[Rdo-list] Bug for multinode deploy with packstack
Shake Chen
shake.chen at gmail.com
Thu Mar 6 06:21:01 UTC 2014
Hi Lars
Thanks for confirm the bug.
the other module have same bug, like cinder.heat, glance
172.18.1.12 controller
172.18.1.13 network
172.18.1.14 compute
172.18.1.15 compute
172.18.1.16 cinder storage
172.18.1.17 heat
172.18.1.18 glance
The system "network" runs neutron-server and neutron-*-agent; the
system "controller" runs everything other than nova-compute glance and
cinder, including
Horizon.
I use the newest packstack for test
# rpm -qa | grep packstack
openstack-packstack-2013.2.1-0.32.dev987.el6.noarch
After packstack finishes, the iptables rules on "cinder" look like
this:
# iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -s 172.18.1.14/32 -p tcp -m multiport --dports 3260,8776 -m
comment --comment "001 cinder incoming 172.18.1.14" -j ACCEPT
-A INPUT -s 172.18.1.15/32 -p tcp -m multiport --dports 3260,8776 -m
comment --comment "001 cinder incoming 172.18.1.15" -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
the iptables also have no rule let horizon access the cinder.
the iptables rules on "heat" look like
this:
# iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
no any iptables rules. so in horizon ,can not access heat.
the iptables rules on "glance" look like
this:
# iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -s 172.18.1.14/32 -p tcp -m multiport --dports 9292 -m comment
--comment "001 glance incoming 172.18.1.14" -j ACCEPT
-A INPUT -s 172.18.1.15/32 -p tcp -m multiport --dports 9292 -m comment
--comment "001 glance incoming 172.18.1.15" -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
also have same problem.the iptables also have no rule let horizon access
the glance..
On Thu, Mar 6, 2014 at 6:57 AM, Lars Kellogg-Stedman <lars at redhat.com>wrote:
> On Wed, Mar 05, 2014 at 01:57:24PM +0800, Shake Chen wrote:
> > I watch your mutil node video careful , use packstack run again and find
> > the problem. I think is bug for RDO
>
> I've submitted a fix for this upstream:
>
> https://bugs.launchpad.net/packstack/+bug/1288447
>
> This should eventually make it into RDO. The Red Hat bug on this
> issue is here:
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1073100
>
> --
> Lars Kellogg-Stedman <lars at redhat.com> | larsks @ irc
> Cloud Engineering / OpenStack | " " @ twitter
>
>
--
Shake Chen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rdoproject.org/pipermail/dev/attachments/20140306/7bbb6a1c/attachment.html>
More information about the dev
mailing list