Ok, looks like I have found the problem on my own meanwhile: seems it was the
issue of missing client certificate line in the
/etc/pulp/consumer/consumer.conf config file in the [messaging] section:
[messaging]
# (tcp|ssl)
scheme = ssl
host = centos7.localdomain
port = 5671
transport = qpid
cacert = /etc/pki/pulp/qpid/ca.crt
clientcert =
so instead of the proper `/etc/pki/pulp/qpid/client.crt` it was using the
`/etc/pki/pulp/consumer/consumer-cert.pem` that was generated every time the
consumer was registering with the Pulp server.
After I changed the `clientcert =` line to
clientcert = /etc/pki/pulp/qpid/client.crt
and restarted the `goferd` daemon the `goferd` daemon was able to send all
messages through the Pulp server where `pulp.server.agent.direct.services` have
processed them all, and the bind of the `pcons1c7` consumer to the
`centos7-fasttrack` changed to ‘Confirmed’ state.
Best regards,
Roman
On Fri, Feb 13, 2015 at 8:07 AM, Roman Revyakin <[email protected]>
wrote:
> Hi guys,
> I am experiencing problems with the unconfirmed repository bindings for a
> Pulp consumer.
> I run Pulp server on CentOS 7.0.1406 and install Pulp from the upstream
> "stable" repository:
> https://repos.fedorapeople.org/repos/pulp/pulp/stable/2/7Server/x86_64/, here
> are the details:
> Pulp server: `2.5.3-1.el7` (`pulp-server-2.5.3-1.el7.noarch` and all relevant
> dependencies of the same version )
> Quid: `qpid-cpp-server-0.28-5.el7.x86_64`
> Pulp consumer: pulp-consumer-client-2.5.3-1.el7.noarch
> Messaging client:
> python-gofer-1.3.1-1.el7.noarch
> python-gofer-qpid-1.3.1-1.el7.noarch
> gofer-1.3.1-1.el7.noarch
> I try to use SSL for all traffic between the Pulp and qpid with self-signed
> SSL certificates. The `/etc/qpid/qpidd.conf` config file from the Pulp server:
> port=5672
> max-connections=65530
> worker-threads=17
> connection-backlog=10
> auth=no
> realm=QPID
> data-dir=/var/lib/qpidd
>
> # Had to allow unencrypted traffic as otherwise was getting protocol
> # errors when trying to connect with qpid-queue-stats to the queue
> require-encryption=no
> ssl-require-client-authentication=yes
> ssl-cert-db=/etc/pki/pulp/qpid/nss
> ssl-cert-password-file=/etc/pki/pulp/qpid/nss/password
> ssl-cert-name=broker
> ssl-port=5671
> And the
> [/etc/pulp/consumer/consumer.conf](https://gist.github.com/romanrev/e424c6640b5f01443e84).
> I provide below here the process that I followed in order to register the
> consumer and try to bind it to a repository from the Pulp server. Confirming
> there are no consumers registered with the Pulp server as yet:
> [vagrant@centos7 ~]$ pulp-admin -u xxxxx -p 'xxxxx' consumer list
> +----------------------------------------------------------------------+
> Consumers
> +----------------------------------------------------------------------+
> Now I register the consumer from the Pulp "client" `pcons1c7` machine:
> [vagrant@pcons1c7 pulp]$ sudo pulp-consumer -u xxxxx -p 'xxxxx' register
> --consumer-id pcons1c7
> Consumer [pcons1c7] successfully registered
> Confirmed on the server:
> [vagrant@centos7 ~]$ pulp-admin -u xxxxx -p 'xxxxx' consumer list
> +----------------------------------------------------------------------+
> Consumers
> +----------------------------------------------------------------------+
>
> Id: pcons1c7
> Display Name: pcons1c7
> Description: None
> Bindings:
> Notes:
> Confirming existing repository on the Pulp server:
> [vagrant@centos7 ~]$ pulp-admin -u xxxxx -p 'xxxxx' rpm repo list
> +----------------------------------------------------------------------+
> RPM Repositories
> +----------------------------------------------------------------------+
>
> Id: centos7-fasttrack
> Display Name: centos7-fasttrack
> Description: None
> Content Unit Counts:
> Drpm: 152
> Rpm: 155
> Trying to bind the consumer to the existing `centos-fasttrack` repository:
> [vagrant@pcons1c7 pulp]$ sudo pulp-consumer rpm bind --repo-id
> centos7-fasttrack
> Bind tasks successfully created:
>
> Task Id: 218c4601-adc0-4fe3-b643-a455fd26ff9d
> Can see the consumer binding on the server, however the binding is
> unconfirmed and remained so for indefinite time (have never observed it
> changing to "Confirmed")
> [vagrant@centos7 ~]$ pulp-admin -u xxxxx -p 'xxxxx' consumer list
> +----------------------------------------------------------------------+
> Consumers
> +----------------------------------------------------------------------+
>
> Id: pcons1c7
> Display Name: pcons1c7
> Description: None
> Bindings:
> Confirmed:
> Unconfirmed: centos7-fasttrack
> Notes:
> I have also tried to bind the consumer to repository using `pulp-admin` on
> the server, however the command hung forever:
> [vagrant@centos7 ~]$ pulp-admin -u xxxxx -p 'xxxxx' rpm consumer bind
> --repo-id centos7-fasttrack --consumer-id pcons1c7
> This command may be exited via ctrl+c without affecting the request.
>
>
> [-]
> Running...
> [-]
> Waiting to begin...
> I also observe the following errors in the `/var/log/messages`:
> Feb 12 16:05:58 centos7 qpidd: 2015-02-12 16:05:58 [System] error Error
> reading socket: Success(0)
>
> I can see the messages in the qpid queue, running the following command on
> the Pulp server:
> qpid-queue-stats -a qpid://[email protected]:5672
> ...
> qmfc-v2-ui-centos7.18060.1 9.99 0
> 0.10 0.10
> celeryev.5008aa02-e22b-488c-af22-c927b63b8cc4 10.00 0
> 0.80 0.80
> qmfc-v2-ui-centos7.18060.1 10.00 0
> 0.10 0.10
> celeryev.5008aa02-e22b-488c-af22-c927b63b8cc4 10.00 0
> 0.80 0.80
> pulp.agent.pcons1c7 60.00 16
> 0.02 0.00
> qmfc-v2-ui-centos7.18060.1 10.00 0
> 0.10 0.10
> celeryev.5008aa02-e22b-488c-af22-c927b63b8cc4 10.00 0
> 0.80 0.80
> qmfc-v2-ui-centos7.18060.1 10.00 0
> 0.10 0.10
> celeryev.5008aa02-e22b-488c-af22-c927b63b8cc4 10.00 0
> 0.80 0.80
> qmfc-v2-ui-centos7.18060.1 10.00 0
> 0.10 0.10
> ...
> Obviously all Pulp components are talking to qpid:
> pulp_resource_manager.service - Pulp Resource Manager
> Loaded: loaded
> (/usr/lib/systemd/system/pulp_resource_manager.service; enabled)
> Active: active (running) since Fri 2015-02-13 08:01:40 EST; 5s ago
> Main PID: 18669 (celery)
> CGroup: /system.slice/pulp_resource_manager.service
> ├─18669 /usr/bin/python /usr/bin/celery worker -A
> pulp.server.async.app -n resource_manager@%h -Q resource_manager -c 1
> --events --umask 18
> └─18682 /usr/bin/python /usr/bin/celery worker -A
> pulp.server.async.app -n resource_manager@%h -Q resource_manager -c 1
> --events --umask 18
>
> Feb 13 08:01:42 centos7 celery[18669]: - ** ---------- [config]
> Feb 13 08:01:42 centos7 celery[18669]: - ** ---------- .> app:
> tasks:0x2a0ded0
> Feb 13 08:01:42 centos7 celery[18669]: - ** ---------- .> transport:
> qpid://[email protected]:5671//
> Feb 13 08:01:42 centos7 celery[18669]: - ** ---------- .> results:
> mongodb
> Feb 13 08:01:42 centos7 celery[18669]: - *** --- * --- .> concurrency:
> 1 (prefork)
> Feb 13 08:01:42 centos7 celery[18669]: -- ******* ----
> Feb 13 08:01:42 centos7 celery[18669]: --- ***** ----- [queues]
> Feb 13 08:01:42 centos7 celery[18669]: -------------- .>
> resource_manager exchange=resource_manager(direct) key=resource_manager
> Feb 13 08:01:42 centos7 celery[18669]: .> [email protected]
> exchange=C.dq(direct) key=resource_manager@centos7
> Feb 13 08:01:42 centos7 pulp[18669]: celery.worker.consumer:INFO:
> Connected to qpid://[email protected]:5671//
> pulp_celerybeat.service - Pulp's Celerybeat
> Loaded: loaded (/usr/lib/systemd/system/pulp_celerybeat.service; enabled)
> Active: active (running) since Fri 2015-02-13 08:02:44 EST; 3s ago
> Main PID: 18712 (celery)
> CGroup: /system.slice/pulp_celerybeat.service
> └─18712 /usr/bin/python /usr/bin/celery beat
> --scheduler=pulp.server.async.scheduler.Scheduler
> Feb 13 08:02:44 centos7 systemd[1]: Started Pulp's Celerybeat.
> Feb 13 08:02:44 centos7 pulp[18712]: celery.beat:INFO: beat: Starting...
> Feb 13 08:02:44 centos7 pulp[18712]: pulp.server.async.scheduler:INFO:
> Worker Timeout Monitor Started
> Feb 13 08:02:44 centos7 pulp[18712]: pulp.server.db.connection:INFO:
> Database authentication enabled, attempting username/passwordauthentication.
> Feb 13 08:02:44 centos7 pulp[18712]: pulp.server.async.scheduler:INFO:
> Event Monitor Starting
> Feb 13 08:02:44 centos7 pulp[18712]: pulp.server.db.connection:INFO:
> Database connection established with: seeds = centos7:27017, name = pulp
> Feb 13 08:02:44 centos7 pulp[18712]: kombu.mixins:INFO: Connected to
> qpid://[email protected]:5671//
> I am sure I am doing something wrong, just cannot put my finger on what
> exactly. I would appreciate any help or hint with that regard.
> Thank you!
> With kind regards,
> Roman
_______________________________________________
Pulp-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/pulp-list
