Heat templates with cinder volumes

mazur OpenStack May 13, 2018cinder 0 Comment

While trying to launch several VMs using heat templates on RHEL OpenStack Liberty only 2 out of 8 launched. Rest failed because cinder volumes could not be created.

heat stack status was CREATE_FAILED and cinder volume status was error

/var/log/cinder/volume.log

HTTPInternalServerError: HTTPInternalServerError (HTTP 500)
(...)
Unable to get internal tenant context: Missing required config parameters.
(...)
Unable to get Cinder internal context, will not use image-volume cache

HTTPInternalServerError: HTTPInternalServerError (HTTP 500)

(...)

Unable to get internal tenant context: Missing required config parameters.

(...)

Unable to get Cinder internal context, will not use image-volume cache

For a brief moment there was some log on a console related to haproxy failure

While checking the services I noticed that both haproxy and swift-proxy are not running so just decided to restart them

systemctl restart haproxy.service

systemctl start openstack-swift-proxy.service

After that I could again create cinder volumes via heat templates. So be careful – create VMs from templates with cinder one by one.

IOS-XRv running on OpenStack

mazur Cisco, OpenStack March 14, 2015cisco, openstack, spice 0 Comment

In order to access IOS-XRv running on OpenStack compute node Spice console is required instead of VNC.

Instructions can be found under the following links:

http://joshrestivo.com/?p=32

https://ask.openstack.org/en/question/9199/having-error-in-spice-console/

NTP synchronization

mazur OpenStack March 14, 2015ntp, openstack 0 Comment

Date must be correctly synchronized on all nodes belonging to OpenStack cluster.

If date is not in sync between nodes then for example compute nodes may be seen as down from controller node.

Accessing cloud images

mazur OpenStack March 14, 2015juno, nova, openstack 0 Comment

For both Fedora and Ubuntu cloud images we can access them using ssh public key generated during bootup.

Key can be obtained from a console log:

Horizon -> Instances -> <fedora_ubuntu_instance> -> Console -> View Full Console Log

sudo vim /var/lib/nova/instances/<instance_id>/console.log

ssh -i <ssh_rsa_dsa_key> <fedora|ubuntu>@<ip_address>

1	ssh -i <ssh_rsa_dsa_key> <fedora\|ubuntu>@<ip_address>

SSH can be done from from a proper ip namespace on compute nodes:

ip netns exec <netns_uiid> ssh....

1	ip netns exec <netns_uiid> ssh....

Or from any different host if Public IP is associated with the instance.

Nova installation on OpenSUSE 13.1

mazur OpenStack March 14, 2015juno, nova, openstack, opensuse 0 Comment

Firewalld

Firewall rules can be modified from GUI:

yast2 firewall

1

yast2 firewall
Assign internal interfaces to “Internal zone”

Add SSH service to “External zone”

RabbitMQ

In order to allow to access rabbitmq from a remote (and local) host to rabbitmq server before starting rabbitmq-server add in /etc/rabbitmq/rabbitmq.config:

[{rabbit, [{loopback_users, []}]}].

1	[{rabbit, [{loopback_users, []}]}].

Instance creation fails with “Cannot find suitable CPU” on Debian 7

mazur OpenStack March 14, 2015debian, juno, nova, openstack 0 Comment

KVM by default does not work (even though vmx/smx is enabled for CPUs) – instance creation fails with “Cannot find suitable CPU”.

Solution:

In /etc/libvirtd/qemu.conf:

/etc/libvirtd/qemu.conf

security_driver = "none"

1

security_driver = "none"
remove file /var/cache/libvirt/qemu/capabilities and restart host (libvirtd restart does not suffice)
After restart check capabilities with:

virsh capabilities

1

virsh capabilities

VNC and firewalld on Centos 7 compute node

mazur OpenStack March 14, 2015centos, juno, nova, openstack 0 Comment

By default firewalld service is enabled and may cause troubles in accessing via VNC to instances running on Centos compute node.

Solution:

By default zone=public is used, so it is enough just to add 5900/5901 ports or/and vnc-server service to this zone:

firewall-cmd --zone=public --add-port=5900/tcp
firewall-cmd --zone=public --add-port=5901/tcp

1 2	firewall-cmd --zone=public --add-port=5900/tcp firewall-cmd --zone=public --add-port=5901/tcp

Result:

public (default, active)
  interfaces: br-int br-tun eno16777736 eno33554984 eno50332208
  sources:
  services: dhcpv6-client ssh vnc-server
  ports: 5900/tcp 5901/tcp
  masquerade: no
  forward-ports:
  icmp-blocks:
  rich rules:

public (default, active)

interfaces: br-int br-tun eno16777736 eno33554984 eno50332208

sources:

services: dhcpv6-client ssh vnc-server

ports: 5900/tcp 5901/tcp

masquerade: no

forward-ports:

icmp-blocks:

rich rules:

Nova installation on Centos 7

mazur OpenStack March 14, 2015centos, juno, nova, openstack 0 Comment

RabbitMQ

After starting rabbitmq-server service it is not possible to change password using:

rabbitmqctl change_password guest password

1	rabbitmqctl change_password guest password

Error:

Error: unable to connect to node rabbit@localhost: nodedown

1	Error: unable to connect to node rabbit@localhost: nodedown

Solution:
In file /etc/systemd/system/multi-user.target.wants/rabbitmq-server.service change

ExecStartPre=-/bin/sh -c "/usr/lib/rabbitmq/bin/rabbitmqctl status > /dev/null 2>&1"

1	ExecStartPre=-/bin/sh -c "/usr/lib/rabbitmq/bin/rabbitmqctl status > /dev/null 2>&1"

to – add sudo

ExecStartPre=-/bin/sh -c "sudo /usr/lib/rabbitmq/bin/rabbitmqctl status > /dev/null 2>&1"

1	ExecStartPre=-/bin/sh -c "sudo /usr/lib/rabbitmq/bin/rabbitmqctl status > /dev/null 2>&1"

And restart rabbitmq-server:

systemctl restart rabbit-mq

1	systemctl restart rabbit-mq

Nova incompatibility

Packages for nova which are downloaded with yum contain nova version which is incomaptible with that is running on controller node (Ubuntu):

Controller (Ubuntu 14.04):

nova-manage version
2014.2

1 2	nova-manage version 2014.2

Compute (Centos 7):

nova-manage version
2014.2.1-1.el7.centos

1 2	nova-manage version 2014.2.1-1.el7.centos

Problem is described here:
https://ask.openstack.org/en/question/57296/juno-centos-7-buildabortexception-build-of-instance-aborted-failed-to-allocate-the-networks-not-rescheduling/?answer=57883#post-id-57883

Solution:
Install packages from EPEL repo manually (only 3 days older):

https://repos.fedorapeople.org/repos/openstack/openstack-juno/epel-7/

Packages to install:

openstack-nova-common-2014.2-2.el7.centos.noarch.rpm
openstack-nova-compute-2014.2-2.el7.centos.noarch.rpm
python-nova-2014.2-2.el7.centos.noarch.rpm

openstack-nova-common-2014.2-2.el7.centos.noarch.rpm

openstack-nova-compute-2014.2-2.el7.centos.noarch.rpm

python-nova-2014.2-2.el7.centos.noarch.rpm

I had to forcefully install them using rpm -ivh –force then I restarted openstack-nova-compute service.
After this instances spawned correctly, yet I could not reach them (iptables rules missing, so I disabled iptables).

DHCP addresses got distributed to the instances correctly and I could reach internet from them via my Ubuntu-AIO which acts as a gateway to the internet as well.

Trove installation on Ubuntu 14.04

mazur OpenStack March 14, 2015juno, openstack, trove, ubuntu 0 Comment

When installing Trove service on Ubuntu 14.04 I encountered a problem with dependencies not met between Trove related packages.

Thus the following packages were installed manually with dpkg -i <package_name>

python-trove_2014.2-0ubuntu1_all.deb
trove-api_2014.2-0ubuntu1_all.deb
trove-common_2014.2-0ubuntu1_all.deb
trove-conductor_2014.2-0ubuntu1_all.deb
trove-taskmanager_2014.2-0ubuntu1_all.deb

python-trove_2014.2-0ubuntu1_all.deb

trove-api_2014.2-0ubuntu1_all.deb

trove-common_2014.2-0ubuntu1_all.deb

trove-conductor_2014.2-0ubuntu1_all.deb

trove-taskmanager_2014.2-0ubuntu1_all.deb

In order to make apt-get still working after manual package installation (which does not check dependencies) it is a must failed dependecies for manually installed packages

In /var/lib/dpkg/status, for each package for which there is a missing dependency just remove it (lsb-base (>= 4.1+Debian11ubuntu7)) from line in the status file:

Package: trove-taskmanager
(...)
Depends: trove-common, lsb-base (>= 4.1+Debian11ubuntu7) python:any -> change to lsb-base or remove dependency completely
(...)

Package: trove-taskmanager

(...)

Depends: trove-common, lsb-base (>= 4.1+Debian11ubuntu7) python:any -> change to lsb-base or remove dependency completely

(...)

If there is any config file missing in /etc/trove then download it from:

https://github.com/openstack/trove/tree/master/etc/trove

RabbitMQ

In order to use RabbitMQ the following line must be added in

trove.conf
trove-conductor.conf
trove-taskmanager.conf

rpc_backend = trove.openstack.common.rpc.impl_kombu

1	rpc_backend = trove.openstack.common.rpc.impl_kombu

Instead of (as per manual):

rpc_backend = rabbit

1	rpc_backend = rabbit

Swift AIO

mazur OpenStack March 14, 2015juno, openstack, swift, ubuntu 0 Comment

OpenStack installation instructions from openstack.org assume 3 node architecture therefore and the biggest problems that can be encountered while performing AIO (all-in-one) installation are with Swift.

In order to perform AIO installation for Swift the following instructions must be followed:

http://docs.openstack.org/developer/swift/development_saio.html

With some modifications according to normal installation instructions of Juno on Ubuntu (just use common sense to modify e.g. IPs accordingly, add keystone authentication as it is missing in AIO). After this installation command swift stat works properly.

If any swift related process does not start then it needs to be ensured that e.g. log directories/files have owner set to swift:swift.

← Previous

stackblog.net

Anything related to OpenStack, Linux, Cisco…

OpenStack

Heat templates with cinder volumes

IOS-XRv running on OpenStack

NTP synchronization

Accessing cloud images

Nova installation on OpenSUSE 13.1

Firewalld

RabbitMQ

Instance creation fails with “Cannot find suitable CPU” on Debian 7

VNC and firewalld on Centos 7 compute node

Nova installation on Centos 7

RabbitMQ

Nova incompatibility

Trove installation on Ubuntu 14.04

RabbitMQ

Swift AIO