brooklyn-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Elvinas Piliponis <Elvinas.Pilipo...@virtustream.com>
Subject RE: Brooklyn fails to start Openstack instances due to specific network is not selected
Date Fri, 28 Nov 2014 08:29:48 GMT
Hello, 

Unfortunately it still does not work. I have tried to add network ID to Brooklyn.properties
and to provisioning YAML file. As soon as I make external network shared and it was listed
I got an error "Unable to make an interface on external network NET_ID". I have also tried
to hide external network and create another private network in user tenant. This time I have
received "Multiple possible networks found, use a Network ID to be more specific."

If I leave only one network for tenant, then it works as expected. 

How should I capture what jclouds sends? ASCII tcpdump or are there more refined methods?


My Brooklyn.properties (have tried both way with RegionOne and without):

brooklyn.location.named.openstack=jclouds:openstack-nova:http://10.12.208.5:5000/v2.0
brooklyn.location.named.openstack.identity=brooklyn:brooklyn
brooklyn.location.named.openstack.credential=brooklyn
brooklyn.location.named.openstack.imageId=RegionOne/d5163d69-4b2c-4269-99ad-88506973037f
brooklyn.location.named.openstack.keyPair=brooklyn
brooklyn.location.named.openstack.securityGroups=default
brooklyn.location.named.openstack.loginUser.privateKeyFile=/opt/brooklyn/brooklyn.pem
brooklyn.location.named.openstack.loginUser=fedora
brooklyn.location.named.openstack.hardwareId=RegionOne/24b24f68-535a-4c73-a052-52022240a2e3
brooklyn.location.named.openstack.destroyOnFailure=false
brooklyn.location.named.openstack.networkName=RegionOne/0869c8a0-47ab-4eb1-a6eb-0072172cd880

YAML:
name: xStream install
location: openstack

services:
- type: brooklyn.entity.basic.VanillaSoftwareProcess
  name: SimpleRepo
  provisioning.properties:
    minRam: 512
    minCores: 1
    minDisk: 10
    autoAssignFloatingIp: true
    imageId: RegionOne/15df41d1-d5e1-4b1e-8427-1ffdd2eb011c
    hardwareId: RegionOne/24b24f68-535a-4c73-a052-52022240a2e3
    networkName: 0869c8a0-47ab-4eb1-a6eb-0072172cd880
    keyPair: brooklyn
    securityGroups: default
    privateKeyFile: /opt/brooklyn/brooklyn.pem
    loginUser: root
  launch.command: |
    curl -o ~/subscribe http://repo-server/repo/el/develop/subscribe
    chmod +x ~/subscribe
    sudo ~/subscribe


_________________________________________
Elvinas Piliponis

Studentų  g. 59-B707, LT-51365, Kaunas | Lietuva
Email: elvinas.piliponis@virtustream.com | Mobile: +370 69807947

> -----Original Message-----
> From: Richard Downer [mailto:richard@apache.org]
> Sent: 2014 m. lapkričio 27 d. 19:57
> To: Brooklyn dev
> Subject: Re: Brooklyn fails to start Openstack instances due to
> specific network is not selected
> 
> Elvinas,
> 
> I have been able to reproduce the problem, and the suggestion I made
> earlier in this thread appears to have resolved the problem for me.
> 
> Here is the location details in brooklyn.properties that I used:
> 
> #### OPENSTACK
> brooklyn.location.named.openstack-nova.identity=richard@XXXXXX:rdowner
> brooklyn.location.named.openstack-nova.credential=XXXXXX
> brooklyn.location.named.openstack-nova=jclouds:openstack-
> nova:https://region-b.geo-1.identity.hpcloudsvc.com:35357/v2.0/
> brooklyn.location.named.openstack-nova.displayname=HP Helion US West
> (Region B Geo 1) v13.5
> brooklyn.location.named.openstack-nova.imageId=region-b.geo-1/169d484a-
> dde2-44c8-8f15-daaa1ba69e94
> brooklyn.location.named.openstack-nova.user=ubuntu
> brooklyn.location.named.openstack-nova.networkName=dd79bc6b-284a-4014-
> a3dd-93949ccdd7de
> brooklyn.location.named.openstack-nova.jclouds.openstack-nova.auto-
> generate-keypairs=true
> brooklyn.location.named.openstack-nova.jclouds.openstack-nova.auto-
> create-floating-ips=true
> 
> This test was using HPCloud's public instance of OpenStack. In
> addition to the standard public network, I added a new private
> network, so it should be similar to your configuration. I did start to
> get the same error messages as you, but when I added the "networkName"
> property as you can see above, the blueprint was able to deploy
> successfully. Please could you try again, using the above properties
> file fragment as a base.
> 
> If you're still having problems then we'll need to look at the debug
> logs to see what jclouds is sending over the wire.
> 
> Richard.
> 
> 
> On 27 November 2014 at 13:57, Richard Downer <richard@apache.org>
> wrote:
> > Elvinas,
> >
> > Sorry for the wait, and sorry that you're still having problems. I
> > have managed to reproduce the problem you're seeing, so I'll
> > investigate some possible fixes and get back to you.
> >
> > Regarding your second question - I know that some location properties
> > can be given in the YAML but I'm not sure what. I'll try and find an
> > answer for that too.
> >
> > Richard.
> >
> >
> > On 24 November 2014 at 08:30, Elvinas Piliponis
> > <Elvinas.Piliponis@virtustream.com> wrote:
> >> Hello again,
> >>
> >> Hiding second network (removing shared property) allowed to start
> instance. So it seems network ID is lost somewhere in Brooklyn and does
> not reach openstack.
> >>
> >> For the reference: What can be specified in application YAML file?
> Can I specify things like image, keyfile, login user, hardware ID in
> YAML or should I hardcode those in brooklyn.properties file?
> >>
> >> Thank you
> >>
> >> _________________________________________
> >> Elvinas Piliponis
> >>
> >> Studentų  g. 59-B707, LT-51365, Kaunas | Lietuva
> >> Email: elvinas.piliponis@virtustream.com | Mobile: +370 69807947
> >>
> >>> -----Original Message-----
> >>> From: Elvinas Piliponis
> >>> Sent: 2014 m. lapkričio 24 d. 10:21
> >>> To: dev@brooklyn.incubator.apache.org
> >>> Subject: RE: Brooklyn fails to start Openstack instances due to
> >>> specific network is not selected
> >>>
> >>> Hello,
> >>>
> >>> Thanks for response. Unfortunately it did not help. I have tried:
> >>>
> >>> Specify network in brooklyn.preferences (reloaded and restarted
> >>> service):
> >>> As RegionOne/UUID or simply UUID
> >>>
> >>> In YAML
> >>>     networks:
> >>>       - network: RegionOne/UUID
> >>> Or
> >>>     networks:
> >>>       - network: UUID
> >>>
> >>> BTW error is different for different users:
> >>>
> >>> Admin user is getting:
> >>> ExecutionException on brooklyn-m8nh-simple-vm3-lv6m-vm-wlls-918:
> >>> java.util.concurrent.ExecutionException:
> >>> org.jclouds.http.HttpResponseException: command: POST
> >>> http://10.12.208.5:8774/v2/7053442c99914d4f8a64c6bc51a96d25/servers
> >>> HTTP/1.1 failed with response: HTTP/1.1 400 null; content:
> >>> [{"badRequest": {"message": "Multiple possible networks found, use
> a
> >>> Network ID to be more specific.", "code": 400}}]
> >>>
> >>> Non admin user gets:
> >>> ExecutionException on brooklyn-leml-simple-vm3-m9qy-vm-y7sp-810:
> >>> java.util.concurrent.ExecutionException:
> >>> org.jclouds.rest.AuthorizationException: {"forbidden": {"message":
> "It
> >>> is not allowed to create an interface on external network 83aa077e-
> >>> 0742-4aaa-8774-6ccdc3fd7800", "code": 403}}
> >>>
> >>> If needed I can send full error messages and logs.
> >>>
> >>> I will try to hide public network (although in that case I am
> wondering
> >>> how would I connect to instance).
> >>>
> >>> Thank you
> >>>
> >>> _________________________________________
> >>> Elvinas Piliponis
> >>>
> >>> Studentų  g. 59-B707, LT-51365, Kaunas | Lietuva
> >>> Email: elvinas.piliponis@virtustream.com | Mobile: +370 69807947
> >>>
> >>> > -----Original Message-----
> >>> > From: Richard Downer [mailto:richard@apache.org]
> >>> > Sent: 2014 m. lapkričio 21 d. 14:14
> >>> > To: Brooklyn dev
> >>> > Subject: Re: Brooklyn fails to start Openstack instances due to
> >>> > specific network is not selected
> >>> >
> >>> > Hi Elvinas,
> >>> >
> >>> > Thanks for your question. I've poked around in the source code
> for
> >>> > both Brooklyn and jclouds. The networkName property is being
> passed
> >>> > through to the jclouds "network" template option, and it seems
> that
> >>> jclouds'
> >>> > OpenStack Nova driver is interpreting this value as the network
> "UUID
> >>> > defined by Neutron".
> >>> >
> >>> > So I think that the solution is to change the "networkName"
> property
> >>> > in brooklyn.properties to refer to the network by its UUID rather
> >>> than
> >>> > by its name.
> >>> >
> >>> > I don't think any of my available OpenStack instances have
> multiple
> >>> > networks so I've not yet been able to test this theory, so
> perhaps
> >>> you
> >>> > could give it a try and let me know if it makes a difference?
> >>> >
> >>> > Richard.
> >>> >
> >>> >
> >>> > On 20 November 2014 15:00, Elvinas Piliponis
> >>> > <Elvinas.Piliponis@virtustream.com> wrote:
> >>> > > Hello,
> >>> > >
> >>> > > Not sure if I have made something weird, however I am getting
> >>> errors
> >>> > which are explicitly related to selecting Network ID or errors
> >>> > indicates that.
> >>> > >
> >>> > > I am using the following YAML:
> >>> > >         name: simple-vm3
> >>> > >         location: openstack
> >>> > >         services:
> >>> > >         - type: brooklyn.entity.basic.EmptySoftwareProcess
> >>> > >           name: VM
> >>> > >           provisioning.properties:
> >>> > >             minRam: 512
> >>> > >             minCores: 1
> >>> > >             minDisk: 10
> >>> > >             networks:
> >>> > >               - network: private
> >>> > >
> >>> > > Brooklyn properties:
> >>> > > brooklyn.location.named.openstack=jclouds:openstack-
> >>> > nova:http://IP_ADD
> >>> > > R:5000/v2.0
> brooklyn.location.named.openstack.identity=admin:admin
> >>> > > brooklyn.location.named.openstack.credential=********
> >>> > > brooklyn.location.named.openstack.imageId=RegionOne/d5163d69-
> 4b2c-
> >>> > 4269
> >>> > > -99ad-88506973037f
> brooklyn.location.named.openstack.keyPair=admin
> >>> > > brooklyn.location.named.openstack.securityGroups=default
> >>> > >
> >>> >
> >>>
> brooklyn.location.named.openstack.loginUser.privateKeyFile=/opt/brookl
> >>> > > yn/admin.pem brooklyn.location.named.openstack.loginUser=fedora
> >>> > >
> brooklyn.location.named.openstack.hardwareId=RegionOne/24b24f68-
> >>> 535a
> >>> > > -
> >>> > 4
> >>> > > c73-a052-52022240a2e3
> >>> > > brooklyn.location.named.openstack.networkName=private
> >>> > >
> >>> > >
> >>> > > I have attempted to add network definition to the example YAML
> from
> >>> > Brooklyn web page. It did not help.
> >>> > >
> >>> > > OpenStack is set up to have 2 networks: private and external
> >>> shared,
> >>> > from where Floating IP's are to be assigned. I am able to start
> >>> > instances with admin and non admin user on OpenStack and
> networking
> >>> > seems to be working.
> >>> > >
> >>> > >
> >>> > > When setting Brooklyn to use normal tenant user, application
> fails
> >>> > with:
> >>> > >
> >>> > > Failure running task invoking start[locations] on 1 node
> >>> (aBM5rC8q):
> >>> > > org.jclouds.compute.RunNodesException: error running 1 node
> >>> > > group(brooklyn-wnok-simple-vm3-nkqw-vm-bsuf)
> location(RegionOne)
> >>> > > image(d5163d69-4b2c-4269-99ad-88506973037f)
> >>> > > size(24b24f68-535a-4c73-a052-52022240a2e3)
> >>> > > options({loginUser=fedora, loginPrivateKeyPresent=true,
> >>> > > scriptPresent=true,
> >>> > > userMetadata={Name=brooklyn-wnok-simple-vm3-nkqw-vm-bsuf-UcLq},
> >>> > > autoAssignFloatingIp=false, securityGroupNames=[default],
> >>> > > keyPairName=brooklyn, configDrive=false}) Execution failures:
> 1)
> >>> > > ExecutionException on brooklyn-wnok-simple-vm3-nkqw-vm-bsuf-
> 390:
> >>> > > java.util.concurrent.ExecutionException:
> >>> > > org.jclouds.rest.AuthorizationException: {"forbidden":
> {"message":
> >>> > "It
> >>> > > is not allowed to create an interface on external network
> >>> > > 83aa077e-0742-4aaa-8774-6ccdc3fd7800", "code": 403}}
> >>> > >
> >>> > > According to some knowledge bases this happens when explicit
> >>> network
> >>> > id is not specified in request and shared external network is
> >>> > attempted to be used. Request fails as _Member_ user is not
> allowed
> >>> to
> >>> > modify external net.
> >>> > >
> >>> > >
> >>> > > If I select to use admin user it fails a litle further and more
> >>> > explicitly.
> >>> > >
> >>> > > Failure running task invoking start[locations] on 1 node
> >>> (bGa2UU8o):
> >>> > > org.jclouds.compute.RunNodesException: error running 1 node
> >>> > > group(brooklyn-gdqq-simple-vm2-eo7v-vm-sswy)
> location(RegionOne)
> >>> > > image(d5163d69-4b2c-4269-99ad-88506973037f)
> >>> > > size(24b24f68-535a-4c73-a052-52022240a2e3)
> >>> > > options({loginUser=fedora, loginPrivateKeyPresent=true,
> >>> > > scriptPresent=true,
> >>> > > userMetadata={Name=brooklyn-gdqq-simple-vm2-eo7v-vm-sswy-Q526},
> >>> > > autoAssignFloatingIp=false, securityGroupNames=[default],
> >>> > > keyPairName=admin, configDrive=false}) Execution failures: 1)
> >>> > > ExecutionException on brooklyn-gdqq-simple-vm2-eo7v-vm-sswy-
> 639:
> >>> > > java.util.concurrent.ExecutionException:
> >>> > > org.jclouds.http.HttpResponseException: command: POST
> >>> > >
> http://10.12.208.5:8774/v2/7053442c99914d4f8a64c6bc51a96d25/servers
> >>> > > HTTP/1.1 failed with response: HTTP/1.1 400 null; content:
> >>> > > [{"badRequest": {"message": "Multiple possible networks found,
> use
> >>> a
> >>> > > Network ID to be more specific.", "code": 400}}] at
> >>> > >
> >>> >
> >>>
> com.google.common.util.concurrent.AbstractFuture$Sync.getValue(Abstrac
> >>> > > tFuture.java:299) at
> >>> > >
> >>> > > Any ideas how to specify Network ID? Or am I doing everything
> wrong
> >>> > way?
> >>> > >
> >>> > > Thank you
> >>> > >
> >>> > > _________________________________________
> >>> > > Elvinas Piliponis
> >>> > >
> >>> > > Studentų  g. 59-B707, LT-51365, Kaunas | Lietuva
> >>> > > Email: elvinas.piliponis@virtustream.com | Mobile: +370
> 69807947
> >>> > >
> >>> > > The information contained in this electronic mail transmission
> may
> >>> > > be
> >>> > privileged and confidential, and therefore, protected from
> >>> disclosure.
> >>> > If you have received this communication in error, please notify
> us
> >>> > immediately by replying to this message and deleting the email
> and
> >>> its
> >>> > attachments from all computers without copying or disclosing it.
> >>> The information contained in this electronic mail transmission may
> be
> >>> privileged and confidential, and therefore, protected from
> disclosure.
> >>> If you have received this communication in error, please notify us
> >>> immediately by replying to this message and deleting the email and
> its
> >>> attachments from all computers without copying or disclosing it.
> >> The information contained in this electronic mail transmission may
> be privileged and confidential, and therefore, protected from
> disclosure. If you have received this communication in error, please
> notify us immediately by replying to this message and deleting the
> email and its attachments from all computers without copying or
> disclosing it.
The information contained in this electronic mail transmission may be privileged and confidential,
and therefore, protected from disclosure. If you have received this communication in error,
please notify us immediately by replying to this message and deleting the email and its attachments
from all computers without copying or disclosing it.
Mime
View raw message