Open Cloud Troubleshooting

Wednesday, 28 December 2016

Swift upload : Authorization Failure : Liberty | Solved

While uploading a text file to container I was getting authorization failure.

Error:

Authorization Failure. Authorization failed: An unexpected error prevented the server from fulfilling your request. (HTTP 500) (Request-ID: req-ba4faaad-4c19-4248-b474-b898ad8975a1)

In the Liberty version you need additional configurations in the swift proxy server.

Solution:

Edit the proxy config file and modify the content like below,

[filter:authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
auth_uri = http://controller/5000
auth_url = http://controller/35357
memcached_servers = controller:11211
auth_plugin = password
project_domain_name = default
user_domain_name = default
project_name = service
username = swift
password = swiftpassword
delay_auth_decision = True

swift stat - Authorization Failure - Liberty | Solved

I was installing Openstack Liberty version. While doing the swift configuration it gave me below error,

Error

root@controller:~# swift stat
Authorization Failure. Authorization failed: An unexpected error prevented the server from fulfilling your request. (HTTP 500) (Request-ID: req-dc0f530c-e642-4b51-a742-f19567002e01)

I was surprised to get an authorization error even though I have provided the credentials. Later I figured out the problem was not with the credentials, but with the version of keystone which I was using.

Solution

In the keystone version 1.7.1 we also need a region set along with the other variables while souring the admin / user credentials. So I edited my admin-openrc.sh file and added the entry,

export OS_REGION_NAME=RegionOne

Now "#swift stat" gives me the output as expected.

root@controller:~# swift stat
                        Account: AUTH_9e7ef26465a34f6bb18d16ba5499ff20
                     Containers: 1
                        Objects: 0
                          Bytes: 0
Containers in policy "policy-0": 1
   Objects in policy "policy-0": 0
     Bytes in policy "policy-0": 0
    X-Account-Project-Domain-Id: default
                    X-Timestamp: 1482851783.30541
                     X-Trans-Id: txdae1854e1a7847858e876-0058632946
                   Content-Type: text/plain; charset=utf-8
                  Accept-Ranges: bytes

Thursday, 1 September 2016

Router interface for subnet on router cannot be deleted, as it is required by one or more floating IPs

I was trying to reconfigure an Openstack router, but I got the below error ,

root@controller:~# neutron router-interface-delete router1 one-subnet
Router interface for subnet 9bf32c5e-f46f-4c27-b928-cee4b47034d8 on router 4f9ea791-d6ee-4e78-a891-5b282fd78a11 cannot be deleted, as it is required by one or more floating IPs.

FIX

Found out the floating IP information related to the router - router1

root@controller:~# neutron floatingip-list
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id                                   | fixed_ip_address | floating_ip_address | port_id                              |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| be36d2d9-a099-431f-babd-c23c13fb1ef4 | 10.1.1.153       | 10.1.12.135         | e62ded91-b309-4d7b-9f8b-384ab9c86db7 |
| dee50689-9600-4c62-9f4d-8a67dbaa1535 | 10.1.1.154       | 10.1.12.128         | 925a41ca-3faa-450f-8f70-e46aa9d92b89 |
+--------------------------------------+------------------+---------------------+--------------------------------------+
root@controller:~# neutron router-show router1
+-------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field                   | Value                                                                                                                                                                                   |
+-------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| admin_state_up          | True                                                                                                                                                                                    |
| availability_zone_hints |                                                                                                                                                                                         |
| availability_zones      | nova                                                                                                                                                                                    |
| description             |                                                                                                                                                                                         |
| distributed             | False                                                                                                                                                                                   |
| external_gateway_info   | {"network_id": "e15ecc33-c3a5-429d-b958-f3f378870b37", "enable_snat": true, "external_fixed_ips": [{"subnet_id": "1b1dd1f6-3be2-4204-a219-6b11bf6679f6", "ip_address": "10.1.12.127"}]} |
| ha                      | False                                                                                                                                                                                   |
| id                      | 4f9ea791-d6ee-4e78-a891-5b282fd78a11                                                                                                                                                    |
| name                    | router1                                                                                                                                                                                 |
| routes                  |                                                                                                                                                                                         |
| status                  | ACTIVE                                                                                                                                                                                  |
| tenant_id               | 04c68cc86c804486bf2484d9d28a6eca                                                                                                                                                        |
+-------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
root@controller:~# neutron router-port-list router1
+--------------------------------------+------+-------------------+------------------------------------------------------------------------------------+
| id                                   | name | mac_address       | fixed_ips                                                                          |
+--------------------------------------+------+-------------------+------------------------------------------------------------------------------------+
| 17589b8d-d9f4-466f-84b4-1e3b867e3a99 |      | fa:16:3e:8e:a7:93 | {"subnet_id": "9bf32c5e-f46f-4c27-b928-cee4b47034d8", "ip_address": "10.1.1.1"}    |
| a408faa5-6c70-4e1b-8aa8-01ded4239008 |      | fa:16:3e:28:dc:b8 | {"subnet_id": "1b1dd1f6-3be2-4204-a219-6b11bf6679f6", "ip_address": "10.1.12.127"} |
+--------------------------------------+------+-------------------+------------------------------------------------------------------------------------+

Then deleted the floating IPs

root@controller:~# neutron floatingip-delete be36d2d9-a099-431f-babd-c23c13fb1ef4
Deleted floatingip: be36d2d9-a099-431f-babd-c23c13fb1ef4
root@controller:~# neutron floatingip-delete dee50689-9600-4c62-9f4d-8a67dbaa1535
Deleted floatingip: dee50689-9600-4c62-9f4d-8a67dbaa1535

Then cleared the router configuration,

root@controller:~# neutron router-gateway-clear router1
Removed gateway from router router1
root@controller:~# neutron router-interface-delete router1 one-subnet
Removed interface from router router1.
root@controller:~# neutron router-show router1
+-------------------------+--------------------------------------+
| Field                   | Value                                |
+-------------------------+--------------------------------------+
| admin_state_up          | True                                 |
| availability_zone_hints |                                      |
| availability_zones      | nova                                 |
| description             |                                      |
| external_gateway_info   |                                      |
| id                      | 4f9ea791-d6ee-4e78-a891-5b282fd78a11 |
| name                    | router1                              |
| routes                  |                                      |
| status                  | ACTIVE                               |
| tenant_id               | 04c68cc86c804486bf2484d9d28a6eca     |
+-------------------------+--------------------------------------+

Thursday, 25 August 2016

Invalid input for operation: network_type value 'local' not supported

Tuesday, 23 August 2016

ssh-add Could not open a connection to your authentication agent

While adding a new key for cloud image, I was getting the below error.

root@controller:~# ssh-add key2.pem
Could not open a connection to your authentication agent.

FIX

We need to start the ssh agent / the agent must be running, prior to adding the newkey. So I followed below steps.

root@controller:~# eval `ssh-agent -s`
Agent pid 21609

root@controller:~# ssh-add key2.pem
Identity added: key2.pem (key2.pem)

Tuesday, 16 August 2016

chronyd is running and offline

Hi Guys,

While installing Openstack Liberty or Mitaka at the NTP implementation face you might have come across the below error.

"root@controller:/etc/chrony# service chrony restart
Restarting time daemon: Starting /usr/sbin/chronyd...
chronyd is running and offline."

"root@compute1:/etc/chrony# chronyc sources
506 Cannot talk to daemon"

Why this error ?

Chrony daemon try to bind with the localhost by default, but when it looks for it doesn't resolve to the desired IP address. This error usually comes when you comment out or remove the localhost entries from your /etc/hosts file.

Note: The openstack installation guide suggest you to put entries for controller,compute,block,object etc in your hosts file and take out the localhost entries, But this may not work in all the OS distributions.

Fix:-

Just put back the local host entries to /etc/hosts file.

root@controller:~# cat /etc/hosts
127.0.0.1       localhost
# controller
10.1.1.111       controller

# compute1
10.1.1.112       compute1

# block1
10.1.1.113      block1

# object1
10.1.1.114       object1

# object2
10.1.1.115      object2

Tuesday, 2 August 2016

Unable to complete operation on subnet One or more ports have an IP allocation from this subnet

root@controller:~# neutron net-list
+--------------------------------------+-------------+-----------------------------------------------------+
| id                                   | name        | subnets                                             |
+--------------------------------------+-------------+-----------------------------------------------------+
| 0d5e24d8-4123-4089-9c03-5072028dc782 | oneseries   |                                                     |
| a7386ebf-bb8f-4831-adb0-d87b49bd581c | provider    | 02d54463-d558-4b78-a081-07a278e52327 192.168.1.0/24 |
| 8a816987-d40d-4823-97a6-bb25bd158d7b | selfservice | eedfde36-bd92-43eb-b570-78eac106b615 10.1.12.192/26 |
|                                      |             | 19f3dab4-2ea8-4385-8c3b-69f47577f935 172.16.1.0/24 |
+--------------------------------------+-------------+-----------------------------------------------------+

When I tried to remove the subnet , I got the below error.

root@controller:~# neutron net-delete selfservice
Unable to complete operation on network 8a816987-d40d-4823-97a6-bb25bd158d7b. There are one or more ports still in use on the network.
Neutron server returns request_ids: ['req-6ba9f812-be4e-4339-91f3-c4ffb25c8ea3']

root@controller:~# neutron subnet-delete selfservice
Unable to complete operation on subnet 19f3dab4-2ea8-4385-8c3b-69f47577f935: One or more ports have an IP allocation from this subnet.
Neutron server returns request_ids: ['req-88bd0673-3041-493d-842b-7ab1b2076108']

root@controller:~# neutron subnet-delete oneseries
Unable to complete operation on subnet eedfde36-bd92-43eb-b570-78eac106b615: One or more ports have an IP allocation from this subnet.
Neutron server returns request_ids: ['req-3be34152-07d8-49f2-81b0-b262978fc198']

root@controller:~# neutron router-list
+--------------------------------------+--------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------+
| id                                   | name   | external_gateway_info                                                                                                                                                                     | distributed | ha    |
+--------------------------------------+--------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------+
| 7682cdda-f152-4eea-b35b-3a81dd91fd04 | router | {"network_id": "a7386ebf-bb8f-4831-adb0-d87b49bd581c", "enable_snat": true, "external_fixed_ips": [{"subnet_id": "02d54463-d558-4b78-a081-07a278e52327", "ip_address": "192.168.1.102"}]} | False       | False |
+--------------------------------------+--------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------+
root@controller:~# neutron router-gateway-clear router
Removed gateway from router router

root@controller:~# neutron router-interface-delete router oneseries
Removed interface from router router.

root@controller:~# neutron subnet-delete oneseries
Deleted subnet: oneseries

root@controller:~# neutron subnet-list
+--------------------------------------+-------------+----------------+----------------------------------------------------+
| id                                   | name        | cidr           | allocation_pools                                   |
+--------------------------------------+-------------+----------------+----------------------------------------------------+
| 02d54463-d558-4b78-a081-07a278e52327 | provider    | 192.168.1.0/24 | {"start": "192.168.1.101", "end": "192.168.1.200"} |
| 19f3dab4-2ea8-4385-8c3b-69f47577f935 | selfservice | 172.16.1.0/24 | {"start": "172.16.1.2", "end": "172.16.1.254"}     |
+--------------------------------------+-------------+----------------+----------------------------------------------------+

you may notice that the subnet "oneseries" was removed.