provide me the process logs of httpd service as well

2016-01-06 03:37:26 -0600 commented answer i am getting error "something went wrong" error when i am trying to log on to horizon dashboard

if its a normal installation restart the services of nova via service nova-api restart , service nova-conductor restart etc .. etc

2016-01-06 03:36:33 -0600 commented answer i am getting error "something went wrong" error when i am trying to log on to horizon dashboard

is it a devstack installation ? .. If yes then you have to go the screen session ... Then go to the partcular tab where nova services are running( ctrl + ") then press ctlr +c to ternmiate the process and then restart it ..

2016-01-06 02:22:37 -0600 commented answer i am getting error "something went wrong" error when i am trying to log on to horizon dashboard

Also restart the nova services for changes to take effect

2016-01-06 02:22:06 -0600 answered a question i am getting error "something went wrong" error when i am trying to log on to horizon dashboard

Try to see the nova.conf file and check weather 'auth_strategy=keystone' is present under [default] section... I think this will solve the problem

2016-01-05 03:16:59 -0600 answered a question hardware limits

There is no term like limits in the entire openstack installation about the limit to the compute nodes as When it comes to availability in openstack every compute node runs a major service known as nova-compute and neutron-openvswitch-agent.

Now these two services connect to controller via RabbitMQ which is an AMQP broker ( Again it has no limits to the number of connections)

So practically its like the more resources you have the more load your controller can handle. In my experience I was able to add 15 physical compute nodes and for testing I created a fake kind of mechanism and was able to add around 180 compute nodes to controller.

OK... if you are intrested in making fake compute nodes then do the following. There are actually 2 ways of doing it :

Method 1-

  1. Take a physical machine and install docker on it.

  2. Create a lxc container and install nova-compute service on it.

  3. Configure the compute node service running inside the container.
  4. Make sure you do the networking in such a way that you are able to ping the controller from the container.
  5. Start the container.
  6. The service should come up and there should be a compute node added to the controller.
  7. Create as many clones of the container as you want .
  8. So if you have 9 clones then you have 9 fake compute nodes running for testing purpose.

Method 2- This method requires prior knowledge of AMQP server and Messaging application which you are using in openstack environment. In 90% of cases is RabbitMQ. Also you need to have basic knowledge of python as you have to write a small script.

  1. Bring down the nova-compute service running on a compute node.
  2. Once its down, see which exchanges are present on the RabbitMQ server running on the controller.
  3. Bring up the compute node and try to capture the messages that go from compute node to the controller via AMQP server.
  4. To capture messages you need to create a consumer script on the exchange which is getting used for the compute to send messages to the controller.
  5. The messages will be in oslo messaging format and they would be actually in the form of nested python dictionaries.
  6. Once you have all the messages create another python script, and using that script send the messages captured earlier.
  7. When these messages come the controller thinks that a compute node is added to the system.
  8. Create threads of this python script.
  9. Each thread corresponds to a Fake compute node.

Method 2 is somewhat complicated but it would consume the least number of resources as there are no services involved. Just a piece of code along with threading.

You can use any of the methods listed to create a Fake compute node. The agenda of this experiment is just to test how much compute nodes controller in your environment can handle. you wont be able to launch instances or do the networking.

2016-01-03 23:25:06 -0600 commented answer single keystone installation

What is the problem you face... ?? .. error wise .. Also paste the output of keystone endpoint-list ... and also create an ascii flow diagram .. We need to point all services of openstack1 to contac keystone of openstack2