Synchronization fails when rabbitmq-server is configured with ssl=only
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Glance-Simplestreams-Sync Charm |
Fix Released
|
Low
|
Frode Nordahl |
Bug Description
ERROR * 08-27 07:50:10 [PID:25348] * root * Exception during kombu setup
Traceback (most recent call last):
File "/usr/share/
status_
File "/usr/lib/
chan = self.transport.
File "/usr/lib/
self.
File "/usr/lib/
conn = self.transport.
File "/usr/lib/
conn.connect()
File "/usr/lib/
self.
File "/usr/lib/
self.
File "/usr/lib/
self.
File "/usr/lib/
return getattr(
error: [Errno 111] Connection refused
Although the error message is a bit confusing, the RabbitMQ server is indeed responding, but refusing non-SSL connections.
The RabbitMQ relation already provides the certificate, even if it would originate from vault:
root@juju-
[ snip ]
kombu_ssl_ca_certs: LS0tLS1CRUdJTiB
I would suggest a quick fix for this is to just decode that cert and write it out to disk.
To have the kombu client use it we can change the code a long the lines of this:
diff --git a/scripts/
index 0a5d3ef..07567fa 100755
--- a/scripts/
+++ b/scripts/
@@ -396,7 +396,8 @@ class StatusExchange:
- self.conn = kombu.BrokerCon
+ self.conn = kombu.BrokerCon
+ url, ssl={'ca_certs': '/tmp/kombu_
Changed in charm-glance-simplestreams-sync: | |
status: | New → Triaged |
importance: | Undecided → Low |
assignee: | nobody → Frode Nordahl (fnordahl) |
milestone: | none → 19.10 |
status: | Triaged → In Progress |
status: | In Progress → Triaged |
Changed in charm-glance-simplestreams-sync: | |
status: | Fix Committed → Fix Released |
Fix proposed to branch: master /review. opendev. org/678766
Review: https:/