Juniper Openstack

Contrail Vrouter :: 14.04 2 mitaka :: provisioning fails with xmpp_dns_auth_enable.

Bug #1690146 reported by Ritam Gangopadhyay on 2017-05-11

This bug affects 1 person

	Status	Importance	Assigned to	Milestone
Juniper Openstack	Status tracked in Trunk
R4.0	Fix Released	Critical	Hari Prasad Killi	Juniper Openstack r4.0.0.0-fcs "r4.0.0.0"
Trunk	Fix Committed	Critical	Hari Prasad Killi	Juniper Openstack r4.1.0.0-fcs "r4.1"

Bug Description

When xmpp auth is enabled in json file. Ansible tries to run contrail-compute-setup script with --xmpp_dns_auth_enable option and fails.

Without this flag, vrouter agent is not provisioned properly with xmpp auth enabled.

root@nodem8:~# contrail-compute-setup --cfgm_ip 10.10.10.10 --keystone_ip 10.10.10.20 --self_ip 10.10.10.8 --non_mgmt_ip 10.10.10.8 --non_mgmt_gw 10.10.10.100 --hypervisor libvirt --keystone_auth_protocol http --keystone_auth_port 35357 --keystone_admin_user admin --keystone_admin_password contrail123 --keystone_admin_tenant_name admin --register --control-nodes 10.10.10.14 10.10.10.6 10.10.10.7 --collectors 10.10.10.14 10.10.10.6 10.10.10.7 --xmpp_auth_enable --xmpp_dns_auth_enable
[Thu May 11 18:45:09 2017 contrail_vrouter_provisioning.setup(18) INFO]: Compute provisioning initiated:
['/usr/bin/contrail-compute-setup', '--cfgm_ip', '10.10.10.10', '--keystone_ip', '10.10.10.20', '--self_ip', '10.10.10.8', '--non_mgmt_ip', '10.10.10.8', '--non_mgmt_gw', '10.10.10.100', '--hypervisor', 'libvirt', '--keystone_auth_protocol', 'http', '--keystone_auth_port', '35357', '--keystone_admin_user', 'admin', '--keystone_admin_password', 'contrail123', '--keystone_admin_tenant_name', 'admin', '--register', '--control-nodes', '10.10.10.14', '10.10.10.6', '10.10.10.7', '--collectors', '10.10.10.14', '10.10.10.6', '10.10.10.7', '--xmpp_auth_enable', '--xmpp_dns_auth_enable']
usage: contrail-compute-setup [-h] [--conf_file CONF_FILE] [--cfgm_ip CFGM_IP]
                              [--keystone_ip KEYSTONE_IP] [--self_ip SELF_IP]
                              [--hypervisor HYPERVISOR]
                              [--mgmt_self_ip MGMT_SELF_IP]
                              [--non_mgmt_ip NON_MGMT_IP]
                              [--non_mgmt_gw NON_MGMT_GW]
                              [--physical_interface PHYSICAL_INTERFACE]
                              [--vgw_intf VGW_INTF]
                              [--vgw_public_subnet VGW_PUBLIC_SUBNET]
                              [--vgw_public_vn_name VGW_PUBLIC_VN_NAME]
                              [--vgw_intf_list VGW_INTF_LIST]
                              [--vgw_gateway_routes VGW_GATEWAY_ROUTES]
                              [--keystone_auth_protocol KEYSTONE_AUTH_PROTOCOL]
                              [--keystone_auth_port KEYSTONE_AUTH_PORT]
                              [--keystone_admin_user KEYSTONE_ADMIN_USER]
                              [--keystone_admin_password KEYSTONE_ADMIN_PASSWORD]
                              [--keystone_admin_tenant_name KEYSTONE_ADMIN_TENANT_NAME]
                              [--neutron_password NEUTRON_PASSWORD]
                              [--internal_vip INTERNAL_VIP]
                              [--external_vip EXTERNAL_VIP]
                              [--contrail_internal_vip CONTRAIL_INTERNAL_VIP]
                              [--cpu_mode CPU_MODE] [--cpu_model CPU_MODEL]
                              [--vmware VMWARE]
                              [--vmware_username VMWARE_USERNAME]
                              [--vmware_passwd VMWARE_PASSWD]
                              [--vmware_vmpg_vswitch VMWARE_VMPG_VSWITCH]
                              [--vmware_vmpg_vswitch_mtu VMWARE_VMPG_VSWITCH_MTU]
                              [--vmware_datanic_mtu VMWARE_DATANIC_MTU]
                              [--mode MODE] [--vcenter_server VCENTER_SERVER]
                              [--vcenter_username VCENTER_USERNAME]
                              [--vcenter_password VCENTER_PASSWORD]
                              [--vcenter_cluster VCENTER_CLUSTER]
                              [--vcenter_dvswitch VCENTER_DVSWITCH]
                              [--dpdk DPDK]
                              [--vrouter_module_params VROUTER_MODULE_PARAMS]
                              [--sriov SRIOV] [--tsn_mode TSN_MODE]
                              [--gateway_server_list GATEWAY_SERVER_LIST [GATEWAY_SERVER_LIST ...]]
                              [--qos_logical_queue QOS_LOGICAL_QUEUE [QOS_LOGICAL_QUEUE ...]]
                              [--qos_queue_id QOS_QUEUE_ID [QOS_QUEUE_ID ...]]
                              [--default_hw_queue_qos]
                              [--priority_id PRIORITY_ID [PRIORITY_ID ...]]
                              [--priority_scheduling PRIORITY_SCHEDULING [PRIORITY_SCHEDULING ...]]
                              [--priority_bandwidth PRIORITY_BANDWIDTH [PRIORITY_BANDWIDTH ...]]
                              [--collectors COLLECTORS [COLLECTORS ...]]
                              [--control-nodes CONTROL_NODES [CONTROL_NODES ...]]
                              [--metadata_secret METADATA_SECRET]
                              [--xmpp_auth_enable] [--sandesh_ssl_enable]
                              [--introspect_ssl_enable] [--register]
contrail-compute-setup: error: unrecognized arguments: --xmpp_dns_auth_enable

ABOVE ERROR IS THROWN WITH --xmpp_dns_auth_enable

WITHOUT THE FLAG CHECK THE conf FILE AT THE END IS NOT SET PROPERLY:-

................
.................
...................

[Thu May 11 18:45:42 2017 contrail_vrouter_provisioning(67) INFO]: Executing: sudo contrail-config --set /etc/contrail/contrail-lbaas-auth.conf BARBICAN auth_url 'http://10.10.10.20:35357/v2.0'
[Thu May 11 18:45:42 2017 contrail_vrouter_provisioning(67) INFO]: Executing: sudo contrail-config --set /etc/contrail/contrail-lbaas-auth.conf BARBICAN admin_password 'contrail123'
[Thu May 11 18:45:42 2017 contrail_vrouter_provisioning(67) INFO]: Executing: sudo contrail-config --set /etc/contrail/contrail-lbaas-auth.conf BARBICAN admin_user 'neutron'
[Thu May 11 18:45:42 2017 contrail_vrouter_provisioning(67) INFO]: Executing: sudo python /opt/contrail/utils/provision_vrouter.py --host_name nodem8 --host_ip 10.10.10.8 --api_server_ip 10.10.10.10 --oper add --admin_user admin --admin_password contrail123 --admin_tenant_name admin --openstack_ip 10.10.10.20 --api_server_use_ssl False
[Thu May 11 18:45:43 2017 contrail_vrouter_provisioning.setup(24) INFO]: Compute provisioning complete

root@nodem8:~# cat /etc/contrail/contrail-vrouter-agent.conf | grep xmpp
xmpp_auth_enable = True
# xmpp_auth_enable=false
# xmpp_dns_auth_enable=false <<<<< NOT SET TO TRUE AND UNCOMMENTED
# xmpp_server_cert=/etc/contrail/ssl/certs/server.pem
# xmpp_server_key=/etc/contrail/ssl/private/server-privkey.pem
# xmpp_ca_cert=/etc/contrail/ssl/certs/ca-cert.pem
root@nodem8:~#

Tags:

Sudheendra Rao (sudheendra-k) on 2017-05-11

information type:	Proprietary → Public
tags:	added: blocker sanity