OpenStack Nova Cloud Controller Charm

Enabling SSL on rabbitmq breaks pacemaker resource check

Bug #1753432 reported by Teluka
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Charm Helpers
In Progress
Undecided
Felipe Reyes
OpenStack HA Cluster Charm
Fix Released
Undecided
Felipe Reyes
OpenStack HA Cluster Charm 19.04
OpenStack Nova Cloud Controller Charm
In Progress
Undecided
Felipe Reyes

Bug Description

- Deployed Ocata with Juju 2.3.3

nova-cloud-controller 15.0.8 active 3 nova-cloud-controller jujucharms 304 ubuntu
rabbitmq-server 3.5.7 active 3 rabbitmq-server jujucharms 239 ubuntu

- Once rabbitmq is configured with SSL

juju config rabbitmq-server ssl=on

- CRM reports nova_consoleauth resource start failure

root@juju-238da0-sts-16:~# crm status
[snippet]
Failed Actions:
* res_nova_consoleauth_start_0 on juju-238da0-sts-15 'unknown error' (1): call=89, status=Timed Out, exitreason='none',
last-rc-change='Thu Mar 1 16:42:29 2018', queued=0ms, exec=20003ms
* res_nova_consoleauth_start_0 on juju-238da0-sts-16 'unknown error' (1): call=543, status=Timed Out, exitreason='none',
last-rc-change='Thu Mar 1 16:42:49 2018', queued=0ms, exec=20002ms
[/snippet]

- That's due to default rabbitmq port (TCP 5672) used by pacemaker to check if nova_consoleauth has successfully connected to rabbitmq server

https://github.com/openstack/openstack-resource-agents/blob/master/ocf/nova-consoleauth#L43

- When rabbitmq is configured with SSL the port number will change to TCP 5671
- Workaround is to update crm resource with valid port number

crm_resource --resource res_nova_consoleauth --set-parameter amqp_server_port --parameter-value 5671

- Nova cloud controller charm should automatically update default rabbitmq port depended if SSL is enabled or not

Tags: juju sts
Felipe Reyes (freyes)
tags: added: sts
Changed in charm-nova-cloud-controller:
assignee: nobody → Felipe Reyes (freyes)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to charm-nova-cloud-controller (master)

Fix proposed to branch: master
Review: https://review.openstack.org/573824

Changed in charm-nova-cloud-controller:
status: New → In Progress
Revision history for this message
Felipe Reyes (freyes) wrote :

Patch for hacluster to provide support to update pacemaker's configuration. https://review.openstack.org/573039/

Changed in charm-hacluster:
status: New → In Progress
assignee: nobody → Felipe Reyes (freyes)
Changed in charm-helpers:
status: New → In Progress
assignee: nobody → Felipe Reyes (freyes)
Revision history for this message
Felipe Reyes (freyes) wrote :

Patch for charm-helpers to expose rabbitmq_port in AMQPContext class https://github.com/juju/charm-helpers/pull/187

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to charm-hacluster (master)

Reviewed: https://review.openstack.org/573039
Committed: https://git.openstack.org/cgit/openstack/charm-hacluster/commit/?id=02d83b2e4ead28c0f144f2e7495e0352843bf39e
Submitter: Zuul
Branch: master

commit 02d83b2e4ead28c0f144f2e7495e0352843bf39e
Author: Felipe Reyes <email address hidden>
Date: Wed Jun 6 19:38:01 2018 -0400

    Support update parameters of a resource

    This patch implements support to update parameters of an already
    existing resource using "crm configure load update FILE"

    Change-Id: I22730091d674145db4a1187b0904d9f88d9d8c6d
    Partial-Bug: #1753432

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to charm-hacluster (master)

Fix proposed to branch: master
Review: https://review.openstack.org/605844

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to charm-hacluster (master)

Reviewed: https://review.openstack.org/605844
Committed: https://git.openstack.org/cgit/openstack/charm-hacluster/commit/?id=639dadb141176eed3eaff6ba99b352c4ae5e1278
Submitter: Zuul
Branch: master

commit 639dadb141176eed3eaff6ba99b352c4ae5e1278
Author: Felipe Reyes <email address hidden>
Date: Wed Jun 6 19:38:01 2018 -0400

    Support update parameters of a resource

    This patch implements support to update parameters of an already
    existing resource using "crm configure load update FILE"

    The parameters of a resource are hashed using md5 and stored in the kv
    store, when the checksum doesn't match the resource is updated,
    otherwise discarded.

    Change-Id: I5735eaa1309c57e3620b0a6f68ffe13ec8165592
    Closes-Bug: 1753432

Changed in charm-hacluster:
status: In Progress → Fix Committed
Revision history for this message
Edward Hope-Morley (hopem) wrote :

Support for managing nova-consoleauth with corosync/pacemaker is being dropped in the next release of the charms (19.04) - https://github.com/openstack/charm-nova-cloud-controller/commit/b6e314077fa352ba58c346919a1e1cd4f6593226

I would recommend migrating to using memcached so that you can then upgrade to get 19.04 (otherwise it will complain that it is not related).

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on charm-nova-cloud-controller (master)

Change abandoned by Felipe Reyes (<email address hidden>) on branch: master
Review: https://review.openstack.org/573824
Reason: single-nova-consoleauth config option is being removed in 19.04

James Page (james-page)
Changed in charm-hacluster:
milestone: none → 19.04
David Ames (thedac)
Changed in charm-hacluster:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.