From Brad.Lodgen at centurylink.com Mon Jul 7 21:43:44 2014 From: Brad.Lodgen at centurylink.com (Lodgen, Brad) Date: Mon, 7 Jul 2014 21:43:44 +0000 Subject: [rhos-list] Fresh RHOS Install: Dashboard pages broken Message-ID: Hey guys, hoping someone has some spare cycles to assist here. I've just finished a fresh packstack install with one controller, two compute nodes, one swift node, and one cinder node. Install completed with no errors. Following the install, I rebooted all nodes. Upon bringing up the dashboard, -when under the admin tab, clicking "Volumes" or "Defaults" brings up the "something went wrong" page -when under the project "admin" tab, clicking "Volumes" or "Images and Snapshots" brings up the "something went wrong" page What logs should I look in to troubleshoot? I've browsed just about every log on the controller and cinder node, but I don't see any glaring issues/errors. Would it help to post my sanitized packstack answer file? -------------- next part -------------- An HTML attachment was scrubbed... URL: From Brad.Lodgen at centurylink.com Mon Jul 7 22:01:34 2014 From: Brad.Lodgen at centurylink.com (Lodgen, Brad) Date: Mon, 7 Jul 2014 22:01:34 +0000 Subject: [rhos-list] Fresh RHOS Install: Dashboard pages broken In-Reply-To: References: Message-ID: Poking around, I couldn't find anything other than the controller node was not included in IPTables rules for cinder ports 3260/8776, so I added a rule, restarted IPTables, tried to access the dashboard again and those pages load fine now. I was able to successfully create a volume in my admin project. Should the puppet manifest have created the rule? From: Lodgen, Brad Sent: Monday, July 07, 2014 4:44 PM To: 'rhos-list at redhat.com' Subject: Fresh RHOS Install: Dashboard pages broken Hey guys, hoping someone has some spare cycles to assist here. I've just finished a fresh packstack install with one controller, two compute nodes, one swift node, and one cinder node. Install completed with no errors. Following the install, I rebooted all nodes. Upon bringing up the dashboard, -when under the admin tab, clicking "Volumes" or "Defaults" brings up the "something went wrong" page -when under the project "admin" tab, clicking "Volumes" or "Images and Snapshots" brings up the "something went wrong" page What logs should I look in to troubleshoot? I've browsed just about every log on the controller and cinder node, but I don't see any glaring issues/errors. Would it help to post my sanitized packstack answer file? -------------- next part -------------- An HTML attachment was scrubbed... URL: From Brad.Lodgen at centurylink.com Mon Jul 7 22:09:33 2014 From: Brad.Lodgen at centurylink.com (Lodgen, Brad) Date: Mon, 7 Jul 2014 22:09:33 +0000 Subject: [rhos-list] Fresh RHOS Install: Dashboard pages broken In-Reply-To: References: Message-ID: One more question to toss in... while troubleshooting and looking at the manual setup of cinder, this section here: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/4/html/Installation_and_Configuration_Guide/Configuring_Authentication3.html notes that the following should exist, but some do not exist immediately following a packstack deployment; is this normal? [root at X ~]# grep -i "auth_strategy" /etc/cinder/cinder.conf #auth_strategy=noauth auth_strategy=keystone [root at X ~]# grep -i "auth_host" /etc/cinder/cinder.conf [root at X ~]# grep -i "admin_tenant_name" /etc/cinder/cinder.conf [root at X ~]# grep -i "admin_user" /etc/cinder/cinder.conf [root at X ~]# grep -i "admin_password" /etc/cinder/cinder.conf [root at X ~]# From: Lodgen, Brad Sent: Monday, July 07, 2014 5:02 PM To: 'rhos-list at redhat.com' Subject: RE: Fresh RHOS Install: Dashboard pages broken Poking around, I couldn't find anything other than the controller node was not included in IPTables rules for cinder ports 3260/8776, so I added a rule, restarted IPTables, tried to access the dashboard again and those pages load fine now. I was able to successfully create a volume in my admin project. Should the puppet manifest have created the rule? From: Lodgen, Brad Sent: Monday, July 07, 2014 4:44 PM To: 'rhos-list at redhat.com' Subject: Fresh RHOS Install: Dashboard pages broken Hey guys, hoping someone has some spare cycles to assist here. I've just finished a fresh packstack install with one controller, two compute nodes, one swift node, and one cinder node. Install completed with no errors. Following the install, I rebooted all nodes. Upon bringing up the dashboard, -when under the admin tab, clicking "Volumes" or "Defaults" brings up the "something went wrong" page -when under the project "admin" tab, clicking "Volumes" or "Images and Snapshots" brings up the "something went wrong" page What logs should I look in to troubleshoot? I've browsed just about every log on the controller and cinder node, but I don't see any glaring issues/errors. Would it help to post my sanitized packstack answer file? -------------- next part -------------- An HTML attachment was scrubbed... URL: From pmyers at redhat.com Tue Jul 8 00:30:34 2014 From: pmyers at redhat.com (Perry Myers) Date: Mon, 07 Jul 2014 20:30:34 -0400 Subject: [rhos-list] Fresh RHOS Install: Dashboard pages broken In-Reply-To: References: Message-ID: <53BB3BAA.9010805@redhat.com> Responses inline, and I've added a few folks to help take a look. On 07/07/2014 06:09 PM, Lodgen, Brad wrote: > One more question to toss in? while troubleshooting and looking at the > manual setup of cinder, this section here: > > https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/4/html/Installation_and_Configuration_Guide/Configuring_Authentication3.html > > notes that the following should exist, but some do not exist immediately > following a packstack deployment; is this normal? > > [root at X ~]# grep -i "auth_strategy" /etc/cinder/cinder.conf > > #auth_strategy=noauth > > auth_strategy=keystone > > [root at X ~]# grep -i "auth_host" /etc/cinder/cinder.conf > > [root at X ~]# grep -i "admin_tenant_name" /etc/cinder/cinder.conf > > [root at X ~]# grep -i "admin_user" /etc/cinder/cinder.conf > > [root at X ~]# grep -i "admin_password" /etc/cinder/cinder.conf > > [root at X ~]# Ivan/Martin/Eric, any thoughts? > *From:*Lodgen, Brad > > Poking around, I couldn?t find anything other than the controller node > was not included in IPTables rules for cinder ports 3260/8776, so I > added a rule, restarted IPTables, tried to access the dashboard again > and those pages load fine now. I was able to successfully create a > volume in my admin project. > > Should the puppet manifest have created the rule? I believe so, but... what version of RHEL OSP are you using? Is it RHEL OSP 4? It's worth noting that in RHEL OSP 5 and RDO Icehouse we made an explicit decision to reduce the scope of Packstack to mainly all-in-one installers with separate compute nodes. This was so we could focus less on complex Packstack deployments and more on complex deployments using Foreman. So, it might be worthwhile for you to look at Foreman a bit vs. investing too much in Packstack. In any case, Ivan/Martin, can you help with figuring out if this issue is something we need to resolve in the puppet modules? Perry > *From:*Lodgen, Brad > > Hey guys, hoping someone has some spare cycles to assist here. I?ve just > finished a fresh packstack install with one controller, two compute > nodes, one swift node, and one cinder node. Install completed with no > errors. Following the install, I rebooted all nodes. Upon bringing up > the dashboard, > > -when under the admin tab, clicking ?Volumes? or ?Defaults? brings up > the ?something went wrong? page > > -when under the project ?admin? tab, clicking ?Volumes? or ?Images and > Snapshots? brings up the ?something went wrong? page > > What logs should I look in to troubleshoot? I?ve browsed just about > every log on the controller and cinder node, but I don?t see any glaring > issues/errors. Would it help to post my sanitized packstack answer file? From zaitcev at redhat.com Tue Jul 8 01:04:35 2014 From: zaitcev at redhat.com (Pete Zaitcev) Date: Mon, 7 Jul 2014 19:04:35 -0600 Subject: [rhos-list] Fresh RHOS Install: Dashboard pages broken In-Reply-To: <53BB3BAA.9010805@redhat.com> References: <53BB3BAA.9010805@redhat.com> Message-ID: <20140707190435.6ba6c421@guren.zaitcev.lan> On Mon, 07 Jul 2014 20:30:34 -0400 Perry Myers wrote: > Responses inline, and I've added a few folks to help take a look. > > On 07/07/2014 06:09 PM, Lodgen, Brad wrote: > > [root at X ~]# grep -i "auth_strategy" /etc/cinder/cinder.conf > > > > #auth_strategy=noauth > > > > auth_strategy=keystone > > > > [root at X ~]# grep -i "auth_host" /etc/cinder/cinder.conf > > > > [root at X ~]# grep -i "admin_tenant_name" /etc/cinder/cinder.conf > > > > [root at X ~]# grep -i "admin_user" /etc/cinder/cinder.conf > > > > [root at X ~]# grep -i "admin_password" /etc/cinder/cinder.conf > > > > [root at X ~]# > > Ivan/Martin/Eric, any thoughts? Cinder takes it from /etc/cinder/api-paste.ini. The generally accepted practice is a mixed bag [root at simbelmyne zaitcev]# find /etc -type f -print0 | xargs -0 grep auth_host /etc/neutron/neutron.conf:# auth_host = 127.0.0.1 /etc/neutron/neutron.conf:auth_host = 192.168.128.10 /etc/neutron/dhcp_agent.ini:auth_host=simbelmyne /etc/neutron/api-paste.ini:auth_host=192.168.128.10 /etc/nova/nova.conf:#auth_host=127.0.0.1 /etc/nova/nova.conf:auth_host=simbelmyne.zaitcev.lan /etc/ceilometer/ceilometer.conf:#auth_host=127.0.0.1 /etc/ceilometer/ceilometer.conf:auth_host=192.168.128.10 /etc/ceilometer/ceilometer.conf.rpmnew:#auth_host=127.0.0.1 /etc/glance/glance-registry.conf:auth_host=192.168.128.10 /etc/glance/glance-api.conf:auth_host=192.168.128.10 /etc/manila/manila.conf:auth_host = 127.0.0.1 /etc/manila/api-paste.ini:auth_host = 127.0.0.1 /etc/cinder/api-paste.ini:auth_host=192.168.128.10 [root at simbelmyne zaitcev]# Personally I hate editing api-pages.ini, I think it should remain static like dist-conf files in /usr. -- P From sclewis at redhat.com Tue Jul 8 20:28:47 2014 From: sclewis at redhat.com (Scott Lewis) Date: Tue, 8 Jul 2014 16:28:47 -0400 (EDT) Subject: [rhos-list] RHEL-7-OSP-5.0 is released! In-Reply-To: <807007575.7911543.1404851302977.JavaMail.zimbra@redhat.com> Message-ID: <1487334033.7911675.1404851327569.JavaMail.zimbra@redhat.com> The Red Hat OpenStack team is pleased to announce the release of Red Hat Enterprise Linux OpenStack Platform version 5.0 for RHEL 7.0 (RHEL-7-OSP-5). This release contains over 1,250 enhancements, bugfixes, documentation changes, and security updates to Red Hat Enterprise Linux OpenStack Platform, and is based on the upstream OpenStack Icehouse (2014.1) release [1]. This is the first major release of RHEL-OSP since version 4.0, based on Havana, was released on 19-Dec-13. RHEL-7-OSP-5 will have a 3-year support lifecycle, ending on 30-Jun-17, and is planned to have multiple updates throughout the Production Phase, see [2] for more details. RHEL-7-OSP-5 contains all the features delivered with Icehouse as well as the additional hardening, stability, and functionality by validating upstream bugs, as well as integration with other Red Hat products, and comprehensive documentation. This release provides non-high availability (HA) services, and the Packstack Installer. RHEL-7-OSP-5 will run on RHEL 7.0. Content can be accessed via the Red Hat Content Delivery Network (CDN) through subsciption management, or via Red Hat Network through Red Hat Satellite 5 (see documentation for details). The next planned release for this major version will include high availability and the RHEL-OSP Installer, planned for late July. Documentation: - All 5.0 Guides: https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/5/ - Release notes: https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/5/html/Release_Notes/index.html Marketing: - http://www.redhat.com/about/news/press-archive/2014/7/red-hat-announces-global-availability-of-red-hat-enterprise-linux-openstack-platform-5 Advisories: ? telemetry (ceilometer) ? https://rhn.redhat.com/errata/RHEA-2014-0845.html ? block (cinder) ? https://rhn.redhat.com/errata/RHEA-2014-0852.html ? image (glance) ? https://rhn.redhat.com/errata/RHEA-2014-0851.html ? orchestration (heat) ? https://rhn.redhat.com/errata/RHEA-2014-0849.html ? identity (keystone) ? https://rhn.redhat.com/errata/RHEA-2014-0854.html ? networking (neutron) ? https://rhn.redhat.com/errata/RHEA-2014-0848.html ? compute (nova) ? https://rhn.redhat.com/errata/RHEA-2014-0853.html ? object storage (swift) ? https://rhn.redhat.com/errata/RHEA-2014-0847.html ? installer (packstack) ? https://rhn.redhat.com/errata/RHEA-2014-0846.html ? runtime components ? https://rhn.redhat.com/errata/RHEA-2014-0845.html ? dashboard (horizon) ? https://rhn.redhat.com/errata/RHEA-2014-0855.html ? qpid for EL-7 ? https://rhn.redhat.com/errata/RHEA-2014-0832.html Blueprints implemented: Component RFEs - openstack-nova 62 - openstack-neutron 48 - python-django-horizon 41 - openstack-sahara 38 - openstack-keystone 28 - openstack-cinder 22 - openstack-glance 10 - openstack-ironic 7 - openstack-heat 5 - distribution 1 - openstack-puppet-modules 1 - openstack-swift 1 - python-keystoneclient 1 Total Blueprints Implemented 265 Bugs closed: Component Bugs - openstack-packstack 88 - openstack-neutron 55 - python-django-horizon 55 - openstack-nova 53 - openstack-cinder 43 - openstack-foreman-installer 32 - openstack-puppet-modules 24 - openstack-selinux 24 - openstack-glance 23 - openstack-keystone 17 - python-novaclient 9 - distribution 7 - python-neutronclient 7 - python-keystoneclient 6 - redhat-access-plugin-openstack 6 - rubygem-staypuft 6 - all other components 42 Total Bugs Closed 497 Books: Guide Bugs - doc-Installation_and_Configuration_Guide 115 - doc-Getting_Started_Guide 35 - doc-User_Guide 28 - doc-Administration_User_Guide 25 - doc-Configuration_Reference_Guide 19 - doc-Release_Notes 14 - doc-Cloud_Administrator_Guide 11 - doc-CLI_Reference 6 - Documentation 1 - doc-Technical_Notes 1 - doc-i18n 1 - doc-Upgrade 1 - Total 257 [1] https://wiki.openstack.org/wiki/ReleaseNotes/Icehouse [2] https://access.redhat.com/site/support/policy/updates/openstack/platform/ Thanks, Scott Scott Lewis Engineering Program Manager Red Hat OpenStack Office: 919-754-4228 sclewis at redhat.com From Brad.Lodgen at centurylink.com Tue Jul 8 22:58:52 2014 From: Brad.Lodgen at centurylink.com (Lodgen, Brad) Date: Tue, 8 Jul 2014 22:58:52 +0000 Subject: [rhos-list] Cannot create/modify projects: no default role Member Message-ID: Hi folks, When I try to create or modify a project, it fails. To troubleshoot, I tailed the /var/log/horizon/horizon.log file while clicking create project and this is what I got (sanitized), so could not find default role "Member"? 2014-07-08 22:51:09,530 2216 ERROR horizon.workflows.base Problem instantiating action class. Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/horizon/workflows/base.py", line 376, in action context) File "/usr/share/openstack-dashboard/openstack_dashboard/wsgi/../../openstack_dashboard/dashboards/admin/projects/workflows.py", line 167, in __init__ redirect=reverse(INDEX_URL)) File "/usr/share/openstack-dashboard/openstack_dashboard/wsgi/../../openstack_dashboard/dashboards/admin/projects/workflows.py", line 163, in __init__ raise exceptions.NotFound(msg) NotFound: Could not find default role "Member" in Keystone 2014-07-08 22:51:09,530 2216 ERROR django.request Internal Server Error: /dashboard/admin/projects/create Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/django/core/handlers/base.py", line 136, in get_response response = response.render() File "/usr/lib/python2.6/site-packages/django/template/response.py", line 104, in render self._set_content(self.rendered_content) File "/usr/lib/python2.6/site-packages/django/template/response.py", line 81, in rendered_content content = template.render(context) File "/usr/lib/python2.6/site-packages/django/template/base.py", line 140, in render return self._render(context) File "/usr/lib/python2.6/site-packages/django/template/base.py", line 134, in _render return self.nodelist.render(context) File "/usr/lib/python2.6/site-packages/django/template/base.py", line 823, in render bit = self.render_node(node, context) File "/usr/lib/python2.6/site-packages/django/template/base.py", line 837, in render_node return node.render(context) File "/usr/lib/python2.6/site-packages/django/template/defaulttags.py", line 478, in render output = self.nodelist.render(context) File "/usr/lib/python2.6/site-packages/django/template/base.py", line 823, in render bit = self.render_node(node, context) File "/usr/lib/python2.6/site-packages/django/template/base.py", line 837, in render_node return node.render(context) File "/usr/lib/python2.6/site-packages/django/template/loader_tags.py", line 53, in render result = self.nodelist.render(context) File "/usr/lib/python2.6/site-packages/django/template/base.py", line 823, in render bit = self.render_node(node, context) File "/usr/lib/python2.6/site-packages/django/template/base.py", line 837, in render_node return node.render(context) File "/usr/lib/python2.6/site-packages/django/template/defaulttags.py", line 193, in render nodelist.append(node.render(context)) File "/usr/lib/python2.6/site-packages/django/template/defaulttags.py", line 275, in render match = condition.eval(context) File "/usr/lib/python2.6/site-packages/django/template/defaulttags.py", line 825, in eval return self.value.resolve(context, ignore_failures=True) File "/usr/lib/python2.6/site-packages/django/template/base.py", line 571, in resolve obj = self.var.resolve(context) File "/usr/lib/python2.6/site-packages/django/template/base.py", line 721, in resolve value = self._resolve_lookup(context) File "/usr/lib/python2.6/site-packages/django/template/base.py", line 772, in _resolve_lookup current = current() File "/usr/lib/python2.6/site-packages/horizon/workflows/base.py", line 451, in has_required_fields return any(field.required for field in self.action.fields.values()) File "/usr/lib/python2.6/site-packages/horizon/workflows/base.py", line 376, in action context) File "/usr/share/openstack-dashboard/openstack_dashboard/wsgi/../../openstack_dashboard/dashboards/admin/projects/workflows.py", line 167, in __init__ redirect=reverse(INDEX_URL)) File "/usr/share/openstack-dashboard/openstack_dashboard/wsgi/../../openstack_dashboard/dashboards/admin/projects/workflows.py", line 163, in __init__ raise exceptions.NotFound(msg) NotFound: Could not find default role "Member" in Keystone -------------- next part -------------- An HTML attachment was scrubbed... URL: From sgordon at redhat.com Tue Jul 8 23:22:27 2014 From: sgordon at redhat.com (Steve Gordon) Date: Tue, 8 Jul 2014 19:22:27 -0400 (EDT) Subject: [rhos-list] Cannot create/modify projects: no default role Member In-Reply-To: References: Message-ID: <522865708.11502785.1404861747933.JavaMail.zimbra@redhat.com> ----- Original Message ----- > From: "Brad Lodgen" > To: "rhos-list at redhat.com" > > Hi folks, > > When I try to create or modify a project, it fails. To troubleshoot, I tailed > the /var/log/horizon/horizon.log file while clicking create project and this > is what I got (sanitized), so could not find default role "Member"? Hi Brad, What version of RHELOSP are you using and what roles does Keystone show your user as having (probably _member_)? Also what is OPENSTACK_KEYSTONE_DEFAULT_ROLE set to in /etc/openstack-dashboard/local_settings.py (probably Member)? The default in recent releases is intended to be _member_, if my assertions above are correct try updating the value in local_settings.py. -- Steve Gordon, RHCE Sr. Technical Product Manager, Red Hat Enterprise Linux OpenStack Platform From Brad.Lodgen at centurylink.com Tue Jul 8 23:33:20 2014 From: Brad.Lodgen at centurylink.com (Lodgen, Brad) Date: Tue, 8 Jul 2014 23:33:20 +0000 Subject: [rhos-list] Cannot create/modify projects: no default role Member In-Reply-To: <522865708.11502785.1404861747933.JavaMail.zimbra@redhat.com> References: <522865708.11502785.1404861747933.JavaMail.zimbra@redhat.com> Message-ID: Thanks for the response. Local_settings was set to: OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member" I confirmed admin role was "_member_", so I edited the file with the appropriate role. Now, the issue still occurs (red Error message pops up), but the error no longer shows up in the keystone log, just this: 2014-07-08 18:30:28.765 12802 INFO access [-] x.x.x.x - - [08/Jul/2014:23:30:28 +0000] "GET http://x.x.x.x:35357/v2.0/OS-KSADM/roles HTTP/1.0" 200 418 Is there another log I should check out? -----Original Message----- From: Steve Gordon [mailto:sgordon at redhat.com] Sent: Tuesday, July 08, 2014 6:22 PM To: Lodgen, Brad Cc: rhos-list at redhat.com Subject: Re: [rhos-list] Cannot create/modify projects: no default role Member ----- Original Message ----- > From: "Brad Lodgen" > To: "rhos-list at redhat.com" > > Hi folks, > > When I try to create or modify a project, it fails. To troubleshoot, I > tailed the /var/log/horizon/horizon.log file while clicking create > project and this is what I got (sanitized), so could not find default role "Member"? Hi Brad, What version of RHELOSP are you using and what roles does Keystone show your user as having (probably _member_)? Also what is OPENSTACK_KEYSTONE_DEFAULT_ROLE set to in /etc/openstack-dashboard/local_settings.py (probably Member)? The default in recent releases is intended to be _member_, if my assertions above are correct try updating the value in local_settings.py. -- Steve Gordon, RHCE Sr. Technical Product Manager, Red Hat Enterprise Linux OpenStack Platform From Brad.Lodgen at centurylink.com Tue Jul 8 23:38:27 2014 From: Brad.Lodgen at centurylink.com (Lodgen, Brad) Date: Tue, 8 Jul 2014 23:38:27 +0000 Subject: [rhos-list] Cannot create/modify projects: no default role Member In-Reply-To: References: <522865708.11502785.1404861747933.JavaMail.zimbra@redhat.com> Message-ID: Forgot to mention I'm using V4. Trying to gain experience with the product AND train for EX210 which I assume is using V4, or I'd be using V5. -----Original Message----- From: Lodgen, Brad Sent: Tuesday, July 08, 2014 6:33 PM To: 'Steve Gordon'; 'rhos-list at redhat.com' Subject: RE: [rhos-list] Cannot create/modify projects: no default role Member Thanks for the response. Local_settings was set to: OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member" I confirmed admin role was "_member_", so I edited the file with the appropriate role. Now, the issue still occurs (red Error message pops up), but the error no longer shows up in the keystone log, just this: 2014-07-08 18:30:28.765 12802 INFO access [-] x.x.x.x - - [08/Jul/2014:23:30:28 +0000] "GET http://x.x.x.x:35357/v2.0/OS-KSADM/roles HTTP/1.0" 200 418 Is there another log I should check out? -----Original Message----- From: Steve Gordon [mailto:sgordon at redhat.com] Sent: Tuesday, July 08, 2014 6:22 PM To: Lodgen, Brad Cc: rhos-list at redhat.com Subject: Re: [rhos-list] Cannot create/modify projects: no default role Member ----- Original Message ----- > From: "Brad Lodgen" > To: "rhos-list at redhat.com" > > Hi folks, > > When I try to create or modify a project, it fails. To troubleshoot, I > tailed the /var/log/horizon/horizon.log file while clicking create > project and this is what I got (sanitized), so could not find default role "Member"? Hi Brad, What version of RHELOSP are you using and what roles does Keystone show your user as having (probably _member_)? Also what is OPENSTACK_KEYSTONE_DEFAULT_ROLE set to in /etc/openstack-dashboard/local_settings.py (probably Member)? The default in recent releases is intended to be _member_, if my assertions above are correct try updating the value in local_settings.py. -- Steve Gordon, RHCE Sr. Technical Product Manager, Red Hat Enterprise Linux OpenStack Platform From sgordon at redhat.com Tue Jul 8 23:42:43 2014 From: sgordon at redhat.com (Steve Gordon) Date: Tue, 8 Jul 2014 19:42:43 -0400 (EDT) Subject: [rhos-list] Cannot create/modify projects: no default role Member In-Reply-To: References: <522865708.11502785.1404861747933.JavaMail.zimbra@redhat.com> Message-ID: <2124032544.11509509.1404862963717.JavaMail.zimbra@redhat.com> ----- Original Message ----- > From: "Brad Lodgen" > To: "rhos-list at redhat.com" > > Forgot to mention I'm using V4. Trying to gain experience with the product > AND train for EX210 which I assume is using V4, or I'd be using V5. Check the logs under /var/log/keystone/ and see if there is anything additional there. It's likely that the Horizon issue was masking something else. Thanks, -- Steve Gordon, RHCE Sr. Technical Product Manager, Red Hat Enterprise Linux OpenStack Platform From Brad.Lodgen at centurylink.com Tue Jul 8 23:55:10 2014 From: Brad.Lodgen at centurylink.com (Lodgen, Brad) Date: Tue, 8 Jul 2014 23:55:10 +0000 Subject: [rhos-list] Cannot create/modify projects: no default role Member In-Reply-To: <2124032544.11509509.1404862963717.JavaMail.zimbra@redhat.com> References: <522865708.11502785.1404861747933.JavaMail.zimbra@redhat.com> <2124032544.11509509.1404862963717.JavaMail.zimbra@redhat.com> Message-ID: Actually, I was looking at the keystone log and not the horizon log, so that was my bad. I saw the horizon log still had the "Member" error and realized I did not restart services after making the change. After restart, I can now create/modify projects. Thanks, Steve! -----Original Message----- From: Steve Gordon [mailto:sgordon at redhat.com] Sent: Tuesday, July 08, 2014 6:43 PM To: Lodgen, Brad Cc: rhos-list at redhat.com Subject: Re: [rhos-list] Cannot create/modify projects: no default role Member ----- Original Message ----- > From: "Brad Lodgen" > To: "rhos-list at redhat.com" > > Forgot to mention I'm using V4. Trying to gain experience with the > product AND train for EX210 which I assume is using V4, or I'd be using V5. Check the logs under /var/log/keystone/ and see if there is anything additional there. It's likely that the Horizon issue was masking something else. Thanks, -- Steve Gordon, RHCE Sr. Technical Product Manager, Red Hat Enterprise Linux OpenStack Platform From sgordon at redhat.com Wed Jul 9 00:01:42 2014 From: sgordon at redhat.com (Steve Gordon) Date: Tue, 8 Jul 2014 20:01:42 -0400 (EDT) Subject: [rhos-list] Cannot create/modify projects: no default role Member In-Reply-To: References: <522865708.11502785.1404861747933.JavaMail.zimbra@redhat.com> <2124032544.11509509.1404862963717.JavaMail.zimbra@redhat.com> Message-ID: <1992442610.11513961.1404864102506.JavaMail.zimbra@redhat.com> ----- Original Message ----- > From: "Brad Lodgen" Lodgen at centurylink.com> > To: "Steve Gordon" > > Actually, I was looking at the keystone log and not the horizon log, so that > was my bad. I saw the horizon log still had the "Member" error and realized > I did not restart services after making the change. After restart, I can now > create/modify projects. > > Thanks, Steve! No problem, out of interest how were you deploying? Did you manually create the Keystone users, roles, etc.? In our RHELOSP 4 documentation we used the Member role - this aligns it with the default Horizon configuration for that release (which also matches the upstream default at that point in time if I recall correctly): https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/4/html/Installation_and_Configuration_Guide/Creating_User_Accounts1.html -- Steve Gordon, RHCE Sr. Technical Product Manager, Red Hat Enterprise Linux OpenStack Platform From Brad.Lodgen at centurylink.com Wed Jul 9 01:07:23 2014 From: Brad.Lodgen at centurylink.com (Lodgen, Brad) Date: Wed, 9 Jul 2014 01:07:23 +0000 Subject: [rhos-list] Cannot create/modify projects: no default role Member In-Reply-To: <1992442610.11513961.1404864102506.JavaMail.zimbra@redhat.com> References: <522865708.11502785.1404861747933.JavaMail.zimbra@redhat.com> <2124032544.11509509.1404862963717.JavaMail.zimbra@redhat.com> , <1992442610.11513961.1404864102506.JavaMail.zimbra@redhat.com> Message-ID: I deployed via packstack using the RHEL-OSP V4 evaluation. Before looking at the roles today, I hadn't used the keystone command at all with this deployment. There was another issue earlier with packstack not creating the proper iptables rules on the cinder node, and I moved over to packstack because the foreman deployment was doing similar things. For example, it turned sasl auth on in qpid by default, but left saslauthd turned off in chkconfig and never started saslauthd service, so none of the services could communicate. Does the eval version have different packages? Steve Gordon wrote: ----- Original Message ----- > From: "Brad Lodgen" Lodgen at centurylink.com> > To: "Steve Gordon" > > Actually, I was looking at the keystone log and not the horizon log, so that > was my bad. I saw the horizon log still had the "Member" error and realized > I did not restart services after making the change. After restart, I can now > create/modify projects. > > Thanks, Steve! No problem, out of interest how were you deploying? Did you manually create the Keystone users, roles, etc.? In our RHELOSP 4 documentation we used the Member role - this aligns it with the default Horizon configuration for that release (which also matches the upstream default at that point in time if I recall correctly): https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/4/html/Installation_and_Configuration_Guide/Creating_User_Accounts1.html -- Steve Gordon, RHCE Sr. Technical Product Manager, Red Hat Enterprise Linux OpenStack Platform -------------- next part -------------- An HTML attachment was scrubbed... URL: From Brad.Lodgen at centurylink.com Wed Jul 9 18:11:48 2014 From: Brad.Lodgen at centurylink.com (Lodgen, Brad) Date: Wed, 9 Jul 2014 18:11:48 +0000 Subject: [rhos-list] Setting Up Public/Private Networks Following Packstack Install Message-ID: I'm working on learning networking today. Can I provide my situation, my original packstack answers for Neutron (sanitized), the changes I'll make to the packstack answer file, and the follow-up steps in horizon to complete it, then see if everyone agrees that's the route I should go? I hate to start rolling out things in packstack that I'm not at least somewhat confident about and risk ruining my setup (although these are VMware hosts and I just created snapshots of all nodes). I'm assuming all I'll need to do is change the answers file and run it again, including only the controller and compute nodes (excluding the storage nodes in EXCLUDE_SERVERS=). If that's incorrect at this point, please let me know. So, my lab setup is this: -5 VMware hosts -1 controller, 2 compute, 2 storage (1 swift, 1 cinder) -Each node has two "physical" interfaces -eth0 belongs to port group A, with a public IP and a gateway to the public internet -eth1 belongs to port group B, with a private IP (172.16.1.0/24) and no gateway -I would like to set up two networks for my instances in OpenStack -Network 1 would be able to access ONLY the 172.16.1.0/24 network (instances would have IP on that network and no gateway?) -Network 2 would be able to access BOTH the public internet AND the 172.16.1.0/24 network (instances would have two interfaces, eth0 with public IP/gateway, eth0 with private IP and no gateway?) -In my packstack answers file, I have the following (it may be worth it to mention that none of the ML2 lines are in the RHEL-OSP V4 documentation and some of the others, such as OVS_BRIDGE_IFACES, aren't either, so I'm not sure if they're essential or not): CONFIG_NEUTRON_INSTALL=y CONFIG_NEUTRON_SERVER_HOST={controller_ip} CONFIG_NEUTRON_L3_HOSTS={controller_ip} CONFIG_NEUTRON_L3_EXT_BRIDGE=br-ex CONFIG_NEUTRON_DHCP_HOSTS={controller_ip} CONFIG_NEUTRON_L2_PLUGIN=openvswitch CONFIG_NEUTRON_METADATA_HOSTS={controller_ip} CONFIG_NEUTRON_ML2_TYPE_DRIVERS=local CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=local CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch CONFIG_NEUTRON_ML2_FLAT_NETWORKS=* CONFIG_NEUTRON_ML2_VLAN_RANGES= CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES= CONFIG_NEUTRON_ML2_VXLAN_GROUP= CONFIG_NEUTRON_ML2_VNI_RANGES= CONFIG_NEUTRON_L2_AGENT=openvswitch CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE=local CONFIG_NEUTRON_LB_VLAN_RANGES= CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS= CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE=local CONFIG_NEUTRON_OVS_VLAN_RANGES= CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS= CONFIG_NEUTRON_OVS_BRIDGE_IFACES= CONFIG_NEUTRON_OVS_TUNNEL_RANGES= CONFIG_NEUTRON_OVS_TUNNEL_IF= CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789 What I believe it needs to be: CONFIG_NEUTRON_INSTALL=y CONFIG_NEUTRON_SERVER_HOST={controller_ip} CONFIG_NEUTRON_L3_HOSTS={controller_ip},{compute1},{compute2} CONFIG_NEUTRON_L3_EXT_BRIDGE=br-ex CONFIG_NEUTRON_DHCP_HOSTS={controller_ip},{compute1},{compute2} CONFIG_NEUTRON_L2_PLUGIN=openvswitch CONFIG_NEUTRON_METADATA_HOSTS={controller_ip} CONFIG_NEUTRON_ML2_TYPE_DRIVERS=local CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=local CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch CONFIG_NEUTRON_ML2_FLAT_NETWORKS=* CONFIG_NEUTRON_ML2_VLAN_RANGES= CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES= CONFIG_NEUTRON_ML2_VXLAN_GROUP= CONFIG_NEUTRON_ML2_VNI_RANGES= CONFIG_NEUTRON_L2_AGENT=openvswitch CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE=local CONFIG_NEUTRON_LB_VLAN_RANGES= CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS= CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE=local CONFIG_NEUTRON_OVS_VLAN_RANGES= CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=public:br-eth0,private,br-eth1 CONFIG_NEUTRON_OVS_BRIDGE_IFACES= CONFIG_NEUTRON_OVS_TUNNEL_RANGES= CONFIG_NEUTRON_OVS_TUNNEL_IF= CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789 The follow-up horizon steps would be: -Under admin (not project) tab, create two networks: - One Public, assign to project, check external network box - One Private, assign to project, leave external network box unchecked -Under project tab, click networks, on each network, click "More", click "Add Subnet" - Public, "public subnet", network x.x.x.x/x, IPv4, Gateway IP x.x.x.x, uncheck Disable Gateway, Subnet Detail tab uncheck DHCP, add DNS server, leave routes empty - Private, "private subnet", network 172.16.1.0/24, IPv4, Gateway IP "blank", check Disable Gateway, Subnet Detail tab check DHCP, add the pool, leave DNS empty (not needed), leave routes empty At this point, is it necessary to create a router, since there is a hardware router handling the public network? After all of the above, if I... -Create an instance and assign the private network, that instance will be assigned a private ip via DHCP? Then, I can load up a RHEL6 KVM image and connect to the host via SSH using the keypair on the private network? -Create an instance and assign the private AND public network, that instance will only be assigned a private ip via DHCP? Then, I can load up a RHEL6 KVM image, connect to the host via SSH using the keypair on the private network, and manually add a public IP? If you made it this far, my extreme thanks! -Brad -------------- next part -------------- An HTML attachment was scrubbed... URL: From Brad.Lodgen at centurylink.com Thu Jul 10 03:37:27 2014 From: Brad.Lodgen at centurylink.com (Lodgen, Brad) Date: Thu, 10 Jul 2014 03:37:27 +0000 Subject: [rhos-list] Setting Up Public/Private Networks Following Packstack Install In-Reply-To: References: Message-ID: Well, I worked with this all day and am still having issues. I think it's because I'm not familiar with the naming conventions and how packstack puts them to work. Could someone please show what the packstack answers would be for the two scenarios in the RHEL-OSP V4 documentation Configuration Reference Guide, section 7.3.1.2 and 7.3.1.3? I believe if I can see the differences between those two, I could figure out how the differences are rolled out with packstack. It would be greatly appreciated. ________________________________ From: Lodgen, Brad Sent: Wednesday, July 09, 2014 1:11 PM To: 'rhos-list at redhat.com' Subject: Setting Up Public/Private Networks Following Packstack Install I?m working on learning networking today. Can I provide my situation, my original packstack answers for Neutron (sanitized), the changes I?ll make to the packstack answer file, and the follow-up steps in horizon to complete it, then see if everyone agrees that?s the route I should go? I hate to start rolling out things in packstack that I?m not at least somewhat confident about and risk ruining my setup (although these are VMware hosts and I just created snapshots of all nodes). I?m assuming all I?ll need to do is change the answers file and run it again, including only the controller and compute nodes (excluding the storage nodes in EXCLUDE_SERVERS=). If that?s incorrect at this point, please let me know. So, my lab setup is this: -5 VMware hosts -1 controller, 2 compute, 2 storage (1 swift, 1 cinder) -Each node has two ?physical? interfaces -eth0 belongs to port group A, with a public IP and a gateway to the public internet -eth1 belongs to port group B, with a private IP (172.16.1.0/24) and no gateway -I would like to set up two networks for my instances in OpenStack -Network 1 would be able to access ONLY the 172.16.1.0/24 network (instances would have IP on that network and no gateway?) -Network 2 would be able to access BOTH the public internet AND the 172.16.1.0/24 network (instances would have two interfaces, eth0 with public IP/gateway, eth0 with private IP and no gateway?) -In my packstack answers file, I have the following (it may be worth it to mention that none of the ML2 lines are in the RHEL-OSP V4 documentation and some of the others, such as OVS_BRIDGE_IFACES, aren?t either, so I?m not sure if they?re essential or not): CONFIG_NEUTRON_INSTALL=y CONFIG_NEUTRON_SERVER_HOST={controller_ip} CONFIG_NEUTRON_L3_HOSTS={controller_ip} CONFIG_NEUTRON_L3_EXT_BRIDGE=br-ex CONFIG_NEUTRON_DHCP_HOSTS={controller_ip} CONFIG_NEUTRON_L2_PLUGIN=openvswitch CONFIG_NEUTRON_METADATA_HOSTS={controller_ip} CONFIG_NEUTRON_ML2_TYPE_DRIVERS=local CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=local CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch CONFIG_NEUTRON_ML2_FLAT_NETWORKS=* CONFIG_NEUTRON_ML2_VLAN_RANGES= CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES= CONFIG_NEUTRON_ML2_VXLAN_GROUP= CONFIG_NEUTRON_ML2_VNI_RANGES= CONFIG_NEUTRON_L2_AGENT=openvswitch CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE=local CONFIG_NEUTRON_LB_VLAN_RANGES= CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS= CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE=local CONFIG_NEUTRON_OVS_VLAN_RANGES= CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS= CONFIG_NEUTRON_OVS_BRIDGE_IFACES= CONFIG_NEUTRON_OVS_TUNNEL_RANGES= CONFIG_NEUTRON_OVS_TUNNEL_IF= CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789 What I believe it needs to be: CONFIG_NEUTRON_INSTALL=y CONFIG_NEUTRON_SERVER_HOST={controller_ip} CONFIG_NEUTRON_L3_HOSTS={controller_ip},{compute1},{compute2} CONFIG_NEUTRON_L3_EXT_BRIDGE=br-ex CONFIG_NEUTRON_DHCP_HOSTS={controller_ip},{compute1},{compute2} CONFIG_NEUTRON_L2_PLUGIN=openvswitch CONFIG_NEUTRON_METADATA_HOSTS={controller_ip} CONFIG_NEUTRON_ML2_TYPE_DRIVERS=local CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=local CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch CONFIG_NEUTRON_ML2_FLAT_NETWORKS=* CONFIG_NEUTRON_ML2_VLAN_RANGES= CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES= CONFIG_NEUTRON_ML2_VXLAN_GROUP= CONFIG_NEUTRON_ML2_VNI_RANGES= CONFIG_NEUTRON_L2_AGENT=openvswitch CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE=local CONFIG_NEUTRON_LB_VLAN_RANGES= CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS= CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE=local CONFIG_NEUTRON_OVS_VLAN_RANGES= CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=public:br-eth0,private,br-eth1 CONFIG_NEUTRON_OVS_BRIDGE_IFACES= CONFIG_NEUTRON_OVS_TUNNEL_RANGES= CONFIG_NEUTRON_OVS_TUNNEL_IF= CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789 The follow-up horizon steps would be: -Under admin (not project) tab, create two networks: - One Public, assign to project, check external network box - One Private, assign to project, leave external network box unchecked -Under project tab, click networks, on each network, click ?More?, click ?Add Subnet? - Public, ?public subnet?, network x.x.x.x/x, IPv4, Gateway IP x.x.x.x, uncheck Disable Gateway, Subnet Detail tab uncheck DHCP, add DNS server, leave routes empty - Private, ?private subnet?, network 172.16.1.0/24, IPv4, Gateway IP ?blank?, check Disable Gateway, Subnet Detail tab check DHCP, add the pool, leave DNS empty (not needed), leave routes empty At this point, is it necessary to create a router, since there is a hardware router handling the public network? After all of the above, if I? -Create an instance and assign the private network, that instance will be assigned a private ip via DHCP? Then, I can load up a RHEL6 KVM image and connect to the host via SSH using the keypair on the private network? -Create an instance and assign the private AND public network, that instance will only be assigned a private ip via DHCP? Then, I can load up a RHEL6 KVM image, connect to the host via SSH using the keypair on the private network, and manually add a public IP? If you made it this far, my extreme thanks! -Brad -------------- next part -------------- An HTML attachment was scrubbed... URL: From roxenham at redhat.com Thu Jul 10 08:05:09 2014 From: roxenham at redhat.com (Rhys Oxenham) Date: Thu, 10 Jul 2014 09:05:09 +0100 Subject: [rhos-list] Setting Up Public/Private Networks Following Packstack Install In-Reply-To: References: Message-ID: Hi Brad, Sorry you?ve not had a response to your questions. Having a quick look through? you mention you?re using VMware hosts, are these physical machines, or RHEL virtual machines running on-top of VMware? If the former, networking is going to be a bit more tricky to setup as you?ll either need to use nova-network, or VMware?s NSX. Open vSwitch won?t work as expected with VMware hypervisors. Cheers Rhys On 10 Jul 2014, at 04:37, Lodgen, Brad wrote: > Well, I worked with this all day and am still having issues. I think it's because I'm not familiar with the naming conventions and how packstack puts them to work. Could someone please show what the packstack answers would be for the two scenarios in the RHEL-OSP V4 documentation Configuration Reference Guide, section 7.3.1.2 and 7.3.1.3? I believe if I can see the differences between those two, I could figure out how the differences are rolled out with packstack. It would be greatly appreciated. > > > From: Lodgen, Brad > Sent: Wednesday, July 09, 2014 1:11 PM > To: 'rhos-list at redhat.com' > Subject: Setting Up Public/Private Networks Following Packstack Install > > I?m working on learning networking today. Can I provide my situation, my original packstack answers for Neutron (sanitized), the changes I?ll make to the packstack answer file, and the follow-up steps in horizon to complete it, then see if everyone agrees that?s the route I should go? I hate to start rolling out things in packstack that I?m not at least somewhat confident about and risk ruining my setup (although these are VMware hosts and I just created snapshots of all nodes). > > I?m assuming all I?ll need to do is change the answers file and run it again, including only the controller and compute nodes (excluding the storage nodes in EXCLUDE_SERVERS=). If that?s incorrect at this point, please let me know. > > So, my lab setup is this: > > -5 VMware hosts > -1 controller, 2 compute, 2 storage (1 swift, 1 cinder) > -Each node has two ?physical? interfaces > -eth0 belongs to port group A, with a public IP and a gateway to the public internet > -eth1 belongs to port group B, with a private IP (172.16.1.0/24) and no gateway > > -I would like to set up two networks for my instances in OpenStack > -Network 1 would be able to access ONLY the 172.16.1.0/24 network (instances would have IP on that network and no gateway?) > -Network 2 would be able to access BOTH the public internet AND the 172.16.1.0/24 network (instances would have two interfaces, eth0 with public IP/gateway, eth0 with private IP and no gateway?) > > -In my packstack answers file, I have the following (it may be worth it to mention that none of the ML2 lines are in the RHEL-OSP V4 documentation and some of the others, such as OVS_BRIDGE_IFACES, aren?t either, so I?m not sure if they?re essential or not): > > CONFIG_NEUTRON_INSTALL=y > CONFIG_NEUTRON_SERVER_HOST={controller_ip} > CONFIG_NEUTRON_L3_HOSTS={controller_ip} > CONFIG_NEUTRON_L3_EXT_BRIDGE=br-ex > CONFIG_NEUTRON_DHCP_HOSTS={controller_ip} > CONFIG_NEUTRON_L2_PLUGIN=openvswitch > CONFIG_NEUTRON_METADATA_HOSTS={controller_ip} > CONFIG_NEUTRON_ML2_TYPE_DRIVERS=local > CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=local > CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch > CONFIG_NEUTRON_ML2_FLAT_NETWORKS=* > CONFIG_NEUTRON_ML2_VLAN_RANGES= > CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES= > CONFIG_NEUTRON_ML2_VXLAN_GROUP= > CONFIG_NEUTRON_ML2_VNI_RANGES= > CONFIG_NEUTRON_L2_AGENT=openvswitch > CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE=local > CONFIG_NEUTRON_LB_VLAN_RANGES= > CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS= > CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE=local > CONFIG_NEUTRON_OVS_VLAN_RANGES= > CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS= > CONFIG_NEUTRON_OVS_BRIDGE_IFACES= > CONFIG_NEUTRON_OVS_TUNNEL_RANGES= > CONFIG_NEUTRON_OVS_TUNNEL_IF= > CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789 > > What I believe it needs to be: > > CONFIG_NEUTRON_INSTALL=y > CONFIG_NEUTRON_SERVER_HOST={controller_ip} > CONFIG_NEUTRON_L3_HOSTS={controller_ip},{compute1},{compute2} > CONFIG_NEUTRON_L3_EXT_BRIDGE=br-ex > CONFIG_NEUTRON_DHCP_HOSTS={controller_ip},{compute1},{compute2} > CONFIG_NEUTRON_L2_PLUGIN=openvswitch > CONFIG_NEUTRON_METADATA_HOSTS={controller_ip} > CONFIG_NEUTRON_ML2_TYPE_DRIVERS=local > CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=local > CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch > CONFIG_NEUTRON_ML2_FLAT_NETWORKS=* > CONFIG_NEUTRON_ML2_VLAN_RANGES= > CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES= > CONFIG_NEUTRON_ML2_VXLAN_GROUP= > CONFIG_NEUTRON_ML2_VNI_RANGES= > CONFIG_NEUTRON_L2_AGENT=openvswitch > CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE=local > CONFIG_NEUTRON_LB_VLAN_RANGES= > CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS= > CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE=local > CONFIG_NEUTRON_OVS_VLAN_RANGES= > CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=public:br-eth0,private,br-eth1 > CONFIG_NEUTRON_OVS_BRIDGE_IFACES= > CONFIG_NEUTRON_OVS_TUNNEL_RANGES= > CONFIG_NEUTRON_OVS_TUNNEL_IF= > CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789 > > > The follow-up horizon steps would be: > > -Under admin (not project) tab, create two networks: > - One Public, assign to project, check external network box > - One Private, assign to project, leave external network box unchecked > > -Under project tab, click networks, on each network, click ?More?, click ?Add Subnet? > - Public, ?public subnet?, network x.x.x.x/x, IPv4, Gateway IP x.x.x.x, uncheck Disable Gateway, Subnet Detail tab uncheck DHCP, add DNS server, leave routes empty > - Private, ?private subnet?, network 172.16.1.0/24, IPv4, Gateway IP ?blank?, check Disable Gateway, Subnet Detail tab check DHCP, add the pool, leave DNS empty (not needed), leave routes empty > > At this point, is it necessary to create a router, since there is a hardware router handling the public network? > > After all of the above, if I? > -Create an instance and assign the private network, that instance will be assigned a private ip via DHCP? Then, I can load up a RHEL6 KVM image and connect to the host via SSH using the keypair on the private network? > -Create an instance and assign the private AND public network, that instance will only be assigned a private ip via DHCP? Then, I can load up a RHEL6 KVM image, connect to the host via SSH using the keypair on the private network, and manually add a public IP? > > If you made it this far, my extreme thanks! > > -Brad > _______________________________________________ > rhos-list mailing list > rhos-list at redhat.com > https://www.redhat.com/mailman/listinfo/rhos-list From sgordon at redhat.com Thu Jul 10 13:31:48 2014 From: sgordon at redhat.com (Steve Gordon) Date: Thu, 10 Jul 2014 09:31:48 -0400 (EDT) Subject: [rhos-list] Cannot create/modify projects: no default role Member In-Reply-To: References: <522865708.11502785.1404861747933.JavaMail.zimbra@redhat.com> <2124032544.11509509.1404862963717.JavaMail.zimbra@redhat.com> <1992442610.11513961.1404864102506.JavaMail.zimbra@redhat.com> Message-ID: <574119461.1806148.1404999108928.JavaMail.zimbra@redhat.com> ----- Original Message ----- > From: "Brad Lodgen" > To: "Steve Gordon" > > I deployed via packstack using the RHEL-OSP V4 evaluation. Before looking at > the roles today, I hadn't used the keystone command at all with this > deployment. > > There was another issue earlier with packstack not creating the proper > iptables rules on the cinder node, and I moved over to packstack because the > foreman deployment was doing similar things. For example, it turned sasl > auth on in qpid by default, but left saslauthd turned off in chkconfig and > never started saslauthd service, so none of the services could communicate. > > Does the eval version have different packages? Apologies for the delayed response, forgot to hit send on this yesterday :). No, the evaluation provides access to the same repositories as a paid subscription would - we can assist with filing a bug to track any issues you encounter if you provide more details (logs etc.). It would also be interesting to see if these issues present on RHELOSP 5 or not though I recognize you are concentrating on the training preparation for now. Thanks, Steve -- Steve Gordon, RHCE Sr. Technical Product Manager, Red Hat Enterprise Linux OpenStack Platform From pmyers at redhat.com Thu Jul 10 17:04:38 2014 From: pmyers at redhat.com (Perry Myers) Date: Thu, 10 Jul 2014 13:04:38 -0400 Subject: [rhos-list] [Rdo-list] Need Help: openstack Repos Are Missing In-Reply-To: References: Message-ID: <53BEC7A6.2090903@redhat.com> On 07/10/2014 12:49 PM, Chandra Ganguly (ganguly) wrote: > Hi RedHat/Openstack Team > > I am trying to install foreman and I am seeing the following RPM > missing, which is causing my the download of my foreman-installer to > fail. Can somebody let me know what is the new openstack repo to get; I > am running it on RHEL6.5 > > [root at foreman-server ~]# subscription-manager repos --enable > rhel-6-server-openstack-4.0-rpms > > Error: rhel-6-server-openstack-4.0-rpms is not a valid repo ID. Use > --list option to see valid repos. > > > root at foreman-server ~]# subscription-manager repos --list | grep openstack > > > > [root at foreman-server ~]# yum install openstack-foreman-installer > foreman-selinux > > Loaded plugins: priorities, product-id, security, subscription-manager > > This system is receiving updates from Red Hat Subscription Management. > > rhel-6-server-optional-rpms | 3.5 kB > 00:00 > > rhel-6-server-realtime-rpms | 3.8 kB > 00:00 > > rhel-6-server-rpms | 3.7 kB > 00:00 > > rhel-ha-for-rhel-6-server-rpms | 3.7 kB > 00:00 > > rhel-hpn-for-rhel-6-server-rpms | 3.7 kB > 00:00 > > rhel-lb-for-rhel-6-server-rpms | 3.7 kB > 00:00 > > rhel-rs-for-rhel-6-server-rpms | 3.7 kB > 00:00 > > rhel-sap-for-rhel-6-server-rpms | 3.7 kB > 00:00 > > rhel-sap-hana-for-rhel-6-server-rpms | 2.8 kB > 00:00 > > rhel-scalefs-for-rhel-6-server-rpms | 3.7 kB > 00:00 > > rhel-server-6-rhds-9-rpms | 3.1 kB > 00:00 > > rhel-server-dts-6-rpms | 2.9 kB > 00:00 > > rhel-server-dts2-6-rpms | 2.6 kB > 00:00 > > rhel-sjis-for-rhel-6-server-rpms | 3.1 kB > 00:00 > > Setting up Install Process > > No package *openstack-foreman-installer* available. > > No package *foreman-selinux* available. > > Error: Nothing to do Based on the above, it doesn't seem like you don't have an RHOS subscription enabled. Did you sign up for a trial subscription via http://www.redhat.com/openstack ? Or did you get a subscription via some other means? When you log into RHN via http://access.redhat.com And go to Subscriptions->Active What Red Hat OpenStack subcriptions do you see? Perry From ganguly at cisco.com Thu Jul 10 18:52:22 2014 From: ganguly at cisco.com (Chandra Ganguly (ganguly)) Date: Thu, 10 Jul 2014 18:52:22 +0000 Subject: [rhos-list] [Rdo-list] Need Help: openstack Repos Are Missing In-Reply-To: References: <53BEC7A6.2090903@redhat.com> Message-ID: Hi OpenStack/RedHat team Resending to the rhos-list as it probably when to junk mail earlier :) Currently I am not able to install the openstack rpms. Thanks Chandra From: Chandra Ganguly > Date: Thursday, July 10, 2014 at 10:09 AM To: Perry Myers >, rhos-list >, Dave Maley >, Brian Hamrick > Subject: Re: [Rdo-list] Need Help: openstack Repos Are Missing Hi Perry This is what I see: Subscription Name Contract Number Quantity Start Date End Date Red Hat Enterprise Linux OpenStack Platform Business Partner NFR Self-Supported 10470343 1 6/16/14 2015-06-15T00:00:00+00:00 Red Hat Enterprise Linux Self-Supported Business Partner NFR 10470343 1 6/16/14 2015-06-15T00:00:00+00:00 Also we were able to register the device successfully: root at foreman-server ~]# subscription-manager register This system is already registered. Use --force to override [root at foreman-server ~]# Thanks Chandra On 7/10/14, 10:04 AM, "Perry Myers" > wrote: On 07/10/2014 12:49 PM, Chandra Ganguly (ganguly) wrote: Hi RedHat/Openstack Team I am trying to install foreman and I am seeing the following RPM missing, which is causing my the download of my foreman-installer to fail. Can somebody let me know what is the new openstack repo to get; I am running it on RHEL6.5 [root at foreman-server ~]# subscription-manager repos --enable rhel-6-server-openstack-4.0-rpms Error: rhel-6-server-openstack-4.0-rpms is not a valid repo ID. Use --list option to see valid repos. root at foreman-server ~]# subscription-manager repos --list | grep openstack [root at foreman-server ~]# yum install openstack-foreman-installer foreman-selinux Loaded plugins: priorities, product-id, security, subscription-manager This system is receiving updates from Red Hat Subscription Management. rhel-6-server-optional-rpms | 3.5 kB 00:00 rhel-6-server-realtime-rpms | 3.8 kB 00:00 rhel-6-server-rpms | 3.7 kB 00:00 rhel-ha-for-rhel-6-server-rpms | 3.7 kB 00:00 rhel-hpn-for-rhel-6-server-rpms | 3.7 kB 00:00 rhel-lb-for-rhel-6-server-rpms | 3.7 kB 00:00 rhel-rs-for-rhel-6-server-rpms | 3.7 kB 00:00 rhel-sap-for-rhel-6-server-rpms | 3.7 kB 00:00 rhel-sap-hana-for-rhel-6-server-rpms | 2.8 kB 00:00 rhel-scalefs-for-rhel-6-server-rpms | 3.7 kB 00:00 rhel-server-6-rhds-9-rpms | 3.1 kB 00:00 rhel-server-dts-6-rpms | 2.9 kB 00:00 rhel-server-dts2-6-rpms | 2.6 kB 00:00 rhel-sjis-for-rhel-6-server-rpms | 3.1 kB 00:00 Setting up Install Process No package *openstack-foreman-installer* available. No package *foreman-selinux* available. Error: Nothing to do Based on the above, it doesn't seem like you don't have an RHOS subscription enabled. Did you sign up for a trial subscription via http://www.redhat.com/openstack ? Or did you get a subscription via some other means? When you log into RHN via http://access.redhat.com And go to Subscriptions->Active What Red Hat OpenStack subcriptions do you see? Perry -------------- next part -------------- An HTML attachment was scrubbed... URL: From Brad.Lodgen at centurylink.com Thu Jul 10 19:35:01 2014 From: Brad.Lodgen at centurylink.com (Lodgen, Brad) Date: Thu, 10 Jul 2014 19:35:01 +0000 Subject: [rhos-list] Cannot create/modify projects: no default role Member In-Reply-To: <574119461.1806148.1404999108928.JavaMail.zimbra@redhat.com> References: <522865708.11502785.1404861747933.JavaMail.zimbra@redhat.com> <2124032544.11509509.1404862963717.JavaMail.zimbra@redhat.com> <1992442610.11513961.1404864102506.JavaMail.zimbra@redhat.com> <574119461.1806148.1404999108928.JavaMail.zimbra@redhat.com> Message-ID: Thanks for the response. I'm studying, but I'll include a few details here and then maybe next week I can try out V5 and see if the same thing happens. Fresh brand new packstack install: -Clicking volume page on dashboard brings up error: Horizon log shows: 2014-07-10 19:20:42,307 7066 ERROR django.request Internal Server Error: /dashboard/admin/projects/0acfc028d399441fb66846d24e06597d/update/ Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/django/core/handlers/base.py", line 111, in get_response response = callback(request, *callback_args, **callback_kwargs) File "/usr/lib/python2.6/site-packages/horizon/decorators.py", line 38, in dec return view_func(request, *args, **kwargs) File "/usr/lib/python2.6/site-packages/horizon/decorators.py", line 86, in dec return view_func(request, *args, **kwargs) File "/usr/lib/python2.6/site-packages/horizon/decorators.py", line 54, in dec return view_func(request, *args, **kwargs) File "/usr/lib/python2.6/site-packages/horizon/decorators.py", line 38, in dec return view_func(request, *args, **kwargs) File "/usr/lib/python2.6/site-packages/django/views/generic/base.py", line 48, in view return self.dispatch(request, *args, **kwargs) File "/usr/lib/python2.6/site-packages/django/views/generic/base.py", line 69, in dispatch return handler(request, *args, **kwargs) File "/usr/lib/python2.6/site-packages/horizon/workflows/views.py", line 126, in get context = self.get_context_data(**kwargs) File "/usr/lib/python2.6/site-packages/horizon/workflows/views.py", line 91, in get_context_data workflow = self.get_workflow() File "/usr/lib/python2.6/site-packages/horizon/workflows/views.py", line 76, in get_workflow extra_context = self.get_initial() File "/usr/share/openstack-dashboard/openstack_dashboard/wsgi/../../openstack_dashboard/dashboards/admin/projects/views.py", line 183, in get_initial redirect=reverse(INDEX_URL)) File "/usr/share/openstack-dashboard/openstack_dashboard/wsgi/../../openstack_dashboard/dashboards/admin/projects/views.py", line 173, in get_initial tenant_id=project_id) File "/usr/share/openstack-dashboard/openstack_dashboard/wsgi/../../openstack_dashboard/usage/quotas.py", line 122, in get_tenant_quota_data tenant_id=tenant_id) File "/usr/share/openstack-dashboard/openstack_dashboard/wsgi/../../openstack_dashboard/usage/quotas.py", line 104, in _get_quota_data quotasets.append(getattr(cinder, method_name)(request, tenant_id)) File "/usr/share/openstack-dashboard/openstack_dashboard/wsgi/../../openstack_dashboard/api/cinder.py", line 129, in tenant_quota_get return base.QuotaSet(c_client.quotas.get(tenant_id)) File "/usr/lib/python2.6/site-packages/cinderclient/v1/quotas.py", line 39, in get "quota_set") File "/usr/lib/python2.6/site-packages/cinderclient/base.py", line 145, in _get resp, body = self.api.client.get(url) File "/usr/lib/python2.6/site-packages/cinderclient/client.py", line 207, in get return self._cs_request(url, 'GET', **kwargs) File "/usr/lib/python2.6/site-packages/cinderclient/client.py", line 199, in _cs_request raise exceptions.ConnectionError(msg) ConnectionError: Unable to establish connection: [Errno 113] No route to host Looked at iptables for cinder node, found only: -A INPUT -s {compute1}/32 -p tcp -m multiport --dports 3260,8776 -m comment --comment "001 cinder incoming cinder_{compute1}" -j ACCEPT -A INPUT -s {compute2}/32 -p tcp -m multiport --dports 3260,8776 -m comment --comment "001 cinder incoming cinder_{compute2}" -j ACCEPT Added line for -A INPUT -s {controller/horizon}/32 -p tcp -m multiport --dports 3260,8776 -m comment --comment "001 cinder incoming cinder_{controller/horizon}" -j ACCEPT Restarted iptables on cinder node and now page comes up fine. -Other issue we worked through was the Member role vs _member_ role. Fresh packstack install same as above, cannot modify projects, horizon log shows: 2014-07-10 19:30:13,492 7231 ERROR django.request Internal Server Error: /dashboard/admin/projects/0acfc028d399441fb66846d24e06597d/update/ Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/django/core/handlers/base.py", line 136, in get_response response = response.render() File "/usr/lib/python2.6/site-packages/django/template/response.py", line 104, in render self._set_content(self.rendered_content) File "/usr/lib/python2.6/site-packages/django/template/response.py", line 81, in rendered_content content = template.render(context) File "/usr/lib/python2.6/site-packages/django/template/base.py", line 140, in render return self._render(context) File "/usr/lib/python2.6/site-packages/django/template/base.py", line 134, in _render return self.nodelist.render(context) File "/usr/lib/python2.6/site-packages/django/template/base.py", line 823, in render bit = self.render_node(node, context) File "/usr/lib/python2.6/site-packages/django/template/base.py", line 837, in render_node return node.render(context) File "/usr/lib/python2.6/site-packages/django/template/defaulttags.py", line 478, in render output = self.nodelist.render(context) File "/usr/lib/python2.6/site-packages/django/template/base.py", line 823, in render bit = self.render_node(node, context) File "/usr/lib/python2.6/site-packages/django/template/base.py", line 837, in render_node return node.render(context) File "/usr/lib/python2.6/site-packages/django/template/loader_tags.py", line 53, in render result = self.nodelist.render(context) File "/usr/lib/python2.6/site-packages/django/template/base.py", line 823, in render bit = self.render_node(node, context) File "/usr/lib/python2.6/site-packages/django/template/base.py", line 837, in render_node return node.render(context) File "/usr/lib/python2.6/site-packages/django/template/defaulttags.py", line 193, in render nodelist.append(node.render(context)) File "/usr/lib/python2.6/site-packages/django/template/defaulttags.py", line 275, in render match = condition.eval(context) File "/usr/lib/python2.6/site-packages/django/template/defaulttags.py", line 825, in eval return self.value.resolve(context, ignore_failures=True) File "/usr/lib/python2.6/site-packages/django/template/base.py", line 571, in resolve obj = self.var.resolve(context) File "/usr/lib/python2.6/site-packages/django/template/base.py", line 721, in resolve value = self._resolve_lookup(context) File "/usr/lib/python2.6/site-packages/django/template/base.py", line 772, in _resolve_lookup current = current() File "/usr/lib/python2.6/site-packages/horizon/workflows/base.py", line 451, in has_required_fields return any(field.required for field in self.action.fields.values()) File "/usr/lib/python2.6/site-packages/horizon/workflows/base.py", line 376, in action context) File "/usr/share/openstack-dashboard/openstack_dashboard/wsgi/../../openstack_dashboard/dashboards/admin/projects/workflows.py", line 167, in __init__ redirect=reverse(INDEX_URL)) File "/usr/share/openstack-dashboard/openstack_dashboard/wsgi/../../openstack_dashboard/dashboards/admin/projects/workflows.py", line 163, in __init__ raise exceptions.NotFound(msg) NotFound: Could not find default role "Member" in Keystone -Check the keystone roles: [root at ostack-ctlr ~(keystone_admin)]# keystone role-list +----------------------------------+---------------+ | id | name | +----------------------------------+---------------+ | bbffaf6f4dff4303bbef42a67a0bdfb7 | SwiftOperator | | 9fe2ff9ee4384b1894a90878d3e92bab | _member_ | | cd6706af8e7746cea297b35f76486015 | admin | +----------------------------------+---------------+ [root at ostack-ctlr ~(keystone_admin)]# -Edit /etc/openstack-dashboard/local_settings OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member" To OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_" And /etc/init.d/httpd restart Now, it's possible to edit projects with no errors. -----Original Message----- From: Steve Gordon [mailto:sgordon at redhat.com] Sent: Thursday, July 10, 2014 8:32 AM To: Lodgen, Brad Cc: rhos-list at redhat.com Subject: Re: [rhos-list] Cannot create/modify projects: no default role Member ----- Original Message ----- > From: "Brad Lodgen" > To: "Steve Gordon" > > I deployed via packstack using the RHEL-OSP V4 evaluation. Before > looking at the roles today, I hadn't used the keystone command at all > with this deployment. > > There was another issue earlier with packstack not creating the proper > iptables rules on the cinder node, and I moved over to packstack > because the foreman deployment was doing similar things. For example, > it turned sasl auth on in qpid by default, but left saslauthd turned > off in chkconfig and never started saslauthd service, so none of the services could communicate. > > Does the eval version have different packages? Apologies for the delayed response, forgot to hit send on this yesterday :). No, the evaluation provides access to the same repositories as a paid subscription would - we can assist with filing a bug to track any issues you encounter if you provide more details (logs etc.). It would also be interesting to see if these issues present on RHELOSP 5 or not though I recognize you are concentrating on the training preparation for now. Thanks, Steve -- Steve Gordon, RHCE Sr. Technical Product Manager, Red Hat Enterprise Linux OpenStack Platform From pmyers at redhat.com Thu Jul 10 19:49:50 2014 From: pmyers at redhat.com (Perry Myers) Date: Thu, 10 Jul 2014 15:49:50 -0400 Subject: [rhos-list] Setting Up Public/Private Networks Following Packstack Install In-Reply-To: References: Message-ID: <53BEEE5E.1000206@redhat.com> On 07/10/2014 04:05 AM, Rhys Oxenham wrote: > Hi Brad, > > Sorry you?ve not had a response to your questions. > > Having a quick look through? you mention you?re using VMware hosts, > are these physical machines, or RHEL virtual machines running on-top > of VMware? > > If the former, networking is going to be a bit more tricky to setup > as you?ll either need to use nova-network, or VMware?s NSX. Open > vSwitch won?t work as expected with VMware hypervisors. Yeah, I'm pretty sure you need to just use Nova Networking if you're using ESX as the hypervisor through the vCenter Driver. I've cc'd Matt Booth who works on the VMware integration for us, he may have more insight. Worth noting that Packstack does not support NSX, so if using VMware/vCenter, it's Nova Net or nothing... Can you provide the entire Packstack file as an attachment or fpaste? Cheers, Perry > Cheers > Rhys > > On 10 Jul 2014, at 04:37, Lodgen, Brad wrote: > >> Well, I worked with this all day and am still having issues. I >> think it's because I'm not familiar with the naming conventions and >> how packstack puts them to work. Could someone please show what the >> packstack answers would be for the two scenarios in the RHEL-OSP V4 >> documentation Configuration Reference Guide, section 7.3.1.2 and >> 7.3.1.3? I believe if I can see the differences between those two, >> I could figure out how the differences are rolled out with >> packstack. It would be greatly appreciated. >> >> >> From: Lodgen, Brad >> Sent: Wednesday, July 09, 2014 1:11 PM >> To: 'rhos-list at redhat.com' >> Subject: Setting Up Public/Private Networks Following Packstack Install >> >> I?m working on learning networking today. Can I provide my >> situation, my original packstack answers for Neutron (sanitized), >> the changes I?ll make to the packstack answer file, and the >> follow-up steps in horizon to complete it, then see if everyone >> agrees that?s the route I should go? I hate to start rolling out >> things in packstack that I?m not at least somewhat confident about >> and risk ruining my setup (although these are VMware hosts and I >> just created snapshots of all nodes). >> >> I?m assuming all I?ll need to do is change the answers file and run >> it again, including only the controller and compute nodes >> (excluding the storage nodes in EXCLUDE_SERVERS=). If that?s >> incorrect at this point, please let me know. >> >> So, my lab setup is this: >> >> -5 VMware hosts >> -1 controller, 2 compute, 2 storage (1 swift, 1 cinder) >> -Each node has two ?physical? interfaces >> -eth0 belongs to port group A, with a public IP and a gateway to the public internet >> -eth1 belongs to port group B, with a private IP (172.16.1.0/24) and no gateway >> >> -I would like to set up two networks for my instances in OpenStack >> -Network 1 would be able to access ONLY the 172.16.1.0/24 network >> (instances would have IP on that network and no gateway?) >> -Network 2 would be able to access BOTH the public internet AND the >> 172.16.1.0/24 network (instances would have two interfaces, eth0 >> with public IP/gateway, eth0 with private IP and no gateway?) >> >> -In my packstack answers file, I have the following (it may be >> worth it to mention that none of the ML2 lines are in the RHEL-OSP >> V4 documentation and some of the others, such as OVS_BRIDGE_IFACES, >> aren?t either, so I?m not sure if they?re essential or not): >> >> CONFIG_NEUTRON_INSTALL=y >> CONFIG_NEUTRON_SERVER_HOST={controller_ip} >> CONFIG_NEUTRON_L3_HOSTS={controller_ip} >> CONFIG_NEUTRON_L3_EXT_BRIDGE=br-ex >> CONFIG_NEUTRON_DHCP_HOSTS={controller_ip} >> CONFIG_NEUTRON_L2_PLUGIN=openvswitch >> CONFIG_NEUTRON_METADATA_HOSTS={controller_ip} >> CONFIG_NEUTRON_ML2_TYPE_DRIVERS=local >> CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=local >> CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch >> CONFIG_NEUTRON_ML2_FLAT_NETWORKS=* >> CONFIG_NEUTRON_ML2_VLAN_RANGES= >> CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES= >> CONFIG_NEUTRON_ML2_VXLAN_GROUP= >> CONFIG_NEUTRON_ML2_VNI_RANGES= >> CONFIG_NEUTRON_L2_AGENT=openvswitch >> CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE=local >> CONFIG_NEUTRON_LB_VLAN_RANGES= >> CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS= >> CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE=local >> CONFIG_NEUTRON_OVS_VLAN_RANGES= >> CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS= >> CONFIG_NEUTRON_OVS_BRIDGE_IFACES= >> CONFIG_NEUTRON_OVS_TUNNEL_RANGES= >> CONFIG_NEUTRON_OVS_TUNNEL_IF= >> CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789 >> >> What I believe it needs to be: >> >> CONFIG_NEUTRON_INSTALL=y >> CONFIG_NEUTRON_SERVER_HOST={controller_ip} >> CONFIG_NEUTRON_L3_HOSTS={controller_ip},{compute1},{compute2} >> CONFIG_NEUTRON_L3_EXT_BRIDGE=br-ex >> CONFIG_NEUTRON_DHCP_HOSTS={controller_ip},{compute1},{compute2} >> CONFIG_NEUTRON_L2_PLUGIN=openvswitch >> CONFIG_NEUTRON_METADATA_HOSTS={controller_ip} >> CONFIG_NEUTRON_ML2_TYPE_DRIVERS=local >> CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=local >> CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch >> CONFIG_NEUTRON_ML2_FLAT_NETWORKS=* >> CONFIG_NEUTRON_ML2_VLAN_RANGES= >> CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES= >> CONFIG_NEUTRON_ML2_VXLAN_GROUP= >> CONFIG_NEUTRON_ML2_VNI_RANGES= >> CONFIG_NEUTRON_L2_AGENT=openvswitch >> CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE=local >> CONFIG_NEUTRON_LB_VLAN_RANGES= >> CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS= >> CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE=local >> CONFIG_NEUTRON_OVS_VLAN_RANGES= >> CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=public:br-eth0,private,br-eth1 >> CONFIG_NEUTRON_OVS_BRIDGE_IFACES= >> CONFIG_NEUTRON_OVS_TUNNEL_RANGES= >> CONFIG_NEUTRON_OVS_TUNNEL_IF= >> CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789 >> >> >> The follow-up horizon steps would be: >> >> -Under admin (not project) tab, create two networks: >> - One Public, assign to project, check external network box >> - One Private, assign to project, leave external network box unchecked >> >> -Under project tab, click networks, on each network, click ?More?, click ?Add Subnet? >> - Public, ?public subnet?, network x.x.x.x/x, IPv4, Gateway IP x.x.x.x, uncheck Disable Gateway, Subnet Detail tab uncheck DHCP, add DNS server, leave routes empty >> - Private, ?private subnet?, network 172.16.1.0/24, IPv4, Gateway IP ?blank?, check Disable Gateway, Subnet Detail tab check DHCP, add the pool, leave DNS empty (not needed), leave routes empty >> >> At this point, is it necessary to create a router, since there is a hardware router handling the public network? >> >> After all of the above, if I? >> -Create an instance and assign the private network, that instance will be assigned a private ip via DHCP? Then, I can load up a RHEL6 KVM image and connect to the host via SSH using the keypair on the private network? >> -Create an instance and assign the private AND public network, that instance will only be assigned a private ip via DHCP? Then, I can load up a RHEL6 KVM image, connect to the host via SSH using the keypair on the private network, and manually add a public IP? >> >> If you made it this far, my extreme thanks! >> >> -Brad From Brad.Lodgen at centurylink.com Thu Jul 10 19:55:48 2014 From: Brad.Lodgen at centurylink.com (Lodgen, Brad) Date: Thu, 10 Jul 2014 19:55:48 +0000 Subject: [rhos-list] Setting Up Public/Private Networks Following Packstack Install In-Reply-To: <53BEEE5E.1000206@redhat.com> References: <53BEEE5E.1000206@redhat.com> Message-ID: Sorry, I used the wrong terminology. I'm using 5 RHEL6.5 VM's on vSphere 5.5 hosts. This is just for studying for the exam. Now that I know this isn't the best testing environment, next week I'm going to start working with a large batch of physical hosts and use RHEL-OSP V5. Out of curiousity... do you have documentation covering moving from one version to the next one, or do you recommend folks completely wipe the current version and move to the next one? -----Original Message----- From: Perry Myers [mailto:pmyers at redhat.com] Sent: Thursday, July 10, 2014 2:50 PM To: Rhys Oxenham; Lodgen, Brad; Matthew Booth Cc: rhos-list at redhat.com; Dave Maley; Brian Hamrick Subject: Re: [rhos-list] Setting Up Public/Private Networks Following Packstack Install On 07/10/2014 04:05 AM, Rhys Oxenham wrote: > Hi Brad, > > Sorry you've not had a response to your questions. > > Having a quick look through... you mention you're using VMware hosts, > are these physical machines, or RHEL virtual machines running on-top > of VMware? > > If the former, networking is going to be a bit more tricky to setup as > you'll either need to use nova-network, or VMware's NSX. Open vSwitch > won't work as expected with VMware hypervisors. Yeah, I'm pretty sure you need to just use Nova Networking if you're using ESX as the hypervisor through the vCenter Driver. I've cc'd Matt Booth who works on the VMware integration for us, he may have more insight. Worth noting that Packstack does not support NSX, so if using VMware/vCenter, it's Nova Net or nothing... Can you provide the entire Packstack file as an attachment or fpaste? Cheers, Perry > Cheers > Rhys > > On 10 Jul 2014, at 04:37, Lodgen, Brad wrote: > >> Well, I worked with this all day and am still having issues. I think >> it's because I'm not familiar with the naming conventions and how >> packstack puts them to work. Could someone please show what the >> packstack answers would be for the two scenarios in the RHEL-OSP V4 >> documentation Configuration Reference Guide, section 7.3.1.2 and >> 7.3.1.3? I believe if I can see the differences between those two, I >> could figure out how the differences are rolled out with packstack. >> It would be greatly appreciated. >> >> >> From: Lodgen, Brad >> Sent: Wednesday, July 09, 2014 1:11 PM >> To: 'rhos-list at redhat.com' >> Subject: Setting Up Public/Private Networks Following Packstack >> Install >> >> I'm working on learning networking today. Can I provide my situation, >> my original packstack answers for Neutron (sanitized), the changes >> I'll make to the packstack answer file, and the follow-up steps in >> horizon to complete it, then see if everyone agrees that's the route >> I should go? I hate to start rolling out things in packstack that I'm >> not at least somewhat confident about and risk ruining my setup >> (although these are VMware hosts and I just created snapshots of all >> nodes). >> >> I'm assuming all I'll need to do is change the answers file and run >> it again, including only the controller and compute nodes (excluding >> the storage nodes in EXCLUDE_SERVERS=). If that's incorrect at this >> point, please let me know. >> >> So, my lab setup is this: >> >> -5 VMware hosts >> -1 controller, 2 compute, 2 storage (1 swift, 1 cinder) -Each node >> has two "physical" interfaces >> -eth0 belongs to port group A, with a public IP and a gateway to the >> public internet >> -eth1 belongs to port group B, with a private IP (172.16.1.0/24) and >> no gateway >> >> -I would like to set up two networks for my instances in OpenStack >> -Network 1 would be able to access ONLY the 172.16.1.0/24 network >> (instances would have IP on that network and no gateway?) -Network 2 >> would be able to access BOTH the public internet AND the >> 172.16.1.0/24 network (instances would have two interfaces, eth0 with >> public IP/gateway, eth0 with private IP and no gateway?) >> >> -In my packstack answers file, I have the following (it may be worth >> it to mention that none of the ML2 lines are in the RHEL-OSP >> V4 documentation and some of the others, such as OVS_BRIDGE_IFACES, >> aren't either, so I'm not sure if they're essential or not): >> >> CONFIG_NEUTRON_INSTALL=y >> CONFIG_NEUTRON_SERVER_HOST={controller_ip} >> CONFIG_NEUTRON_L3_HOSTS={controller_ip} >> CONFIG_NEUTRON_L3_EXT_BRIDGE=br-ex >> CONFIG_NEUTRON_DHCP_HOSTS={controller_ip} >> CONFIG_NEUTRON_L2_PLUGIN=openvswitch >> CONFIG_NEUTRON_METADATA_HOSTS={controller_ip} >> CONFIG_NEUTRON_ML2_TYPE_DRIVERS=local >> CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=local >> CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch >> CONFIG_NEUTRON_ML2_FLAT_NETWORKS=* >> CONFIG_NEUTRON_ML2_VLAN_RANGES= >> CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES= >> CONFIG_NEUTRON_ML2_VXLAN_GROUP= >> CONFIG_NEUTRON_ML2_VNI_RANGES= >> CONFIG_NEUTRON_L2_AGENT=openvswitch >> CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE=local >> CONFIG_NEUTRON_LB_VLAN_RANGES= >> CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS= >> CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE=local >> CONFIG_NEUTRON_OVS_VLAN_RANGES= >> CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS= >> CONFIG_NEUTRON_OVS_BRIDGE_IFACES= >> CONFIG_NEUTRON_OVS_TUNNEL_RANGES= >> CONFIG_NEUTRON_OVS_TUNNEL_IF= >> CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789 >> >> What I believe it needs to be: >> >> CONFIG_NEUTRON_INSTALL=y >> CONFIG_NEUTRON_SERVER_HOST={controller_ip} >> CONFIG_NEUTRON_L3_HOSTS={controller_ip},{compute1},{compute2} >> CONFIG_NEUTRON_L3_EXT_BRIDGE=br-ex >> CONFIG_NEUTRON_DHCP_HOSTS={controller_ip},{compute1},{compute2} >> CONFIG_NEUTRON_L2_PLUGIN=openvswitch >> CONFIG_NEUTRON_METADATA_HOSTS={controller_ip} >> CONFIG_NEUTRON_ML2_TYPE_DRIVERS=local >> CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=local >> CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch >> CONFIG_NEUTRON_ML2_FLAT_NETWORKS=* >> CONFIG_NEUTRON_ML2_VLAN_RANGES= >> CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES= >> CONFIG_NEUTRON_ML2_VXLAN_GROUP= >> CONFIG_NEUTRON_ML2_VNI_RANGES= >> CONFIG_NEUTRON_L2_AGENT=openvswitch >> CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE=local >> CONFIG_NEUTRON_LB_VLAN_RANGES= >> CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS= >> CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE=local >> CONFIG_NEUTRON_OVS_VLAN_RANGES= >> CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=public:br-eth0,private,br-eth1 >> CONFIG_NEUTRON_OVS_BRIDGE_IFACES= >> CONFIG_NEUTRON_OVS_TUNNEL_RANGES= >> CONFIG_NEUTRON_OVS_TUNNEL_IF= >> CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789 >> >> >> The follow-up horizon steps would be: >> >> -Under admin (not project) tab, create two networks: >> - One Public, assign to project, check external network box >> - One Private, assign to project, leave external network box >> unchecked >> >> -Under project tab, click networks, on each network, click "More", click "Add Subnet" >> - Public, "public subnet", network x.x.x.x/x, IPv4, Gateway IP >> x.x.x.x, uncheck Disable Gateway, Subnet Detail tab uncheck DHCP, add >> DNS server, leave routes empty >> - Private, "private subnet", network 172.16.1.0/24, IPv4, Gateway IP >> "blank", check Disable Gateway, Subnet Detail tab check DHCP, add >> the pool, leave DNS empty (not needed), leave routes empty >> >> At this point, is it necessary to create a router, since there is a hardware router handling the public network? >> >> After all of the above, if I... >> -Create an instance and assign the private network, that instance will be assigned a private ip via DHCP? Then, I can load up a RHEL6 KVM image and connect to the host via SSH using the keypair on the private network? >> -Create an instance and assign the private AND public network, that instance will only be assigned a private ip via DHCP? Then, I can load up a RHEL6 KVM image, connect to the host via SSH using the keypair on the private network, and manually add a public IP? >> >> If you made it this far, my extreme thanks! >> >> -Brad From Brad.Lodgen at centurylink.com Thu Jul 10 20:45:27 2014 From: Brad.Lodgen at centurylink.com (Lodgen, Brad) Date: Thu, 10 Jul 2014 20:45:27 +0000 Subject: [rhos-list] Setting Up Public/Private Networks Following Packstack Install In-Reply-To: <53BEEE5E.1000206@redhat.com> References: <53BEEE5E.1000206@redhat.com> Message-ID: I completely rebuilt my environment (still using RHEL6.5 VM's on vSphere 5.5 hosts) to use nova networking, hoping to make it a bit simpler. This is likely to be my answer file being incorrect for my environment, at least I'm hoping that since I'm going into the exam tomorrow. Heh. Attached my sanitized answer file. Start up a fresh instance with a RHEL6.5 KVM image and get these errors during startup: -Starting udev: udevd[377]: can not read '/etc/udev/rules.d/75-persistent-net-generator.rules' Udevd[377]: can not read '/etc/udev/rules.d/75-persistent-net-generator.rules' udevadm settle - timeout of 180 seconds, the event queue contains: lots of stuff I couldn't type fast enough Udevadm settle - timeout of 0 seconds reached, the event queue contains:/sys/devices/virtual/net/lo (1317) Udev still not settled. Waiting -Did not get any network settings for eth0 -can't reach 169.254.169.254 for metadata [Network is unreachable] -Getting data from cloudinit failed When loading a cirrOS image, it just keeps rebooting over and over: --can't find a bootable hard disk --gpxe times out on DHCP --no more network devices --no bootable device, retrying in 60 seconds -----Original Message----- From: Perry Myers [mailto:pmyers at redhat.com] Sent: Thursday, July 10, 2014 2:50 PM To: Rhys Oxenham; Lodgen, Brad; Matthew Booth Cc: rhos-list at redhat.com; Dave Maley; Brian Hamrick Subject: Re: [rhos-list] Setting Up Public/Private Networks Following Packstack Install On 07/10/2014 04:05 AM, Rhys Oxenham wrote: > Hi Brad, > > Sorry you've not had a response to your questions. > > Having a quick look through... you mention you're using VMware hosts, > are these physical machines, or RHEL virtual machines running on-top > of VMware? > > If the former, networking is going to be a bit more tricky to setup as > you'll either need to use nova-network, or VMware's NSX. Open vSwitch > won't work as expected with VMware hypervisors. Yeah, I'm pretty sure you need to just use Nova Networking if you're using ESX as the hypervisor through the vCenter Driver. I've cc'd Matt Booth who works on the VMware integration for us, he may have more insight. Worth noting that Packstack does not support NSX, so if using VMware/vCenter, it's Nova Net or nothing... Can you provide the entire Packstack file as an attachment or fpaste? Cheers, Perry > Cheers > Rhys > > On 10 Jul 2014, at 04:37, Lodgen, Brad wrote: > >> Well, I worked with this all day and am still having issues. I think >> it's because I'm not familiar with the naming conventions and how >> packstack puts them to work. Could someone please show what the >> packstack answers would be for the two scenarios in the RHEL-OSP V4 >> documentation Configuration Reference Guide, section 7.3.1.2 and >> 7.3.1.3? I believe if I can see the differences between those two, I >> could figure out how the differences are rolled out with packstack. >> It would be greatly appreciated. >> >> >> From: Lodgen, Brad >> Sent: Wednesday, July 09, 2014 1:11 PM >> To: 'rhos-list at redhat.com' >> Subject: Setting Up Public/Private Networks Following Packstack >> Install >> >> I'm working on learning networking today. Can I provide my situation, >> my original packstack answers for Neutron (sanitized), the changes >> I'll make to the packstack answer file, and the follow-up steps in >> horizon to complete it, then see if everyone agrees that's the route >> I should go? I hate to start rolling out things in packstack that I'm >> not at least somewhat confident about and risk ruining my setup >> (although these are VMware hosts and I just created snapshots of all >> nodes). >> >> I'm assuming all I'll need to do is change the answers file and run >> it again, including only the controller and compute nodes (excluding >> the storage nodes in EXCLUDE_SERVERS=). If that's incorrect at this >> point, please let me know. >> >> So, my lab setup is this: >> >> -5 VMware hosts >> -1 controller, 2 compute, 2 storage (1 swift, 1 cinder) -Each node >> has two "physical" interfaces >> -eth0 belongs to port group A, with a public IP and a gateway to the >> public internet >> -eth1 belongs to port group B, with a private IP (172.16.1.0/24) and >> no gateway >> >> -I would like to set up two networks for my instances in OpenStack >> -Network 1 would be able to access ONLY the 172.16.1.0/24 network >> (instances would have IP on that network and no gateway?) -Network 2 >> would be able to access BOTH the public internet AND the >> 172.16.1.0/24 network (instances would have two interfaces, eth0 with >> public IP/gateway, eth0 with private IP and no gateway?) >> >> -In my packstack answers file, I have the following (it may be worth >> it to mention that none of the ML2 lines are in the RHEL-OSP >> V4 documentation and some of the others, such as OVS_BRIDGE_IFACES, >> aren't either, so I'm not sure if they're essential or not): >> >> CONFIG_NEUTRON_INSTALL=y >> CONFIG_NEUTRON_SERVER_HOST={controller_ip} >> CONFIG_NEUTRON_L3_HOSTS={controller_ip} >> CONFIG_NEUTRON_L3_EXT_BRIDGE=br-ex >> CONFIG_NEUTRON_DHCP_HOSTS={controller_ip} >> CONFIG_NEUTRON_L2_PLUGIN=openvswitch >> CONFIG_NEUTRON_METADATA_HOSTS={controller_ip} >> CONFIG_NEUTRON_ML2_TYPE_DRIVERS=local >> CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=local >> CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch >> CONFIG_NEUTRON_ML2_FLAT_NETWORKS=* >> CONFIG_NEUTRON_ML2_VLAN_RANGES= >> CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES= >> CONFIG_NEUTRON_ML2_VXLAN_GROUP= >> CONFIG_NEUTRON_ML2_VNI_RANGES= >> CONFIG_NEUTRON_L2_AGENT=openvswitch >> CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE=local >> CONFIG_NEUTRON_LB_VLAN_RANGES= >> CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS= >> CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE=local >> CONFIG_NEUTRON_OVS_VLAN_RANGES= >> CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS= >> CONFIG_NEUTRON_OVS_BRIDGE_IFACES= >> CONFIG_NEUTRON_OVS_TUNNEL_RANGES= >> CONFIG_NEUTRON_OVS_TUNNEL_IF= >> CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789 >> >> What I believe it needs to be: >> >> CONFIG_NEUTRON_INSTALL=y >> CONFIG_NEUTRON_SERVER_HOST={controller_ip} >> CONFIG_NEUTRON_L3_HOSTS={controller_ip},{compute1},{compute2} >> CONFIG_NEUTRON_L3_EXT_BRIDGE=br-ex >> CONFIG_NEUTRON_DHCP_HOSTS={controller_ip},{compute1},{compute2} >> CONFIG_NEUTRON_L2_PLUGIN=openvswitch >> CONFIG_NEUTRON_METADATA_HOSTS={controller_ip} >> CONFIG_NEUTRON_ML2_TYPE_DRIVERS=local >> CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=local >> CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch >> CONFIG_NEUTRON_ML2_FLAT_NETWORKS=* >> CONFIG_NEUTRON_ML2_VLAN_RANGES= >> CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES= >> CONFIG_NEUTRON_ML2_VXLAN_GROUP= >> CONFIG_NEUTRON_ML2_VNI_RANGES= >> CONFIG_NEUTRON_L2_AGENT=openvswitch >> CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE=local >> CONFIG_NEUTRON_LB_VLAN_RANGES= >> CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS= >> CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE=local >> CONFIG_NEUTRON_OVS_VLAN_RANGES= >> CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=public:br-eth0,private,br-eth1 >> CONFIG_NEUTRON_OVS_BRIDGE_IFACES= >> CONFIG_NEUTRON_OVS_TUNNEL_RANGES= >> CONFIG_NEUTRON_OVS_TUNNEL_IF= >> CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789 >> >> >> The follow-up horizon steps would be: >> >> -Under admin (not project) tab, create two networks: >> - One Public, assign to project, check external network box >> - One Private, assign to project, leave external network box >> unchecked >> >> -Under project tab, click networks, on each network, click "More", click "Add Subnet" >> - Public, "public subnet", network x.x.x.x/x, IPv4, Gateway IP >> x.x.x.x, uncheck Disable Gateway, Subnet Detail tab uncheck DHCP, add >> DNS server, leave routes empty >> - Private, "private subnet", network 172.16.1.0/24, IPv4, Gateway IP >> "blank", check Disable Gateway, Subnet Detail tab check DHCP, add >> the pool, leave DNS empty (not needed), leave routes empty >> >> At this point, is it necessary to create a router, since there is a hardware router handling the public network? >> >> After all of the above, if I... >> -Create an instance and assign the private network, that instance will be assigned a private ip via DHCP? Then, I can load up a RHEL6 KVM image and connect to the host via SSH using the keypair on the private network? >> -Create an instance and assign the private AND public network, that instance will only be assigned a private ip via DHCP? Then, I can load up a RHEL6 KVM image, connect to the host via SSH using the keypair on the private network, and manually add a public IP? >> >> If you made it this far, my extreme thanks! >> >> -Brad -------------- next part -------------- A non-text attachment was scrubbed... Name: pack.answers Type: application/octet-stream Size: 18245 bytes Desc: pack.answers URL: From Brad.Lodgen at centurylink.com Thu Jul 10 21:24:35 2014 From: Brad.Lodgen at centurylink.com (Lodgen, Brad) Date: Thu, 10 Jul 2014 21:24:35 +0000 Subject: [rhos-list] Setting Up Public/Private Networks Following Packstack Install In-Reply-To: References: <53BEEE5E.1000206@redhat.com>, Message-ID: Ignore the cirros errors, I uploaded the wrong file. "Lodgen, Brad" wrote: I completely rebuilt my environment (still using RHEL6.5 VM's on vSphere 5.5 hosts) to use nova networking, hoping to make it a bit simpler. This is likely to be my answer file being incorrect for my environment, at least I?m hoping that since I?m going into the exam tomorrow. Heh. Attached my sanitized answer file. Start up a fresh instance with a RHEL6.5 KVM image and get these errors during startup: -Starting udev: udevd[377]: can not read ?/etc/udev/rules.d/75-persistent-net-generator.rules? Udevd[377]: can not read ?/etc/udev/rules.d/75-persistent-net-generator.rules? udevadm settle ? timeout of 180 seconds, the event queue contains: lots of stuff I couldn?t type fast enough Udevadm settle ? timeout of 0 seconds reached, the event queue contains:/sys/devices/virtual/net/lo (1317) Udev still not settled. Waiting -Did not get any network settings for eth0 -can?t reach 169.254.169.254 for metadata [Network is unreachable] -Getting data from cloudinit failed When loading a cirrOS image, it just keeps rebooting over and over: --can?t find a bootable hard disk --gpxe times out on DHCP --no more network devices --no bootable device, retrying in 60 seconds -----Original Message----- From: Perry Myers [mailto:pmyers at redhat.com] Sent: Thursday, July 10, 2014 2:50 PM To: Rhys Oxenham; Lodgen, Brad; Matthew Booth Cc: rhos-list at redhat.com; Dave Maley; Brian Hamrick Subject: Re: [rhos-list] Setting Up Public/Private Networks Following Packstack Install On 07/10/2014 04:05 AM, Rhys Oxenham wrote: > Hi Brad, > > Sorry you?ve not had a response to your questions. > > Having a quick look through? you mention you?re using VMware hosts, > are these physical machines, or RHEL virtual machines running on-top > of VMware? > > If the former, networking is going to be a bit more tricky to setup as > you?ll either need to use nova-network, or VMware?s NSX. Open vSwitch > won?t work as expected with VMware hypervisors. Yeah, I'm pretty sure you need to just use Nova Networking if you're using ESX as the hypervisor through the vCenter Driver. I've cc'd Matt Booth who works on the VMware integration for us, he may have more insight. Worth noting that Packstack does not support NSX, so if using VMware/vCenter, it's Nova Net or nothing... Can you provide the entire Packstack file as an attachment or fpaste? Cheers, Perry > Cheers > Rhys > > On 10 Jul 2014, at 04:37, Lodgen, Brad wrote: > >> Well, I worked with this all day and am still having issues. I think >> it's because I'm not familiar with the naming conventions and how >> packstack puts them to work. Could someone please show what the >> packstack answers would be for the two scenarios in the RHEL-OSP V4 >> documentation Configuration Reference Guide, section 7.3.1.2 and >> 7.3.1.3? I believe if I can see the differences between those two, I >> could figure out how the differences are rolled out with packstack. >> It would be greatly appreciated. >> >> >> From: Lodgen, Brad >> Sent: Wednesday, July 09, 2014 1:11 PM >> To: 'rhos-list at redhat.com' >> Subject: Setting Up Public/Private Networks Following Packstack >> Install >> >> I?m working on learning networking today. Can I provide my situation, >> my original packstack answers for Neutron (sanitized), the changes >> I?ll make to the packstack answer file, and the follow-up steps in >> horizon to complete it, then see if everyone agrees that?s the route >> I should go? I hate to start rolling out things in packstack that I?m >> not at least somewhat confident about and risk ruining my setup >> (although these are VMware hosts and I just created snapshots of all >> nodes). >> >> I?m assuming all I?ll need to do is change the answers file and run >> it again, including only the controller and compute nodes (excluding >> the storage nodes in EXCLUDE_SERVERS=). If that?s incorrect at this >> point, please let me know. >> >> So, my lab setup is this: >> >> -5 VMware hosts >> -1 controller, 2 compute, 2 storage (1 swift, 1 cinder) -Each node >> has two ?physical? interfaces >> -eth0 belongs to port group A, with a public IP and a gateway to the >> public internet >> -eth1 belongs to port group B, with a private IP (172.16.1.0/24) and >> no gateway >> >> -I would like to set up two networks for my instances in OpenStack >> -Network 1 would be able to access ONLY the 172.16.1.0/24 network >> (instances would have IP on that network and no gateway?) -Network 2 >> would be able to access BOTH the public internet AND the >> 172.16.1.0/24 network (instances would have two interfaces, eth0 with >> public IP/gateway, eth0 with private IP and no gateway?) >> >> -In my packstack answers file, I have the following (it may be worth >> it to mention that none of the ML2 lines are in the RHEL-OSP >> V4 documentation and some of the others, such as OVS_BRIDGE_IFACES, >> aren?t either, so I?m not sure if they?re essential or not): >> >> CONFIG_NEUTRON_INSTALL=y >> CONFIG_NEUTRON_SERVER_HOST={controller_ip} >> CONFIG_NEUTRON_L3_HOSTS={controller_ip} >> CONFIG_NEUTRON_L3_EXT_BRIDGE=br-ex >> CONFIG_NEUTRON_DHCP_HOSTS={controller_ip} >> CONFIG_NEUTRON_L2_PLUGIN=openvswitch >> CONFIG_NEUTRON_METADATA_HOSTS={controller_ip} >> CONFIG_NEUTRON_ML2_TYPE_DRIVERS=local >> CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=local >> CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch >> CONFIG_NEUTRON_ML2_FLAT_NETWORKS=* >> CONFIG_NEUTRON_ML2_VLAN_RANGES= >> CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES= >> CONFIG_NEUTRON_ML2_VXLAN_GROUP= >> CONFIG_NEUTRON_ML2_VNI_RANGES= >> CONFIG_NEUTRON_L2_AGENT=openvswitch >> CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE=local >> CONFIG_NEUTRON_LB_VLAN_RANGES= >> CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS= >> CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE=local >> CONFIG_NEUTRON_OVS_VLAN_RANGES= >> CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS= >> CONFIG_NEUTRON_OVS_BRIDGE_IFACES= >> CONFIG_NEUTRON_OVS_TUNNEL_RANGES= >> CONFIG_NEUTRON_OVS_TUNNEL_IF= >> CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789 >> >> What I believe it needs to be: >> >> CONFIG_NEUTRON_INSTALL=y >> CONFIG_NEUTRON_SERVER_HOST={controller_ip} >> CONFIG_NEUTRON_L3_HOSTS={controller_ip},{compute1},{compute2} >> CONFIG_NEUTRON_L3_EXT_BRIDGE=br-ex >> CONFIG_NEUTRON_DHCP_HOSTS={controller_ip},{compute1},{compute2} >> CONFIG_NEUTRON_L2_PLUGIN=openvswitch >> CONFIG_NEUTRON_METADATA_HOSTS={controller_ip} >> CONFIG_NEUTRON_ML2_TYPE_DRIVERS=local >> CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=local >> CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch >> CONFIG_NEUTRON_ML2_FLAT_NETWORKS=* >> CONFIG_NEUTRON_ML2_VLAN_RANGES= >> CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES= >> CONFIG_NEUTRON_ML2_VXLAN_GROUP= >> CONFIG_NEUTRON_ML2_VNI_RANGES= >> CONFIG_NEUTRON_L2_AGENT=openvswitch >> CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE=local >> CONFIG_NEUTRON_LB_VLAN_RANGES= >> CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS= >> CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE=local >> CONFIG_NEUTRON_OVS_VLAN_RANGES= >> CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=public:br-eth0,private,br-eth1 >> CONFIG_NEUTRON_OVS_BRIDGE_IFACES= >> CONFIG_NEUTRON_OVS_TUNNEL_RANGES= >> CONFIG_NEUTRON_OVS_TUNNEL_IF= >> CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789 >> >> >> The follow-up horizon steps would be: >> >> -Under admin (not project) tab, create two networks: >> - One Public, assign to project, check external network box >> - One Private, assign to project, leave external network box >> unchecked >> >> -Under project tab, click networks, on each network, click ?More?, click ?Add Subnet? >> - Public, ?public subnet?, network x.x.x.x/x, IPv4, Gateway IP >> x.x.x.x, uncheck Disable Gateway, Subnet Detail tab uncheck DHCP, add >> DNS server, leave routes empty >> - Private, ?private subnet?, network 172.16.1.0/24, IPv4, Gateway IP >> ?blank?, check Disable Gateway, Subnet Detail tab check DHCP, add >> the pool, leave DNS empty (not needed), leave routes empty >> >> At this point, is it necessary to create a router, since there is a hardware router handling the public network? >> >> After all of the above, if I? >> -Create an instance and assign the private network, that instance will be assigned a private ip via DHCP? Then, I can load up a RHEL6 KVM image and connect to the host via SSH using the keypair on the private network? >> -Create an instance and assign the private AND public network, that instance will only be assigned a private ip via DHCP? Then, I can load up a RHEL6 KVM image, connect to the host via SSH using the keypair on the private network, and manually add a public IP? >> >> If you made it this far, my extreme thanks! >> >> -Brad -------------- next part -------------- An HTML attachment was scrubbed... URL: From ganguly at cisco.com Fri Jul 11 18:25:10 2014 From: ganguly at cisco.com (Chandra Ganguly (ganguly)) Date: Fri, 11 Jul 2014 18:25:10 +0000 Subject: [rhos-list] [Rdo-list] Need Help: openstack Repos Are Missing In-Reply-To: References: <53BEC7A6.2090903@redhat.com> Message-ID: Hi Team Do you have any update on this front? Thanks Chandra From: Chandra Ganguly > Date: Thursday, July 10, 2014 at 11:52 AM To: Perry Myers >, rhos-list >, Dave Maley >, Brian Hamrick > Subject: Re: [Rdo-list] Need Help: openstack Repos Are Missing Hi OpenStack/RedHat team Resending to the rhos-list as it probably when to junk mail earlier :) Currently I am not able to install the openstack rpms. Thanks Chandra From: Chandra Ganguly > Date: Thursday, July 10, 2014 at 10:09 AM To: Perry Myers >, rhos-list >, Dave Maley >, Brian Hamrick > Subject: Re: [Rdo-list] Need Help: openstack Repos Are Missing Hi Perry This is what I see: Subscription Name Contract Number Quantity Start Date End Date Red Hat Enterprise Linux OpenStack Platform Business Partner NFR Self-Supported 10470343 1 6/16/14 2015-06-15T00:00:00+00:00 Red Hat Enterprise Linux Self-Supported Business Partner NFR 10470343 1 6/16/14 2015-06-15T00:00:00+00:00 Also we were able to register the device successfully: root at foreman-server ~]# subscription-manager register This system is already registered. Use --force to override [root at foreman-server ~]# Thanks Chandra On 7/10/14, 10:04 AM, "Perry Myers" > wrote: On 07/10/2014 12:49 PM, Chandra Ganguly (ganguly) wrote: Hi RedHat/Openstack Team I am trying to install foreman and I am seeing the following RPM missing, which is causing my the download of my foreman-installer to fail. Can somebody let me know what is the new openstack repo to get; I am running it on RHEL6.5 [root at foreman-server ~]# subscription-manager repos --enable rhel-6-server-openstack-4.0-rpms Error: rhel-6-server-openstack-4.0-rpms is not a valid repo ID. Use --list option to see valid repos. root at foreman-server ~]# subscription-manager repos --list | grep openstack [root at foreman-server ~]# yum install openstack-foreman-installer foreman-selinux Loaded plugins: priorities, product-id, security, subscription-manager This system is receiving updates from Red Hat Subscription Management. rhel-6-server-optional-rpms | 3.5 kB 00:00 rhel-6-server-realtime-rpms | 3.8 kB 00:00 rhel-6-server-rpms | 3.7 kB 00:00 rhel-ha-for-rhel-6-server-rpms | 3.7 kB 00:00 rhel-hpn-for-rhel-6-server-rpms | 3.7 kB 00:00 rhel-lb-for-rhel-6-server-rpms | 3.7 kB 00:00 rhel-rs-for-rhel-6-server-rpms | 3.7 kB 00:00 rhel-sap-for-rhel-6-server-rpms | 3.7 kB 00:00 rhel-sap-hana-for-rhel-6-server-rpms | 2.8 kB 00:00 rhel-scalefs-for-rhel-6-server-rpms | 3.7 kB 00:00 rhel-server-6-rhds-9-rpms | 3.1 kB 00:00 rhel-server-dts-6-rpms | 2.9 kB 00:00 rhel-server-dts2-6-rpms | 2.6 kB 00:00 rhel-sjis-for-rhel-6-server-rpms | 3.1 kB 00:00 Setting up Install Process No package *openstack-foreman-installer* available. No package *foreman-selinux* available. Error: Nothing to do Based on the above, it doesn't seem like you don't have an RHOS subscription enabled. Did you sign up for a trial subscription via http://www.redhat.com/openstack ? Or did you get a subscription via some other means? When you log into RHN via http://access.redhat.com And go to Subscriptions->Active What Red Hat OpenStack subcriptions do you see? Perry -------------- next part -------------- An HTML attachment was scrubbed... URL: From pmyers at redhat.com Tue Jul 15 01:40:51 2014 From: pmyers at redhat.com (Perry Myers) Date: Mon, 14 Jul 2014 21:40:51 -0400 Subject: [rhos-list] Setting Up Public/Private Networks Following Packstack Install In-Reply-To: References: <53BEEE5E.1000206@redhat.com> Message-ID: <53C486A3.3030005@redhat.com> On 07/10/2014 03:55 PM, Lodgen, Brad wrote: > Sorry, I used the wrong terminology. I'm using 5 RHEL6.5 VM's on vSphere 5.5 hosts. Ah ok. So you're running 'Compute Nodes' as VMs on top of vSphere? In that case, you're going to have VMs running on those Compute Nodes that will be completely emulated (i.e. no hardware acceleration). > This is just for studying for the exam. Now that I know this isn't the best testing environment, next week I'm going to start working with a large batch of physical hosts and use RHEL-OSP V5. > > > Out of curiousity... do you have documentation covering moving from one version to the next one, or do you recommend folks completely wipe the current version and move to the next one? Yes, we had docs for upgrading from RHOS 3 to RHOS 4 (i.e. Grizzly to Havana) and will publish docs for upgrading from RHOS 4 on RHEL 6.5 to RHOS 5 on RHEL 6.5 as well. Lars, can you point us at the relevant docs or writeups? Perry From pmyers at redhat.com Tue Jul 15 01:44:03 2014 From: pmyers at redhat.com (Perry Myers) Date: Mon, 14 Jul 2014 21:44:03 -0400 Subject: [rhos-list] Setting Up Public/Private Networks Following Packstack Install In-Reply-To: References: <53BEEE5E.1000206@redhat.com> Message-ID: <53C48763.7030307@redhat.com> On 07/10/2014 04:45 PM, Lodgen, Brad wrote: > I completely rebuilt my environment (still using RHEL6.5 VM's on vSphere 5.5 hosts) to use nova networking, hoping to make it a bit simpler. This is likely to be my answer file being incorrect for my environment, at least I'm hoping that since I'm going into the exam tomorrow. Heh. Attached my sanitized answer file. > > > Start up a fresh instance with a RHEL6.5 KVM image and get these errors during startup: > > -Starting udev: udevd[377]: can not read '/etc/udev/rules.d/75-persistent-net-generator.rules' > Udevd[377]: can not read '/etc/udev/rules.d/75-persistent-net-generator.rules' > udevadm settle - timeout of 180 seconds, the event queue contains: lots of stuff I couldn't type fast enough > Udevadm settle - timeout of 0 seconds reached, the event queue contains:/sys/devices/virtual/net/lo (1317) > Udev still not settled. Waiting > -Did not get any network settings for eth0 > -can't reach 169.254.169.254 for metadata [Network is unreachable] > -Getting data from cloudinit failed > > > > When loading a cirrOS image, it just keeps rebooting over and over: > > --can't find a bootable hard disk > --gpxe times out on DHCP > --no more network devices > --no bootable device, retrying in 60 seconds Ok, you mentioned in later thread that the Cirros issues were related to using the wrong image. So, just to confirm... with the right Cirros image you're able to boot an instance on a Compute Node virtual machine running on an ESX host? But when you boot a RHEL image on a Compute Node virtual machine running on an ESX host you get the above issues? Lars/Kashyap you guys have any thoughts? Perry From kchamart at redhat.com Tue Jul 15 05:40:31 2014 From: kchamart at redhat.com (Kashyap Chamarthy) Date: Tue, 15 Jul 2014 11:10:31 +0530 Subject: [rhos-list] Setting Up Public/Private Networks Following Packstack Install In-Reply-To: <53C48763.7030307@redhat.com> References: <53BEEE5E.1000206@redhat.com> <53C48763.7030307@redhat.com> Message-ID: <20140715054031.GB14546@tesla> On Mon, Jul 14, 2014 at 09:44:03PM -0400, Perry Myers wrote: > On 07/10/2014 04:45 PM, Lodgen, Brad wrote: > > I completely rebuilt my environment (still using RHEL6.5 VM's on > > vSphere 5.5 hosts) to use nova networking, hoping to make it a bit > > simpler. This is likely to be my answer file being incorrect for my > > environment, at least I'm hoping that since I'm going into the exam > > tomorrow. Heh. Attached my sanitized answer file. > > > > > > Start up a fresh instance with a RHEL6.5 KVM image and get these > > errors during startup: > > > > -Starting udev: udevd[377]: can not read '/etc/udev/rules.d/75-persistent-net-generator.rules' > > Udevd[377]: can not read '/etc/udev/rules.d/75-persistent-net-generator.rules' > > udevadm settle - timeout of 180 seconds, the event queue contains: lots of stuff I couldn't type fast enough > > Udevadm settle - timeout of 0 seconds reached, the event queue contains:/sys/devices/virtual/net/lo (1317) > > Udev still not settled. Waiting > > -Did not get any network settings for eth0 > > -can't reach 169.254.169.254 for metadata [Network is unreachable] > > -Getting data from cloudinit failed So, these are resolved per your latest response. For later reference (if you're using Neutron), I usually check if I have relevant IP tables rules for metadaproxy, by checking on the router namespace: ip netns exec qrouter-d72adddf-4c02-4916-ae6d-16bfdaf59d99 \ iptables -L -t nat | grep 169 REDIRECT tcp -- anywhere 169.254.169.254 tcp dpt:http redir ports 8700 FWIW, I previously used these notes to configure Neutron metadaproxy -- http://kashyapc.fedorapeople.org/virt/openstack/enabling-metadata-service.txt > > When loading a cirrOS image, it just keeps rebooting over and over: > > > > --can't find a bootable hard disk > > --gpxe times out on DHCP > > --no more network devices > > --no bootable device, retrying in 60 seconds (This too, I presume is resolved per your latest response to this thread. > Ok, you mentioned in later thread that the Cirros issues were related to > using the wrong image. > > So, just to confirm... with the right Cirros image you're able to boot > an instance on a Compute Node virtual machine running on an ESX host? > > But when you boot a RHEL image on a Compute Node virtual machine running > on an ESX host you get the above issues? Yes, confirmation of this would be helpful. If you have more issues w/ RHEL image, we can try to diagnose it further w/ relevant log details. > > Lars/Kashyap you guys have any thoughts? > > Perry -- /kashyap From lars at redhat.com Wed Jul 16 17:13:39 2014 From: lars at redhat.com (Lars Kellogg-Stedman) Date: Wed, 16 Jul 2014 13:13:39 -0400 Subject: [rhos-list] Setting Up Public/Private Networks Following Packstack Install In-Reply-To: <53C486A3.3030005@redhat.com> References: <53BEEE5E.1000206@redhat.com> <53C486A3.3030005@redhat.com> Message-ID: <20140716171339.GB13914@redhat.com> On Mon, Jul 14, 2014 at 09:40:51PM -0400, Perry Myers wrote: > Yes, we had docs for upgrading from RHOS 3 to RHOS 4 (i.e. Grizzly to > Havana) and will publish docs for upgrading from RHOS 4 on RHEL 6.5 to > RHOS 5 on RHEL 6.5 as well. > > Lars, can you point us at the relevant docs or writeups? The current draft docs for the RHOS4 -> RHOS5 upgrade are here: http://shell.bos.redhat.com/~lkellogg/rhos5-upgrade-docs/ The live compute upgrade process, which is new in Icehouse, is documented here: http://people.redhat.com/~lkellogg/rhos5-upgrade-docs/upgrade-4.html Short-term TODO items include: - Performing some testing of these instructions. - Writing up a procedure for moving from qpid to rabbitmq. -- Lars Kellogg-Stedman | larsks @ irc Cloud Engineering / OpenStack | " " @ twitter -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 819 bytes Desc: not available URL: From lars at redhat.com Wed Jul 16 17:52:47 2014 From: lars at redhat.com (Lars Kellogg-Stedman) Date: Wed, 16 Jul 2014 13:52:47 -0400 Subject: [rhos-list] Setting Up Public/Private Networks Following Packstack Install In-Reply-To: <20140716171339.GB13914@redhat.com> References: <53BEEE5E.1000206@redhat.com> <53C486A3.3030005@redhat.com> <20140716171339.GB13914@redhat.com> Message-ID: <20140716175247.GH13914@redhat.com> On Wed, Jul 16, 2014 at 01:13:39PM -0400, Lars Kellogg-Stedman wrote: > On Mon, Jul 14, 2014 at 09:40:51PM -0400, Perry Myers wrote: > > Yes, we had docs for upgrading from RHOS 3 to RHOS 4 (i.e. Grizzly to > > Havana) and will publish docs for upgrading from RHOS 4 on RHEL 6.5 to > > RHOS 5 on RHEL 6.5 as well. > > > > Lars, can you point us at the relevant docs or writeups? > > The current draft docs for the RHOS4 -> RHOS5 upgrade are here: > > http://shell.bos.redhat.com/~lkellogg/rhos5-upgrade-docs/ Sorry, that should be: http://people.redhat.com/~lkellogg/rhos5-upgrade-docs/ ...which would actually be accessible to people. -- Lars Kellogg-Stedman | larsks @ irc Cloud Engineering / OpenStack | " " @ twitter -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 819 bytes Desc: not available URL: From sclewis at redhat.com Fri Jul 25 14:48:53 2014 From: sclewis at redhat.com (Scott Lewis) Date: Fri, 25 Jul 2014 10:48:53 -0400 (EDT) Subject: [rhos-list] RHEL-7-OSP-5 has been updated! In-Reply-To: <599673734.19573943.1406299718956.JavaMail.zimbra@redhat.com> Message-ID: <1279116846.19574043.1406299733952.JavaMail.zimbra@redhat.com> RHEL-7-OSP-5 ============ The Red Hat OpenStack team is pleased to announce an update to Red Hat Enterprise Linux OpenStack Platform version 5.0. This is the second release for Red Hat Enterprise Linux OpenStack Platform version 5, on RHEL-7 (RHEL-7-OSP-5). This release contains over 250 enhancements, bugfixes, documentation changes, and security updates to Red Hat Enterprise Linux OpenStack Platform, and is based on the upstream OpenStack Icehouse stable release 2014.1.1 [1]. This release provides non-high availability (HA) services, and the Packstack Installer. Content can continue to be accessed via the Red Hat Content Delivery Network (CDN) through subsciption management, or via Red Hat Network through Red Hat Satellite 5 (see documentation for details). Advisories: https://rhn.redhat.com/errata/rhel7-rhos-5-errata.html ? openstack-keystone ? https://rhn.redhat.com/errata/RHBA-2014-0931.html ? openstack-nova ? https://rhn.redhat.com/errata/RHSA-2014-0940.html ? openstack-cinder ? https://rhn.redhat.com/errata/RHBA-2014-0932.html ? openstack-glance ? https://rhn.redhat.com/errata/RHBA-2014-0933.html ? openstack-ceilometer ? https://rhn.redhat.com/errata/RHBA-2014-0934.html ? openstack-heat ? https://rhn.redhat.com/errata/RHBA-2014-0935.html ? openstack-neutron ? https://rhn.redhat.com/errata/RHBA-2014-0936.html ? python-django-horizon ? https://rhn.redhat.com/errata/RHSA-2014-0939.html ? runtime components ? https://rhn.redhat.com/errata/RHBA-2014-0937.html ? ceph client ? https://rhn.redhat.com/errata/RHEA-2014-0938.html ? packstack ? https://rhn.redhat.com/errata/RHBA-2014-0930.html ? openstack-swift ? https://rhn.redhat.com/errata/RHSA-2014-0941.html Documentation: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/5/ Release Notes: https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/5/html/Release_Notes/index.html Support: RHEL-OSP-5 will have a 3-year support lifecycle, ending on 30-Jun-17, and is planned to have multiple updates throughout the Production Phase, see [2] for more details. [1] https://wiki.openstack.org/wiki/ReleaseNotes/2014.1.1 [2] https://access.redhat.com/site/support/policy/updates/openstack/platform/ Thanks, Scott Scott Lewis Engineering Program Manager Red Hat Enterprise Linux OpenStack Platform Office: 919-754-4228 sclewis at redhat.com From mloza at morphlabs.com Sat Jul 26 01:47:27 2014 From: mloza at morphlabs.com (Mark Loza) Date: Sat, 26 Jul 2014 09:47:27 +0800 Subject: [rhos-list] RHOS recommended installation for production Message-ID: <53D308AF.6070601@morphlabs.com> Hi, Good day! May I know the recommended way to install RHOS for production? Is it through a manual install or foreman? Thanks! From sclewis at redhat.com Tue Jul 29 14:18:57 2014 From: sclewis at redhat.com (Scott Lewis) Date: Tue, 29 Jul 2014 10:18:57 -0400 (EDT) Subject: [rhos-list] RHEL-6-OSP-5 has been released! In-Reply-To: <1537772416.21408388.1406643508964.JavaMail.zimbra@redhat.com> Message-ID: <535950073.21408728.1406643537560.JavaMail.zimbra@redhat.com> RHEL-6-OSP-5 ============ The Red Hat OpenStack team is pleased to announce an update to Red Hat Enterprise Linux OpenStack Platform version 5.0. This is the first release for Red Hat Enterprise Linux OpenStack Platform version 5, on RHEL-6 (RHEL-6-OSP-5). This release contains over 100 enhancements, bugfixes, documentation changes, and security updates to Red Hat Enterprise Linux OpenStack Platform, and is based on the upstream OpenStack Icehouse stable release 2014.1.1 [1]. This release provides non-high availability (HA) services, and the Packstack Installer. Content can continue to be accessed via the Red Hat Content Delivery Network (CDN) through subscription management, or via Red Hat Network (see documentation for details). Advisories: https://rhn.redhat.com/errata/rhel6-rhos-5-errata.html ? Compute ? https://rhn.redhat.com/errata/RHEA-2014-0958.html ? Identity ? https://rhn.redhat.com/errata/RHEA-2014-0957.html ? Image Service ? https://rhn.redhat.com/errata/RHEA-2014-0956.html ? Block Storage ? https://rhn.redhat.com/errata/RHEA-2014-0955.html ? Telemetry ? https://rhn.redhat.com/errata/RHEA-2014-0954.html ? Networking ? https://rhn.redhat.com/errata/RHEA-2014-0953.html ? Orchestration ? https://rhn.redhat.com/errata/RHEA-2014-0952.html ? Object Storage ? https://rhn.redhat.com/errata/RHEA-2014-0951.html ? Dashboard ? https://rhn.redhat.com/errata/RHEA-2014-0959.html ? Packstack ? https://rhn.redhat.com/errata/RHEA-2014-0950.html ? Runtime Components ? https://rhn.redhat.com/errata/RHEA-2014-0928.html Documentation: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/5/ Release Notes: https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/5/html/Release_Notes/index.html Support: RHEL-OSP-5 will have a 3-year support lifecycle, ending on 30-Jun-17, and is planned to have multiple updates throughout the Production Phase, see [2] for more details. [1] https://wiki.openstack.org/wiki/ReleaseNotes/2014.1.1 [2] https://access.redhat.com/site/support/policy/updates/openstack/platform/ Thanks, Scott Scott Lewis Engineering Program Manager Red Hat Enterprise Linux OpenStack Platform Office: 919-754-4228 sclewis at redhat.com