Fuel for OpenStack

Puppet fails during updating ceilometer node

Series 5.1.x
Bug #1354494

Bug #1354494 reported by Ihor Kalnytskyi on 2014-08-08

This bug affects 1 person

	Status	Importance	Assigned to	Milestone
Fuel for OpenStack	Fix Committed	Critical	Vladimir Kuklin	Fuel for OpenStack 5.1
5.0.x	Fix Committed	Critical	Fuel Library (Deprecated)	Fuel for OpenStack 5.0.2
5.1.x	Fix Committed	Critical	Vladimir Kuklin	Fuel for OpenStack 5.1
6.0.x	Won't Fix	Medium	Dmitry Ilyin	Fuel for OpenStack 6.0
6.1.x	Won't Fix	Medium	Fuel Library (Deprecated)	Fuel for OpenStack 6.1

Bug Description

Repro step:

1. Run Fuel 5.0 (ISO 26)
2. Deploy environment with ceilometer node
3. Upgrade master node to 5.1
4. Update env to 5.0.2

Expected result:

Successfull update

Actual result:

Puppet fails with the following error: "Could not evaluate: Execution of '/usr/bin/mongo --quiet --eval db.getMongo().getDBNames()' returned 252"

Log:

http://paste.openstack.org/raw/92112/

Tags:

Revision history for this message

Łukasz Oleś (loles) wrote on 2014-08-11:

I couldn 't reproduce this.

Revision history for this message

Ihor Kalnytskyi (ikalnytskyi) wrote on 2014-08-11:

Łukasz, do you know about our mongo implementation? If so I can give you a tunnel when I meet this issue again.

Revision history for this message

Timur Nurlygayanov (tnurlygayanov) wrote on 2014-08-11:

listDatabases failed:{ "ok" : 0, "errmsg" : "unauthorized" } at src/mongo/shell/mongo.js:46

Revision history for this message

Dina Belova (dbelova) wrote on 2014-08-11:

Why don't we have the snapshots attached to this bug? Actually that's impossible to understand what was happening while the upgrade on the nodes without them

Changed in fuel:
assignee:	Fuel Library Team (fuel-library) → Denis Egorenko (degorenko)

Revision history for this message

Timur Nurlygayanov (tnurlygayanov) wrote on 2014-08-11:

Need to reproduce and provide the access to tha lab.

Revision history for this message

Dmitry Ilyin (idv1985) wrote on 2014-08-11:

Lokks like Puppet's mongodb module is trying to gem list of databases to determin if it should create one or not. But there is absolutely no auth support in this module. Probabbly it relies on "localhost exception" when you can connect to mongo without login and password from local interface. But it works only when there are no users created. After the first Puppet run admin and ceilometer users and ther rights are created and mongo no longer can connect to the database without password. So it doesn't work on the second and later runs.

This kinda sucks there is no easy fix but to implement auth mechanism in Mongo Puppet module.

Bogdan Dobrelya (bogdando) on 2014-08-11

Changed in fuel:
status:	New → Incomplete

Dmitry Ilyin (idv1985) on 2014-08-11

Changed in fuel:
assignee:	Denis Egorenko (degorenko) → Dmitry Ilyin (idv1985)

Vladimir Kuklin (vkuklin) on 2014-08-11

Changed in fuel:
status:	Incomplete → Confirmed

Ihor Kalnytskyi (ikalnytskyi) on 2014-08-11

Changed in fuel:
status:	Confirmed → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-08-12: Fix proposed to fuel-library (master)

Fix proposed to branch: master
Review: https://review.openstack.org/113602

Revision history for this message

Tatyanka (tatyana-leontovich) wrote on 2014-08-13:

fail_error_error_deploy_ceilometer_ha_with_mongo-2014_08_13__17_49_13.tar.gz Edit (6.4 MiB, application/x-tar)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-08-14:

Fix proposed to branch: master
Review: https://review.openstack.org/114297

OpenStack Infra (hudson-openstack) on 2014-08-18

Changed in fuel:
assignee:	Dmitry Ilyin (idv1985) → Vladimir Kuklin (vkuklin)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-08-18: Change abandoned on fuel-library (master)

#10

Change abandoned by Dmitry Ilyin (<email address hidden>) on branch: master
Review: https://review.openstack.org/113602
Reason: close

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-08-18: Fix merged to fuel-library (master)

#11

Reviewed: https://review.openstack.org/114297
Committed: https://git.openstack.org/cgit/stackforge/fuel-library/commit/?id=21e1efbe9ce1d51a6f84dbb0d3fccd6896346235
Submitter: Jenkins
Branch: master

commit 21e1efbe9ce1d51a6f84dbb0d3fccd6896346235
Author: Dmitry Ilyin <email address hidden>
Date: Mon Aug 11 20:43:14 2014 +0400

Add auth and remote connections support to MongoDB

    Add options to provide admin user login and
    password to be used while managing databases
    and users.

Admin user should have at least permissions
'root' and 'restore'.

    If there is no admin user mongo will work
    in 'localhost exception' mode allowing
    administration from the local interface.

Closes-Bug: 1354494

Change-Id: I253ee50523fba66586e7a42a7f0772adebe96e83

Changed in fuel:
status:	In Progress → Fix Committed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-08-19: Fix proposed to fuel-library (stable/5.0)

#12

Fix proposed to branch: stable/5.0
Review: https://review.openstack.org/115324

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2014-08-19: Fix merged to fuel-library (stable/5.0)

#13

Reviewed: https://review.openstack.org/115324
Committed: https://git.openstack.org/cgit/stackforge/fuel-library/commit/?id=2e55e9a7436ff6d833536c994e9d8eb68ab87eff
Submitter: Jenkins
Branch: stable/5.0

commit 2e55e9a7436ff6d833536c994e9d8eb68ab87eff
Author: Dmitry Ilyin <email address hidden>
Date: Mon Aug 11 20:43:14 2014 +0400

Add auth and remote connections support to MongoDB

    Add options to provide admin user login and
    password to be used while managing databases
    and users.

Admin user should have at least permissions
'root' and 'restore'.

    If there is no admin user mongo will work
    in 'localhost exception' mode allowing
    administration from the local interface.

Closes-Bug: 1354494

Change-Id: I253ee50523fba66586e7a42a7f0772adebe96e83

Revision history for this message

Dmitry Borodaenko (angdraug) wrote on 2014-08-19:

#14

Please submit this patch to upstream, so that in 6.0 (or later if it takes too long) we can resync with an upstream version that includes this functionality. Targeting to 6.0 as Medium to track that.

Revision history for this message

Bogdan Dobrelya (bogdando) wrote on 2014-11-28:

#15

Why this bug is open for 6.1?

Revision history for this message

Stanislaw Bogatkin (sbogatkin) wrote on 2015-02-16:

#16

We don't support that type of patching anymore. So, closed.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

fail_error_error_deploy_ceilometer_ha_with_mongo-2014_08_13__17_49_13.tar.gz Edit

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.