Openstack Octavia Error: WARNING octavia.amphorae.drivers.haproxy.rest_api_driver [-] Could not connect to instance
Openstack Octavia Error: WARNING octavia.amphorae.drivers.haproxy.rest_api_driver [-] Could not connect to instance
我是研究和实施 Openstack Victoria 的最后一名学生。当我配置项目:Octavia - 多节点负载平衡器 - CentOS8 时,我遇到了问题。似乎 octavia.amphorae.drivers.haproxy.rest_api_driver 无法连接到 Amphora 实例并且端口 9443 在我的网络节点 aka Octavia-API 上没有 运行。在控制器节点中,双耳瓶实例仍然正常 运行ning。我按照 https://www.server-world.info/en/note?os=CentOS_8&p=openstack_victoria4&f=11 配置我的实验室。这是我下面的 cfg 文件,请帮我弄清楚。问候!
我在类型 vxlan 和 lb-secgroup 中创建了 lb_net,当我使用命令创建 lb 时,它仍然处于等待创建状态:
[root@controller ~(keystone)]# openstack loadbalancer --name lb01 --vip-subnet-id subnet1
[root@controller ~(keystone)]# openstack loadbalancer list
+--------------------------------------+------+----------------------------------+---------------+---------------------+------------------+----------+
| id | name | project_id | vip_address | provisioning_status | operating_status | provider |
+--------------------------------------+------+----------------------------------+---------------+---------------------+------------------+----------+
| 96c355b4-cc6e-4e7f-b393-8139602ae0e6 | lb01 | 16b44a414c0e4884a819f0de4e86fa28 | 172.16.10.98 | ERROR | OFFLINE | amphora |
| 10eaed08-9512-4362-b60e-f07351136909 | lb02 | 16b44a414c0e4884a819f0de4e86fa28 | 172.16.10.96 | ERROR | OFFLINE | amphora |
| 3543f208-2b6b-4c41-99d6-13d7056d9966 | lb03 | 16b44a414c0e4884a819f0de4e86fa28 | 172.16.10.32 | ERROR | OFFLINE | amphora |
| e6349a0c-c146-4d1e-abd9-39320ef482f0 | lb04 | 16b44a414c0e4884a819f0de4e86fa28 | 172.16.10.82 | ERROR | OFFLINE | amphora |
| 5f116527-d089-41ce-9491-b8f0fca32f79 | lb05 | 16b44a414c0e4884a819f0de4e86fa28 | 172.16.10.195 | PENDING_CREATE | OFFLINE | amphora |
+--------------------------------------+------+----------------------------------+---------------+---------------------+------------------+----------+
双耳瓶运行宁
[root@controller ~]# openstack server list --all
+--------------------------------------+----------------------------------------------+---------+--------------------------------------+---------+----------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+----------------------------------------------+---------+--------------------------------------+---------+----------+
| 83e113e6-061e-4e41-8ef0-d6c42f80a35c | amphora-611f3678-fb15-428a-88ac-8d34ab6f61e1 | ACTIVE | lb-mgmt-net=172.16.1.208 | Amphora | amphora |
| 7770c395-a24c-49ee-aed1-b483fa0dea08 | CentOS_8 | SHUTOFF | int_net=172.16.10.139, 192.168.1.236 | CentOS8 | m1.small |
+--------------------------------------+----------------------------------------------+---------+--------------------------------------+---------+----------+
我的 octavia-worker 日志:
2021-05-07 01:34:52.401 41977 INFO octavia.controller.queue.v1.consumer [-] Starting consumer...
2021-05-07 01:34:52.416 41980 INFO octavia.controller.queue.v2.consumer [-] Starting V2 consumer...
2021-05-07 01:35:05.409 41977 INFO octavia.controller.queue.v1.endpoints [-] Creating load balancer '5f116527-d089-41ce-9491-b8f0fca32f79'...
2021-05-07 01:35:06.662 41977 INFO octavia.network.drivers.neutron.allowed_address_pairs [-] Port 7a0025b4-5ce6-4664-a451-caef1aac1ce3 already exists. Nothing to be done.
2021-05-07 01:35:07.416 41977 INFO octavia.controller.worker.v1.tasks.database_tasks [-] Created Amphora in DB with id 611f3678-fb15-428a-88ac-8d34ab6f61e1
2021-05-07 01:35:07.580 41977 INFO octavia.certificates.generator.local [-] Signing a certificate request using OpenSSL locally.
2021-05-07 01:35:07.581 41977 INFO octavia.certificates.generator.local [-] Using CA Certificate from config.
2021-05-07 01:35:07.581 41977 INFO octavia.certificates.generator.local [-] Using CA Private Key from config.
2021-05-07 01:35:07.581 41977 INFO octavia.certificates.generator.local [-] Using CA Private Key Passphrase from config.
2021-05-07 01:35:55.495 41977 WARNING octavia.amphorae.drivers.haproxy.rest_api_driver [-] Could not connect to instance. Retrying.: requests.exceptions.ConnectTimeout: HTTPSConnectionPool(host='172.16.1.208', port=9443): Max retries exceeded with url: // (Caused by ConnectTimeoutError(<urllib3.connection.VerifiedHTTPSConnection object at 0x7f1e74584f28>, 'Connection to 172.16.1.208 timed out. (connect timeout=10.0)'))
2021-05-07 01:36:10.516 41977 WARNING octavia.amphorae.drivers.haproxy.rest_api_driver [-] Could not connect to instance. Retrying.: requests.exceptions.ConnectTimeout: HTTPSConnectionPool(host='172.16.1.208', port=9443): Max retries exceeded with url: // (Caused by ConnectTimeoutError(<urllib3.connection.VerifiedHTTPSConnection object at 0x7f1e74584ef0>, 'Connection to 172.16.1.208 timed out. (connect timeout=10.0)'))
2021-05-07 01:36:25.531 41977 WARNING octavia.amphorae.drivers.haproxy.rest_api_driver [-] Could not connect to instance. Retrying.: requests.exceptions.ConnectTimeout: HTTPSConnectionPool(host='172.16.1.208', port=9443): Max retries exceeded with url: // (Caused by ConnectTimeoutError(<urllib3.connection.VerifiedHTTPSConnection object at 0x7f1e745913c8>, 'Connection to 172.16.1.208 timed out. (connect timeout=10.0)'))
2021-05-07 01:36:40.539 41977 WARNING octavia.amphorae.drivers.haproxy.rest_api_driver [-] Could not connect to instance. Retrying.: requests.exceptions.ConnectTimeout: HTTPSConnectionPool(host='172.16.1.208', port=9443): Max retries exceeded with url: // (Caused by ConnectTimeoutError(<urllib3.connection.VerifiedHTTPSConnection object at 0x7f1e74591358>, 'Connection to 172.16.1.208 timed out. (connect timeout=10.0)'))
2021-05-07 01:36:55.555 41977 WARNING octavia.amphorae.drivers.haproxy.rest_api_driver [-] Could not connect to instance. Retrying.: requests.exceptions.ConnectTimeout: HTTPSConnectionPool(host='172.16.1.208', port=9443): Max retries exceeded with url: // (Caused by ConnectTimeoutError(<urllib3.connection.VerifiedHTTPSConnection object at 0x7f1e745916a0>, 'Connection to 172.16.1.208 timed out. (connect timeout=10.0)'))
我检查了9443端口,没有运行
[root@controller ~]# netstat -ntlp | grep ":11211"
tcp 0 0 0.0.0.0:11211 0.0.0.0:* LISTEN 1048/memcached
tcp6 0 0 :::11211 :::* LISTEN 1048/memcached
[root@controller ~]# netstat -ntlp | grep ":9696"
tcp 0 0 0.0.0.0:9696 0.0.0.0:* LISTEN 1066/server.log
[root@controller ~]# netstat -ntlp | grep ":9443"
[root@controller ~]#
vim/etc/octavia/octavia.conf
[DEFAULT]
transport_url = rabbit://openstack:password@10.200.0.4
[api_settings]
bind_host = 10.200.0.41
bind_port = 9876
auth_strategy = keystone
api_base_uri = http://10.200.0.41:9876
[database]
connection = mysql+pymysql://octavia:password@10.200.0.4/octavia
[health_manager]
bind_ip = 0.0.0.0
bind_port = 5555
[keystone_authtoken]
www_authenticate_uri = http://10.200.0.4:5000
auth_url = http://10.200.0.4:5000
memcached_servers = 10.200.0.4:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = octavia
password = servicepassword
[certificates]
ca_private_key = /etc/octavia/certs/private/server_ca.key.pem
ca_certificate = /etc/octavia/certs/server_ca.cert.pem
server_certs_key_passphrase = insecure-key-do-not-use-this-key
ca_private_key_passphrase = not-secure-passphrase
[haproxy_amphora]
bind_host = 10.200.0.41
bind_port = 9443
server_ca = /etc/octavia/certs/server_ca-chain.cert.pem
client_cert = /etc/octavia/certs/private/client.cert-and-key.pem
[controller_worker]
client_ca = /etc/octavia/certs/client_ca.cert.pem
amp_image_tag = Amphora
# specify [flavor] ID for Amphora instance
amp_flavor_id = 100
# specify security group ID Amphora instance
amp_secgroup_list = b02c2f59-9fff-4428-accc-2bd9a7a337e5
# specify network ID to boot Amphora instance
amp_boot_network_list = e05c8fe4-9a6d-4192-b9b5-7d7a2ba11df8
network_driver = allowed_address_pairs_driver
compute_driver = compute_nova_driver
amphora_driver = amphora_haproxy_rest_driver
[oslo_messaging]
topic = octavia_prov
[service_auth]
auth_url = http://10.200.0.4:5000
memcached_servers = 10.200.0.4:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = octavia
password = servicepassword
我在 amphora-instance 上以 root 用户登录并检查端口 9443,它 运行 正常。
root@amphora-f36ed983-6d14-46a6-b686-8942379f2580:netstat -lntp | grep ":9443"
tcp 0 0 controller-ip:9443 0.0.0.0:* LISTEN 697/gunicorn: maste
然后尝试 netstat -plane | grep :"9443" 在控制器节点上(我不知道命令是什么意思,我在其他组上看到了)
[root@controller ~(keystone)]# netstat -plane | grep ":9443"
tcp 0 1 192.168.1.3:54416 172.16.1.100:9443 SYN_SENT 966 108134 2773/octavia-worker
在我的 octavia.cfg 中,我没有使用 health_manager 服务,所以我设置 bind_host = 0.0.0.0 。另一方面,我忽略了在 octavia-configure-docs 处创建 OCTAVIA_MGMT_PORT_IP(步骤 7-8)。我做错了吗?
好的,我的问题解决了。 Octavia-api 节点无法连接到 amphorae-instance,因为它们不匹配相同的网络类型(节点 - LAN 和 amphorae - VXLAN)。所以,我在一个节点上创建了一个网桥接口来转换vxlan for lan can connect (You can read here at step 7: create a network).
此致!
我是研究和实施 Openstack Victoria 的最后一名学生。当我配置项目:Octavia - 多节点负载平衡器 - CentOS8 时,我遇到了问题。似乎 octavia.amphorae.drivers.haproxy.rest_api_driver 无法连接到 Amphora 实例并且端口 9443 在我的网络节点 aka Octavia-API 上没有 运行。在控制器节点中,双耳瓶实例仍然正常 运行ning。我按照 https://www.server-world.info/en/note?os=CentOS_8&p=openstack_victoria4&f=11 配置我的实验室。这是我下面的 cfg 文件,请帮我弄清楚。问候!
我在类型 vxlan 和 lb-secgroup 中创建了 lb_net,当我使用命令创建 lb 时,它仍然处于等待创建状态:
[root@controller ~(keystone)]# openstack loadbalancer --name lb01 --vip-subnet-id subnet1
[root@controller ~(keystone)]# openstack loadbalancer list
+--------------------------------------+------+----------------------------------+---------------+---------------------+------------------+----------+
| id | name | project_id | vip_address | provisioning_status | operating_status | provider |
+--------------------------------------+------+----------------------------------+---------------+---------------------+------------------+----------+
| 96c355b4-cc6e-4e7f-b393-8139602ae0e6 | lb01 | 16b44a414c0e4884a819f0de4e86fa28 | 172.16.10.98 | ERROR | OFFLINE | amphora |
| 10eaed08-9512-4362-b60e-f07351136909 | lb02 | 16b44a414c0e4884a819f0de4e86fa28 | 172.16.10.96 | ERROR | OFFLINE | amphora |
| 3543f208-2b6b-4c41-99d6-13d7056d9966 | lb03 | 16b44a414c0e4884a819f0de4e86fa28 | 172.16.10.32 | ERROR | OFFLINE | amphora |
| e6349a0c-c146-4d1e-abd9-39320ef482f0 | lb04 | 16b44a414c0e4884a819f0de4e86fa28 | 172.16.10.82 | ERROR | OFFLINE | amphora |
| 5f116527-d089-41ce-9491-b8f0fca32f79 | lb05 | 16b44a414c0e4884a819f0de4e86fa28 | 172.16.10.195 | PENDING_CREATE | OFFLINE | amphora |
+--------------------------------------+------+----------------------------------+---------------+---------------------+------------------+----------+
双耳瓶运行宁
[root@controller ~]# openstack server list --all
+--------------------------------------+----------------------------------------------+---------+--------------------------------------+---------+----------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+----------------------------------------------+---------+--------------------------------------+---------+----------+
| 83e113e6-061e-4e41-8ef0-d6c42f80a35c | amphora-611f3678-fb15-428a-88ac-8d34ab6f61e1 | ACTIVE | lb-mgmt-net=172.16.1.208 | Amphora | amphora |
| 7770c395-a24c-49ee-aed1-b483fa0dea08 | CentOS_8 | SHUTOFF | int_net=172.16.10.139, 192.168.1.236 | CentOS8 | m1.small |
+--------------------------------------+----------------------------------------------+---------+--------------------------------------+---------+----------+
我的 octavia-worker 日志:
2021-05-07 01:34:52.401 41977 INFO octavia.controller.queue.v1.consumer [-] Starting consumer...
2021-05-07 01:34:52.416 41980 INFO octavia.controller.queue.v2.consumer [-] Starting V2 consumer...
2021-05-07 01:35:05.409 41977 INFO octavia.controller.queue.v1.endpoints [-] Creating load balancer '5f116527-d089-41ce-9491-b8f0fca32f79'...
2021-05-07 01:35:06.662 41977 INFO octavia.network.drivers.neutron.allowed_address_pairs [-] Port 7a0025b4-5ce6-4664-a451-caef1aac1ce3 already exists. Nothing to be done.
2021-05-07 01:35:07.416 41977 INFO octavia.controller.worker.v1.tasks.database_tasks [-] Created Amphora in DB with id 611f3678-fb15-428a-88ac-8d34ab6f61e1
2021-05-07 01:35:07.580 41977 INFO octavia.certificates.generator.local [-] Signing a certificate request using OpenSSL locally.
2021-05-07 01:35:07.581 41977 INFO octavia.certificates.generator.local [-] Using CA Certificate from config.
2021-05-07 01:35:07.581 41977 INFO octavia.certificates.generator.local [-] Using CA Private Key from config.
2021-05-07 01:35:07.581 41977 INFO octavia.certificates.generator.local [-] Using CA Private Key Passphrase from config.
2021-05-07 01:35:55.495 41977 WARNING octavia.amphorae.drivers.haproxy.rest_api_driver [-] Could not connect to instance. Retrying.: requests.exceptions.ConnectTimeout: HTTPSConnectionPool(host='172.16.1.208', port=9443): Max retries exceeded with url: // (Caused by ConnectTimeoutError(<urllib3.connection.VerifiedHTTPSConnection object at 0x7f1e74584f28>, 'Connection to 172.16.1.208 timed out. (connect timeout=10.0)'))
2021-05-07 01:36:10.516 41977 WARNING octavia.amphorae.drivers.haproxy.rest_api_driver [-] Could not connect to instance. Retrying.: requests.exceptions.ConnectTimeout: HTTPSConnectionPool(host='172.16.1.208', port=9443): Max retries exceeded with url: // (Caused by ConnectTimeoutError(<urllib3.connection.VerifiedHTTPSConnection object at 0x7f1e74584ef0>, 'Connection to 172.16.1.208 timed out. (connect timeout=10.0)'))
2021-05-07 01:36:25.531 41977 WARNING octavia.amphorae.drivers.haproxy.rest_api_driver [-] Could not connect to instance. Retrying.: requests.exceptions.ConnectTimeout: HTTPSConnectionPool(host='172.16.1.208', port=9443): Max retries exceeded with url: // (Caused by ConnectTimeoutError(<urllib3.connection.VerifiedHTTPSConnection object at 0x7f1e745913c8>, 'Connection to 172.16.1.208 timed out. (connect timeout=10.0)'))
2021-05-07 01:36:40.539 41977 WARNING octavia.amphorae.drivers.haproxy.rest_api_driver [-] Could not connect to instance. Retrying.: requests.exceptions.ConnectTimeout: HTTPSConnectionPool(host='172.16.1.208', port=9443): Max retries exceeded with url: // (Caused by ConnectTimeoutError(<urllib3.connection.VerifiedHTTPSConnection object at 0x7f1e74591358>, 'Connection to 172.16.1.208 timed out. (connect timeout=10.0)'))
2021-05-07 01:36:55.555 41977 WARNING octavia.amphorae.drivers.haproxy.rest_api_driver [-] Could not connect to instance. Retrying.: requests.exceptions.ConnectTimeout: HTTPSConnectionPool(host='172.16.1.208', port=9443): Max retries exceeded with url: // (Caused by ConnectTimeoutError(<urllib3.connection.VerifiedHTTPSConnection object at 0x7f1e745916a0>, 'Connection to 172.16.1.208 timed out. (connect timeout=10.0)'))
我检查了9443端口,没有运行
[root@controller ~]# netstat -ntlp | grep ":11211"
tcp 0 0 0.0.0.0:11211 0.0.0.0:* LISTEN 1048/memcached
tcp6 0 0 :::11211 :::* LISTEN 1048/memcached
[root@controller ~]# netstat -ntlp | grep ":9696"
tcp 0 0 0.0.0.0:9696 0.0.0.0:* LISTEN 1066/server.log
[root@controller ~]# netstat -ntlp | grep ":9443"
[root@controller ~]#
vim/etc/octavia/octavia.conf
[DEFAULT]
transport_url = rabbit://openstack:password@10.200.0.4
[api_settings]
bind_host = 10.200.0.41
bind_port = 9876
auth_strategy = keystone
api_base_uri = http://10.200.0.41:9876
[database]
connection = mysql+pymysql://octavia:password@10.200.0.4/octavia
[health_manager]
bind_ip = 0.0.0.0
bind_port = 5555
[keystone_authtoken]
www_authenticate_uri = http://10.200.0.4:5000
auth_url = http://10.200.0.4:5000
memcached_servers = 10.200.0.4:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = octavia
password = servicepassword
[certificates]
ca_private_key = /etc/octavia/certs/private/server_ca.key.pem
ca_certificate = /etc/octavia/certs/server_ca.cert.pem
server_certs_key_passphrase = insecure-key-do-not-use-this-key
ca_private_key_passphrase = not-secure-passphrase
[haproxy_amphora]
bind_host = 10.200.0.41
bind_port = 9443
server_ca = /etc/octavia/certs/server_ca-chain.cert.pem
client_cert = /etc/octavia/certs/private/client.cert-and-key.pem
[controller_worker]
client_ca = /etc/octavia/certs/client_ca.cert.pem
amp_image_tag = Amphora
# specify [flavor] ID for Amphora instance
amp_flavor_id = 100
# specify security group ID Amphora instance
amp_secgroup_list = b02c2f59-9fff-4428-accc-2bd9a7a337e5
# specify network ID to boot Amphora instance
amp_boot_network_list = e05c8fe4-9a6d-4192-b9b5-7d7a2ba11df8
network_driver = allowed_address_pairs_driver
compute_driver = compute_nova_driver
amphora_driver = amphora_haproxy_rest_driver
[oslo_messaging]
topic = octavia_prov
[service_auth]
auth_url = http://10.200.0.4:5000
memcached_servers = 10.200.0.4:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = octavia
password = servicepassword
我在 amphora-instance 上以 root 用户登录并检查端口 9443,它 运行 正常。
root@amphora-f36ed983-6d14-46a6-b686-8942379f2580:netstat -lntp | grep ":9443"
tcp 0 0 controller-ip:9443 0.0.0.0:* LISTEN 697/gunicorn: maste
然后尝试 netstat -plane | grep :"9443" 在控制器节点上(我不知道命令是什么意思,我在其他组上看到了)
[root@controller ~(keystone)]# netstat -plane | grep ":9443"
tcp 0 1 192.168.1.3:54416 172.16.1.100:9443 SYN_SENT 966 108134 2773/octavia-worker
在我的 octavia.cfg 中,我没有使用 health_manager 服务,所以我设置 bind_host = 0.0.0.0 。另一方面,我忽略了在 octavia-configure-docs 处创建 OCTAVIA_MGMT_PORT_IP(步骤 7-8)。我做错了吗?
好的,我的问题解决了。 Octavia-api 节点无法连接到 amphorae-instance,因为它们不匹配相同的网络类型(节点 - LAN 和 amphorae - VXLAN)。所以,我在一个节点上创建了一个网桥接口来转换vxlan for lan can connect (You can read here at step 7: create a network).
此致!