OpenStack Compute (nova)

When nova-api and keystone run on different nodes, EC2 API does not work

Asked by David Kang

Hi,

 We've set up openstack (early essex version) with keystone successfully.
We put nova-api and keystone on a head node (10.99.1.1), and glance on the other node (10.99.1.254).
It worked well. Both nova API and EC2 API worked well.

 Now we put nova-api on a head node (10.99.1.1) and put keystone and glance on the other node (10.99.1.254).
Now, nova API works well. But EC2 API does not work. From the nova-api log, "error: [Errno 111] ECONNREFUSED" happens.

 Should nova-api and keystone must be on the same node?

Here are our settings:

1. api-paste.ini:
[filter:authtoken]
paste.filter_factory = keystone.middleware.auth_token:filter_factory
service_protocol = http
service_host = 10.99.1.1
service_port = 5000
auth_host = 10.99.1.254
auth_port = 35357
auth_protocol = http
auth_uri = http://10.99.1.254:5000/
....

2. endpointTemplates
$ keystone-manage endpointTemplates list
All EndpointTemplates
service region Public URL
-------------------------------------------------------------------------------
nova RegionOne http://10.99.1.1:8774/v1.1/%tenant_id%
keystone RegionOne http://10.99.1.254:5000/v2.0
glance RegionOne http://10.99.1.254:9292/v1/%tenant_id%

3. nova.conf
--ec2_url=http://10.99.1.1:8773/services/Cloud
--rabbit_host=10.99.1.1
--sql_connection=mysql://root:nova@10.99.1.1/nova
--glance_api_servers=10.0.11.1:9292
...

Question information

Language:
English Edit question
Status:
Answered
For:
OpenStack Compute (nova) Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Vish Ishaya (vishvananda) said : 		#1

you have to set keystone_ec2_url in your flagfile
--keystone_ec2_url=http://10.99.1.254:5000/v2.0/ec2tokens

Can you help with this problem?

Provide an answer of your own, or ask David Kang for more information if necessary.

To post a message you must log in.