0

I am trying to deploy CF on openstack using bosh . I am following the documentation https://bosh.io/docs/init-openstack.html

When I execute : 

bosh create-env bosh-deployment/bosh.yml --state=state.json \
--vars-store=creds.yml -o bosh-deployment/openstack/cpi.yml \
-v director_name=bosh-1 \
-v internal_cidr=172.10.0.0/24 \
-v internal_gw=172.10.0.1 \
-v internal_ip=172.10.0.6 \
-v auth_url=https://mycontrollerip:5000/v2.0 \
-v az=test \
-v default_key_name=mykeypairname \
-v default_security_groups=[bosh,CF] \
-v net_id=3a374103-4b4a-49aa-b2e7-d113cb6939c3 \
-v openstack_password=mypassword \
-v openstack_username=myusername \
-v openstack_project=projectname \
-v private_key=/path/to/mykeypair.pem \
-v region=RegionOne \
-v openstack_domain=test \
-v tenant=projectname

I get error :

Stopping registry... Finished (00:00:00)
Cleaning up rendered CPI jobs... Finished (00:00:00)
Deploying:
  Creating instance 'bosh/0':
    Creating VM:
      Creating vm with stemcell cid 'a8833ec1-7b3c-4904-a522-329ab1233302':
        CPI 'create_vm' method responded with error:
        CmdError{"type":"Bosh::Clouds::CloudError","message":"OpenStack
        API service not found error: Expected([201]) \u003c=\u003e
        Actual(404 Not Found)\nexcon.error.response\n  :body
        =\u003e \"{\\\"NeutronError\\\": {\\\"message\\\":
        \\\"Security group 0ccd1f3f-a064-49d7-899a-1ea450c518fa
        does not exist\\\", \\\"type\\\":
        \\\"SecurityGroupNotFound\\\", \\\"detail\\\":
        \\\"\\\"}}\"\n  :cookies       =\u003e [\n  ]\n  :headers
        =\u003e {\n    \"Content-Length\"         =\u003e
        \"146\"\n    \"Content-Type\"           =\u003e
        \"application/json; charset=UTF-8\"\n    \"Date\"
        =\u003e \"Sat, 19 Aug 2017 13:28:29 GMT\"\n
        \"X-Openstack-Request-Id\" =\u003e
        \"req-8b903ed9-7c62-4433-b43b-cd784fd0fbeb\"\n  }\n  :host
        =\u003e \"controllerip\"\n  :local_address =\u003e
        \"172.10.0.15\"\n  :local_port    =\u003e 39862\n  :path
        =\u003e \"/v2.0/ports\"\n  :port          =\u003e 9696\n
        :reason_phrase =\u003e \"Not Found\"\n  :remote_ip
        =\u003e \"mycontrollerip\"\n  :status        =\u003e 404\n
        :status_line   =\u003e \"HTTP/1.1 404 Not
        Found\\r\\n\"\n\nCheck task debug log for
        details.","ok_to_retry":false}
Exit code 1

Can anyone help me with this ?

Eddie
  • 9,696
  • 4
  • 45
  • 58
Gwr
  • 65
  • 6
  • May be related to scope, but not sure. Domains are part of the V3 keystone API, so it could also be related to using /v2.0 instead of /v3. The logs in Nova may be a bit easier to read/understand. Since you have the request ID you can grep for it in the nova logs to see if there are errors. `grep -i req-8b903ed9-7c62-4433-b43b-cd784fd0fbeb /var/log/nova*.log` - if you have multiple controllers then you will want to check the logs on each. – Michael Petersen Aug 21 '17 at 16:33
  • @MichaelPetersen: The issue got resolved as bosh was referring to different security group ID instead of the one in current tenant. Thanks! – Gwr Aug 22 '17 at 05:08
  • Awesome. Thanks for following up. – Michael Petersen Aug 22 '17 at 20:30

1 Answers1

0

The issue got resolved when I renamed the security group . It looks like there was another security group with same name in a different tenant and bosh was referring to the other security group's ID

Gwr
  • 65
  • 6