neutron FWaaS v2 installation breaks neutron-server
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack-Ansible |
Fix Released
|
Undecided
|
James Denton |
Bug Description
## OUR SETUP
OSA 18.1.0
Ubuntu 16.04
Neutron: OVS & DVR, neutron-server in lxc, neutron-agents on baremetal
## BUG
Deploying FWaaS v2 should be fairly simple (according to the docs): https:/
Unfortunately doing so sends neutron-server into a crash loop. The config changes (applied by os-neutron-
## NEUTRON SERVER
The neutron-server log file shows the following error message and restarts:
2019-01-04 19:36:47.052 130210 ERROR neutron.
8f7 - - - - -] No providers specified for 'FIREWALL_V2' service, exiting
Adding the service provider as stated in the scenario doc also did not help. I had to add the "_V2" to the line as stated in the error message above. The config line that works is:
[service_providers]
# ...
service_provider = FIREWALL_
That at least resolved the error above, but neutron-server is still crash looping. Now with a new error:
2019-01-09 07:44:22.956 5509 ERROR neutron.
rewall.
2019-01-09 07:44:22.958 5509 ERROR neutron.service [req-a792d15d-
Stderr: Cannot open network namespace "<neutron_
2019-01-09 07:44:22.958 5509 ERROR neutron.service Traceback (most recent call last):
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service service.start()
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service self.wsgi_app = _run_wsgi(
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service app = config.
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service app = loader.
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service return deploy.
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service return loadobj(APP, uri, name=name, **kw)
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service return context.create()
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service return self.object_
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service **context.
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service val = callable(*args, **kw)
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service app = loader.
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service name=name, global_
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service return self.object_
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service **context.
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service val = callable(*args, **kw)
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service app = loader.
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service name=name, global_
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service return self.object_
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service return fix_call(
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service val = callable(*args, **kw)
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service return pecan_app.
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service startup.
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service manager.init()
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service NeutronManager.
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service cls._create_
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service return f(*args, **kwargs)
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service cls._instance = cls()
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service self._load_
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service provider)
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service return plugin_class()
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service fwaas_constants
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service provider['driver'], plugin
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service return import_
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service zone_per_
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service return f(*args, **kwargs)
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service execute, namespace, zone_per_port)
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service self._populate_
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service rules = self.get_
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service return self.execute(args, run_as_
2019-01-09 07:44:22.958 5509 ERROR neutron.service File "/openstack/
2019-01-09 07:44:22.958 5509 ERROR neutron.service returncode=
2019-01-09 07:44:22.958 5509 ERROR neutron.service ProcessExecutio
2019-01-09 07:44:22.958 5509 ERROR neutron.service
2019-01-09 07:44:22.958 5509 ERROR neutron.service
The scenario doc also lists a "[fwaas]" section in neutron.conf, however adding that section did not make a difference at any point.
## NEUTRON L3 AGENT
The l3 agent was running the whole time, but I was not able to verify if it was properly configured for FWaaS v2. What I see is that it is not configured as the scenario doc examples.
l3_agent.ini lacks the following section form the scenario doc:
[AGENT]
extensions = fwaas_v2
But at the same time contains the "[fwaas]" section that the scenario doc places in the neutron.conf:
[fwaas]
agent_version = v2
driver = neutron_
enabled = True
## WAY FORWARD
I would be happy to provide patches for the os_neutron ansible role to make FWaaS v2 work, but I struggle on getting the configuration right. Also the scenario doc does not seem to be up-to-date (or simply wrong).
Also I wonder which network namespaces neutron-server is trying to access... if neutron-server needs access to the agents namespaces, then this will never work with the server in lxc...
description: | updated |
Changed in openstack-ansible: | |
assignee: | nobody → James Denton (james-denton) |
Changed in openstack-ansible: | |
status: | New → In Progress |
Fix proposed to branch: master /review. openstack. org/636757
Review: https:/