Openstack Juno Rabbitmq Charm:配置文件丢失

tag-icon tag-icon 14.04 juju maas openstack rabbitmq
Openstack Juno Rabbitmq Charm:配置文件丢失

尝试在 14.04 上部署多节点 openstack Juno。这是我的 charm 配置文件:

nova-cloud-controller:
  openstack-origin: cloud:trusty-juno
  network-manager: "Neutron"
openstack-dashboard:
  openstack-origin: cloud:trusty-juno
keystone:
  openstack-origin: cloud:trusty-juno
glance:
  openstack-origin: cloud:trusty-juno
cinder:
  openstack-origin: cloud:trusty-juno
ext1-quantum-gateway:
  openstack-origin: cloud:trusty-juno
ext2-quantum-gateway:
  openstack-origin: cloud:trusty-juno
nova-compute:
  openstack-origin: cloud:trusty-juno

在 Juju gui 上,所有节点和关系线都是绿色的;但是,我无法访问 horizo​​n 下的 Project->Access&Security 页面。查看 rabbitmq 日志文件,似乎所有来自各种服务的访问都被拒绝:

# tail -f /var/log/rabbitmq/[email protected] | grep access_refused -B2 -A3
                 {amqp_error,access_refused,
                             "AMQPLAIN login refused: user 'neutron' - invalid credentials",
                             'connection.start_ok'}}

--
closing AMQP connection <0.17775.0> (10.0.0.77:34733 -> 10.0.0.60:5672):
{handshake_error,starting,0,
                 {amqp_error,access_refused,
                             "AMQPLAIN login refused: user 'neutron' - invalid credentials",
                             'connection.start_ok'}}

--
closing AMQP connection <0.17778.0> (10.0.0.77:34734 -> 10.0.0.60:5672):
{handshake_error,starting,0,
                 {amqp_error,access_refused,
                             "AMQPLAIN login refused: user 'neutron' - invalid credentials",
                             'connection.start_ok'}}

--
closing AMQP connection <0.17781.0> (10.0.0.77:34735 -> 10.0.0.60:5672):
{handshake_error,starting,0,
                 {amqp_error,access_refused,
                             "AMQPLAIN login refused: user 'neutron' - invalid credentials",
                             'connection.start_ok'}}

--
closing AMQP connection <0.17784.0> (10.0.0.77:34736 -> 10.0.0.60:5672):
{handshake_error,starting,0,
                 {amqp_error,access_refused,
                             "AMQPLAIN login refused: user 'neutron' - invalid credentials",
                             'connection.start_ok'}}

--
closing AMQP connection <0.17787.0> (10.0.0.75:54438 -> 10.0.0.60:5672):
{handshake_error,starting,0,
                 {amqp_error,access_refused,
                             "AMQPLAIN login refused: user 'neutron' - invalid credentials",
                             'connection.start_ok'}}

--
closing AMQP connection <0.17790.0> (10.0.0.62:39103 -> 10.0.0.60:5672):
{handshake_error,starting,0,
                 {amqp_error,access_refused,
                             "AMQPLAIN login refused: user 'nova' - invalid credentials",
                             'connection.start_ok'}}

--
closing AMQP connection <0.17793.0> (10.0.0.62:39104 -> 10.0.0.60:5672):
{handshake_error,starting,0,
                 {amqp_error,access_refused,
                             "AMQPLAIN login refused: user 'nova' - invalid credentials",
                             'connection.start_ok'}}

--
closing AMQP connection <0.17796.0> (10.0.0.62:39105 -> 10.0.0.60:5672):
{handshake_error,starting,0,
                 {amqp_error,access_refused,
                             "AMQPLAIN login refused: user 'nova' - invalid credentials",
                             'connection.start_ok'}}

--
closing AMQP connection <0.17799.0> (10.0.0.75:54439 -> 10.0.0.60:5672):
{handshake_error,starting,0,
                 {amqp_error,access_refused,
                             "AMQPLAIN login refused: user 'neutron' - invalid credentials",
                             'connection.start_ok'}}

--
closing AMQP connection <0.17803.0> (10.0.0.62:39106 -> 10.0.0.60:5672):
{handshake_error,starting,0,
                 {amqp_error,access_refused,
                             "AMQPLAIN login refused: user 'nova' - invalid credentials",
                             'connection.start_ok'}}

--
closing AMQP connection <0.17806.0> (10.0.0.62:39107 -> 10.0.0.60:5672):
{handshake_error,starting,0,
                 {amqp_error,access_refused,
                             "AMQPLAIN login refused: user 'nova' - invalid credentials",
                             'connection.start_ok'}}

--
closing AMQP connection <0.17809.0> (10.0.0.62:39108 -> 10.0.0.60:5672):
{handshake_error,starting,0,
                 {amqp_error,access_refused,
                             "AMQPLAIN login refused: user 'nova' - invalid credentials",
                             'connection.start_ok'}}

--
closing AMQP connection <0.17812.0> (10.0.0.62:39109 -> 10.0.0.60:5672):
{handshake_error,starting,0,
                 {amqp_error,access_refused,
                             "AMQPLAIN login refused: user 'nova' - invalid credentials",
                             'connection.start_ok'}}

--
closing AMQP connection <0.17815.0> (10.0.0.77:34737 -> 10.0.0.60:5672):
{handshake_error,starting,0,
                 {amqp_error,access_refused,
                             "AMQPLAIN login refused: user 'neutron' - invalid credentials",
                             'connection.start_ok'}}

查看 /etc/rabbitmq,我没有看到任何文件!删除和添加关系,每Juju 没有为 openstack 配置 rabbitmq?,并没有解决问题。以下是一些典型的诊断:

rabbitmqctl list_users
Listing users ...
cinder  []
glance  []
guest   [administrator]
nagios-rabbitmq-server-0    []
neutron []
nova    []
...done.
# rabbitmqctl list_permissions -p openstack
Listing permissions in vhost "openstack" ...
cinder  .*  .*  .*
glance  .*  .*  .*
neutron .*  .*  .*
nova    .*  .*  .*
...done.

rabbitmqctl list_vhosts
Listing vhosts ...
/
nagios-rabbitmq-server-0
openstack
...done.

有什么想法吗?
干杯,

编辑 1:似乎 cloud:trusty-juno charms 与 rabbitmq charm 不兼容。对于 cinder 和 nova-cloud-controller,必须设置 notification_driver = rabbit。此外,必须在 rabbitmq 服务器中为 nova、neutron 和 cinder 用户手动设置密码。在所有情况下,都必须手动重启相关服务。(请注意,对于 cinder 和 cloud-controller,juju 会覆盖 notification_driver。)不幸的是,仍然无法访问 Access&security 页面。Keystone 报告了以下内容:

(keystone.common.wsgi): 2014-11-24 23:51:42,238 WARNING Authorization failed. The request you have made requires authentication. from 10.0.0.62
(keystone.common.wsgi): 2014-11-24 23:51:42,251 WARNING Expecting to find username or userId in passwordCredentials - the server could not comply with the request since it is either malformed or otherwise incorrect. The client is assumed to be in error.

10.0.0.62 是 nova-cloud-controller。

编辑 2:(相对于第一个回应。)

# sudo rabbitmqctl cluster_status
Cluster status of node rabbit@rabbitmq1 ...
[{nodes,[{disc,[rabbit@rabbitmq1]}]},
 {running_nodes,[rabbit@rabbitmq1]},
 {partitions,[]}]
...done.

期待下一个版本。

答案1

支持 Juno OpenStack 版本的 charm 更新与 RabbitMQ charm 完全兼容 - 我们在日常 charm 开发周期中对任何 OpenStack charm 所做的每次提交都进行了测试。

RabbitMQ(rabbitmq-server)charm 应该会自动在 openstack vhost 下为所有相关服务创建用户,并通过关系数据向 cinder、nova、neutron 等提供密码...这一切都直接在 RabbitMQ 的底层状态数据库中完成 - 所以不要指望任何东西会出现在 /etc/rabbitmq 中!

由于某种原因,这个密码似乎与 RabbitMQ 中的密码不对应 - 您正在集群配置中运行,所以我想知道集群是否存在一些问题 - 尝试运行:

sudo rabbitmqctl cluster_status

在其中一个 RabbitMQ 节点上查看是否列出了所有单元;我怀疑 RabbitMQ 集群设置可能存在一些问题,并且您可能在某种裂脑配置中运行,因此远程服务的密码仅在 RabbitMQ 单元的子集中匹配。

我还检查了 cinder 和 nova-cc charms 的通知驱动程序配置;尽管它们使用的是较旧的弃用名称 rpc 驱动程序,但它会重新映射到正确的 oslo.messaging(共享 OpenStack 消息传递库)驱动程序。我们将在下一个开发周期直接使用 oslo.messaging 。

相关内容