User talk:Udaykaja

Openstack Issue & Possible soultions

If volume struck in a state

Try below cinder reset command if not continue below cinder reset-state --state available  In cinder execute the below stepscinder db mysql cinder SELECT id,status,attach_status from volumes; SELECT id,status,attach_status,attach_status from volumes; UPDATE volumes SET status="available", attach_status="detached" WHERE id="";

Unable to retrieve volume limit Information "Danger: There was an error submitting the form. Please try agian"

Make changes of /etc/cinder/cinder.conf encryption_auth_url = http://IP_TO_KEYSTONE:5000/v3 auth_url = http://IP_TO_KEYSTONE:5000 restart cinder services and you should be good to go, hopefully that helps

[keystone_authtoken] auth_uri = http:// :5000 auth_url = http:// :35357 auth_plugin = password project_domain_id = default user_domain_id = default project_name = services username = cinder password = 28a9b0bd83054888 

CLI command to create an Image

login to the controller glance image-create --name  --is-public true --disk-format --container-format bare --file glance image-create --name "Centos 7" --is-public true --disk-format iso --container-format bare --file CentOS-7-x86_64.iso

Error 113 EHOUSTUNREACH IP rules are not allowing, try to add an Ip rule For more inforamtion refer: https://access.redhat.com/solutions/2148701

Critical keystone error:address already in use Port 35357/5000 is used by another application

Restart Services Restart Compute services: # service openstack-nova-api restart # service openstack-nova-cert restart # service openstack-nova-consoleauth restart # service openstack-nova-scheduler restart # service openstack-nova-conductor restart # service openstack-nova-novncproxy restart

Restart Networking services. # service neutron-server restart # service neutron-dhcp-agent restart # service neutron-l3-agent restart # service neutron-metadata-agent restart

Networking plug-in agent. # service neutron-openvswitch-agent restart

Cinder Services restart # service openstack-cinder-api restart # service openstack-cinder-backup restart # service openstack-cinder-scheduler restart # service openstack-cinder-volume restart

On ubuntu run # service --status-all | grep nova # service --status-all | grep neutron

Multiple node Openstack liberty installation on centos 7 Link : http://www.linuxtechi.com/multiple-node-openstack-liberty-installation-on-centos-7-x/

Devstack All-in-one installation Link : http://docs.openstack.org/developer/devstack/guides/single-machine.html

To know the configuration of ther Server Command : sudo dmidecode Sample Output: Handle 0x0000, DMI type 0, 24 bytes BIOS Information Vendor: Version: Release Date: Address: Runtime Size: ROM Size: Characteristics: PCI is supported PNP is supported BIOS is upgradeable BIOS shadowing is allowed ESCD support is available Boot from CD is supported Selectable boot is supported EDD is supported

Configure Static IP in Ubuntu Server Steps to be followed Tempory erased if restarted sudo ifconfig eth1  netmask and vi /etc/network/interfaces iface eth0 inet static address  netmask gateway service networking restart reboot

Convert qcow2 to raw --qcow to iso Link: http://docs.openstack.org/image-guide/convert-images.html Link: https://sourceforge.net/projects/iso-m2f1/

Unable to launch Instance: Useful Tips use different images cirros(iso, qcow) Add security group rules space df -h openstack-status openstack console url show instancename nova --os-tenant-name " " --os-username ukumar --os-user-id ukumar --os-password **** --os-auth-url list glanace --os-tenant-name admin --os-username admin --os-user-id admin --os-password Keystone2018 --os-auth-url image-list nova --os-tenant-name admin --os-username admin --os-user-id admin --os-password Keystone2018 --os-auth-url list (for playbooks) service rabbitmq-server status ;   rabbitmqctl cluster_status restart services-- openstack-service restart nova instance qutos vi /var/log/nova/nova.log | grep error

check tap device of VM: virsh list virsh dumpxml 2 | grep dev tcpudmp -ni

nova reset-state --active instanceid nova service-list nova-manage service list nova hypervisor-list nova quota-defaults nova floating-ip-list nova flavor-list nova show vm1 nova get-vnc-console instanceName VNCType=try novnc to get url of VM: nova boot --image  --flavor m1.large --nic net-id= vm1 nova boot --image  --flavor m1.large --nic net-id= :host1 vm1 ---can choose on which host should a VM be launched.

neutron agent-list neutron port-list neutron port-show neutron router-list neutron net-show --fields provider:segmentation_id neutron --debug port-chain-delete     PC1 cat /var/lib/neutron/dhcp/ /host  ---shows mac address of VM, (lease file). ovs-vsctl del-br br-tun service neutron-plugin-openvswitch-agent stop ovs-vsctl show tcpdump -i

sudo ip netns list --show qrouter,qdhcps ip netns exec  ifconfig ip netns exec  ping -c 192.168.2.10 ip netns exec  ssh cirros@10.10.10.13 ip netns exec  sudo ovs-ofctl dump-flows br-int  ---of-open flow---dump all the flows installed on the machine sudo ovs-ofctl show br-int sudo ovs-ofctl monitor br-int

log files in openstack -- /var/log/nova/, /var/log/keystone, /var/log/apache2 /var/log/  | less ___shift g --to go to end of log file cat /var/log/messages |grep -i network cat /var/log/neutron/neutron-dhcp |grep error|tail -n 30 less /etc/sysconfig/network-scripts/ifcfg- ps -eaf | grep dnsmasq

Service function chaining

- neutron port-create --name np1 n1 - neutron port-create --name np2 n1 - neutron port-create --name np3 n1 - neutron port-create --name np4 n1 - nova boot --image  --flavor m1.tiny --nic port-id= --nic port-id= vm1 - nova boot --image <id> --flavor m1.tiny --nic port-id=<id> --nic port-id=<id> vm2 - neutron port-pair-create --ingress=np1 --egress=np2 pp1 - neutron port-pair-create --ingress=np3 --egress=np4 pp2 - neutron port-pair-list - neutron port-pair-group-create --port-pair pp1 --port-pair pp2 pg1 - neutron port-pair-group-list - neutron flow-classifier-create --ethertype IPv4 --source-ip-prefix <ip> --logical-source-port np1 --logical-destination-port np4 --destination-ip-prefix -- protocol tcp --source-port 23:23 --destination-port 100:100 fc1 - neutron port-chain-create --port-pair-group pg1 --flow-classifier fc1 pc1 - neutron port-chain-list

Link: http://docs.openstack.org/developer/networking-sfc/api.html Link: http://docs.openstack.org/developer/networking-sfc/system_design%20and_workflow.html Link: https://wiki.openstack.org/wiki/Neutron/ServiceInsertionAndChaining ---installation

NEXT TASKS

OPENSTACK KOLLA OPENSTACK ANSIBLE _ ALL IN ONE --If you are not ROOT, u cant see any lxc x --bootstrap coomands nuch anni commands ROOT tho excuite cheyali --cd /opt/anisble/ lo undali --it takes more time, wait until you get an error. If you dont get error, you are fine.

/opt/openstack-ansible sudo -s
 * 1) apt-get dist-upgrade
 * 2) reboot
 * 3) git clone https://github.com/openstack/openstack-ansible \
 * 1) cd /opt/anisble
 * 2) git tag -l
 * 3) git checkout stable/mitaka
 * 4) git describe --abbrev=0 --tag
 * 1) scripts/bootstrap-ansible.sh
 * 2) scripts/bootstrap-aio.sh
 * 3) scripts/run-playbooks.sh

http://docs.openstack.org/developer/openstack-ansible/developer-docs/quickstart-aio.html

CONFIGURE OPENSTACK USING CLI

Create private network. # neutron net-create private # neutron subnet-create private --name private_subnet --allocation-pool start=<ip>,end=<ip>

Create public network : these steps assume the physical network connected to eth0 is <ip>. # neutron net-create public --router:external # neutron subnet-create public <ip> --name public_subnet --allocation-pool start=<ip>,end=<ip> --disable-dhcp --gateway 192.168.122.1

Add a new router and configure router interfaces. # neutron router-create router1 --ha False # neutron router-gateway-set router1 public # neutron router-interface-add router1 private_subnet

Upload a glance image # yum install -y wget # wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img # glance image-create --name "Cirros 0.3.4" --disk-format qcow2 --container-format bare --visibility public --file /root/cirros-0.3.4-x86_64-disk.img

Create a new m1.nano flavor # nova flavor-create m1.nano 42 64 0 1

Create security group and allow all TCP ports. # nova secgroup-create all "Allow all tcp ports" # nova secgroup-add-rule all TCP 1 65535 0.0.0.0/0

Create security group for base access # nova secgroup-create base "Allow Base Access" # nova secgroup-add-rule base TCP 22 22 0.0.0.0/0 # nova secgroup-add-rule base TCP 80 80 0.0.0.0/0 # nova secgroup-add-rule base ICMP -1 -1 0.0.0.0/0

Create a private ssh key for connecting to instances remotely. # nova keypair-add admin

Create admin.pem file and add private key from output of keypair-add command. # vi /root/admin.pem # chmod 400 /root/admin.pem

List the network IDs. # neutron net-list

Start an instance # nova boot --flavor m1.nano --image "Cirros 0.3.4" --nic net-id=92d82f53-<id> --key-name admin --security-groups all mycirros

Create a floating IP and assign it to the mycirros instance. # nova floating-ip-create # nova floating-ip-associate mycirros <FLOATING IP>

Connect to mycirros instance using the private ssh key stored in the admin.pem file. Note: The first floating IP in the range <ip> # ssh -i admin.pem cirros@<ip>

YUM update issue Set your proxy in environment variables export http_proxy=<Proxy_address> http://xxxxx.com:80 To permanently add it to the linux do the below $ vi /root/.bashrc #add lines at the bottom of the file: export http_proxy= To unset proxy : unset http_proxy/unset https_proxy

Interface addtion to existing Instance
 * 1) neutron port-create <Neutron network name>
 * 2) neutron port-list - get the above created port id from the list
 * 3) nova interface-attach --port-id $PID <Nova instance name>

Associate Floating ip to a specfic nic

-nova floating-ip-associate <VMid> <floating ip for VM> to assign floating ip #nova floating-ip-associate --fixed-address <ip> <id> <ip>  --assign F.IP to 2nd NIC

How to set a TACACS+ or RADIUS servers http://infotechnotebook.blogspot.com/2015/06/install-and-configure-tacacsfreeradius.html

Horizon Dashboard 403 Forbidden Solution: unset http_proxy & unset https_proxy

Network troubleshooting in openstack http://docs.openstack.org/ops-guide/ops-network-troubleshooting.html ## imp ## systemctl restart neutron-openvswitch-agent.service neutron-l3-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service

Open vSwitch CLI Before goind any deeper with command line interface, you have to know that OVS does manage two kinds of flow: OpenFlows - User Space based Datapath - kernel based, a kind of cached version of the OpenFlow ones. So different commands will be used to interact with each of them: ovs-ofctl - speak to OpenFlow module ovs-dpctl - speak to Kernel module

ovs-vsctl provides a high level interface for Open vSwitch Database. It allow you to query and configure ovs−vswitchd and is more convenient than ovsdb-* tools that are lower             level commands. ovs-vsctl –V version of openvswitch ovs-vsctl show print a brief overview of database configuration ovs-vsctl list-br list of configured bridges ovs-vsctl list-ports list of ports on a specific bridge ovs-vsctl get-manager list of NVP Controllers (TCP 6632) ovs-vsctl get-controller list of NVP Controllers (TCP 6633) ovs-vsctl list manager list of NVP Controllers (TCP 6632) ovs-vsctl list controller list of NVP Controllers (TCP 6633) ovs-vsctl list interface list of interfaces

ovs-ofctl will allow you to monitor and administer OpenFlow switches. ovs-ofctl dump-flows Examine OpenFlow tables ovs-ofctl show port number to port name mapping ovs-ofctl dump-ports port statistics by port number

You can use watch like this watch "ovs-ofctl dump-flows br-tun" Note: read the man page of ovs-ofctl to better understand how to decode flow tables

ovs-appctl offer a way to send commands to a running Open vSwitch. ovs-appctl bridge/dumpflows examine flow tables, offers direct connectivity for VMs on the same hosts ovs-appctl fdb/show list mac/vlan pairs learned ovs-dpctl can show, create, modify, and delete Open vSwitch datapaths. ovs-dpctl dump-flows dump Datapath (kernel cached) flows

CLoud 2 Cloud migration of tenants, user, rules http://stackoverflow.com/questions/34470735/sharing-resources-between-two-independent-openstack-cloud-setups

Proxy issue proxy=http://x.x.x.x:xxxx" in /etc/yum.conf

Openstack Newton Image upload option in dashboard REST_API_REQUIRED_SETTINGS from the local_settings.py.example file: REST_API_REQUIRED_SETTINGS = ['OPENSTACK_HYPERVISOR_FEATURES', 'LAUNCH_INSTANCE_DEFAULTS', 'OPENSTACK_IMAGE_FORMATS'] https://ask.openstack.org/en/question/97794/the-current-horizon-settings-indicate-no-valid-image-creation-methods-are-available-providing-an-image-location-andor-uploading-from-the-local-file/

How to change horizon dashboard logo and login screen logo Go to /usr/share/openstack-dashboard/static/dashboard/img and replace the "logo-splash.png" & "logo.png" with your desired png files. Make sure you crop the images accordingly and rename your image names to above png files respectively.

REMOTE DESKTOP CONNECTION ON CENTOS 7 VNC xrdp installation on Centos 7 working --> http://www.itzgeek.com/how-tos/linux/centos-how-tos/install-xrdp-on-centos-7-rhel-7.html

openstack-status & keystone command not found openstack-status: yum install openstack-utils https://ask.openstack.org/en/question/98125/openstack-status-command-not-found/ If configured glance in swift In glance-api.conf default_store=swift stores=swift

SR-IOV configuration in Liberty https://wiki.openstack.org/wiki/SR-IOV-Passthrough-For-Networking-Liberty

Packstack MITAKA Installation on Centos 7 1 Fresh Install of OS, then run below commands after configuring the IP address make sure it reaches outside world 2 $systemctl stop NetworkManager.service 3 $systemctl disable NetworkManager.service 4 $systemctl restart network 5 $systemctl stop firewalld 6 $systemctl disable firewalld 7 $yum install centos-release-openstack-mitaka 8 $vi /etc/yum.conf 9 $yum install centos-release-openstack-mitaka 10 $yum update -y 11 $yum install openstack-packstack 12 $packstack --allinone 13 Bridging add br-ex port to eno1 Setup the Bridge interface Step1 : Copy the existing Ethernet adaptor configuration file # cp /etc/sysconfig/network-scripts/ifcfg-eno1 /root # cp /etc/sysconfig/network-scripts/ifcfg-eno1 /etc/sysconfig/network-scripts/ifcfg-br-ex Step2: Edit the eno1 adapter configuration file and remove and modify the file as looks below DEVICE=eno1 ONBOOT=yes TYPE=OVSPort DEVICETYPE=ovs OVS_BRIDGE=br-ex HWADDR="<MAC address>" # vi /etc/sysconfig/network-scripts/ifcfg-eno1 Do the changes as above and save the file Step3: Edit the br-ex adapter file and makes changes as below Assign your system ip address # vi /etc/sysconfig/network-scripts/ifcfg-br-ex DEVICE=br-ex BOOTPROTO=static ONBOOT=yes TYPE=OVSBridge DEVICETYPE=ovs USERCTL=yes PEERDNS=yes IPV6INIT=no IPADDR= NETMASK= GATEWAY= DNS1= Step4: Enable the bridge # ovs-vsctl add-port br-ex eth0 ; systemctl restart network.service