Hi all! I'm having some problems with juju and security groups in openstack. When I try to instantiate about 10 instances, some of them generate an error related to the security groups. The log below is from nova-api.log. I'm using versions from ubuntu 12.04 LTS packages (nova*, keystone etc).
2012-05-10 09:31:04 DEBUG nova.api.ec2.apirequest [req-2c360b59-311d-4792-a730-e14a750220e9 de0bba964c7b4948bef8bb04d7111cae fed67a76052340e6b225879aed674846] <?xml version="1.0" ?><DescribeSecurityGroupsResponse xmlns=" http://ec2.amazonaws.com/doc/2008-12-01/ "><requestId>req-2c360b59-311d-4792-a730-e14a750220e9</requestId><securityGroupInfo><item><ipPermissions><item><toPort>65535</toPort><ipProtocol>tcp</ipProtocol><ipRanges><item><cidrIp> 0.0.0.0/0 </cidrIp></item></ipRanges><groups/><fromPort>1</fromPort></item></ipPermissions><groupName>default</groupName><groupDescription>default</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions><item><toPort>22</toPort><ipProtocol>tcp</ipProtocol><ipRanges><item><cidrIp> 0.0.0.0/0</cidrIp></item></ipRanges><groups/><fromPort>22</fromPort></item><item><toPort>-1</toPort><ipProtocol>icmp</ipProtocol><ipRanges/><groups><item><groupName>juju-sample</groupName><userId>fed67a76052340e6b225879aed674846</userId></item></groups><fromPort>-1</fromPort></item><item><toPort>65535</toPort><ipProtocol>tcp</ipProtocol><ipRanges/><groups><item><groupName>juju-sample</groupName><userId>fed67a76052340e6b225879aed674846</userId></item></groups><fromPort>1</fromPort></item><item><toPort>65535</toPort><ipProtocol>udp</ipProtocol><ipRanges/><groups><item><groupName>juju-sample</groupName><userId>fed67a76052340e6b225879aed674846</userId></item></groups><fromPort>1</fromPort></item></ipPermissions><groupName>juju-sample</groupName><groupDescription>juju group for sample</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-0</groupName><groupDescription>juju group for sample machine 0</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-1</groupName><groupDescription>juju group for sample machine 1</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-10</groupName><groupDescription>juju group for sample machine 10</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-11</groupName><groupDescription>juju group for sample machine 11</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-2</groupName><groupDescription>juju group for sample machine 2</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-3</groupName><groupDescription>juju group for sample machine 3</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-4</groupName><groupDescription>juju group for sample machine 4</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-5</groupName><groupDescription>juju group for sample machine 5</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-6</groupName><groupDescription>juju group for sample machine 6</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-7</groupName><groupDescription>juju group for sample machine 7</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-8</groupName><groupDescription>juju group for sample machine 8</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item><item><ipPermissions/><groupName>juju-sample-9</groupName><groupDescription>juju group for sample machine 9</groupDescription><ownerId>fed67a76052340e6b225879aed674846</ownerId></item></securityGroupInfo></DescribeSecurityGroupsResponse> from (pid=4973) _render_response /usr/lib/python2.7/dist-packages/nova/api/ec2/apirequest.py:105 2012-05-10 09:31:04 INFO nova.api.ec2 [req-2c360b59-311d-4792-a730-e14a750220e9 de0bba964c7b4948bef8bb04d7111cae fed67a76052340e6b225879aed674846] 0.296059s 172.16.0.3 GET /services/Cloud CloudController:DescribeSecurityGroups 200 [Twisted PageGetter] text/plain text/xml 2012-05-10 09:31:04 DEBUG nova.api.ec2 [req-02334bdb-0fd2-4cc1-a4e6-449e61f954b1 de0bba964c7b4948bef8bb04d7111cae fed67a76052340e6b225879aed674846] action: DeleteSecurityGroup from (pid=4973) __call__ /usr/lib/python2.7/dist-packages/nova/api/ec2/__init__.py:435 2012-05-10 09:31:04 DEBUG nova.api.ec2 [req-02334bdb-0fd2-4cc1-a4e6-449e61f954b1 de0bba964c7b4948bef8bb04d7111cae fed67a76052340e6b225879aed674846] arg: GroupName val: juju-sample-11 from (pid=4973) __call__ /usr/lib/python2.7/dist-packages/nova/api/ec2/__init__.py:437 2012-05-10 09:31:04 ERROR nova.api.ec2 [req-02334bdb-0fd2-4cc1-a4e6-449e61f954b1 de0bba964c7b4948bef8bb04d7111cae fed67a76052340e6b225879aed674846] Unexpected error raised: Group not valid. Reason: In Use 2012-05-10 09:31:04 TRACE nova.api.ec2 Traceback (most recent call last): 2012-05-10 09:31:04 TRACE nova.api.ec2 File "/usr/lib/python2.7/dist-packages/nova/api/ec2/__init__.py", line 582, in __call__ 2012-05-10 09:31:04 TRACE nova.api.ec2 result = api_request.invoke(context) 2012-05-10 09:31:04 TRACE nova.api.ec2 File "/usr/lib/python2.7/dist-packages/nova/api/ec2/apirequest.py", line 81, in invoke 2012-05-10 09:31:04 TRACE nova.api.ec2 result = method(context, **args) 2012-05-10 09:31:04 TRACE nova.api.ec2 File "/usr/lib/python2.7/dist-packages/nova/api/ec2/cloud.py", line 827, in delete_security_group 2012-05-10 09:31:04 TRACE nova.api.ec2 raise exception.InvalidGroup(reason="In Use") 2012-05-10 09:31:04 TRACE nova.api.ec2 InvalidGroup: Group not valid. Reason: In Use 2012-05-10 09:31:04 TRACE nova.api.ec2 2012-05-10 09:31:04 ERROR nova.api.ec2 [req-02334bdb-0fd2-4cc1-a4e6-449e61f954b1 de0bba964c7b4948bef8bb04d7111cae fed67a76052340e6b225879aed674846] Environment: {"CONTENT_TYPE": "text/plain", "SCRIPT_NAME": "/services/Cloud", "REQUEST_METHOD": "GET", "HTTP_HOST": "10.129.10.44:8773", "PATH_INFO": "", "SERVER_PROTOCOL": "HTTP/1.0", "QUERY_STRING": "AWSAccessKeyId=08d1790ca04646f3b116331a6565d2a7&Action=DeleteSecurityGroup&GroupName=juju-sample-11&Signature=xY3AzcbV2yQ2QY4N8kAhC5mmnA3dzsAp3lfxMfMQmFs%3D&SignatureMethod=HmacSHA256&SignatureVersion=2&Timestamp=2012-05-10T12%3A30%3A53Z&Version=2008-12-01", "HTTP_USER_AGENT": "Twisted PageGetter", "SERVER_NAME": "10.129.10.44", "REMOTE_ADDR": "172.16.0.3", "wsgi.url_scheme": "http", "SERVER_PORT": "8773", "GATEWAY_INTERFACE": "CGI/1.1"} 2012-05-10 09:31:04 ERROR nova.api.ec2 [req-02334bdb-0fd2-4cc1-a4e6-449e61f954b1 de0bba964c7b4948bef8bb04d7111cae fed67a76052340e6b225879aed674846] UnknownError: An unknown error has occurred. Please try your request again. As we can see it says that a group in invalid because is in use. I've cleared the nova database so I didnt have any security group. It is creating the security groups and generating the problem. When I destroy the environment with juju destroy-environment, some rules remain in nova, as we can see with nova secgroup-list. root@44:/var/log/nova# nova secgroup-list +----------------+----------------------------------+ | Name | Description | +----------------+----------------------------------+ | default | default | | juju-sample | juju group for sample | | juju-sample-0 | juju group for sample machine 0 | | juju-sample-1 | juju group for sample machine 1 | | juju-sample-10 | juju group for sample machine 10 | | juju-sample-11 | juju group for sample machine 11 | | juju-sample-2 | juju group for sample machine 2 | | juju-sample-3 | juju group for sample machine 3 | | juju-sample-4 | juju group for sample machine 4 | | juju-sample-5 | juju group for sample machine 5 | | juju-sample-7 | juju group for sample machine 7 | | juju-sample-8 | juju group for sample machine 8 | | juju-sample-9 | juju group for sample machine 9 | +----------------+----------------------------------+ Even if I clear the database and try again, the problem remains. Someone have already faced this? Any help?
_______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : [email protected] Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp
