Kolla Ansible deploys TLS on every endpoint by default (public and private). Every service must talk to every other service using TLS, if you self sign the cert, it will deploy your root CA and 99% of the time where things hit a snag is that strict checking is on and the service in question does not use the custom root CA to verify the cert.
Here, I believe the issue is that skyline is trying to talk to keystone to get a token, domains etc and it fails there. Logging wise, this is all i see (The log indicates a protocol error - assumed = https)
raise LocalProtocolError("illegal request line")
h11._util.RemoteProtocolError: illegal request line <---
==> /var/log/kolla/skyline/skyline-access.log <==
==> /var/log/kolla/skyline/skyline-error.log <==
exc._reraise_as_remote_protocol_error()
File "/var/lib/kolla/venv/lib/python3.10/site-packages/h11/_util.py", line 76, in _reraise_as_remote_protocol_error
raise self
File "/var/lib/kolla/venv/lib/python3.10/site-packages/h11/_connection.py", line 425, in next_event
event = self._extract_next_receive_event()
File "/var/lib/kolla/venv/lib/python3.10/site-packages/h11/_connection.py", line 367, in _extract_next_receive_event
event = self._reader(self._receive_buffer)
File "/var/lib/kolla/venv/lib/python3.10/site-packages/h11/_readers.py", line 68, in maybe_read_from_IDLE_client
raise LocalProtocolError("illegal request line")
h11._util.RemoteProtocolError: illegal request line
==> /var/log/kolla/skyline/skyline.log <==
2023-07-04 22:19:14.214 | INFO | databases.core:connect:90 - Connected to database mysql://skyline:********@int.noel.openstack.tunninet.com:3306/skyline
2023-07-04 22:19:14.256 | INFO | databases.core:connect:90 - Connected to database mysql://skyline:********@int.noel.openstack.tunninet.com:3306/skyline
2023-07-04 22:19:14.360 | INFO | databases.core:connect:90 - Connected to database mysql://skyline:********@int.noel.openstack.tunninet.com:3306/skyline
2023-07-04 22:19:14.360 | INFO | databases.core:connect:90 - Connected to database mysql://skyline:********@int.noel.openstack.tunninet.com:3306/skyline
2023-07-04 22:19:14.375 | INFO | databases.core:connect:90 - Connected to database mysql://skyline:********@int.noel.openstack.tunninet.com:3306/skyline
Kolla Ansible deploys TLS on every endpoint by default (public and private). Every service must talk to every other service using TLS, if you self sign the cert, it will deploy your root CA and 99% of the time where things hit a snag is that strict checking is on and the service in question does not use the custom root CA to verify the cert.
Here, I believe the issue is that skyline is trying to talk to keystone to get a token, domains etc and it fails there. Logging wise, this is all i see (The log indicates a protocol error - assumed = https)
raise LocalProtocolEr ror("illegal request line") RemoteProtocolE rror: illegal request line <---
h11._util.
==> /var/log/ kolla/skyline/ skyline- access. log <==
==> /var/log/ kolla/skyline/ skyline- error.log <== _reraise_ as_remote_ protocol_ error() kolla/venv/ lib/python3. 10/site- packages/ h11/_util. py", line 76, in _reraise_ as_remote_ protocol_ error kolla/venv/ lib/python3. 10/site- packages/ h11/_connection .py", line 425, in next_event next_receive_ event() kolla/venv/ lib/python3. 10/site- packages/ h11/_connection .py", line 367, in _extract_ next_receive_ event self._receive_ buffer) kolla/venv/ lib/python3. 10/site- packages/ h11/_readers. py", line 68, in maybe_read_ from_IDLE_ client ror("illegal request line") RemoteProtocolE rror: illegal request line
exc.
File "/var/lib/
raise self
File "/var/lib/
event = self._extract_
File "/var/lib/
event = self._reader(
File "/var/lib/
raise LocalProtocolEr
h11._util.
==> /var/log/ kolla/skyline/ skyline. log <== core:connect: 90 - Connected to database mysql:/ /skyline: ******* *@int.noel. openstack. tunninet. com:3306/ skyline core:connect: 90 - Connected to database mysql:/ /skyline: ******* *@int.noel. openstack. tunninet. com:3306/ skyline core:connect: 90 - Connected to database mysql:/ /skyline: ******* *@int.noel. openstack. tunninet. com:3306/ skyline core:connect: 90 - Connected to database mysql:/ /skyline: ******* *@int.noel. openstack. tunninet. com:3306/ skyline core:connect: 90 - Connected to database mysql:/ /skyline: ******* *@int.noel. openstack. tunninet. com:3306/ skyline
2023-07-04 22:19:14.214 | INFO | databases.
2023-07-04 22:19:14.256 | INFO | databases.
2023-07-04 22:19:14.360 | INFO | databases.
2023-07-04 22:19:14.360 | INFO | databases.
2023-07-04 22:19:14.375 | INFO | databases.
==> /var/log/ kolla/skyline/ skyline- nginx-access. log <== 2023:08: 41:14 -0400] "0.000" "-" "GET /docs HTTP/2.0" 200 424 "-" "curl-healthcheck" "-" 2023:08: 41:44 -0400] "0.000" "-" "GET /docs HTTP/2.0" 200 424 "-" "curl-healthcheck" "-" 2023:08: 42:14 -0400] "0.000" "-" "GET /docs HTTP/2.0" 200 424 "-" "curl-healthcheck" "-" 2023:08: 42:44 -0400] "0.000" "-" "GET /docs HTTP/2.0" 200 424 "-" "curl-healthcheck" "-" 2023:08: 43:14 -0400] "0.000" "-" "GET /docs HTTP/2.0" 200 424 "-" "curl-healthcheck" "-" 2023:08: 43:44 -0400] "0.000" "-" "GET /docs HTTP/2.0" 200 424 "-" "curl-healthcheck" "-" 2023:08: 44:14 -0400] "0.000" "-" "GET /docs HTTP/2.0" 200 424 "-" "curl-healthcheck" "-" 2023:08: 44:45 -0400] "0.000" "-" "GET /docs HTTP/2.0" 200 424 "-" "curl-healthcheck" "-" 2023:08: 45:15 -0400] "0.000" "-" "GET /docs HTTP/2.0" 200 424 "-" "curl-healthcheck" "-" 2023:08: 45:45 -0400] "0.000" "-" "GET /docs HTTP/2.0" 200 424 "-" "curl-healthcheck" "-"
192.168.5.1 - - [06/Jul/
192.168.5.1 - - [06/Jul/
192.168.5.1 - - [06/Jul/
192.168.5.1 - - [06/Jul/
192.168.5.1 - - [06/Jul/
192.168.5.1 - - [06/Jul/
192.168.5.1 - - [06/Jul/
192.168.5.1 - - [06/Jul/
192.168.5.1 - - [06/Jul/
192.168.5.1 - - [06/Jul/
==> /var/log/ kolla/skyline/ skyline- nginx-error. log <==