The HAProxy listener for Galera would bind on the ctlplane address. This meant clients could not reach the Galera service when using an Overcloud with network isolation. This fix changes the binding address of the HAProxy Galera listener to the VIP in the internal_api network. Clients now can reach the Galera service on Overclouds with network isolation.
Created attachment 1042204[details]
controller
Description of problem:
I'm deploying a 1 x controller and 1 x compute overcloud with the network isolation (using provided single-nic-vlans templates). Deployment fails because services are trying to access mysql by the VIP in the internal-API network. HAProxy is using the brctlplane IP to listen for 3306 port and the mariadb server listens on the local IP in the internal-API network so services fail to access it by the VIP in the internal-API network.
Version-Release number of selected component (if applicable):
openstack-puppet-modules-2015.1.6-2.el7ost.noarch
openstack-tripleo-puppet-elements-0.0.1-2.el7ost.noarch
puppet-3.6.2-2.el7.noarch
openstack-heat-templates-0-0.6.20150605git.el7ost.noarch
openstack-heat-common-2015.1.0-3.el7ost.noarch
openstack-tripleo-heat-templates-0.8.6-13.el7ost.noarch
How reproducible:
100%
Steps to Reproduce:
1. Deploy 1 compute and 1 controller overcloud with network isolation
2.
3.
Actual results:
Deployment fails becasue services aren't able to access the db server.
Expected results:
Deployment is successful.
Additional info:
Attaching the controller configuration. vlan20 is the internalapi network.
with updated version of OPM this is still failing due to:
parsing [/etc/haproxy/haproxy.cfg:94] : 'server 172.16.2.5:3306' : invalid address: 'backup'
from haproxy logs. The list of backend servers seems to be missing hostname from servers list, only has IP.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://access.redhat.com/errata/RHEA-2015:1549
Created attachment 1042204 [details] controller Description of problem: I'm deploying a 1 x controller and 1 x compute overcloud with the network isolation (using provided single-nic-vlans templates). Deployment fails because services are trying to access mysql by the VIP in the internal-API network. HAProxy is using the brctlplane IP to listen for 3306 port and the mariadb server listens on the local IP in the internal-API network so services fail to access it by the VIP in the internal-API network. Version-Release number of selected component (if applicable): openstack-puppet-modules-2015.1.6-2.el7ost.noarch openstack-tripleo-puppet-elements-0.0.1-2.el7ost.noarch puppet-3.6.2-2.el7.noarch openstack-heat-templates-0-0.6.20150605git.el7ost.noarch openstack-heat-common-2015.1.0-3.el7ost.noarch openstack-tripleo-heat-templates-0.8.6-13.el7ost.noarch How reproducible: 100% Steps to Reproduce: 1. Deploy 1 compute and 1 controller overcloud with network isolation 2. 3. Actual results: Deployment fails becasue services aren't able to access the db server. Expected results: Deployment is successful. Additional info: Attaching the controller configuration. vlan20 is the internalapi network.