Juniper Openstack

  1. Bug #1463512
  2. Activity log

Activity log for bug #1463512

Date Who What changed Old value New value Message
2015-06-09 18:12:01 Vinod Nair bug added bug
2015-06-09 18:12:17 Vinod Nair nominated for series juniperopenstack/r2.20
2015-06-09 18:12:17 Vinod Nair bug task added juniperopenstack/r2.20
2015-06-09 18:12:17 Vinod Nair nominated for series juniperopenstack/trunk
2015-06-09 18:12:17 Vinod Nair bug task added juniperopenstack/trunk
2015-06-09 18:12:24 Vinod Nair juniperopenstack/r2.20: importance Undecided High
2015-06-09 18:12:26 Vinod Nair juniperopenstack/trunk: importance Undecided High
2015-06-09 18:12:39 Vinod Nair juniperopenstack/r2.20: assignee Divakar Dharanalakota (ddivakar)
2015-06-09 18:12:45 Vinod Nair juniperopenstack/r2.20: milestone r2.20-fcs
2015-06-09 18:12:48 Vinod Nair juniperopenstack/trunk: milestone r2.30-fcs
2015-06-09 18:15:20 Vinod Nair description SSL termination is not working with lbaas. The ha proxy config has the vip bindings to port 443 , but the ssl cert config is missing in the haproxy.conf cat /var/lib/contrail/loadbalancer/ebf5f87a-b2a3-4b6c-946b-89e1f4df9fc0/etc/haproxy/haproxy.cfg global daemon user nobody group nogroup stats socket /var/lib/contrail/loadbalancer/ebf5f87a-b2a3-4b6c-946b-89e1f4df9fc0/etc/haproxy/haproxy.cfg.sock mode 0666 level user defaults log global retries 3 option redispatch timeout connect 5000 timeout client 50000 timeout server 50000 listen contrail-config-stats :5937 mode http stats enable stats uri / stats auth haproxy:contrail123 frontend c5866fb4-00a4-4d35-bed6-3ac2bdd13334 bind 11.1.0.4:443 mode http default_backend ebf5f87a-b2a3-4b6c-946b-89e1f4df9fc0 backend ebf5f87a-b2a3-4b6c-946b-89e1f4df9fc0 mode http balance roundrobin server 136b3567-4aa3-4cfc-9e57-c8069fa61260 12.1.0.12:8080 weight 1 server 1ae4d088-e901-43fe-b18a-a3127eca303c 12.1.0.11:8080 weight 1 server 230060be-0353-45a6-9f50-07c7bc60a66a 12.1.0.1:8080 weight 1 server 2342bb68-0d28-4ebc-85fd-1a270f5a25b1 12.1.0.7:8080 weight 1 server 2957fd89-c08c-4130-b36d-1133bc80e9c8 12.1.0.16:8080 weight 1 server 68c49fdc-ddcc-498e-8b71-890866c1a07f 12.1.0.13:8080 weight 1 server 8f61b36a-c3f6-44d4-a672-fa3464b80d98 12.1.0.10:8080 weight 1 server a9c5034c-bc2f-4e74-ae26-fbd78277baff 12.1.0.3:8080 weight 1 server aafe9927-0451-436f-881c-9541635591e5 12.1.0.2:8080 weight 1 server ab505160-0baa-4341-8719-ad923be7e9bb 12.1.0.9:8080 weight 1 Version 2.20 Build 41 Juno 14.04 tried with below two options in agent,.conf haproxy_ssl_cert_path=/store/RSA4096.pem root@cs-scale-8:~# cat /etc/contrail/contrail-vrouter-agent.conf | grep haproxy_ssl_cert_path haproxy_ssl_cert_path=/store/RSA4096.pem haproxy_ssl_cert_path=/store/RSA4096.pem root@cs-scale-8:~# cat /etc/contrail/contrail-vrouter-agent.conf | grep haproxy_ssl_cert_path haproxy_ssl_cert_path=/store/ SSL termination is not working with lbaas. The ha proxy config has the vip bindings to port 443 , but the ssl cert config is missing in the haproxy.conf  cat /var/lib/contrail/loadbalancer/ebf5f87a-b2a3-4b6c-946b-89e1f4df9fc0/etc/haproxy/haproxy.cfg global     daemon     user nobody     group nogroup     stats socket /var/lib/contrail/loadbalancer/ebf5f87a-b2a3-4b6c-946b-89e1f4df9fc0/etc/haproxy/haproxy.cfg.sock mode 0666 level user defaults     log global     retries 3     option redispatch     timeout connect 5000     timeout client 50000     timeout server 50000 listen contrail-config-stats :5937     mode http     stats enable     stats uri /     stats auth haproxy:contrail123 frontend c5866fb4-00a4-4d35-bed6-3ac2bdd13334     bind 11.1.0.4:443     mode http     default_backend ebf5f87a-b2a3-4b6c-946b-89e1f4df9fc0 backend ebf5f87a-b2a3-4b6c-946b-89e1f4df9fc0     mode http     balance roundrobin     server 136b3567-4aa3-4cfc-9e57-c8069fa61260 12.1.0.12:8080 weight 1     server 1ae4d088-e901-43fe-b18a-a3127eca303c 12.1.0.11:8080 weight 1     server 230060be-0353-45a6-9f50-07c7bc60a66a 12.1.0.1:8080 weight 1     server 2342bb68-0d28-4ebc-85fd-1a270f5a25b1 12.1.0.7:8080 weight 1     server 2957fd89-c08c-4130-b36d-1133bc80e9c8 12.1.0.16:8080 weight 1     server 68c49fdc-ddcc-498e-8b71-890866c1a07f 12.1.0.13:8080 weight 1     server 8f61b36a-c3f6-44d4-a672-fa3464b80d98 12.1.0.10:8080 weight 1     server a9c5034c-bc2f-4e74-ae26-fbd78277baff 12.1.0.3:8080 weight 1     server aafe9927-0451-436f-881c-9541635591e5 12.1.0.2:8080 weight 1     server ab505160-0baa-4341-8719-ad923be7e9bb 12.1.0.9:8080 weight 1 Version 2.20 Build 41 Juno 14.04 tried with below two options in agent,.conf haproxy_ssl_cert_path=/store/RSA4096.pem root@cs-scale-8:~# cat /etc/contrail/contrail-vrouter-agent.conf | grep haproxy_ssl_cert_path haproxy_ssl_cert_path=/store/RSA4096.pem haproxy_ssl_cert_path=/store/RSA4096.pem root@cs-scale-8:~# cat /etc/contrail/contrail-vrouter-agent.conf | grep haproxy_ssl_cert_path haproxy_ssl_cert_path=/store/
2015-06-09 18:16:06 Vinod Nair description SSL termination is not working with lbaas. The ha proxy config has the vip bindings to port 443 , but the ssl cert config is missing in the haproxy.conf  cat /var/lib/contrail/loadbalancer/ebf5f87a-b2a3-4b6c-946b-89e1f4df9fc0/etc/haproxy/haproxy.cfg global     daemon     user nobody     group nogroup     stats socket /var/lib/contrail/loadbalancer/ebf5f87a-b2a3-4b6c-946b-89e1f4df9fc0/etc/haproxy/haproxy.cfg.sock mode 0666 level user defaults     log global     retries 3     option redispatch     timeout connect 5000     timeout client 50000     timeout server 50000 listen contrail-config-stats :5937     mode http     stats enable     stats uri /     stats auth haproxy:contrail123 frontend c5866fb4-00a4-4d35-bed6-3ac2bdd13334     bind 11.1.0.4:443     mode http     default_backend ebf5f87a-b2a3-4b6c-946b-89e1f4df9fc0 backend ebf5f87a-b2a3-4b6c-946b-89e1f4df9fc0     mode http     balance roundrobin     server 136b3567-4aa3-4cfc-9e57-c8069fa61260 12.1.0.12:8080 weight 1     server 1ae4d088-e901-43fe-b18a-a3127eca303c 12.1.0.11:8080 weight 1     server 230060be-0353-45a6-9f50-07c7bc60a66a 12.1.0.1:8080 weight 1     server 2342bb68-0d28-4ebc-85fd-1a270f5a25b1 12.1.0.7:8080 weight 1     server 2957fd89-c08c-4130-b36d-1133bc80e9c8 12.1.0.16:8080 weight 1     server 68c49fdc-ddcc-498e-8b71-890866c1a07f 12.1.0.13:8080 weight 1     server 8f61b36a-c3f6-44d4-a672-fa3464b80d98 12.1.0.10:8080 weight 1     server a9c5034c-bc2f-4e74-ae26-fbd78277baff 12.1.0.3:8080 weight 1     server aafe9927-0451-436f-881c-9541635591e5 12.1.0.2:8080 weight 1     server ab505160-0baa-4341-8719-ad923be7e9bb 12.1.0.9:8080 weight 1 Version 2.20 Build 41 Juno 14.04 tried with below two options in agent,.conf haproxy_ssl_cert_path=/store/RSA4096.pem root@cs-scale-8:~# cat /etc/contrail/contrail-vrouter-agent.conf | grep haproxy_ssl_cert_path haproxy_ssl_cert_path=/store/RSA4096.pem haproxy_ssl_cert_path=/store/RSA4096.pem root@cs-scale-8:~# cat /etc/contrail/contrail-vrouter-agent.conf | grep haproxy_ssl_cert_path haproxy_ssl_cert_path=/store/ SSL termination is not working with lbaas. The ha proxy config has the vip bindings to port 443 , but the ssl cert config is missing in the haproxy.conf  cat /var/lib/contrail/loadbalancer/ebf5f87a-b2a3-4b6c-946b-89e1f4df9fc0/etc/haproxy/haproxy.cfg global     daemon     user nobody     group nogroup     stats socket /var/lib/contrail/loadbalancer/ebf5f87a-b2a3-4b6c-946b-89e1f4df9fc0/etc/haproxy/haproxy.cfg.sock mode 0666 level user defaults     log global     retries 3     option redispatch     timeout connect 5000     timeout client 50000     timeout server 50000 listen contrail-config-stats :5937     mode http     stats enable     stats uri /     stats auth haproxy:contrail123 frontend c5866fb4-00a4-4d35-bed6-3ac2bdd13334     bind 11.1.0.4:443     mode http     default_backend ebf5f87a-b2a3-4b6c-946b-89e1f4df9fc0 backend ebf5f87a-b2a3-4b6c-946b-89e1f4df9fc0     mode http     balance roundrobin     server 136b3567-4aa3-4cfc-9e57-c8069fa61260 12.1.0.12:8080 weight 1     server 1ae4d088-e901-43fe-b18a-a3127eca303c 12.1.0.11:8080 weight 1     server 230060be-0353-45a6-9f50-07c7bc60a66a 12.1.0.1:8080 weight 1     server 2342bb68-0d28-4ebc-85fd-1a270f5a25b1 12.1.0.7:8080 weight 1     server 2957fd89-c08c-4130-b36d-1133bc80e9c8 12.1.0.16:8080 weight 1     server 68c49fdc-ddcc-498e-8b71-890866c1a07f 12.1.0.13:8080 weight 1     server 8f61b36a-c3f6-44d4-a672-fa3464b80d98 12.1.0.10:8080 weight 1     server a9c5034c-bc2f-4e74-ae26-fbd78277baff 12.1.0.3:8080 weight 1     server aafe9927-0451-436f-881c-9541635591e5 12.1.0.2:8080 weight 1     server ab505160-0baa-4341-8719-ad923be7e9bb 12.1.0.9:8080 weight 1 Version 2.20 Build 41 Juno 14.04 tried with below two options in agent,.conf haproxy_ssl_cert_path=/store/RSA4096.pem root@cs-scale-8:~# cat /etc/contrail/contrail-vrouter-agent.conf | grep haproxy_ssl_cert_path haproxy_ssl_cert_path=/store/RSA4096.pem haproxy_ssl_cert_path=/store/RSA4096.pem root@cs-scale-8:~# cat /etc/contrail/contrail-vrouter-agent.conf | grep haproxy_ssl_cert_path haproxy_ssl_cert_path=/store/ VIP-CONFIG ============ neutron --os-tenant-name=PROJ1 lb-vip-create --name FESSL-VIP --protocol-port 443 --protocol HTTP --subnet-id VIP1-SUBNET1 POOL2
2015-06-11 01:01:10 OpenContrail Admin information type Proprietary Public
2015-06-11 04:40:43 Divakar Dharanalakota juniperopenstack/r2.20: status New Invalid
2015-06-11 04:40:47 Divakar Dharanalakota juniperopenstack/trunk: status New Invalid