Contrail :: 16.04 build 4 Ocata :: metadata ssl fails.
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
Juniper Openstack | Status tracked in Trunk | |||||
R4.1 |
Fix Committed
|
Critical
|
Ramprakash R | |||
Trunk |
Fix Committed
|
Critical
|
Ramprakash R |
Bug Description
Setup:- R4.1 build 3 Ocata multi node setup.
nodei19 10.204.217.131 openstack
nodec28 10.204.217.13 controller, analytics, analyticsdb
nodec10 10.204.217.176 controller, analytics, analyticsdb
nodec33 10.204.217.168 controller, analytics, analyticsdb
nodeg37 10.204.217.77 lb
nodei17 10.204.217.129 compute
nodei20 10.204.217.132 compute
*******
*******
metadata ssl fails and seeing a traceback in metadata service logs
Created VM on nodei17 and sent request to the service ip
ubuntu@
<html>
<head>
<title>502 Bad Gateway</title>
</head>
</html>
ubuntu@
curl: (7) couldn't connect to host
ubuntu@
*******
*******
configuration on nova and vrouter agent side looks fine:-
root@nodei17:~# grep -rn metadata /etc/contrail/
206:metadata_
207:metadata_
208:metadata_
210:metadata_
root@nodei19:~# docker exec -it nova_api cat /etc/nova/nova.conf | grep ssl
enabled_ssl_apis = metadata
ssl_cert_file = /etc/nova/
ssl_key_file = /etc/nova/
ssl_ca_file = /etc/nova/
root@nodei19:~#
*******
*******
Traceback seen in neutron metadata agent
2017-11-23 16:35:38.702 7 ERROR neutron.
2017-11-23 16:35:38.702 7 ERROR neutron.
2017-11-23 16:35:38.702 7 ERROR neutron.
2017-11-23 16:35:38.702 7 ERROR neutron.
2017-11-23 16:35:38.702 7 ERROR neutron.
2017-11-23 16:35:38.702 7 ERROR neutron.
2017-11-23 16:35:38.702 7 ERROR neutron.
2017-11-23 16:35:38.702 7 ERROR neutron.
2017-11-23 16:35:38.702 7 ERROR neutron.
2017-11-23 16:35:38.702 7 ERROR neutron.
2017-11-23 16:35:38.702 7 ERROR neutron.
2017-11-23 16:35:38.702 7 ERROR neutron.
2017-11-23 16:35:38.702 7 ERROR neutron.
2017-11-23 16:35:38.702 7 ERROR neutron.
2017-11-23 16:35:38.702 7 ERROR neutron.
2017-11-23 16:35:38.702 7 ERROR neutron.
2017-11-23 16:35:38.702 7 ERROR neutron.
2017-11-23 16:35:38.702 7 ERROR neutron.
2017-11-23 16:35:38.702 7 ERROR neutron.
2017-11-23 16:35:38.702 7 ERROR neutron.
2017-11-23 16:35:38.703 7 WARNING oslo.service.
*******
*******
I see nova listening on 8775 for metadata service connections:-
root@nodei19:~# netstat -anp | grep 8775
tcp 0 0 192.168.100.15:8775 0.0.0.0:* LISTEN 11356/python
tcp 0 0 10.204.217.184:8775 0.0.0.0:* LISTEN 28932/haproxy
tcp 0 0 192.168.100.20:8775 0.0.0.0:* LISTEN 28932/haproxy
root@nodei19:~#
tags: |
added: nova vrouter removed: vro |
Changed in juniperopenstack: | |
assignee: | nobody → Kumar Harsh (hkumar) |
Changed in juniperopenstack: | |
importance: | High → Critical |
Changed in juniperopenstack: | |
importance: | Critical → High |
Changed in juniperopenstack: | |
assignee: | Kumar Harsh (hkumar) → Ramprakash R (ramprakash) |
2017-11-24 10:04:13.954 MetadataTrace: GET request for VM : 141.131.186.3 URL : controller/ src/vnsw/ agent/services/ metadata_ proxy.cc 185 src/vnsw/ agent/services/ metadata_ proxy.cc 268
2017-11-24 10:04:13.957 MetadataTrace: Metadata for VM : 141.131.186.3 Error : SSL connect error controller/