发起问题

demirayar 的档案 - activity

2021-01-09 20:19:42 -0500 获得奖牌  著名问题 (source)
2019-11-20 11:58:58 -0500 获得奖牌  著名问题 (source)
2019-11-17 12:24:37 -0500 评论问题 port security impact on fragmentation

Yes, ICMP traffic is allowed on the security group. Actually the fat size ping is not working, the ping with the size lower than 1422 is working.

2019-11-16 19:47:03 -0500 获得奖牌  受欢迎的问题 (source)
2019-11-16 19:47:03 -0500 获得奖牌  热门的问题 (source)
2019-11-14 15:04:45 -0500 问了问题 port security impact on fragmentation

I have a question about the relation between port security and fragmentation. In the setup, the provider network type is vxlan and its MTU value is 1450 (which is the default one). The VMs which use this provider network has the MTU 1500 by default. When the ping is tried to send with bigger size (bigger than 1500), it fails. First I thought that it is normal since VM level and network MTUs are different. Then I recommend to change the MTU on VM level to 1450 which is the same as provider network, but again the ping fails. If the port security is disabled, then pings for the larger packet sizes are successful and they are fragmented. "df_default" is set to "true" I believe because I saw that DF flag in tcpdump output. My question is in cases where a “don’t fragment” flag is attached to the IP header, is the packet dropped by port security in OpenStack?

The openstack version is Mitaka and it uses ovs.

2019-11-14 15:04:36 -0500 问了问题 port security impact on fragmentation

I have a question about the relation between port security and fragmentation. I do not access the lab setup, so I just tried to understand what I am informed. In the setup, the provider network type is vxlan and its MTU value is 1450 (which is the default one). The VMs which use this provider network has the MTU 1500 by default. When the ping is tried to send with bigger size (bigger than 1500), it fails. First I thought that it is normal since VM level and network MTUs are different. Then I recommend to change the MTU on VM level to 1450 which is the same as provider network, but again the ping fails. If the port security is disabled, then pings for the larger packet sizes are successful and they are fragmented. "df_default" is set to "true" I believe because I saw that DF flag in tcpdump output. My question is in cases where a “don’t fragment” flag is attached to the IP header, is the packet dropped by port security in OpenStack?

The openstack version is Mitaka and it uses ovs.

2019-05-13 09:03:49 -0500 获得奖牌  热门的问题 (source)
2019-05-13 09:03:49 -0500 获得奖牌  著名问题 (source)
2018-05-04 08:14:25 -0500 获得奖牌  热门的问题 (source)
2017-12-06 17:55:16 -0500 获得奖牌  受欢迎的问题 (source)
2017-11-23 01:42:25 -0500 获得奖牌  热门的问题 (source)
2017-11-22 00:44:41 -0500 问了问题 Multiple provider network management on different neutron nodes

I want to install neutron server on different Nodes. In my environment there will be 3 provider networks name provider1, provider2 and provider3 with respectively. All of them will be flat network. In my system, I want each neutron server manages different provider networks (neutron1 only controls provider1, neutron2 controls provider2 and neutron3 controls provider3). VMs will have internal networks (overlay network) and use Virtual Routers to access provider networks. The interface mapping on neutron servers are as given below:

Neutron 1

  • Bond 0 : Management + overlay
  • Bond 1 : use for provider1

Neutron 2

  • Bond 0 : Management + overlay
  • Bond 1 : use for provider2

Neutron 3

  • Bond 0 : Management + overlay
  • Bond 1 : use for provider3

Virtual router(VR) is randomly scheduled across multiple OpenStack Networking nodes. My question is how I can deploy VR on specific neutron node (like VR which has GW address from provider1 will deploy on neutron1) ? or I will create high available VR, in this case VR will deploy all neutron servers. How can I select the active virtual router in this case?

2017-05-16 00:46:57 -0500 获得奖牌  受欢迎的问题 (source)
2017-04-22 09:16:25 -0500 获得奖牌  著名问题 (source)
2017-03-29 02:39:48 -0500 问了问题 Network separation and neutron configuration

I am a bit confused about neutron configuration. I have 1 Controller server and 2 compute servers. My neutron service is running on controller Node. I want to separate the physical interfaces as given below:

Controller Node:

  • Bond0 (Eth0 and Eth2) : OpenStack Management Network + Provider 1.

Compute Nodes:

  • Bond0 (Eth0 and Eth2) : OpenStack Management Network + Provider 1
  • Bond1 (Eth1 and Eth3) : Provider 2 Network
  • Bond2 (Eth4 and Eth6) : Backplain network. It will be only used for VMs (on compute node) communication, I do not associate a floating IP to this network.

My fist question is do I need to use Bond1 and Bond2 interfaces on controller server? The second one is how can I configure the linuxbridge_agent.ini file for network separation?

Thanks in advance

2017-03-01 18:54:23 -0500 获得奖牌  受欢迎的问题 (source)
2017-01-17 13:06:05 -0500 获得奖牌  热门的问题 (source)
2017-01-16 14:42:56 -0500 回答问题 The resource could not be found (HTTP 404) error during stack creating

I think the problem is related with token expiration. Although I added the "reauthentication_auth_method=trusts" parameter, the system works inconsistently and sometimes gives cinder resource not found error. The default timeout for token expiration was one hour. When I increased expiration value in [token] section in /etc/keystone/keystone.conf file, it seems the system works properly. I will re-create the stacks and test a few times to ensure that everything works properly.

2017-01-12 16:12:03 -0500 获得奖牌  受欢迎的问题 (source)
2017-01-12 12:05:26 -0500 获得奖牌  编辑 (source)
2017-01-12 08:02:34 -0500 问了问题 The resource could not be found (HTTP 404) error during stack creating

I am using OpenStack Mitaka on Ubuntu server and using Heat template to create my instances. My stack creation takes up to 3 hours, so I set the parameter "reauthentication_auth_method=trusts" in "/etc/heat/heat.conf" file to allow reauthentication on token expiry due to long-running tasks , and also give the timeout greater than 3 hours when I launched my stack. I am re-creating the stack for my testing. Sometimes my stack creation has been completed successfully, but sometimes I get the "resource could not be found (HTTP 404)" error after an hour later stack creation started. When I check the heat-engine.log, I saw the error given below. Do I need to set any other parameter in configuration file?

2017-01-12 02:45:32.805 126261 INFO heat.engine.resource [-] CREATE: Server "App-2" [8255723a-c9db-4835-94f1-348f1c72c96f] Stack "my_stack" [373df5cc-43d4-4bef-ba64-072a6fa3a546] 
2017-01-12 02:45:32.805 126261 ERROR heat.engine.resource Traceback (most recent call last):
2017-01-12 02:45:32.805 126261 ERROR heat.engine.resource   File "/usr/lib/python2.7/dist-packages/heat/engine/resource.py", line 708, in _action_recorder

2017-01-12 02:45:32.805 126261 ERROR heat.engine.resource     yield
2017-01-12 02:45:32.805 126261 ERROR heat.engine.resource   File "/usr/lib/python2.7/dist-packages/heat/engine/resource.py", line 779, in _do_action

2017-01-12 02:45:32.805 126261 ERROR heat.engine.resource     yield self.action_handler_task(action, args=handler_args)
2017-01-12 02:45:32.805 126261 ERROR heat.engine.resource   File "/usr/lib/python2.7/dist-packages/heat/engine/scheduler.py", line 314, in wrapper
2017-01-12 02:45:32.805 126261 ERROR heat.engine.resource     step = next(subtask)

2017-01-12 02:45:32.805 126261 ERROR heat.engine.resource   File "/usr/lib/python2.7/dist-packages/heat/engine/resource.py", line 753, in action_handler_task
2017-01-12 02:45:32.805 126261 ERROR heat.engine.resource     while not check(handler_data):
2017-01-12 02:45:32.805 126261 ERROR heat.engine.resource   File "/usr/lib/python2.7/dist-packages/heat/engine/resources/openstack/nova/server.py", line 872, in check_create_complete
2017-01-12 02:45:32.805 126261 ERROR heat.engine.resource     check = self.client_plugin()._check_active(server_id)
2017-01-12 02:45:32.805 126261 ERROR heat.engine.resource   File "/usr/lib/python2.7/dist-packages/heat/engine/clients/os/nova.py", line 202, in _check_active

2017-01-12 02:45:32.805 126261 ERROR heat.engine.resource     server = self.fetch_server(server)
2017-01-12 02:45:32.805 126261 ERROR heat.engine.resource   File "/usr/lib/python2.7/dist-packages/heat/engine/clients/os/nova.py", line 131, in fetch_server
2017-01-12 02:45:32.805 126261 ERROR heat.engine.resource     server = self.client().servers.get(server_id)
2017-01-12 02:45:32.805 126261 ERROR heat.engine.resource   File "/usr/lib/python2.7/dist-packages/novaclient

/v2/servers.py", line 676, in get
2017-01-12 02:45:32.805 126261 ERROR heat.engine.resource     return self._get("/servers/%s" % base.getid(server), "server")
2017-01-12 02:45:32.805 126261 ERROR heat.engine.resource   File "/usr/lib/python2.7/dist-packages/novaclient/base.py", line 339, in _get
2017-01-12 02:45:32.805 126261 ERROR heat ...
(more)
2016-12-27 02:09:16 -0500 获得奖牌  粉丝
2016-12-27 02:09:16 -0500 获得奖牌  粉丝
2016-12-19 10:13:14 -0500 问了问题 Get IP address from instance and use it as a floating IP in Openstack

I am using OpenStack Mitaka on Ubuntu. I want to assign a floating IP to OpenStack instance with heat template. On my instance, there is a configuration file (such as /tmp/ip.txt) like this ;

[ root@instance ~ ] cat /tmp/ip.txt

floating_ip="172.24.3.225"

I want to get the IP address from this file, then use as a floating IP and associate to my instance.

How can I get the IP address which is written on my configuration file with heat template? And also, is it possible to use this parameter ($floating_ip) with "OS::Neutron::FloatingIP" resource?

2016-12-19 10:13:12 -0500 问了问题 Get parameter from instance and use it in heat template function

I am using Mitaka Openstack on Ubuntu. I want to assign a floating IP to OpenStack instance with heat template. On my instance, there is a configuration file (such as /tmp/ip.txt) like this ;

[root@instance-1 ~] cat /root/ip.txt

floating_ip="172.24.3.225"

I want to get the IP address from this file, then use as a floating IP and associate to my instance. How can I get the IP address which is written on my configuration file with heat template? Is there a way to get parameter from instance via cloud-init? And also, is it possible to use this parameter ($floating_ip) with "OS::Neutron::FloatingIP" resource?