Re: [openstack-dev] [Neutron][LBaaS][barbican]TLS container could not be found
uot;, line 141, in abort
2016-06-10 12:25:28.184 TRACE barbican.api.controllers exec('raise
webob_exception, None, traceback')
2016-06-10 12:25:28.184 TRACE barbican.api.controllers File
"/opt/stack/barbican/barbican/api/controllers/consumers.py", line 141, in
on_post
2016-06-10 12:25:28.184 TRACE barbican.api.controllers
external_project_id)
2016-06-10 12:25:28.184 TRACE barbican.api.controllers File
"/opt/stack/barbican/barbican/model/repositories.py", line 364, in get
2016-06-10 12:25:28.184 TRACE barbican.api.controllers
_raise_entity_not_found(self._do_entity_name(), entity_id)
2016-06-10 12:25:28.184 TRACE barbican.api.controllers File
"/opt/stack/barbican/barbican/model/repositories.py", line 2250, in
_raise_entity_not_found
2016-06-10 12:25:28.184 TRACE barbican.api.controllers id=entity_id))
2016-06-10 12:25:28.184 TRACE barbican.api.controllers HTTPNotFound: Not
Found. Sorry but your container is in another castle.
2016-06-10 12:25:28.184 TRACE barbican.api.controllers
2016-06-10 12:25:28.187 INFO barbican.api.middleware.context
[req-4aebc499-b92d-4ab1-8b0e-52f12ddabdd2 d2d0cb2842eb450ebe032d70bcaeeb3b
d24f00aff0b24f4ea7f37d193129d532] Processed request: 404 Not Found - POST
http://192.168.100.149:9311/v1/containers/8daec3a0-1582-4d59-ba04-be11d0c2d036/consumers/
Thank you,
Jiahao Liang
On Mon, Feb 29, 2016 at 5:07 PM, Madhusudhan Kandadai <
madhusudhan.openst...@gmail.com> wrote:
> Okay, Figured out the issue.When debugging, I was trying to create lb and
> barbican clients with different users. Thanks guys!
>
> On Mon, Feb 29, 2016 at 2:07 PM, Phillip Toohill <
> phillip.tooh...@rackspace.com> wrote:
>
>> Is the create LB happening on a different user than the one that created
>> the barbican container? Maybe im not looking at it right, but cant tell
>> from this.
>>
>>
>> Phillip V. Toohill III
>> Software Developer
>> phone: 210-312-4366
>> mobile: 210-440-8374
>>
>>
>>
>> --
>> *From:* Madhusudhan Kandadai <madhusudhan.openst...@gmail.com>
>> *Sent:* Monday, February 29, 2016 3:47 PM
>>
>> *To:* OpenStack Development Mailing List (not for usage questions)
>> *Subject:* Re: [openstack-dev] [Neutron][LBaaS][barbican]TLS container
>> could not be found
>>
>> Is what I can see the error logs in barbican svc screen while I create
>> TLS listener like this:
>> http://paste.openstack.org/show/xVl9iuJtGW03fCGetDm3/
>>
>> 2016-02-29 13:42:55.222 INFO barbican.api.middleware.context
>> [req-65fd0f08-4c1e-4b2f-9cbd-64f186365077 afaa5d797f3543369d05e370a543ef9d
>> c141e106a7424d1a8316cf03a8c91e40] Processed request: 404 Not Found - POST
>> http://192.168.109.129:9311/v1/containers/d96dccd5-0d39-4f67-ba3a-366a84cfd371/consumers/
>> {address space usage: 220770304 bytes/210MB} {rss usage: 101371904
>> bytes/96MB} [pid: 52558|app: 0|req: 75/75] 192.168.109.129 () {34 vars in
>> 598 bytes} [Mon Feb 29 13:42:55 2016] POST
>> /v1/containers/d96dccd5-0d39-4f67-ba3a-366a84cfd371/consumers/ => generated
>> 111 bytes in 214 msecs (HTTP/1.1 404) 4 headers in 179 bytes (1 switches on
>> core 0)
>> 2016-02-29 13:43:17.397 ERROR barbican.model.repositories
>> [req-0554f272-f711-49b7-a1f7-3b8bc87b431b afaa5d797f3543369d05e370a543ef9d
>> c141e106a7424d1a8316cf03a8c91e40] Not found for
>> d96dccd5-0d39-4f67-ba3a-366a84cfd371
>> 2016-02-29 13:43:17.397 TRACE barbican.model.repositories Traceback (most
>> recent call last):
>> 2016-02-29 13:43:17.397 TRACE barbican.model.repositories File
>> "/opt/stack/barbican/barbican/model/repositories.py", line 354, in get
>> 2016-02-29 13:43:17.397 TRACE barbican.model.repositories entity =
>> query.one()
>> 2016-02-29 13:43:17.397 TRACE barbican.model.repositories File
>> "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/query.py", line
>> 2699, in one
>> 2016-02-29 13:43:17.397 TRACE barbican.model.repositories raise
>> orm_exc.NoResultFound("No row was found for one()")
>> 2016-02-29 13:43:17.397 TRACE barbican.model.repositories NoResultFound:
>> No row was found for one()
>> 2016-02-29 13:43:17.397 TRACE barbican.model.repositories
>> 2016-02-29 13:43:17.398 ERROR barbican.api.controllers
>> [req-0554f272-f711-49b7-a1f7-3b8bc87b431b afaa5d797f3543369d05e370a543ef9d
>> c141e106a7424d1a8316cf03a8c91e40] Webob error seen
>> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers Traceback (most
>> recent call last):
>> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers File
>> "/opt/stack/barbican/barbican/api/controllers/__init__.py", line 104, in
>> handler
Re: [openstack-dev] [Neutron][LBaaS][barbican]TLS container could not be found
Okay, Figured out the issue.When debugging, I was trying to create lb and
barbican clients with different users. Thanks guys!
On Mon, Feb 29, 2016 at 2:07 PM, Phillip Toohill <
phillip.tooh...@rackspace.com> wrote:
> Is the create LB happening on a different user than the one that created
> the barbican container? Maybe im not looking at it right, but cant tell
> from this.
>
>
> Phillip V. Toohill III
> Software Developer
> phone: 210-312-4366
> mobile: 210-440-8374
>
>
>
> --
> *From:* Madhusudhan Kandadai <madhusudhan.openst...@gmail.com>
> *Sent:* Monday, February 29, 2016 3:47 PM
>
> *To:* OpenStack Development Mailing List (not for usage questions)
> *Subject:* Re: [openstack-dev] [Neutron][LBaaS][barbican]TLS container
> could not be found
>
> Is what I can see the error logs in barbican svc screen while I create TLS
> listener like this: http://paste.openstack.org/show/xVl9iuJtGW03fCGetDm3/
>
> 2016-02-29 13:42:55.222 INFO barbican.api.middleware.context
> [req-65fd0f08-4c1e-4b2f-9cbd-64f186365077 afaa5d797f3543369d05e370a543ef9d
> c141e106a7424d1a8316cf03a8c91e40] Processed request: 404 Not Found - POST
> http://192.168.109.129:9311/v1/containers/d96dccd5-0d39-4f67-ba3a-366a84cfd371/consumers/
> {address space usage: 220770304 bytes/210MB} {rss usage: 101371904
> bytes/96MB} [pid: 52558|app: 0|req: 75/75] 192.168.109.129 () {34 vars in
> 598 bytes} [Mon Feb 29 13:42:55 2016] POST
> /v1/containers/d96dccd5-0d39-4f67-ba3a-366a84cfd371/consumers/ => generated
> 111 bytes in 214 msecs (HTTP/1.1 404) 4 headers in 179 bytes (1 switches on
> core 0)
> 2016-02-29 13:43:17.397 ERROR barbican.model.repositories
> [req-0554f272-f711-49b7-a1f7-3b8bc87b431b afaa5d797f3543369d05e370a543ef9d
> c141e106a7424d1a8316cf03a8c91e40] Not found for
> d96dccd5-0d39-4f67-ba3a-366a84cfd371
> 2016-02-29 13:43:17.397 TRACE barbican.model.repositories Traceback (most
> recent call last):
> 2016-02-29 13:43:17.397 TRACE barbican.model.repositories File
> "/opt/stack/barbican/barbican/model/repositories.py", line 354, in get
> 2016-02-29 13:43:17.397 TRACE barbican.model.repositories entity =
> query.one()
> 2016-02-29 13:43:17.397 TRACE barbican.model.repositories File
> "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/query.py", line
> 2699, in one
> 2016-02-29 13:43:17.397 TRACE barbican.model.repositories raise
> orm_exc.NoResultFound("No row was found for one()")
> 2016-02-29 13:43:17.397 TRACE barbican.model.repositories NoResultFound:
> No row was found for one()
> 2016-02-29 13:43:17.397 TRACE barbican.model.repositories
> 2016-02-29 13:43:17.398 ERROR barbican.api.controllers
> [req-0554f272-f711-49b7-a1f7-3b8bc87b431b afaa5d797f3543369d05e370a543ef9d
> c141e106a7424d1a8316cf03a8c91e40] Webob error seen
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers Traceback (most
> recent call last):
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers File
> "/opt/stack/barbican/barbican/api/controllers/__init__.py", line 104, in
> handler
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers return fn(inst,
> *args, **kwargs)
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers File
> "/opt/stack/barbican/barbican/api/controllers/__init__.py", line 90, in
> enforcer
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers return fn(inst,
> *args, **kwargs)
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers File
> "/opt/stack/barbican/barbican/api/controllers/__init__.py", line 146, in
> content_types_enforcer
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers return fn(inst,
> *args, **kwargs)
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers File
> "/opt/stack/barbican/barbican/api/controllers/consumers.py", line 143, in
> on_post
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers
> controllers.containers.container_not_found()
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers File
> "/opt/stack/barbican/barbican/api/controllers/containers.py", line 36, in
> container_not_found
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers
> pecan.abort(404, u._('Not Found. Sorry but your container is in '
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers File
> "/usr/local/lib/python2.7/dist-packages/pecan/core.py", line 141, in abort
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers exec('raise
> webob_exception, None, traceback')
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers File
> "/opt/stack/barbican/barbican/api/controllers/consumers.py", line 141, in
> on_post
> 2016-02-29 13:43:17.398 TRACE barbica
Re: [openstack-dev] [Neutron][LBaaS][barbican]TLS container could not be found
As Adam stated, it could be any of those reasons. Mainly look for the
credentials defined under [service_auth] section of lbaas conf file. Most
importantly the credentials, tenant (or project) name should be the same as
the user that created the container. This is assuming you aren't using
ACLs'.
On Mon, Feb 29, 2016 at 2:07 PM, Phillip Toohill <
phillip.tooh...@rackspace.com> wrote:
> Is the create LB happening on a different user than the one that created
> the barbican container? Maybe im not looking at it right, but cant tell
> from this.
>
>
> Phillip V. Toohill III
> Software Developer
> phone: 210-312-4366
> mobile: 210-440-8374
>
>
>
> --
> *From:* Madhusudhan Kandadai <madhusudhan.openst...@gmail.com>
> *Sent:* Monday, February 29, 2016 3:47 PM
>
> *To:* OpenStack Development Mailing List (not for usage questions)
> *Subject:* Re: [openstack-dev] [Neutron][LBaaS][barbican]TLS container
> could not be found
>
> Is what I can see the error logs in barbican svc screen while I create TLS
> listener like this: http://paste.openstack.org/show/xVl9iuJtGW03fCGetDm3/
>
> 2016-02-29 13:42:55.222 INFO barbican.api.middleware.context
> [req-65fd0f08-4c1e-4b2f-9cbd-64f186365077 afaa5d797f3543369d05e370a543ef9d
> c141e106a7424d1a8316cf03a8c91e40] Processed request: 404 Not Found - POST
> http://192.168.109.129:9311/v1/containers/d96dccd5-0d39-4f67-ba3a-366a84cfd371/consumers/
> {address space usage: 220770304 bytes/210MB} {rss usage: 101371904
> bytes/96MB} [pid: 52558|app: 0|req: 75/75] 192.168.109.129 () {34 vars in
> 598 bytes} [Mon Feb 29 13:42:55 2016] POST
> /v1/containers/d96dccd5-0d39-4f67-ba3a-366a84cfd371/consumers/ => generated
> 111 bytes in 214 msecs (HTTP/1.1 404) 4 headers in 179 bytes (1 switches on
> core 0)
> 2016-02-29 13:43:17.397 ERROR barbican.model.repositories
> [req-0554f272-f711-49b7-a1f7-3b8bc87b431b afaa5d797f3543369d05e370a543ef9d
> c141e106a7424d1a8316cf03a8c91e40] Not found for
> d96dccd5-0d39-4f67-ba3a-366a84cfd371
> 2016-02-29 13:43:17.397 TRACE barbican.model.repositories Traceback (most
> recent call last):
> 2016-02-29 13:43:17.397 TRACE barbican.model.repositories File
> "/opt/stack/barbican/barbican/model/repositories.py", line 354, in get
> 2016-02-29 13:43:17.397 TRACE barbican.model.repositories entity =
> query.one()
> 2016-02-29 13:43:17.397 TRACE barbican.model.repositories File
> "/usr/local/lib/python2.7/dist-packages/sqlalchemy/orm/query.py", line
> 2699, in one
> 2016-02-29 13:43:17.397 TRACE barbican.model.repositories raise
> orm_exc.NoResultFound("No row was found for one()")
> 2016-02-29 13:43:17.397 TRACE barbican.model.repositories NoResultFound:
> No row was found for one()
> 2016-02-29 13:43:17.397 TRACE barbican.model.repositories
> 2016-02-29 13:43:17.398 ERROR barbican.api.controllers
> [req-0554f272-f711-49b7-a1f7-3b8bc87b431b afaa5d797f3543369d05e370a543ef9d
> c141e106a7424d1a8316cf03a8c91e40] Webob error seen
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers Traceback (most
> recent call last):
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers File
> "/opt/stack/barbican/barbican/api/controllers/__init__.py", line 104, in
> handler
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers return fn(inst,
> *args, **kwargs)
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers File
> "/opt/stack/barbican/barbican/api/controllers/__init__.py", line 90, in
> enforcer
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers return fn(inst,
> *args, **kwargs)
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers File
> "/opt/stack/barbican/barbican/api/controllers/__init__.py", line 146, in
> content_types_enforcer
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers return fn(inst,
> *args, **kwargs)
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers File
> "/opt/stack/barbican/barbican/api/controllers/consumers.py", line 143, in
> on_post
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers
> controllers.containers.container_not_found()
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers File
> "/opt/stack/barbican/barbican/api/controllers/containers.py", line 36, in
> container_not_found
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers
> pecan.abort(404, u._('Not Found. Sorry but your container is in '
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers File
> "/usr/local/lib/python2.7/dist-packages/pecan/core.py", line 141, in abort
> 2016-02-29 13:43:17.398 TRACE barbican.api.controllers exec('raise
> webob_exception, None, traceback')
> 2016-02-29 13:43:17.398 TRACE bar
Re: [openstack-dev] [Neutron][LBaaS][barbican]TLS container could not be found
/v1/containers/d96dccd5-0d39-4f67-ba3a-366a84cfd371/consumers/ => generated
111 bytes in 63 msecs (HTTP/1.1 404) 4 headers in 179 bytes (1 switches on
core 0)
On Mon, Feb 29, 2016 at 1:40 PM, Phillip Toohill <
phillip.tooh...@rackspace.com> wrote:
> To further my thoughts, as Adam mentioned, it could be a user issue, which
> to me is what it sounds like. So being able to view the config and have
> other information is pertinent to solving the issue.
>
>
> Phillip V. Toohill III
> Software Developer
> phone: 210-312-4366
> mobile: 210-440-8374
>
>
>
> --
> *From:* Phillip Toohill <phillip.tooh...@rackspace.com>
> *Sent:* Monday, February 29, 2016 3:33 PM
>
> *To:* OpenStack Development Mailing List (not for usage questions)
> *Subject:* Re: [openstack-dev] [Neutron][LBaaS][barbican]TLS container
> could not be found
>
>
> We could use some more information.
>
>
> Phillip V. Toohill III
> Software Developer
> phone: 210-312-4366
> mobile: 210-440-8374
>
>
>
> ------------------
> *From:* Madhusudhan Kandadai <madhusudhan.openst...@gmail.com>
> *Sent:* Monday, February 29, 2016 3:21 PM
> *To:* OpenStack Development Mailing List (not for usage questions)
> *Subject:* Re: [openstack-dev] [Neutron][LBaaS][barbican]TLS container
> could not be found
>
> Wondering, have you guys figured out this issue? I am seeing the same
> problem that Jiahao is getting.
>
> On Thu, Feb 4, 2016 at 9:53 AM, Adam Harwell <adam.harw...@rackspace.com>
> wrote:
>
>> Could you provide your neutron-lbaas.conf? Depending on what version
>> you're using, barbican may not be the default secret backend (I believe
>> this has been fixed). Alternatively, it depends on what user accounts are
>> involved -- this should definitely work if you are using only the single
>> admin account, but we haven't done a lot of testing around the ACLs yet to
>> make sure they are working (and I believe there is still an outstanding bug
>> in Barbican that would cause the ACLs to not function properly in our
>> use-case).
>>
>>
>> --Adam
>>
>>
>> --
>> *From:* Jiahao Liang <jiahao.li...@oneconvergence.com>
>> *Sent:* Thursday, January 28, 2016 12:18 AM
>> *To:* openstack-dev@lists.openstack.org
>> *Subject:* [openstack-dev] [Neutron][LBaaS][barbican]TLS container could
>> not be found
>>
>> Hi community,
>>
>> I was going through
>> https://wiki.openstack.org/wiki/Network/LBaaS/docs/how-to-create-tls-loadbalancer
>> with
>> devstack. I was stuck at a point when I tried to create a listener within a
>> loadbalancer with this command:
>>
>> neutron lbaas-listener-create --loadbalancer lb1 --protocol-port 443
>> --protocol TERMINATED_HTTPS --name listener1
>> --default-tls-container=$(barbican secret container list | awk '/
>> tls_container / {print $2}')
>>
>> But the command failed with output:
>>
>> TLS container
>> http://192.168.100.149:9311/v1/containers/d8b25d56-4fc5-406d-8b2d-5a85de2a1e34
>> could not be found
>>
>>
>> When I run:
>>
>> barbican secret container list
>>
>> I was able to see the corresponding container in the list and the status
>> is active.
>> (Sorry, the format is a little bit ugly.)
>>
>> +++---++-+-+---+
>> | Container href
>> | Name | Created | Status | Type
>> | Secrets
>> | Consumers |
>>
>> +++---++-+-+---+
>> |
>> http://192.168.100.149:9311/v1/containers/d8b25d56-4fc5-406d-8b2d-5a85de2a1e34
>> |
>> tls_container | 2016-01-28 04:58:42+00:00 | ACTIVE | certificate |
>> private_key=
>> http://192.168.100.149:9311/v1/secrets/1bbe33fc-ecd2-43e5-82ce-34007b9f6bfd |
>> None |
>> |
>>|| ||
>> | certificate=
>> http://192.168.100.149:9311/v1/secrets/6d0211c6-8515-4e55-b1cf-587324a79abe |
>> |
>> |
>> http://192.168.100.149:9311/v1/containers/31045466-bf7b-426f-9ba8-135c260418ee
>> |
>&g
Re: [openstack-dev] [Neutron][LBaaS][barbican]TLS container could not be found
To further my thoughts, as Adam mentioned, it could be a user issue, which to
me is what it sounds like. So being able to view the config and have other
information is pertinent to solving the issue.
Phillip V. Toohill III
Software Developer
[http://600a2794aa4ab5bae6bd-8d3014ab8e4d12d3346853d589a26319.r53.cf1.rackcdn.com/signatures/images/rackspace_logo.png]
phone: 210-312-4366
mobile: 210-440-8374
From: Phillip Toohill <phillip.tooh...@rackspace.com>
Sent: Monday, February 29, 2016 3:33 PM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [Neutron][LBaaS][barbican]TLS container could not
be found
We could use some more information.
Phillip V. Toohill III
Software Developer
[http://600a2794aa4ab5bae6bd-8d3014ab8e4d12d3346853d589a26319.r53.cf1.rackcdn.com/signatures/images/rackspace_logo.png]
phone: 210-312-4366
mobile: 210-440-8374
From: Madhusudhan Kandadai <madhusudhan.openst...@gmail.com>
Sent: Monday, February 29, 2016 3:21 PM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [Neutron][LBaaS][barbican]TLS container could not
be found
Wondering, have you guys figured out this issue? I am seeing the same problem
that Jiahao is getting.
On Thu, Feb 4, 2016 at 9:53 AM, Adam Harwell
<adam.harw...@rackspace.com<mailto:adam.harw...@rackspace.com>> wrote:
Could you provide your neutron-lbaas.conf? Depending on what version you're
using, barbican may not be the default secret backend (I believe this has been
fixed). Alternatively, it depends on what user accounts are involved -- this
should definitely work if you are using only the single admin account, but we
haven't done a lot of testing around the ACLs yet to make sure they are working
(and I believe there is still an outstanding bug in Barbican that would cause
the ACLs to not function properly in our use-case).
--Adam
From: Jiahao Liang
<jiahao.li...@oneconvergence.com<mailto:jiahao.li...@oneconvergence.com>>
Sent: Thursday, January 28, 2016 12:18 AM
To: openstack-dev@lists.openstack.org<mailto:openstack-dev@lists.openstack.org>
Subject: [openstack-dev] [Neutron][LBaaS][barbican]TLS container could not be
found
Hi community,
I was going through
https://wiki.openstack.org/wiki/Network/LBaaS/docs/how-to-create-tls-loadbalancer
with devstack. I was stuck at a point when I tried to create a listener within
a loadbalancer with this command:
neutron lbaas-listener-create --loadbalancer lb1 --protocol-port 443 --protocol
TERMINATED_HTTPS --name listener1 --default-tls-container=$(barbican secret
container list | awk '/ tls_container / {print $2}')
But the command failed with output:
TLS container
http://192.168.100.149:9311/v1/containers/d8b25d56-4fc5-406d-8b2d-5a85de2a1e34
could not be found
When I run:
barbican secret container list
I was able to see the corresponding container in the list and the status is
active.
(Sorry, the format is a little bit ugly.)
+++---++-+-+---+
| Container href
| Name | Created | Status | Type| Secrets
| Consumers |
+++---++-+-+---+
|
http://192.168.100.149:9311/v1/containers/d8b25d56-4fc5-406d-8b2d-5a85de2a1e34
| tls_container | 2016-01-28 04:58:42+00:00 | ACTIVE | certificate |
private_key=http://192.168.100.149:9311/v1/secrets/1bbe33fc-ecd2-43e5-82ce-34007b9f6bfd
| None |
|
|| || |
certificate=http://192.168.100.149:9311/v1/secrets/6d0211c6-8515-4e55-b1cf-587324a79abe
| |
|
http://192.168.100.149:9311/v1/containers/31045466-bf7b-426f-9ba8-135c260418ee
| tls_container2 | 2016-01-28 04:59:05+00:00 | ACTIVE | certificate |
private_key=http://192.168.100.149:9311/v1/secrets/dba18cbc-9bfe-499e-931e-90574843ca10
| None |
|
|| || |
certificate=http://192.168.100.149:9311/v1/se
Re: [openstack-dev] [Neutron][LBaaS][barbican]TLS container could not be found
We could use some more information.
Phillip V. Toohill III
Software Developer
[http://600a2794aa4ab5bae6bd-8d3014ab8e4d12d3346853d589a26319.r53.cf1.rackcdn.com/signatures/images/rackspace_logo.png]
phone: 210-312-4366
mobile: 210-440-8374
From: Madhusudhan Kandadai <madhusudhan.openst...@gmail.com>
Sent: Monday, February 29, 2016 3:21 PM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [Neutron][LBaaS][barbican]TLS container could not
be found
Wondering, have you guys figured out this issue? I am seeing the same problem
that Jiahao is getting.
On Thu, Feb 4, 2016 at 9:53 AM, Adam Harwell
<adam.harw...@rackspace.com<mailto:adam.harw...@rackspace.com>> wrote:
Could you provide your neutron-lbaas.conf? Depending on what version you're
using, barbican may not be the default secret backend (I believe this has been
fixed). Alternatively, it depends on what user accounts are involved -- this
should definitely work if you are using only the single admin account, but we
haven't done a lot of testing around the ACLs yet to make sure they are working
(and I believe there is still an outstanding bug in Barbican that would cause
the ACLs to not function properly in our use-case).
--Adam
From: Jiahao Liang
<jiahao.li...@oneconvergence.com<mailto:jiahao.li...@oneconvergence.com>>
Sent: Thursday, January 28, 2016 12:18 AM
To: openstack-dev@lists.openstack.org<mailto:openstack-dev@lists.openstack.org>
Subject: [openstack-dev] [Neutron][LBaaS][barbican]TLS container could not be
found
Hi community,
I was going through
https://wiki.openstack.org/wiki/Network/LBaaS/docs/how-to-create-tls-loadbalancer
with devstack. I was stuck at a point when I tried to create a listener within
a loadbalancer with this command:
neutron lbaas-listener-create --loadbalancer lb1 --protocol-port 443 --protocol
TERMINATED_HTTPS --name listener1 --default-tls-container=$(barbican secret
container list | awk '/ tls_container / {print $2}')
But the command failed with output:
TLS container
http://192.168.100.149:9311/v1/containers/d8b25d56-4fc5-406d-8b2d-5a85de2a1e34
could not be found
When I run:
barbican secret container list
I was able to see the corresponding container in the list and the status is
active.
(Sorry, the format is a little bit ugly.)
+++---++-+-+---+
| Container href
| Name | Created | Status | Type| Secrets
| Consumers |
+++---++-+-+---+
|
http://192.168.100.149:9311/v1/containers/d8b25d56-4fc5-406d-8b2d-5a85de2a1e34
| tls_container | 2016-01-28 04:58:42+00:00 | ACTIVE | certificate |
private_key=http://192.168.100.149:9311/v1/secrets/1bbe33fc-ecd2-43e5-82ce-34007b9f6bfd
| None |
|
|| || |
certificate=http://192.168.100.149:9311/v1/secrets/6d0211c6-8515-4e55-b1cf-587324a79abe
| |
|
http://192.168.100.149:9311/v1/containers/31045466-bf7b-426f-9ba8-135c260418ee
| tls_container2 | 2016-01-28 04:59:05+00:00 | ACTIVE | certificate |
private_key=http://192.168.100.149:9311/v1/secrets/dba18cbc-9bfe-499e-931e-90574843ca10
| None |
|
|| || |
certificate=http://192.168.100.149:9311/v1/secrets/23e11441-d119-4b24-a288-9ddc963cb698
| |
+++---++-+-+---+
Also, if I did a GET method from a RESTful client with correct X-Auth-Token to
the url:
http://192.168.100.149:9311/v1/containers/d8b25d56-4fc5-406d-8b2d-5a85de2a1e3,
I was able to receive the JSON information of the TLS container.
Anybody could give some advice on how to fix this problem?
Thank you in advance!
Best,
Jiahao Liang
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe:
opens
Re: [openstack-dev] [Neutron][LBaaS][barbican]TLS container could not be found
Wondering, have you guys figured out this issue? I am seeing the same
problem that Jiahao is getting.
On Thu, Feb 4, 2016 at 9:53 AM, Adam Harwell <adam.harw...@rackspace.com>
wrote:
> Could you provide your neutron-lbaas.conf? Depending on what version
> you're using, barbican may not be the default secret backend (I believe
> this has been fixed). Alternatively, it depends on what user accounts are
> involved -- this should definitely work if you are using only the single
> admin account, but we haven't done a lot of testing around the ACLs yet to
> make sure they are working (and I believe there is still an outstanding bug
> in Barbican that would cause the ACLs to not function properly in our
> use-case).
>
>
> --Adam
>
>
> --
> *From:* Jiahao Liang <jiahao.li...@oneconvergence.com>
> *Sent:* Thursday, January 28, 2016 12:18 AM
> *To:* openstack-dev@lists.openstack.org
> *Subject:* [openstack-dev] [Neutron][LBaaS][barbican]TLS container could
> not be found
>
> Hi community,
>
> I was going through
> https://wiki.openstack.org/wiki/Network/LBaaS/docs/how-to-create-tls-loadbalancer
> with
> devstack. I was stuck at a point when I tried to create a listener within a
> loadbalancer with this command:
>
> neutron lbaas-listener-create --loadbalancer lb1 --protocol-port 443
> --protocol TERMINATED_HTTPS --name listener1
> --default-tls-container=$(barbican secret container list | awk '/
> tls_container / {print $2}')
>
> But the command failed with output:
>
> TLS container
> http://192.168.100.149:9311/v1/containers/d8b25d56-4fc5-406d-8b2d-5a85de2a1e34
> could not be found
>
>
> When I run:
>
> barbican secret container list
>
> I was able to see the corresponding container in the list and the status
> is active.
> (Sorry, the format is a little bit ugly.)
>
> +++---++-+-+---+
> | Container href
> | Name | Created | Status | Type|
> Secrets
> | Consumers |
>
> +++---++-+-+---+
> |
> http://192.168.100.149:9311/v1/containers/d8b25d56-4fc5-406d-8b2d-5a85de2a1e34
> |
> tls_container | 2016-01-28 04:58:42+00:00 | ACTIVE | certificate |
> private_key=
> http://192.168.100.149:9311/v1/secrets/1bbe33fc-ecd2-43e5-82ce-34007b9f6bfd |
> None |
> |
>|| ||
> | certificate=
> http://192.168.100.149:9311/v1/secrets/6d0211c6-8515-4e55-b1cf-587324a79abe |
> |
> |
> http://192.168.100.149:9311/v1/containers/31045466-bf7b-426f-9ba8-135c260418ee
> |
> tls_container2 | 2016-01-28 04:59:05+00:00 | ACTIVE | certificate |
> private_key=
> http://192.168.100.149:9311/v1/secrets/dba18cbc-9bfe-499e-931e-90574843ca10 |
> None |
> |
>|| ||
> | certificate=
> http://192.168.100.149:9311/v1/secrets/23e11441-d119-4b24-a288-9ddc963cb698 |
> |
>
> +++---++-+-+---+
>
>
> Also, if I did a GET method from a RESTful client with correct
> X-Auth-Token to the url:
> http://192.168.100.149:9311/v1/containers/d8b25d56-4fc5-406d-8b2d-5a85de2a1e3,
> I was able to receive the JSON information of the TLS container.
>
>
> Anybody could give some advice on how to fix this problem?
>
> Thank you in advance!
>
> Best,
> Jiahao Liang
>
> __
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
Re: [openstack-dev] [Neutron][LBaaS][barbican]TLS container could not be found
Could you provide your neutron-lbaas.conf? Depending on what version you're
using, barbican may not be the default secret backend (I believe this has been
fixed). Alternatively, it depends on what user accounts are involved -- this
should definitely work if you are using only the single admin account, but we
haven't done a lot of testing around the ACLs yet to make sure they are working
(and I believe there is still an outstanding bug in Barbican that would cause
the ACLs to not function properly in our use-case).
?--Adam
From: Jiahao Liang <jiahao.li...@oneconvergence.com>
Sent: Thursday, January 28, 2016 12:18 AM
To: openstack-dev@lists.openstack.org
Subject: [openstack-dev] [Neutron][LBaaS][barbican]TLS container could not be
found
Hi community,
I was going through
https://wiki.openstack.org/wiki/Network/LBaaS/docs/how-to-create-tls-loadbalancer
with devstack. I was stuck at a point when I tried to create a listener within
a loadbalancer with this command:
neutron lbaas-listener-create --loadbalancer lb1 --protocol-port 443 --protocol
TERMINATED_HTTPS --name listener1 --default-tls-container=$(barbican secret
container list | awk '/ tls_container / {print $2}')
But the command failed with output:
TLS container
http://192.168.100.149:9311/v1/containers/d8b25d56-4fc5-406d-8b2d-5a85de2a1e34
could not be found
When I run:
barbican secret container list
I was able to see the corresponding container in the list and the status is
active.
(Sorry, the format is a little bit ugly.)
+++---++-+-+---+
| Container href
| Name | Created | Status | Type| Secrets
| Consumers |
+++---++-+-+---+
|
http://192.168.100.149:9311/v1/containers/d8b25d56-4fc5-406d-8b2d-5a85de2a1e34
| tls_container | 2016-01-28 04:58:42+00:00 | ACTIVE | certificate |
private_key=http://192.168.100.149:9311/v1/secrets/1bbe33fc-ecd2-43e5-82ce-34007b9f6bfd
| None |
|
|| || |
certificate=http://192.168.100.149:9311/v1/secrets/6d0211c6-8515-4e55-b1cf-587324a79abe
| |
|
http://192.168.100.149:9311/v1/containers/31045466-bf7b-426f-9ba8-135c260418ee
| tls_container2 | 2016-01-28 04:59:05+00:00 | ACTIVE | certificate |
private_key=http://192.168.100.149:9311/v1/secrets/dba18cbc-9bfe-499e-931e-90574843ca10
| None |
|
|| || |
certificate=http://192.168.100.149:9311/v1/secrets/23e11441-d119-4b24-a288-9ddc963cb698
| |
+++---++-+-+---+
Also, if I did a GET method from a RESTful client with correct X-Auth-Token to
the url:
http://192.168.100.149:9311/v1/containers/d8b25d56-4fc5-406d-8b2d-5a85de2a1e3,
I was able to receive the JSON information of the TLS container.
Anybody could give some advice on how to fix this problem?
Thank you in advance!
Best,
Jiahao Liang
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
[openstack-dev] [Neutron][LBaaS][barbican]TLS container could not be found
Hi community,
I was going through
https://wiki.openstack.org/wiki/Network/LBaaS/docs/how-to-create-tls-loadbalancer
with
devstack. I was stuck at a point when I tried to create a listener within a
loadbalancer with this command:
neutron lbaas-listener-create --loadbalancer lb1 --protocol-port 443
--protocol TERMINATED_HTTPS --name listener1
--default-tls-container=$(barbican secret container list | awk '/
tls_container / {print $2}')
But the command failed with output:
TLS container
http://192.168.100.149:9311/v1/containers/d8b25d56-4fc5-406d-8b2d-5a85de2a1e34
could not be found
When I run:
barbican secret container list
I was able to see the corresponding container in the list and the status is
active.
(Sorry, the format is a little bit ugly.)
+++---++-+-+---+
| Container href
| Name | Created | Status | Type|
Secrets
| Consumers |
+++---++-+-+---+
|
http://192.168.100.149:9311/v1/containers/d8b25d56-4fc5-406d-8b2d-5a85de2a1e34
|
tls_container | 2016-01-28 04:58:42+00:00 | ACTIVE | certificate |
private_key=
http://192.168.100.149:9311/v1/secrets/1bbe33fc-ecd2-43e5-82ce-34007b9f6bfd |
None |
|
|| || |
certificate=
http://192.168.100.149:9311/v1/secrets/6d0211c6-8515-4e55-b1cf-587324a79abe |
|
|
http://192.168.100.149:9311/v1/containers/31045466-bf7b-426f-9ba8-135c260418ee
|
tls_container2 | 2016-01-28 04:59:05+00:00 | ACTIVE | certificate |
private_key=
http://192.168.100.149:9311/v1/secrets/dba18cbc-9bfe-499e-931e-90574843ca10 |
None |
|
|| || |
certificate=
http://192.168.100.149:9311/v1/secrets/23e11441-d119-4b24-a288-9ddc963cb698 |
|
+++---++-+-+---+
Also, if I did a GET method from a RESTful client with correct X-Auth-Token
to the url:
http://192.168.100.149:9311/v1/containers/d8b25d56-4fc5-406d-8b2d-5a85de2a1e3,
I was able to receive the JSON information of the TLS container.
Anybody could give some advice on how to fix this problem?
Thank you in advance!
Best,
Jiahao Liang
__
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
