Unable to open stream to ssl / Could not retrieve schema - wrong port?
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Neutron API Charm |
Expired
|
Undecided
|
Unassigned |
Bug Description
Unable to open stream to ssl:10.6.68.8:16642 to retrieve schema: Connection refused
Exception: Could not retrieve schema from ssl:10.
Connection to port 16642 but OVN Southbound listen on 6644. Whats going wrong?
neutron log
-------------
2021-07-05 05:29:12.060 99687 ERROR ovsdbapp.
2021-07-05 05:29:12.061 99687 ERROR ovsdbapp.
2021-07-05 05:29:12.062 99687 ERROR ovsdbapp.
2021-07-05 05:29:12.062 99687 ERROR neutron.service [req-205e4a2a-
------------
UnitId: ovn-central/3
-------
- Stdout: |
3560
Name: OVN_Southbound
Cluster ID: 12eb (12eb0ace-
Server ID: 3560 (3560f236-
Address: ssl:10.6.68.20:6644
Status: cluster member
Role: follower
Term: 1
Leader: 716b
Vote: unknown
Election timer: 4000
Log: [2, 15]
Entries not yet committed: 0
Entries not yet applied: 0
Connections: ->0000 ->0000 <-716b <-cc6b
Disconnections: 0
Servers:
3560 (3560 at ssl:10.
716b (716b at ssl:10.6.68.8:6644) last msg 1012 ms ago
cc6b (cc6b at ssl:10.
---------
charms config
-------
neutron-
charm: cs:neutron-
neutron-api:
charm: cs:neutron-api-294
num_units: 3
bindings:
"": *internal-space
public: *public-space
internal: *internal-space
shared-db: *internal-space
options:
neutron-
flat-
worker-
openstack
vip: 10.6.66.2 10.6.162.2
vip_cidr: 19
use-
enable-sriov: True
enable-
enable-
default-
vlan-ranges: physnet1:2200:3500
vni-ranges: 1001:10000
global-
quota-
quota-
quota-port: -1
quota-router: -1
quota-subnet: -1
quota-vip: -1
region: de1
nagios_
ovn-central:
charm: cs:ovn-central-7
num_units: 3
bindings:
"": *internal-space
ovsdb: *internal-space
options:
source: *openstack-origin
nagios_
to:
- lxd:0
- lxd:1
- lxd:2
ovn-chassis:
charm: cs:ovn-chassis-14
bindings:
"": *internal-space
ovsdb: *internal-space
data: *overlay-space
options:
ovn-
bridge-
--------
System-Release: Ubuntu 20.04 LTS
Hello Dominik, thank you for your bug report.
As noted in the charm documentation [0] the OVN databases are configured to listen on several ports.
The 16642 port is opened for administrative access to the Southbound database by consumers of the ovsdb-peer and ovsdb-cms relations [1]. The 6644 port is used for cluster-internal communication between the OVSDB instances and is not for external consumption.
Are the neutron-api units and ovn-central units connected to the same L2 broadcast domain? If not could there be an external firewall in the way somewhere? Could there be missing bindings for the neutron- api-plugin- ovn relations?
Would you be able to provide me with the following:
- Output of `ufw status` from the ovn-central units
- IP addresses of neutron-api units
- Packet capture of a connection attempt from the neutron-api unit which shows source/destination IPs
0: https:/ /jaas.ai/ ovn-central /opendev. org/x/charm- ovn-central/ src/commit/ 8e305de633f701c d52775685286c02 cd1a09e7ed/ src/reactive/ ovn_central_ handlers. py#L116- L127
1: https:/