Fuel 5.0.1, 5.1.1
Ubuntu HA neutron with GRE
root@node-10:~# nova secgroup-list
+--------------------------------------+-----------+-------------+
| Id | Name | Description |
+--------------------------------------+-----------+-------------+
| 3f1350d4-72a7-4463-b1be-873f950d7155 | default | default |
| 48276dd8-dd27-4c45-9dde-df675368f98e | test-SG-1 | test-SG-1 |
| 4cd3b843-4148-49c9-87b6-82bb130e2972 | test-SG-1 | test-SG-1 |
| 6515c2d1-7468-4f21-a846-3c33e07a996f | test-SG-1 | test-SG-1-1 |
| 72eda190-4cfd-4003-8369-8b876e10f3aa | test-SG-1 | test-SG-1 |
| 110a6d1f-08fd-4079-befe-8e14bad9ea3d | test-SG-2 | test-SG-2 |
+--------------------------------------+-----------+-------------+
root@node-10:~# nova secgroup-create test-SG-1 test-SG-1
+--------------------------------------+-----------+-------------+
| Id | Name | Description |
+--------------------------------------+-----------+-------------+
| ab29243b-9935-4acc-b392-5ae6de6d10c4 | test-SG-1 | test-SG-1 |
+--------------------------------------+-----------+-------------+
root@node-10:~# nova secgroup-list
+--------------------------------------+-----------+-------------+
| Id | Name | Description |
+--------------------------------------+-----------+-------------+
| 3f1350d4-72a7-4463-b1be-873f950d7155 | default | default |
| 48276dd8-dd27-4c45-9dde-df675368f98e | test-SG-1 | test-SG-1 |
| 4cd3b843-4148-49c9-87b6-82bb130e2972 | test-SG-1 | test-SG-1 |
| 6515c2d1-7468-4f21-a846-3c33e07a996f | test-SG-1 | test-SG-1-1 |
| 72eda190-4cfd-4003-8369-8b876e10f3aa | test-SG-1 | test-SG-1 |
| ab29243b-9935-4acc-b392-5ae6de6d10c4 | test-SG-1 | test-SG-1 |
| 110a6d1f-08fd-4079-befe-8e14bad9ea3d | test-SG-2 | test-SG-2 |
+--------------------------------------+-----------+-------------+
Than if we will use Nova CLI to create an instance with
--security-groups <security-groups>
Comma separated list of security group names.
using NAME
#nova --debug boot --image 456e456f-9784-4fb2-9170-4cae39df088f --flavor m1.small --security-groups test-SG-1 --nic net-id=49aadfea-4376-402a-a677-03aa3e04dbda SG-test-SG-name
We will get an error
root@node-10:~# nova --debug boot --image 456e456f-9784-4fb2-9170-4cae39df088f --flavor m1.small --security-groups test-SG-1 --nic net-id=49aadfea-4376-402a-a677-03aa3e04dbda SG-test-SG-name
REQ: curl -i 'http://192.168.0.2:5000/v2.0/tokens' -X POST -H "Content-Type: application/json" -H "Accept: application/json" -H "User-Agent: python-novaclient" -d '{"auth": {"tenantName": "admin", "passwordCredentials": {"username": "admin", "password": "admin"}}}'
New session created for: (http://192.168.0.2:5000)
INFO (connectionpool:202) Starting new HTTP connection (1): 192.168.0.2
DEBUG (connectionpool:296) "POST /v2.0/tokens HTTP/1.1" 200 3370
RESP: [200] CaseInsensitiveDict({'date': 'Tue, 25 Nov 2014 13:38:28 GMT', 'vary': 'X-Auth-Token', 'content-length': '3370', 'content-type': 'application/json', 'x-distribution': 'Ubuntu'})
RESP BODY: {"access": {"token": {"issued_at": "2014-11-25T13:38:28.076692", "expires": "2014-11-25T14:38:28Z", "id": "4254c8e22728437f9181fa82d90aee92", "tenant": {"description": "admin tenant", "enabled": true, "id": "3fdcf2277d274e13803f27d348596d41", "name": "admin"}}, "serviceCatalog": [{"endpoints": [{"adminURL": "http://192.168.0.2:8774/v2/3fdcf2277d274e13803f27d348596d41", "region": "RegionOne", "internalURL": "http://192.168.0.2:8774/v2/3fdcf2277d274e13803f27d348596d41", "id": "4a3b50564fde456d92237bc97066b133", "publicURL": "http://172.16.37.194:8774/v2/3fdcf2277d274e13803f27d348596d41"}], "endpoints_links": [], "type": "compute", "name": "nova"}, {"endpoints": [{"adminURL": "http://192.168.0.2:9696", "region": "RegionOne", "internalURL": "http://192.168.0.2:9696", "id": "63412f1218904667a3d494ac9a889f04", "publicURL": "http://172.16.37.194:9696"}], "endpoints_links": [], "type": "network", "name": "neutron"}, {"endpoints": [{"adminURL": "http://192.168.0.2:8080", "region": "RegionOne", "internalURL": "http://192.168.0.2:8080", "id": "18a8aba93bdc4fddb00f85053bc9b49f", "publicURL": "http://172.16.37.194:8080"}], "endpoints_links": [], "type": "s3", "name": "swift_s3"}, {"endpoints": [{"adminURL": "http://192.168.0.2:9292", "region": "RegionOne", "internalURL": "http://192.168.0.2:9292", "id": "69996f40fa174001be8fa752301d1273", "publicURL": "http://172.16.37.194:9292"}], "endpoints_links": [], "type": "image", "name": "glance"}, {"endpoints": [{"adminURL": "http://192.168.0.2:8776/v1/3fdcf2277d274e13803f27d348596d41", "region": "RegionOne", "internalURL": "http://192.168.0.2:8776/v1/3fdcf2277d274e13803f27d348596d41", "id": "021ac44760674504874f27da642cead8", "publicURL": "http://172.16.37.194:8776/v1/3fdcf2277d274e13803f27d348596d41"}], "endpoints_links": [], "type": "volume", "name": "cinder"}, {"endpoints": [{"adminURL": "http://192.168.0.2:8773/services/Admin", "region": "RegionOne", "internalURL": "http://192.168.0.2:8773/services/Cloud", "id": "6ae3973024634ab2ba1d9adb06c10986", "publicURL": "http://172.16.37.194:8773/services/Cloud"}], "endpoints_links": [], "type": "ec2", "name": "nova_ec2"}, {"endpoints": [{"adminURL": "http://192.168.0.2:8004/v1/3fdcf2277d274e13803f27d348596d41", "region": "RegionOne", "internalURL": "http://192.168.0.2:8004/v1/3fdcf2277d274e13803f27d348596d41", "id": "8257cca0ae134e5594817e6ffea0ae18", "publicURL": "http://172.16.37.194:8004/v1/3fdcf2277d274e13803f27d348596d41"}], "endpoints_links": [], "type": "orchestration", "name": "heat"}, {"endpoints": [{"adminURL": "http://192.168.0.2:8080/", "region": "RegionOne", "internalURL": "http://192.168.0.2:8080/v1/AUTH_3fdcf2277d274e13803f27d348596d41", "id": "63f3848375594e7abe6f64535a6afd50", "publicURL": "http://172.16.37.194:8080/v1/AUTH_3fdcf2277d274e13803f27d348596d41"}], "endpoints_links": [], "type": "object-store", "name": "swift"}, {"endpoints": [{"adminURL": "http://192.168.0.2:35357/v2.0", "region": "RegionOne", "internalURL": "http://192.168.0.2:5000/v2.0", "id": "3390343d92f642bbaaa33ba19bfcb6b5", "publicURL": "http://172.16.37.194:5000/v2.0"}], "endpoints_links": [], "type": "identity", "name": "keystone"}], "user": {"username": "admin", "roles_links": [], "id": "edbe7e7547314b6a9e92bd6fb090ee60", "roles": [{"name": "admin"}], "name": "admin"}, "metadata": {"is_admin": 0, "roles": ["696dbeb4cc2c4374a4113e9b647fdea7"]}}}
REQ: curl -i 'http://172.16.37.194:8774/v2/3fdcf2277d274e13803f27d348596d41/images/456e456f-9784-4fb2-9170-4cae39df088f' -X GET -H "X-Auth-Project-Id: admin" -H "User-Agent: python-novaclient" -H "Accept: application/json" -H "X-Auth-Token: 4254c8e22728437f9181fa82d90aee92"
New session created for: (http://172.16.37.194:8774)
INFO (connectionpool:202) Starting new HTTP connection (1): 172.16.37.194
DEBUG (connectionpool:296) "GET /v2/3fdcf2277d274e13803f27d348596d41/images/456e456f-9784-4fb2-9170-4cae39df088f HTTP/1.1" 200 797
RESP: [200] CaseInsensitiveDict({'date': 'Tue, 25 Nov 2014 13:38:28 GMT', 'content-length': '797', 'content-type': 'application/json', 'x-compute-request-id': 'req-23b58275-04cd-4721-b606-77634719ebae'})
RESP BODY: {"image": {"status": "ACTIVE", "updated": "2014-11-21T14:30:42Z", "links": [{"href": "http://172.16.37.194:8774/v2/3fdcf2277d274e13803f27d348596d41/images/456e456f-9784-4fb2-9170-4cae39df088f", "rel": "self"}, {"href": "http://172.16.37.194:8774/3fdcf2277d274e13803f27d348596d41/images/456e456f-9784-4fb2-9170-4cae39df088f", "rel": "bookmark"}, {"href": "http://172.16.37.196:9292/3fdcf2277d274e13803f27d348596d41/images/456e456f-9784-4fb2-9170-4cae39df088f", "type": "application/vnd.openstack.image", "rel": "alternate"}], "id": "456e456f-9784-4fb2-9170-4cae39df088f", "OS-EXT-IMG-SIZE:size": 14811136, "name": "TestVM", "created": "2014-11-21T14:30:41Z", "minDisk": 0, "progress": 100, "minRam": 64, "metadata": {"murano_image_info": "{\"title\": \"Murano Demo\", \"type\": \"cirros.demo\"}"}}}
REQ: curl -i 'http://172.16.37.194:8774/v2/3fdcf2277d274e13803f27d348596d41/flavors/m1.small' -X GET -H "X-Auth-Project-Id: admin" -H "User-Agent: python-novaclient" -H "Accept: application/json" -H "X-Auth-Token: 4254c8e22728437f9181fa82d90aee92"
DEBUG (connectionpool:296) "GET /v2/3fdcf2277d274e13803f27d348596d41/flavors/m1.small HTTP/1.1" 404 78
RESP: [404] CaseInsensitiveDict({'date': 'Tue, 25 Nov 2014 13:38:28 GMT', 'content-length': '78', 'content-type': 'application/json; charset=UTF-8', 'x-compute-request-id': 'req-96bc0a4b-b297-4aef-b2ef-b88a3db9682f'})
RESP BODY: {"itemNotFound": {"message": "The resource could not be found.", "code": 404}}
REQ: curl -i 'http://172.16.37.194:8774/v2/3fdcf2277d274e13803f27d348596d41/flavors' -X GET -H "X-Auth-Project-Id: admin" -H "User-Agent: python-novaclient" -H "Accept: application/json" -H "X-Auth-Token: 4254c8e22728437f9181fa82d90aee92"
DEBUG (connectionpool:296) "GET /v2/3fdcf2277d274e13803f27d348596d41/flavors HTTP/1.1" 200 1344
RESP: [200] CaseInsensitiveDict({'date': 'Tue, 25 Nov 2014 13:38:28 GMT', 'content-length': '1344', 'content-type': 'application/json', 'x-compute-request-id': 'req-56e205c1-74f7-483a-9700-81da9aeddb6e'})
RESP BODY: {"flavors": [{"id": "2", "links": [{"href": "http://172.16.37.194:8774/v2/3fdcf2277d274e13803f27d348596d41/flavors/2", "rel": "self"}, {"href": "http://172.16.37.194:8774/3fdcf2277d274e13803f27d348596d41/flavors/2", "rel": "bookmark"}], "name": "m1.small"}, {"id": "2b1d85c3-e317-4653-8a25-479961a366ed", "links": [{"href": "http://172.16.37.194:8774/v2/3fdcf2277d274e13803f27d348596d41/flavors/2b1d85c3-e317-4653-8a25-479961a366ed", "rel": "self"}, {"href": "http://172.16.37.194:8774/3fdcf2277d274e13803f27d348596d41/flavors/2b1d85c3-e317-4653-8a25-479961a366ed", "rel": "bookmark"}], "name": "m1.tiny"}, {"id": "3", "links": [{"href": "http://172.16.37.194:8774/v2/3fdcf2277d274e13803f27d348596d41/flavors/3", "rel": "self"}, {"href": "http://172.16.37.194:8774/3fdcf2277d274e13803f27d348596d41/flavors/3", "rel": "bookmark"}], "name": "m1.medium"}, {"id": "4", "links": [{"href": "http://172.16.37.194:8774/v2/3fdcf2277d274e13803f27d348596d41/flavors/4", "rel": "self"}, {"href": "http://172.16.37.194:8774/3fdcf2277d274e13803f27d348596d41/flavors/4", "rel": "bookmark"}], "name": "m1.large"}, {"id": "5", "links": [{"href": "http://172.16.37.194:8774/v2/3fdcf2277d274e13803f27d348596d41/flavors/5", "rel": "self"}, {"href": "http://172.16.37.194:8774/3fdcf2277d274e13803f27d348596d41/flavors/5", "rel": "bookmark"}], "name": "m1.xlarge"}]}
REQ: curl -i 'http://172.16.37.194:8774/v2/3fdcf2277d274e13803f27d348596d41/flavors' -X GET -H "X-Auth-Project-Id: admin" -H "User-Agent: python-novaclient" -H "Accept: application/json" -H "X-Auth-Token: 4254c8e22728437f9181fa82d90aee92"
DEBUG (connectionpool:296) "GET /v2/3fdcf2277d274e13803f27d348596d41/flavors HTTP/1.1" 200 1344
RESP: [200] CaseInsensitiveDict({'date': 'Tue, 25 Nov 2014 13:38:28 GMT', 'content-length': '1344', 'content-type': 'application/json', 'x-compute-request-id': 'req-caab2740-dae2-4833-abf5-8a088bd845d1'})
RESP BODY: {"flavors": [{"id": "2", "links": [{"href": "http://172.16.37.194:8774/v2/3fdcf2277d274e13803f27d348596d41/flavors/2", "rel": "self"}, {"href": "http://172.16.37.194:8774/3fdcf2277d274e13803f27d348596d41/flavors/2", "rel": "bookmark"}], "name": "m1.small"}, {"id": "2b1d85c3-e317-4653-8a25-479961a366ed", "links": [{"href": "http://172.16.37.194:8774/v2/3fdcf2277d274e13803f27d348596d41/flavors/2b1d85c3-e317-4653-8a25-479961a366ed", "rel": "self"}, {"href": "http://172.16.37.194:8774/3fdcf2277d274e13803f27d348596d41/flavors/2b1d85c3-e317-4653-8a25-479961a366ed", "rel": "bookmark"}], "name": "m1.tiny"}, {"id": "3", "links": [{"href": "http://172.16.37.194:8774/v2/3fdcf2277d274e13803f27d348596d41/flavors/3", "rel": "self"}, {"href": "http://172.16.37.194:8774/3fdcf2277d274e13803f27d348596d41/flavors/3", "rel": "bookmark"}], "name": "m1.medium"}, {"id": "4", "links": [{"href": "http://172.16.37.194:8774/v2/3fdcf2277d274e13803f27d348596d41/flavors/4", "rel": "self"}, {"href": "http://172.16.37.194:8774/3fdcf2277d274e13803f27d348596d41/flavors/4", "rel": "bookmark"}], "name": "m1.large"}, {"id": "5", "links": [{"href": "http://172.16.37.194:8774/v2/3fdcf2277d274e13803f27d348596d41/flavors/5", "rel": "self"}, {"href": "http://172.16.37.194:8774/3fdcf2277d274e13803f27d348596d41/flavors/5", "rel": "bookmark"}], "name": "m1.xlarge"}]}
REQ: curl -i 'http://172.16.37.194:8774/v2/3fdcf2277d274e13803f27d348596d41/flavors/2' -X GET -H "X-Auth-Project-Id: admin" -H "User-Agent: python-novaclient" -H "Accept: application/json" -H "X-Auth-Token: 4254c8e22728437f9181fa82d90aee92"
DEBUG (connectionpool:296) "GET /v2/3fdcf2277d274e13803f27d348596d41/flavors/2 HTTP/1.1" 200 427
RESP: [200] CaseInsensitiveDict({'date': 'Tue, 25 Nov 2014 13:38:28 GMT', 'content-length': '427', 'content-type': 'application/json', 'x-compute-request-id': 'req-ec25a4ec-94cc-4ef8-830f-db00160144c6'})
RESP BODY: {"flavor": {"name": "m1.small", "links": [{"href": "http://172.16.37.194:8774/v2/3fdcf2277d274e13803f27d348596d41/flavors/2", "rel": "self"}, {"href": "http://172.16.37.194:8774/3fdcf2277d274e13803f27d348596d41/flavors/2", "rel": "bookmark"}], "ram": 2048, "OS-FLV-DISABLED:disabled": false, "vcpus": 1, "swap": "", "os-flavor-access:is_public": true, "rxtx_factor": 1.0, "OS-FLV-EXT-DATA:ephemeral": 0, "disk": 20, "id": "2"}}
REQ: curl -i 'http://172.16.37.194:8774/v2/3fdcf2277d274e13803f27d348596d41/servers' -X POST -H "X-Auth-Project-Id: admin" -H "User-Agent: python-novaclient" -H "Content-Type: application/json" -H "Accept: application/json" -H "X-Auth-Token: 4254c8e22728437f9181fa82d90aee92" -d '{"server": {"name": "SG-test-SG-name", "imageRef": "456e456f-9784-4fb2-9170-4cae39df088f", "flavorRef": "2", "max_count": 1, "min_count": 1, "networks": [{"uuid": "49aadfea-4376-402a-a677-03aa3e04dbda"}], "security_groups": [{"name": "test-SG-1"}]}}'
DEBUG (connectionpool:296) "POST /v2/3fdcf2277d274e13803f27d348596d41/servers HTTP/1.1" 409 142
RESP: [409] CaseInsensitiveDict({'date': 'Tue, 25 Nov 2014 13:38:29 GMT', 'content-length': '142', 'content-type': 'application/json; charset=UTF-8', 'x-compute-request-id': 'req-71d3d161-5eca-4a31-86ea-0b9511d0558b'})
RESP BODY: {"conflictingRequest": {"message": "Multiple security_group matches found for name 'test-SG-1', use an ID to be more specific.", "code": 409}}
DEBUG (shell:777) Multiple security_group matches found for name 'test-SG-1', use an ID to be more specific. (HTTP 409) (Request-ID: req-71d3d161-5eca-4a31-86ea-0b9511d0558b)
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/novaclient/shell.py", line 774, in main
OpenStackComputeShell().main(map(strutils.safe_decode, sys.argv[1:]))
File "/usr/lib/python2.7/dist-packages/novaclient/shell.py", line 710, in main
args.func(self.cs, args)
File "/usr/lib/python2.7/dist-packages/novaclient/v1_1/shell.py", line 433, in do_boot
server = cs.servers.create(*boot_args, **boot_kwargs)
File "/usr/lib/python2.7/dist-packages/novaclient/v1_1/servers.py", line 871, in create
**boot_kwargs)
File "/usr/lib/python2.7/dist-packages/novaclient/v1_1/servers.py", line 534, in _boot
return_raw=return_raw, **kwargs)
File "/usr/lib/python2.7/dist-packages/novaclient/base.py", line 152, in _create
_resp, body = self.api.client.post(url, body=body)
File "/usr/lib/python2.7/dist-packages/novaclient/client.py", line 286, in post
return self._cs_request(url, 'POST', **kwargs)
File "/usr/lib/python2.7/dist-packages/novaclient/client.py", line 260, in _cs_request
**kwargs)
File "/usr/lib/python2.7/dist-packages/novaclient/client.py", line 242, in _time_request
resp, body = self.request(url, method, **kwargs)
File "/usr/lib/python2.7/dist-packages/novaclient/client.py", line 236, in request
raise exceptions.from_response(resp, body, url, method)
Conflict: Multiple security_group matches found for name 'test-SG-1', use an ID to be more specific. (HTTP 409) (Request-ID: req-71d3d161-5eca-4a31-86ea-0b9511d0558b)
ERROR: Multiple security_group matches found for name 'test-SG-1', use an ID to be more specific. (HTTP 409) (Request-ID: req-71d3d161-5eca-4a31-86ea-0b9511d0558b)
In this case only one way - use security group ID
root@node-10:~# nova --debug boot --image 456e456f-9784-4fb2-9170-4cae39df088f --flavor m1.small --security-groups 72eda190-4cfd-4003-8369-8b876e10f3aa,ab29243b-9935-4acc-b392-5ae6de6d10c4 --nic net-id=49aadfea-4376-402a-a677-03aa3e04dbda SG-test-SG-i
+--------------------------------------+----------------------------------------------------------------------------+
| Property | Value |
+--------------------------------------+----------------------------------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | nova |
| OS-EXT-SRV-ATTR:host | - |
| OS-EXT-SRV-ATTR:hypervisor_hostname | - |
| OS-EXT-SRV-ATTR:instance_name | instance-0000001a |
| OS-EXT-STS:power_state | 0 |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | - |
| OS-SRV-USG:terminated_at | - |
| accessIPv4 | |
| accessIPv6 | |
| adminPass | TStRBtUQ5qTx |
| config_drive | |
| created | 2014-11-25T13:52:11Z |
| flavor | m1.small (2) |
| hostId | |
| id | 9cc252bd-56d5-49c2-8039-db561243905a |
| image | TestVM (456e456f-9784-4fb2-9170-4cae39df088f) |
| key_name | - |
| metadata | {} |
| name | SG-test-SG-id |
| os-extended-volumes:volumes_attached | [] |
| progress | 0 |
| security_groups | 72eda190-4cfd-4003-8369-8b876e10f3aa, ab29243b-9935-4acc-b392-5ae6de6d10c4 |
| status | BUILD |
| tenant_id | 3fdcf2277d274e13803f27d348596d41 |
| updated | 2014-11-25T13:52:11Z |
| user_id | edbe7e7547314b6a9e92bd6fb090ee60 |
+--------------------------------------+----------------------------------------------------------------------------+
done
but into horizon we see just security group's names.
We must check the security group names for uniqueness before creating them.
In Horizon we see just names of security groups.