On 19/08/15 03:44, Ethern Lin wrote:
Sorry for the cross-post, but it seems get more attention here. i do need any suggestion.
Please update https://bugs.launchpad.net/juniperopenstack/+bug/1480355 if you have any updates.
So long, there's a old version which won't break the contrail daemons (shouldn't be used in produciton, since security updates are of course not in them):
https://launchpad.net/~syseleven-platform/+archive/ubuntu/openjdk-freeze
Hi, I am installing the contrail 2.20 for ubuntu 14.04.2 in a single host(10.0.0.1). I have encountered lot of issue related to the ssl, like the installation process of fab setup_all list below: # python /opt/contrail/utils/provision_vrouter.py --host_name cfgm01 --host_ip 10.0.0.1 --api_server_ip 10.0.0.1 --oper add --admin_user admin --admin_password 1qazXSW2 --admin_tenant_name admin --openstack_ip 10.0.0.1 No handlers could be found for logger "vnc_api.vnc_api" 2015-08-16 11:08:58:283625: [[email protected]] out: Traceback (most recent call last): 2015-08-16 11:11:58:847926: [[email protected]] out: File "/opt/contrail/utils/provision_vrouter.py", line 186, in <module> 2015-08-16 11:11:58:848787: [[email protected]] out: main() 2015-08-16 11:11:58:849162: [[email protected]] out: File "/opt/contrail/utils/provision_vrouter.py", line 182, in main 2015-08-16 11:11:58:849548: [[email protected]] out: VrouterProvisioner(args_str) 2015-08-16 11:11:58:849948: [[email protected]] out: File "/opt/contrail/utils/provision_vrouter.py", line 42, in __init__ 2015-08-16 11:11:58:850286: [[email protected]] out: fq_name=['default-global-system-config']) 2015-08-16 11:11:58:850667: [[email protected]] out: File "/usr/lib/python2.7/dist-packages/vnc_api/gen/vnc_api_client_gen.py", line 1771, in global_system_config_read 2015-08-16 11:11:58:851042: [[email protected]] out: (args_ok, result) = self._read_args_to_id('global-system-config', fq_name, fq_name_str, id, ifmap_id) 2015-08-16 11:11:58:851486: [[email protected]] out: File "/usr/lib/python2.7/dist-packages/vnc_api/vnc_api.py", line 352, in _read_args_to_id 2015-08-16 11:11:58:852505: [[email protected]] out: return (True, self.fq_name_to_id(obj_type, fq_name)) 2015-08-16 11:11:58:852891: [[email protected]] out: File "/usr/lib/python2.7/dist-packages/vnc_api/vnc_api.py", line 459, in fq_name_to_id 2015-08-16 11:11:58:853293: [[email protected]] out: uri = self._action_uri['name-to-id'] 2015-08-16 11:11:58:853690: [[email protected]] out: File "/usr/lib/python2.7/dist-packages/vnc_api/vnc_api.py", line 60, in __getitem__ 2015-08-16 11:11:58:854077: [[email protected]] out: retry_on_error=False) 2015-08-16 11:11:58:854488: [[email protected]] out: File "/usr/lib/python2.7/dist-packages/vnc_api/vnc_api.py", line 422, in _request 2015-08-16 11:11:58:854957: [[email protected]] out: raise ServiceUnavailableError('Service Unavailable Timeout %d' % status) 2015-08-16 11:11:58:855467: [[email protected]] out: cfgm_common.exceptions.ServiceUnavailableError: Service unavailable time out due to: Service Unavailable Timeout 503 2015-08-16 11:11:58:855756: [[email protected]] out: 2015-08-16 11:11:58:865541: [[email protected]] out: Fatal error: local() encountered an error (return code 1) while executing 'python /opt/contrail/utils/provision_vrouter.py --host_name cfgm01 --host_ip 10.0.0.1 --api_server_ip 10.0.0.1 --oper add --admin_user admin --admin_password 1qazXSW2 --admin_tenant_name admin --openstack_ip 10.0.0.1' 2015-08-16 11:11:58:865878: [[email protected]] out: 2015-08-16 11:11:58:866119: [[email protected]] out: Aborting. 2015-08-16 11:11:58:866263: [[email protected]] out: 2015-08-16 11:11:58:930372: I solved this issue by reference the patch of https://review.opencontrail.org/#/c/12816/2/ifmap-python-patch1.diff Also comment out of the line # jdk.tls.disabledAlgorithms=SSLv3, DH keySize < 768 in /etc/java-7-openjdk/security/java.security and #jdk.tls.disabledAlgorithms=SSLv3 in /etc/java-6-openjdk/security/java.security After finished the fab setup_all, all work well except the control node connect to IF-MAP. root@cfgm01:~# contrail-status == Contrail vRouter == supervisor-vrouter: active contrail-vrouter-agent active contrail-vrouter-nodemgr active == Contrail Control == supervisor-control: active contrail-control initializing (Number of connections:4, Expected:5) contrail-control-nodemgr active contrail-dns active contrail-named active == Contrail Analytics == supervisor-analytics: active contrail-analytics-api active contrail-analytics-nodemgr active contrail-collector active contrail-query-engine active contrail-snmp-collector active contrail-topology active == Contrail Config == supervisor-config: active contrail-api:0 active contrail-config-nodemgr active contrail-device-manager active contrail-discovery:0 active contrail-schema active contrail-svc-monitor active ifmap active == Contrail Web UI == supervisor-webui: active contrail-webui active contrail-webui-middleware active == Contrail Database == supervisor-database: active contrail-database active contrail-database-nodemgr active == Contrail Support Services == supervisor-support-service: active rabbitmq-server active root@cfgm01:~# root@cfgm01:~# tail -f /var/log/contrail/contrail-control.log 2015-08-18 Tue 23:20:22:167.519 CST cfgm01 [Thread 140258279159552, Pid 20845]: IFMapStateMachine [SYS_WARN]: IFMapPeerConnError: sslv3 alert handshake failure SsrcConnect SsrcSslHandshake ifsm::EvConnectSuccess controller/src/ifmap/client/ifmap_state_machine.cc 915 root@cfgm01:~# tail -f /var/log/contrail/ifmap-server.log 2015-08-18 23:26:27,795 [pool-1-thread-1] DEBUG - EventProcessor: No session found for 10.0.0.1:47281:23076 2015-08-18 23:26:29,017 [pool-5-thread-1] DEBUG - ChannelAcceptor: New connection from 10.0.0.1:47297 on port 8443 2015-08-18 23:26:29,024 [pool-6-thread-14] ERROR - ChannelThread: Receiving request failed 2015-08-18 23:26:29,024 [pool-6-thread-14] ERROR - ChannelThread: SSLHandshakeException: Client doesn't know about our certificate (?) 2015-08-18 23:26:29,024 [pool-6-thread-14] ERROR - ChannelThread: Setting channel 10.0.0.1:47297:23077 into state 'BROKEN' 2015-08-18 23:26:29,024 [pool-1-thread-4] DEBUG - EventProcessor: Processing BadChannelEvent on 10.0.0.1:47297:23077 2015-08-18 23:26:29,025 [pool-1-thread-4] DEBUG - EventProcessor: No session found for 10.0.0.1:47297:23077 I have been stuck here for a long time, could anyone provide any clue to have any progress? cheers, Ethern
-- SysEleven GmbH Umspannwerk - Aufgang C Ohlauer Straße 43 10999 Berlin Tel +49 30 233 2012 0 Fax +49 30 616 755 50 http://www.syseleven.de http://www.facebook.com/SysEleven Firmensitz: Berlin Registergericht: AG Berlin Charlottenburg, HRB 108571 B Geschäftsführer: Marc Korthaus, Thomas Lohner _______________________________________________ Dev mailing list [email protected] http://lists.opencontrail.org/mailman/listinfo/dev_lists.opencontrail.org
