Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Cloudbreak security group for openstack

Cloudbreak security group for openstack

Explorer

Hi,

I created security group for openstack by all the ports. reference by follow:

Hadoop services : Ambari (8080) Consul (8500) NN (50070) RM Web (8088) Scheduler (8030RM) IPC (8050RM) Job history server (19888)HBase master (60000) HBase master web (60010) HBase RS (16020) HBase RS info (60030) Falcon (15000) Storm (8744) Hive metastore (9083) Hive server (10000) Hive server HTTP (10001) Accumulo master (9999) Accumulo Tserver (9997) Atlas (21000) KNOX (8443) Oozie (11000) Spark HS (18080) NM Web (8042) Zeppelin WebSocket (9996) Zeppelin UI (9995) Kibana (3080) * Elasticsearch (9200)

But when I created cluster ,errors came as follow:

Failed to create the stack for CloudContext{id=25, name='bigdata', platform='StringType{value='OPENSTACK'}', owner='ae2e5c22-25b0-4283-aeb3-dcc06aa706ab'} due to: Resource CREATE failed: OverQuotaClient: resources.security_group_host_group_master_3: Quota exceeded for resources: ['security_group_rule']. Neutron server returns request_ids: ['req-cb14a5a6-1671-4087-bd3b-c48eca7aca67']

this error maybe my openstack quota security_group_rule set. How can I modify it? I have tried some commands:

neutron quota-update --tenant_id admin --security_group_rule 200 

openstack quota --secgroup_rules 200 admin 

these commads could't modify the security_group_rule successfuly.

what shoud I do?

any help is appreciated.Thanks!

3 REPLIES 3
Highlighted

Re: Cloudbreak security group for openstack

Expert Contributor

Hi,

I followed these instructions: https://docs.openstack.org/admin-guide/cli-set-compute-quotas.html and I was able to change it for a tenant like this:

original:

nova quota-show
+-----------------------------+-------+
| Quota                       | Limit |
+-----------------------------+-------+
| instances                   | 10    |
| cores                       | 20    |
| ram                         | 51200 |
| floating_ips                | 10    |
| fixed_ips                   | -1    |
| metadata_items              | 128   |
| injected_files              | 5     |
| injected_file_content_bytes | 10240 |
| injected_file_path_bytes    | 255   |
| key_pairs                   | 100   |
| security_groups             | 10    |
| security_group_rules        | 20    |
| server_groups               | 10    |
| server_group_members        | 10    |
+-----------------------------+-------+

changed:

tenant=$(openstack project show -f value -c id admin)

nova quota-update --security-group-rules 30 $tenant

nova quota-show
+-----------------------------+-------+
| Quota                       | Limit |
+-----------------------------+-------+
| instances                   | 10    |
| cores                       | 20    |
| ram                         | 51200 |
| floating_ips                | 10    |
| fixed_ips                   | -1    |
| metadata_items              | 128   |
| injected_files              | 5     |
| injected_file_content_bytes | 10240 |
| injected_file_path_bytes    | 255   |
| key_pairs                   | 100   |
| security_groups             | 10    |
| security_group_rules        | 30    |
| server_groups               | 10    |
| server_group_members        | 10    |
+-----------------------------+-------+

The command arguments might differ on different openstack versions.

Highlighted

Re: Cloudbreak security group for openstack

Explorer

Hi, I used this commad before,it doesn't work also.I use Mitaka version ,network rely on Neutron.Nova quota-update security-group-rules maybe not useful.Thank you all the way .

Highlighted

Re: Cloudbreak security group for openstack

Explorer

I use horzion web UI,projects->select admin -> manage members->quotas . this can modify admin security_group_rule

Don't have an account?
Coming from Hortonworks? Activate your account here