settingsLogin | Registersettings

[Openstack-operators] Openstack-ansible and HAProxy

0 votes

Dear all,
Hope this is the right ML for this question, otherwise please let me know.

I have setup an openstack-ansible based infrastructure (pike) with 3 controllers and 8 computes. Everything works fine except when i configure a dedicated IP to be shared between the ctrls.

There are several bridges, but the one involved here are:
br-public (bridge toward internet)
I have one public ip for each ctrl (x.x.x.1, x.x.x.2, x.x.x.3) configured on each bridge
br-mgmt (default internal bridge for OS ansible setup)
I have one private ip for each ctrl (y.y.y.1, y.y.y.2, y.y.y.3) configured on each bridge
Then, I have configured the openstack-ansible files like:

/etc/openstackdeploy/openstackuserconfig.yml
internal
lbvipaddress: y.y.y.1
I’m using the first ctrl ip for the internal network, but I’m not sure if it’s the right config
externallbvipaddress: x.x.x.4
I’m using a free IP in the public network to be shared by the controllers
/etc/openstack
deploy/uservariables.yml
haproxy
keepalivedexternalvipcidr: "{{externallbvipaddress}}/24”
Here do I have to put /32 (default) or /24 (mi CIDR)?
haproxykeepalivedinternalvipcidr: "{{internallbvipaddress}}/24”
Here do I have to put /32 (default) or /24 (mi CIDR)?
haproxy
keepalivedexternalinterface: br-public
haproxykeepalivedinternal_interface: br-mgmt

With netstat, I see HAProxy binding all the service ports in the ctrls, but I cannot ping (and access horizon or the other services) using the public ip x.x.x.4.

Any suggestion?

Thanks a lot,
Matteo

Matteo Gerola, Dott.
Research Engineer


CREATE-NET Research Center
Fondazione Bruno Kessler (FBK)
via alla Cascata 56D
38123 Povo, Trento (Italy)
F: +39 0461 31​2425
e-mail: ​mgerola@fbk.eu <--- THIS HAS CHANGED!
www:​​ ​http://create-net.fbk.eu

The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited according to the Italian Law 196/2003 of the Legislature. If you received this in error, please contact the sender and delete the material from any computer.
Le informazioni contenute in questo messaggio di posta elettronica e nei file allegati sono da considerarsi strettamente riservate. Il loro utilizzo e' consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceveste questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla cancellazione del messaggio stesso dal Vostro sistema. Trattenere il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D. Lgs. 196/2003.


OpenStack-operators mailing list
OpenStack-operators@lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
asked Oct 18, 2017 in openstack-operators by Matteo_Gerola (120 points)  
...