Hrm, your config files looks good to me. From your iptables-save output it
looks like you have nova-network running as well. I wonder if that is
overwritting the rules that the agents are installing. Can you try removing
nova-network and see if that changes anything?
Aaron
On Mon, Oct 21, 2013
Dear all,
Im struggling with centralized sec groups on nova, were using OVS, it seems
like no matter what flag i change on nova conf, the node still searchs the
segroups on nova region local db
We added :
[compute node]
*nova.conf*
firewall_driver=neutron.agent.firewall.NoopFirewallDriver
Hi Leandro,
I don't believe the setting of: security_group_api=neutron in nova.conf
actually doesn't matter at all on the compute nodes (still good to set it
though). But it matters on the nova-api node. can you confirm that your
nova-api node has: security_group_api=neutron in it's nova.conf?
Yes it is, but i found that is not reading the parameter from the nova.conf
, i forced on the code on /network/manager.py and took the argument finally
but stacks cause says that the neutron_url and if i fix it it stacks on the
next neutron parameter like timeout :
File
Do you have [default] at the top of your nova.conf? Could you pastebin your
nova.conf for us to see.
On Oct 18, 2013 12:31 PM, Leandro Reox leandro.r...@gmail.com wrote:
Yes it is, but i found that is not reading the parameter from the
nova.conf , i forced on the code on /network/manager.py
Now that i can launch intances normally, it seems that the rules are not
getting applied anywhere, i have full access to the docker containers. If i
do iptable -t nat -L and iptables -L , no rules seems to be applied to any
flow
On Fri, Oct 18, 2013 at 4:28 PM, Leandro Reox
Aaaron, i fixed the config issues moving the neutron opts up to the default
section. But now im having this issue
i can launch intances normally, it seems that the rules are not getting
applied anywhere, i have full access to the docker containers. If i do
iptable -t nat -L and iptables -L , no
Is anything showing up in the agents log on the hypervisors? Also, can you
confirm you have this setting in your nova.conf:
libvirt_vif_driver = nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver
On Fri, Oct 18, 2013 at 1:14 PM, Leandro Reox leandro.r...@gmail.comwrote:
Aaaron, i fixed the
