Packstack

Packstack does not open iptables for horizon/client access to Neutron API

Bug #1288447 reported by Lars Kellogg-Stedman
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Packstack
Fix Released
Undecided
Unassigned

Bug Description

Packstack does not properly open up the firewall on the neutron server host.

The following services need access to the neutron api:

- Horizon
- Nova-api (which proxies some requests to neutron)
- The host on which the client tools are installed.

The current implementation only opens up access from the nova-compute hosts.

Revision history for this message
Lars Kellogg-Stedman (larsks) wrote :

I've submitted a fix for this bug:

https://review.openstack.org/#/c/78442/

Revision history for this message
Pádraig Brady (p-draigbrady) wrote :

Diagnosed by Shake Chen in https://www.redhat.com/archives/rdo-list/2014-March/msg00009.html

Revision history for this message
Lars Kellogg-Stedman (larsks) wrote :

mmagr proposed a new fix in https://review.openstack.org/#/c/77634/

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to packstack (master)

Reviewed: https://review.openstack.org/77634
Committed: https://git.openstack.org/cgit/stackforge/packstack/commit/?id=7f536f7e51bbb27a9a3cadb7a5ca73aeb10c190e
Submitter: Jenkins
Branch: master

commit 7f536f7e51bbb27a9a3cadb7a5ca73aeb10c190e
Author: Martin Magr <email address hidden>
Date: Mon Mar 3 15:10:17 2014 +0100

    Fixed Neutron ML2 issues

    - Value of CONFIG_NEUTRON_ML2_VXLAN_GROUP is missing quotes which generates
    Puppet syntax error when it is used

    - Command 'neutron-db-manage upgrade' is run only on certain host, so race
    condition has to be set only on relevant host

    - In case of multihost installation Neutron API has to be available for OSCLIENT_HOST
    and HORIZON_HOST

    Fixes: rhbz#1066519, rhbz#1068962
    Closes-bug: 1288447

    Change-Id: I40a7cd0c3117152eac945ab26bf0b51e911a4765

Changed in packstack:
status: New → Fix Committed
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to packstack (havana)

Fix proposed to branch: havana
Review: https://review.openstack.org/80578

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to packstack (havana)

Reviewed: https://review.openstack.org/80578
Committed: https://git.openstack.org/cgit/stackforge/packstack/commit/?id=355c98d13d0557d507746a4782fd914e1a1fa92a
Submitter: Jenkins
Branch: havana

commit 355c98d13d0557d507746a4782fd914e1a1fa92a
Author: Martin Magr <email address hidden>
Date: Mon Mar 3 15:10:17 2014 +0100

    Fixed Neutron ML2 issues

    - Value of CONFIG_NEUTRON_ML2_VXLAN_GROUP is missing quotes which generates
    Puppet syntax error when it is used

    - Command 'neutron-db-manage upgrade' is run only on certain host, so race
    condition has to be set only on relevant host

    - In case of multihost installation Neutron API has to be available for OSCLIENT_HOST
    and HORIZON_HOST

    Fixes: rhbz#1066519, rhbz#1068962
    Closes-bug: 1288447

    Change-Id: I40a7cd0c3117152eac945ab26bf0b51e911a4765
    (cherry picked from commit 7f536f7e51bbb27a9a3cadb7a5ca73aeb10c190e)

Revision history for this message
Ivan Chavero (imcsk8) (ichavero-ichavero) wrote : Cleanup EOL bug report

The status of this bug report was changed automatically.

Changed in packstack:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.