Re: [openstack-dev] Havana neutron security groups config issue
Hrm, your config files looks good to me. From your iptables-save output it
looks like you have nova-network running as well. I wonder if that is
overwritting the rules that the agents are installing. Can you try removing
nova-network and see if that changes anything?
Aaron
On Mon, Oct 21, 2013 at 10:45 AM, Leandro Reox leandro.r...@gmail.comwrote:
Aaron,
Here you are all the info, all the nova.confs (compute, controller) , all
the agent logs, iptables output etc ... btw as i said we're testing this
setup with docker containers , just to be clear regarding your last
recommedation about libvirt vif driver (that we alreade have on the conf )
Here it is: http://pastebin.com/RMgQxFyN
Any clues ?
Best
Lean
On Fri, Oct 18, 2013 at 8:06 PM, Aaron Rosen aro...@nicira.com wrote:
Is anything showing up in the agents log on the hypervisors? Also, can
you confirm you have this setting in your nova.conf:
libvirt_vif_driver = nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver
On Fri, Oct 18, 2013 at 1:14 PM, Leandro Reox leandro.r...@gmail.comwrote:
Aaaron, i fixed the config issues moving the neutron opts up to the
default section. But now im having this issue
i can launch intances normally, it seems that the rules are not getting
applied anywhere, i have full access to the docker containers. If i do
iptable -t nat -L and iptables -L , no rules seems to be applied to any flow
I see the calls on the nova-api normally ... , but no rule applied
2013-10-18 16:10:09.873 31548 DEBUG neutronclient.client [-]
RESP:{'date': 'Fri, 18 Oct 2013 20:10:07 GMT', 'status': '200',
'content-length': '2331', 'content-type': 'application/json;
charset=UTF-8', 'content-location': '
http://172.16.124.16:9696/v2.0/security-groups.json'}
{security_groups: [{tenant_id: df26f374a7a84eddb06881c669ffd62f,
name: default, description: default, security_group_rules:
[{remote_group_id: null, direction: egress, remote_ip_prefix: null,
protocol: null, ethertype: IPv4, tenant_id:
df26f374a7a84eddb06881c669ffd62f, port_range_max: null,
port_range_min: null, id: 131f26d3-6b7b-47ef-9abf-fd664e59a972,
security_group_id: 2391ac97-447e-45b7-97f2-cd8fbcafb0cb},
{remote_group_id: null, direction: egress, remote_ip_prefix: null,
protocol: null, ethertype: IPv6, tenant_id:
df26f374a7a84eddb06881c669ffd62f, port_range_max: null,
port_range_min: null, id: 93a8882b-adcd-489a-89e4-694f5955,
security_group_id: 2391ac97-447e-45b7-97f2-cd8fbcafb0cb},
{remote_group_id: 2391ac97-447e-45b7-97f2-cd8fbcafb0cb, direction:
ingress, remote_ip_prefix: null, protocol: null, ethertype: IPv4,
tenant_id: df26f374a7a84eddb06881c669ffd62f, port_range_max: null,
port_range_min: null, id: fb15316c-efd0-4a70-ae98-23f260f0d76d,
security_group_id: 2391ac97-447e-45b7-97f2-cd8fbcafb0cb},
{remote_group_id: 2391ac97-447e-45b7-97f2-cd8fbcafb0cb, direction:
ingress, remote_ip_prefix: null, protocol: null, ethertype: IPv6,
tenant_id: df26f374a7a84eddb06881c669ffd62f, port_range_max: null,
port_range_min: null, id: fc524bb9-b015-42b0-bdab-cd64db2763a6,
security_group_id: 2391ac97-447e-45b7-97f2-cd8fbcafb0cb}], id:
2391ac97-447e-45b7-97f2-cd8fbcafb0cb}, {tenant_id:
df26f374a7a84eddb06881c669ffd62f, name: culo, description: ,
security_group_rules: [{remote_group_id: null, direction: egress,
remote_ip_prefix: null, protocol: null, ethertype: IPv6,
tenant_id: df26f374a7a84eddb06881c669ffd62f, port_range_max: null,
port_range_min: null, id: 2c23f70a-691b-4601-87a0-2ec092488746,
security_group_id: fe569b17-d6e0-4b1e-bae3-1132e748190c},
{remote_group_id: null, direction: egress, remote_ip_prefix: null,
protocol: null, ethertype: IPv4, tenant_id:
df26f374a7a84eddb06881c669ffd62f, port_range_max: null,
port_range_min: null, id: 7a445e16-81c1-45c1-8efd-39ce3bcd9ca6,
security_group_id: fe569b17-d6e0-4b1e-bae3-1132e748190c}], id:
fe569b17-d6e0-4b1e-bae3-1132e748190c}]}
http_log_resp
/usr/lib/python2.7/dist-packages/neutronclient/common/utils.py:179
2013-10-18 16:10:09.959 31548 INFO nova.osapi_compute.wsgi.server
[req-87c41dc0-d90a-47b9-bfa8-bd7921a26609 223f36a9e1fc44659ac93479cb508902
df26f374a7a84eddb06881c669ffd62f] 172.16.124.10 GET
/v2/df26f374a7a84eddb06881c669ffd62f/servers/detail HTTP/1.1 status: 200
len: 1878 time: 0.6089120
On Fri, Oct 18, 2013 at 5:07 PM, Aaron Rosen aro...@nicira.com wrote:
Do you have [default] at the top of your nova.conf? Could you pastebin
your nova.conf for us to see.
On Oct 18, 2013 12:31 PM, Leandro Reox leandro.r...@gmail.com
wrote:
Yes it is, but i found that is not reading the parameter from the
nova.conf , i forced on the code on /network/manager.py and took the
argument finally but stacks cause says that the neutron_url and if i fix
it
it stacks on the next neutron parameter like timeout :
File /usr/local/lib/python2.7/dist-packages/oslo/config/cfg.py, line
1648, in __getattr__
2013-10-18 15:21:04.397 30931 TRACE nova.api.openstack raise
[openstack-dev] Havana neutron security groups config issue
Dear all, Im struggling with centralized sec groups on nova, were using OVS, it seems like no matter what flag i change on nova conf, the node still searchs the segroups on nova region local db We added : [compute node] *nova.conf* firewall_driver=neutron.agent.firewall.NoopFirewallDriver security_group_api=neutron *ovs_neutron_plugin.ini* [securitygroup] firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver Restarted the agent, nova-compute services ... still the same, are we missing something ? NOTE: we're using dockerIO as virt system Best Leitan ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] Havana neutron security groups config issue
Hi Leandro, I don't believe the setting of: security_group_api=neutron in nova.conf actually doesn't matter at all on the compute nodes (still good to set it though). But it matters on the nova-api node. can you confirm that your nova-api node has: security_group_api=neutron in it's nova.conf? Thanks, Aaron On Fri, Oct 18, 2013 at 10:32 AM, Leandro Reox leandro.r...@gmail.comwrote: Dear all, Im struggling with centralized sec groups on nova, were using OVS, it seems like no matter what flag i change on nova conf, the node still searchs the segroups on nova region local db We added : [compute node] *nova.conf* firewall_driver=neutron.agent.firewall.NoopFirewallDriver security_group_api=neutron *ovs_neutron_plugin.ini* [securitygroup] firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver Restarted the agent, nova-compute services ... still the same, are we missing something ? NOTE: we're using dockerIO as virt system Best Leitan ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] Havana neutron security groups config issue
Yes it is, but i found that is not reading the parameter from the nova.conf , i forced on the code on /network/manager.py and took the argument finally but stacks cause says that the neutron_url and if i fix it it stacks on the next neutron parameter like timeout : File /usr/local/lib/python2.7/dist-packages/oslo/config/cfg.py, line 1648, in __getattr__ 2013-10-18 15:21:04.397 30931 TRACE nova.api.openstack raise NoSuchOptError(name) 2013-10-18 15:21:04.397 30931 TRACE nova.api.openstack NoSuchOptError: no such option: neutron_url and then File /usr/local/lib/python2.7/dist-packages/oslo/config/cfg.py, line 1648, in __getattr__ 2013-10-18 15:25:20.811 31305 TRACE nova.api.openstack raise NoSuchOptError(name) 2013-10-18 15:25:20.811 31305 TRACE nova.api.openstack NoSuchOptError: no such option: neutron_url_timeout Its really weird, like its not reading the nova.conf neutron parameter at all ... If i hardcode all the settings on the neutronv2/init.py .. at least it works, and bring all the secgroup details from netruon On Fri, Oct 18, 2013 at 3:48 PM, Aaron Rosen aro...@nicira.com wrote: Hi Leandro, I don't believe the setting of: security_group_api=neutron in nova.conf actually doesn't matter at all on the compute nodes (still good to set it though). But it matters on the nova-api node. can you confirm that your nova-api node has: security_group_api=neutron in it's nova.conf? Thanks, Aaron On Fri, Oct 18, 2013 at 10:32 AM, Leandro Reox leandro.r...@gmail.comwrote: Dear all, Im struggling with centralized sec groups on nova, were using OVS, it seems like no matter what flag i change on nova conf, the node still searchs the segroups on nova region local db We added : [compute node] *nova.conf* firewall_driver=neutron.agent.firewall.NoopFirewallDriver security_group_api=neutron *ovs_neutron_plugin.ini* [securitygroup] firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver Restarted the agent, nova-compute services ... still the same, are we missing something ? NOTE: we're using dockerIO as virt system Best Leitan ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] Havana neutron security groups config issue
Do you have [default] at the top of your nova.conf? Could you pastebin your nova.conf for us to see. On Oct 18, 2013 12:31 PM, Leandro Reox leandro.r...@gmail.com wrote: Yes it is, but i found that is not reading the parameter from the nova.conf , i forced on the code on /network/manager.py and took the argument finally but stacks cause says that the neutron_url and if i fix it it stacks on the next neutron parameter like timeout : File /usr/local/lib/python2.7/dist-packages/oslo/config/cfg.py, line 1648, in __getattr__ 2013-10-18 15:21:04.397 30931 TRACE nova.api.openstack raise NoSuchOptError(name) 2013-10-18 15:21:04.397 30931 TRACE nova.api.openstack NoSuchOptError: no such option: neutron_url and then File /usr/local/lib/python2.7/dist-packages/oslo/config/cfg.py, line 1648, in __getattr__ 2013-10-18 15:25:20.811 31305 TRACE nova.api.openstack raise NoSuchOptError(name) 2013-10-18 15:25:20.811 31305 TRACE nova.api.openstack NoSuchOptError: no such option: neutron_url_timeout Its really weird, like its not reading the nova.conf neutron parameter at all ... If i hardcode all the settings on the neutronv2/init.py .. at least it works, and bring all the secgroup details from netruon On Fri, Oct 18, 2013 at 3:48 PM, Aaron Rosen aro...@nicira.com wrote: Hi Leandro, I don't believe the setting of: security_group_api=neutron in nova.conf actually doesn't matter at all on the compute nodes (still good to set it though). But it matters on the nova-api node. can you confirm that your nova-api node has: security_group_api=neutron in it's nova.conf? Thanks, Aaron On Fri, Oct 18, 2013 at 10:32 AM, Leandro Reox leandro.r...@gmail.comwrote: Dear all, Im struggling with centralized sec groups on nova, were using OVS, it seems like no matter what flag i change on nova conf, the node still searchs the segroups on nova region local db We added : [compute node] *nova.conf* firewall_driver=neutron.agent.firewall.NoopFirewallDriver security_group_api=neutron *ovs_neutron_plugin.ini* [securitygroup] firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver Restarted the agent, nova-compute services ... still the same, are we missing something ? NOTE: we're using dockerIO as virt system Best Leitan ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] Havana neutron security groups config issue
Now that i can launch intances normally, it seems that the rules are not getting applied anywhere, i have full access to the docker containers. If i do iptable -t nat -L and iptables -L , no rules seems to be applied to any flow On Fri, Oct 18, 2013 at 4:28 PM, Leandro Reox leandro.r...@gmail.comwrote: Yes it is, but i found that is not reading the parameter from the nova.conf , i forced on the code on /network/manager.py and took the argument finally but stacks cause says that the neutron_url and if i fix it it stacks on the next neutron parameter like timeout : File /usr/local/lib/python2.7/dist-packages/oslo/config/cfg.py, line 1648, in __getattr__ 2013-10-18 15:21:04.397 30931 TRACE nova.api.openstack raise NoSuchOptError(name) 2013-10-18 15:21:04.397 30931 TRACE nova.api.openstack NoSuchOptError: no such option: neutron_url and then File /usr/local/lib/python2.7/dist-packages/oslo/config/cfg.py, line 1648, in __getattr__ 2013-10-18 15:25:20.811 31305 TRACE nova.api.openstack raise NoSuchOptError(name) 2013-10-18 15:25:20.811 31305 TRACE nova.api.openstack NoSuchOptError: no such option: neutron_url_timeout Its really weird, like its not reading the nova.conf neutron parameter at all ... If i hardcode all the settings on the neutronv2/init.py .. at least it works, and bring all the secgroup details from netruon On Fri, Oct 18, 2013 at 3:48 PM, Aaron Rosen aro...@nicira.com wrote: Hi Leandro, I don't believe the setting of: security_group_api=neutron in nova.conf actually doesn't matter at all on the compute nodes (still good to set it though). But it matters on the nova-api node. can you confirm that your nova-api node has: security_group_api=neutron in it's nova.conf? Thanks, Aaron On Fri, Oct 18, 2013 at 10:32 AM, Leandro Reox leandro.r...@gmail.comwrote: Dear all, Im struggling with centralized sec groups on nova, were using OVS, it seems like no matter what flag i change on nova conf, the node still searchs the segroups on nova region local db We added : [compute node] *nova.conf* firewall_driver=neutron.agent.firewall.NoopFirewallDriver security_group_api=neutron *ovs_neutron_plugin.ini* [securitygroup] firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver Restarted the agent, nova-compute services ... still the same, are we missing something ? NOTE: we're using dockerIO as virt system Best Leitan ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev ___ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] Havana neutron security groups config issue
Aaaron, i fixed the config issues moving the neutron opts up to the default
section. But now im having this issue
i can launch intances normally, it seems that the rules are not getting
applied anywhere, i have full access to the docker containers. If i do
iptable -t nat -L and iptables -L , no rules seems to be applied to any flow
I see the calls on the nova-api normally ... , but no rule applied
2013-10-18 16:10:09.873 31548 DEBUG neutronclient.client [-] RESP:{'date':
'Fri, 18 Oct 2013 20:10:07 GMT', 'status': '200', 'content-length': '2331',
'content-type': 'application/json; charset=UTF-8', 'content-location': '
http://172.16.124.16:9696/v2.0/security-groups.json'} {security_groups:
[{tenant_id: df26f374a7a84eddb06881c669ffd62f, name: default,
description: default, security_group_rules: [{remote_group_id:
null, direction: egress, remote_ip_prefix: null, protocol: null,
ethertype: IPv4, tenant_id: df26f374a7a84eddb06881c669ffd62f,
port_range_max: null, port_range_min: null, id:
131f26d3-6b7b-47ef-9abf-fd664e59a972, security_group_id:
2391ac97-447e-45b7-97f2-cd8fbcafb0cb}, {remote_group_id: null,
direction: egress, remote_ip_prefix: null, protocol: null,
ethertype: IPv6, tenant_id: df26f374a7a84eddb06881c669ffd62f,
port_range_max: null, port_range_min: null, id:
93a8882b-adcd-489a-89e4-694f5955, security_group_id:
2391ac97-447e-45b7-97f2-cd8fbcafb0cb}, {remote_group_id:
2391ac97-447e-45b7-97f2-cd8fbcafb0cb, direction: ingress,
remote_ip_prefix: null, protocol: null, ethertype: IPv4,
tenant_id: df26f374a7a84eddb06881c669ffd62f, port_range_max: null,
port_range_min: null, id: fb15316c-efd0-4a70-ae98-23f260f0d76d,
security_group_id: 2391ac97-447e-45b7-97f2-cd8fbcafb0cb},
{remote_group_id: 2391ac97-447e-45b7-97f2-cd8fbcafb0cb, direction:
ingress, remote_ip_prefix: null, protocol: null, ethertype: IPv6,
tenant_id: df26f374a7a84eddb06881c669ffd62f, port_range_max: null,
port_range_min: null, id: fc524bb9-b015-42b0-bdab-cd64db2763a6,
security_group_id: 2391ac97-447e-45b7-97f2-cd8fbcafb0cb}], id:
2391ac97-447e-45b7-97f2-cd8fbcafb0cb}, {tenant_id:
df26f374a7a84eddb06881c669ffd62f, name: culo, description: ,
security_group_rules: [{remote_group_id: null, direction: egress,
remote_ip_prefix: null, protocol: null, ethertype: IPv6,
tenant_id: df26f374a7a84eddb06881c669ffd62f, port_range_max: null,
port_range_min: null, id: 2c23f70a-691b-4601-87a0-2ec092488746,
security_group_id: fe569b17-d6e0-4b1e-bae3-1132e748190c},
{remote_group_id: null, direction: egress, remote_ip_prefix: null,
protocol: null, ethertype: IPv4, tenant_id:
df26f374a7a84eddb06881c669ffd62f, port_range_max: null,
port_range_min: null, id: 7a445e16-81c1-45c1-8efd-39ce3bcd9ca6,
security_group_id: fe569b17-d6e0-4b1e-bae3-1132e748190c}], id:
fe569b17-d6e0-4b1e-bae3-1132e748190c}]}
http_log_resp
/usr/lib/python2.7/dist-packages/neutronclient/common/utils.py:179
2013-10-18 16:10:09.959 31548 INFO nova.osapi_compute.wsgi.server
[req-87c41dc0-d90a-47b9-bfa8-bd7921a26609 223f36a9e1fc44659ac93479cb508902
df26f374a7a84eddb06881c669ffd62f] 172.16.124.10 GET
/v2/df26f374a7a84eddb06881c669ffd62f/servers/detail HTTP/1.1 status: 200
len: 1878 time: 0.6089120
On Fri, Oct 18, 2013 at 5:07 PM, Aaron Rosen aro...@nicira.com wrote:
Do you have [default] at the top of your nova.conf? Could you pastebin
your nova.conf for us to see.
On Oct 18, 2013 12:31 PM, Leandro Reox leandro.r...@gmail.com wrote:
Yes it is, but i found that is not reading the parameter from the
nova.conf , i forced on the code on /network/manager.py and took the
argument finally but stacks cause says that the neutron_url and if i fix it
it stacks on the next neutron parameter like timeout :
File /usr/local/lib/python2.7/dist-packages/oslo/config/cfg.py, line
1648, in __getattr__
2013-10-18 15:21:04.397 30931 TRACE nova.api.openstack raise
NoSuchOptError(name)
2013-10-18 15:21:04.397 30931 TRACE nova.api.openstack NoSuchOptError: no
such option: neutron_url
and then
File /usr/local/lib/python2.7/dist-packages/oslo/config/cfg.py, line
1648, in __getattr__
2013-10-18 15:25:20.811 31305 TRACE nova.api.openstack raise
NoSuchOptError(name)
2013-10-18 15:25:20.811 31305 TRACE nova.api.openstack NoSuchOptError: no
such option: neutron_url_timeout
Its really weird, like its not reading the nova.conf neutron parameter at
all ...
If i hardcode all the settings on the neutronv2/init.py .. at least it
works, and bring all the secgroup details from netruon
On Fri, Oct 18, 2013 at 3:48 PM, Aaron Rosen aro...@nicira.com wrote:
Hi Leandro,
I don't believe the setting of: security_group_api=neutron in
nova.conf actually doesn't matter at all on the compute nodes (still good
to set it though). But it matters on the nova-api node. can you confirm
that your nova-api node has: security_group_api=neutron in it's nova.conf?
Thanks,
Aaron
On Fri, Oct 18, 2013 at 10:32 AM, Leandro Reox
leandro.r...@gmail.comwrote:
Dear all,
Im struggling with
Re: [openstack-dev] Havana neutron security groups config issue
Is anything showing up in the agents log on the hypervisors? Also, can you
confirm you have this setting in your nova.conf:
libvirt_vif_driver = nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver
On Fri, Oct 18, 2013 at 1:14 PM, Leandro Reox leandro.r...@gmail.comwrote:
Aaaron, i fixed the config issues moving the neutron opts up to the
default section. But now im having this issue
i can launch intances normally, it seems that the rules are not getting
applied anywhere, i have full access to the docker containers. If i do
iptable -t nat -L and iptables -L , no rules seems to be applied to any flow
I see the calls on the nova-api normally ... , but no rule applied
2013-10-18 16:10:09.873 31548 DEBUG neutronclient.client [-] RESP:{'date':
'Fri, 18 Oct 2013 20:10:07 GMT', 'status': '200', 'content-length': '2331',
'content-type': 'application/json; charset=UTF-8', 'content-location': '
http://172.16.124.16:9696/v2.0/security-groups.json'} {security_groups:
[{tenant_id: df26f374a7a84eddb06881c669ffd62f, name: default,
description: default, security_group_rules: [{remote_group_id:
null, direction: egress, remote_ip_prefix: null, protocol: null,
ethertype: IPv4, tenant_id: df26f374a7a84eddb06881c669ffd62f,
port_range_max: null, port_range_min: null, id:
131f26d3-6b7b-47ef-9abf-fd664e59a972, security_group_id:
2391ac97-447e-45b7-97f2-cd8fbcafb0cb}, {remote_group_id: null,
direction: egress, remote_ip_prefix: null, protocol: null,
ethertype: IPv6, tenant_id: df26f374a7a84eddb06881c669ffd62f,
port_range_max: null, port_range_min: null, id:
93a8882b-adcd-489a-89e4-694f5955, security_group_id:
2391ac97-447e-45b7-97f2-cd8fbcafb0cb}, {remote_group_id:
2391ac97-447e-45b7-97f2-cd8fbcafb0cb, direction: ingress,
remote_ip_prefix: null, protocol: null, ethertype: IPv4,
tenant_id: df26f374a7a84eddb06881c669ffd62f, port_range_max: null,
port_range_min: null, id: fb15316c-efd0-4a70-ae98-23f260f0d76d,
security_group_id: 2391ac97-447e-45b7-97f2-cd8fbcafb0cb},
{remote_group_id: 2391ac97-447e-45b7-97f2-cd8fbcafb0cb, direction:
ingress, remote_ip_prefix: null, protocol: null, ethertype: IPv6,
tenant_id: df26f374a7a84eddb06881c669ffd62f, port_range_max: null,
port_range_min: null, id: fc524bb9-b015-42b0-bdab-cd64db2763a6,
security_group_id: 2391ac97-447e-45b7-97f2-cd8fbcafb0cb}], id:
2391ac97-447e-45b7-97f2-cd8fbcafb0cb}, {tenant_id:
df26f374a7a84eddb06881c669ffd62f, name: culo, description: ,
security_group_rules: [{remote_group_id: null, direction: egress,
remote_ip_prefix: null, protocol: null, ethertype: IPv6,
tenant_id: df26f374a7a84eddb06881c669ffd62f, port_range_max: null,
port_range_min: null, id: 2c23f70a-691b-4601-87a0-2ec092488746,
security_group_id: fe569b17-d6e0-4b1e-bae3-1132e748190c},
{remote_group_id: null, direction: egress, remote_ip_prefix: null,
protocol: null, ethertype: IPv4, tenant_id:
df26f374a7a84eddb06881c669ffd62f, port_range_max: null,
port_range_min: null, id: 7a445e16-81c1-45c1-8efd-39ce3bcd9ca6,
security_group_id: fe569b17-d6e0-4b1e-bae3-1132e748190c}], id:
fe569b17-d6e0-4b1e-bae3-1132e748190c}]}
http_log_resp
/usr/lib/python2.7/dist-packages/neutronclient/common/utils.py:179
2013-10-18 16:10:09.959 31548 INFO nova.osapi_compute.wsgi.server
[req-87c41dc0-d90a-47b9-bfa8-bd7921a26609 223f36a9e1fc44659ac93479cb508902
df26f374a7a84eddb06881c669ffd62f] 172.16.124.10 GET
/v2/df26f374a7a84eddb06881c669ffd62f/servers/detail HTTP/1.1 status: 200
len: 1878 time: 0.6089120
On Fri, Oct 18, 2013 at 5:07 PM, Aaron Rosen aro...@nicira.com wrote:
Do you have [default] at the top of your nova.conf? Could you pastebin
your nova.conf for us to see.
On Oct 18, 2013 12:31 PM, Leandro Reox leandro.r...@gmail.com wrote:
Yes it is, but i found that is not reading the parameter from the
nova.conf , i forced on the code on /network/manager.py and took the
argument finally but stacks cause says that the neutron_url and if i fix it
it stacks on the next neutron parameter like timeout :
File /usr/local/lib/python2.7/dist-packages/oslo/config/cfg.py, line
1648, in __getattr__
2013-10-18 15:21:04.397 30931 TRACE nova.api.openstack raise
NoSuchOptError(name)
2013-10-18 15:21:04.397 30931 TRACE nova.api.openstack NoSuchOptError:
no such option: neutron_url
and then
File /usr/local/lib/python2.7/dist-packages/oslo/config/cfg.py, line
1648, in __getattr__
2013-10-18 15:25:20.811 31305 TRACE nova.api.openstack raise
NoSuchOptError(name)
2013-10-18 15:25:20.811 31305 TRACE nova.api.openstack NoSuchOptError:
no such option: neutron_url_timeout
Its really weird, like its not reading the nova.conf neutron parameter
at all ...
If i hardcode all the settings on the neutronv2/init.py .. at least it
works, and bring all the secgroup details from netruon
On Fri, Oct 18, 2013 at 3:48 PM, Aaron Rosen aro...@nicira.com wrote:
Hi Leandro,
I don't believe the setting of: security_group_api=neutron in
nova.conf actually doesn't
