英文:
Adding VPNaaS to an OpenStack Zed setup
问题
首先,对于错误消息 "Error loading class by alias" 和 "Error loading class by class name",这些错误可能是由于缺少VPNaaS插件或配置问题导致的。您提到尝试了一些安装步骤,但可能需要更多的配置才能使VPNaaS正常工作。以下是可能的解决方案:
-
确保已安装 VPNaaS 插件:
- 您已经尝试使用 "pip install neutron-vpnaas" 安装 VPNaaS 插件,但请确保已在Neutron的配置文件中启用了VPNaaS服务插件。
-
检查配置文件:
- 确保您的
/etc/neutron/neutron_vpnaas.conf文件正确配置了 VPNaaS 服务提供商。确保它与您的安装指南中的示例一致。
- 确保您的
-
检查 Neutron 配置文件:
- 您的
/etc/neutron/neutron.conf配置文件需要包括 VPNaaS 服务插件。确保在[DEFAULT]部分中有以下行:service_plugins = router,firewall_v2,vpnaas如果
service_plugins行不存在,请添加它并重启 Neutron 服务。
- 您的
-
确保正确安装了 StrongSwan:
- 如果您在配置文件中使用 StrongSwan 作为 VPNaaS 服务提供商,请确保 StrongSwan 已正确安装并配置。
-
检查依赖项:
- 确保您的系统上安装了所有VPNaaS所需的依赖项。
请按照上述步骤检查您的安装和配置,以确保VPNaaS正常运行。如果问题仍然存在,您可能需要查看更详细的日志以了解问题的更多细节,以帮助进一步排除故障。
英文:
First of all, sorry if I'm using the wrong category, group or whatever. This is my first every question here.
I've setup Openstack with this documentation https://docs.openstack.org/install-guide/ followed by the installation of keystone, glance, nova, neutron, horizon from here https://docs.openstack.org/install-guide/openstack-services.html#minimal-deployment-for-yoga (except I used zed instead of yoga). Now I managed to install FWaaS from here: https://docs.openstack.org/neutron/zed/admin/fwaas-v2-scenario.html but I also need VPNaaS for my project. When following this guide https://docs.openstack.org/neutron/zed/admin/vpnaas-scenario.html I can't make it work. Everytime I restart neutron it failes
2023-02-26 09:17:25.217 895152 ERROR neutron_lib.utils.runtime [req-a32b0298-9d9f-49c9-a0fb-d914020d1edd - - - - -] Error loading class by alias: stevedore.exception.NoMatches: No 'neutron.service_plugins' driver found, looking for 'vpnaas'
2023-02-26 09:17:25.217 895152 ERROR neutron_lib.utils.runtime Traceback (most recent call last):
2023-02-26 09:17:25.217 895152 ERROR neutron_lib.utils.runtime File "/usr/lib/python3/dist-packages/neutron_lib/utils/runtime.py", line 113, in load_class_by_alias_or_classname
2023-02-26 09:17:25.217 895152 ERROR neutron_lib.utils.runtime mgr = driver.DriverManager(
2023-02-26 09:17:25.217 895152 ERROR neutron_lib.utils.runtime File "/usr/lib/python3/dist-packages/stevedore/driver.py", line 53, in __init__
2023-02-26 09:17:25.217 895152 ERROR neutron_lib.utils.runtime super(DriverManager, self).__init__(
2023-02-26 09:17:25.217 895152 ERROR neutron_lib.utils.runtime File "/usr/lib/python3/dist-packages/stevedore/named.py", line 89, in __init__
2023-02-26 09:17:25.217 895152 ERROR neutron_lib.utils.runtime self._init_plugins(extensions)
2023-02-26 09:17:25.217 895152 ERROR neutron_lib.utils.runtime File "/usr/lib/python3/dist-packages/stevedore/driver.py", line 112, in _init_plugins
2023-02-26 09:17:25.217 895152 ERROR neutron_lib.utils.runtime raise NoMatches('No %r driver found, looking for %r' %
2023-02-26 09:17:25.217 895152 ERROR neutron_lib.utils.runtime stevedore.exception.NoMatches: No 'neutron.service_plugins' driver found, looking for 'vpnaas'
2023-02-26 09:17:25.217 895152 ERROR neutron_lib.utils.runtime
2023-02-26 09:17:25.218 895152 ERROR neutron_lib.utils.runtime [req-a32b0298-9d9f-49c9-a0fb-d914020d1edd - - - - -] Error loading class by class name: ValueError: Empty module name
There's more but it seems that with the installation I did the vpnaas is like non "existing" but I don't know how I should add or install it.
I tried several things like installing "pip install neutron-vpnaas", downloading the latest here https://tarballs.opendev.org/openstack/neutron-vpnaas/neutron-vpnaas-21.0.0.tar.gz and running the setup "sudo python3 setup.py install"...that probably broke my test environment, that I will have to setup completely new when I'm home.
But I thought it might be worth asking here as the installation is sometimes tricky and could have a cleaner structure. Maybe it's something obvious that other people encountered during the installation too.
Thanks for any help in advance!
Greetings
Edit after running python3-neutron-vpnaas:
When adding vpnaas to neutron the log shows:
The Log shows this: '2023-03-04 16:45:48.055 277379 INFO neutron.manager [req-493ddd6c-a9d0-417e-99c1-05d049749a71 - - - - -] Loading Plugin: vpnaas 2023-03-04 16:45:48.070 277379 WARNING stevedore.named [req-493ddd6c-a9d0-417e-99c1-05d049749a71 - - - - -] Could not load neutron_fwaas.services.firewall.service_drivers.agents.agents.FirewallAgentDriver 2023-03-04 16:45:48.070 277379 ERROR neutron.services.service_base [req-493ddd6c-a9d0-417e-99c1-05d049749a71 - - - - -] No providers specified for 'VPN' service, exiting'
the neutron.conf:
[DEFAULT]
core_plugin = ml2
auth_strategy = keystone
#service_plugins = router,firewall_v2,vpnaas ## when enable = failure
service_plugins = router,firewall_v2
allow_overlapping_ips = true
transport_url = rabbit://openstack:password@192.168.1.241
[agent]
root_helper = "sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf"
[cors]
[database]
connection = mysql+pymysql://neutron:password@192.168.1.241/neutron
[ironic]
[keystone_authtoken]
www_authenticate_uri = http://192.168.1.241:5000
memcached_servers = 192.168.1.241:11211
auth_type = password
auth_url = http://192.168.1.241:5000
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = ----PWREMOVED-----
[nova]
region_name = RegionOne
auth_url = http://192.168.1.241:5000
password = ----PWREMOVED-----
project_domain_name = default
project_name = service
user_domain_name = default
username = nova
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[privsep]
[quotas]
[ssl]
[service_providers]
service_provider = FIREWALL_V2:fwaas_db:neutron_fwaas.services.firewall.service_drivers.agents.agents.FirewallAgentDriver:default
As describes in the guide https://docs.openstack.org/neutron/zed/admin/vpnaas-scenario.html the /etc/neutron/neutron_vpnaas.conf looks like this:
[DEFAULT]
[service_providers]
service_provider = VPN:strongswan:neutron_vpnaas.services.vpn.service_drivers.ipsec.IPsecVPNDriver:default
And the l3_agent.ini:
[DEFAULT]
interface_driver = linuxbridge
[agent]
extensions = fwaas_v2,vpnaas
[network_log]
[ovs]
[vpnagent]
vpn_device_driver = neutron_vpnaas.services.vpn.device_drivers.strongswan_ipsec.StrongSwanDriver
EDIT after removing fwaas from service settings:
When fwaas is not configured in the corresponding files and vpnaas is configured, the neutron service starts but I think both servcies are not installed completely when just follwing these two documentations.
FWaaS Openstack Guide and VPNaaS Openstack Guide. Because listing the options in the cli openstack .... the vpn option is not listet, from the fwaas the options were visible when enabled.
答案1
得分: 1
好的,最终似乎已经运行正常。感谢 eblock!为了使 FWaaS 和 VPNaas 运行,我进行了以下操作:
安装额外的软件包:
- python3-neutron-fwaas
- python3-neutron-vpnaas
- neutron-fwaas-common
以及我的配置文件:
/etc/neutron/neutron_vpnaas.conf 和 neutron_fwaas.conf --> 里面除了像 [DEFAULT] 这样的 "headers" 之外什么都没有。
/etc/neutron/neutron.conf
...
[DEFAULT]
service_plugins = router,firewall_v2,vpnaas
...
[service_providers]
service_provider = FIREWALL_V2:fwaas_db:neutron_fwaas.services.firewall.service_drivers.agents.agents.FirewallAgentDriver:default
service_provider = VPN:strongswan:neutron_vpnaas.services.vpn.service_drivers.ipsec.IPsecVPNDriver:default
/etc/neutron/plugins/ml2/ml2_conf.ini
...
[agent]
extensions = fwaas_v2
[fwaas]
firewall_l2_driver = noop
/etc/neutron/fwaas_driver.ini
...
[fwaas]
agent_version = v2
driver = neutron_fwaas.services.firewall.service_drivers.agents.drivers.linux.iptables_fwaas_v2.IptablesFwaasDriver
enabled = True
并且不要忘记 /etc/neutron/l3_agent.ini:
...
[agent]
extensions = fwaas_v2,vpnaas
...
[vpnagent]
vpn_device_driver = neutron_vpnaas.services.vpn.device_drivers.strongswan_ipsec.StrongSwanDriver
希望这就是全部,现在我可以测试和构建我所需的内容。
英文:
Okay, finally this seems to be working.Thank you eblock!
In order to have FWaaS and VPNaas running, i did the following:
Install the additional packages:
- python3-neutron-fwaas
- python3-neutron-vpnaas
- neutron-fwaas-common
and my configuration files:
/etc/neutron/neutron_vpnaas.conf & neutron_fwaas.conf --> nothing in it excep for the "headers" like [DEFAULT] etc..
/etc/neutron/neutron.conf
...
[DEFAULT]
service_plugins = router,firewall_v2,vpnaas
...
[service_providers]
service_provider = FIREWALL_V2:fwaas_db:neutron_fwaas.services.firewall.service_drivers.agents.agents.FirewallAgentDriver:default
service_provider = VPN:strongswan:neutron_vpnaas.services.vpn.service_drivers.ipsec.IPsecVPNDriver:default
/etc/neutron/plugins/ml2/ml2_conf.ini
...
[agent]
extensions = fwaas_v2
[fwaas]
firewall_l2_driver = noop
/etc/neutron/fwaas_driver.ini
...
[fwaas]
agent_version = v2
driver = neutron_fwaas.services.firewall.service_drivers.agents.drivers.linux.iptables_fwaas_v2.IptablesFwaasDriver
enabled = True
And don't forget /etc/neutron/l3_agent.ini:
...
[agent]
extensions = fwaas_v2,vpnaas
...
[vpnagent]
vpn_device_driver = neutron_vpnaas.services.vpn.device_drivers.strongswan_ipsec.StrongSwanDriver
I hope that's really all and I can now test and build what I need with it.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论