Corrected the saslPassword field by removing 'pass:' prefix in config #537
Conversation
…uration files to ensure proper connection.
…uration files to ensure proper connection.
|
Thanks for this contribution, @chaturvedi-kna. Can you provide specific OSP and STF versions where you found this to not work correctly? I'm coordinating with with @ayefimov-1 to test it. |
|
I Checked that with OSP 16.2 and STF CSV 1.5.1701113935 |
|
Tomorrow I can provide some snapshots for reference and will check with 17.1 as well. |
|
This is for 16.2 [root@mumbmumbtcucl200co-controller-0 ~]# cat /var/lib/config-data/puppet-generated/metrics_qdr/etc/qpid-dispatch/qdrouterd.conf | grep -i5 saslpassword connector { } [root@mumbmumbtcucl200co-controller-0 ~]# tail -f /var/log/containers/metrics_qdr/metrics_qdr.log 2024-05-30 13:13:53.297544 +0530 SERVER (notice) Listening on 2405:200:802:104a::1ef:5666 2024-05-30 13:13:53.333763 +0530 ROUTER (info) Edge connection (id=1) to interior established 2024-05-30 13:13:53.333814 +0530 ROUTER (info) [C1] Connection Opened: dir=out host=default-interconnect-5671-service-telemetry.apps.stf.mh.nvmb.dc.jio.indradhanus.com:443 vhost= encrypted=TLSv1.2 auth=PLAIN user=guest@default-interconnect container_id=default-interconnect-5c5f77d6cc-vtm4d props={:product="qpid-dispatch-router", :version="Red Hat AMQ Interconnect 1.10.9 (qpid-dispatch 1.14.0)", :"qd.conn-id"=4209} 2024-05-30 13:13:53.445217 +0530 SERVER (info) [C2] Accepted connection to 2405:200:802:104a::1ef:5666 from 2405:200:802:104a::1ef:59774 2024-05-30 13:13:53.445791 +0530 ROUTER (info) [C2] Connection Opened: dir=in host=2405:200:802:104a::1ef:59774 vhost= encrypted=no auth=ANONYMOUS user=anonymous container_id=metrics props= 2024-05-30 13:13:53.445872 +0530 ROUTER (info) [C2][L13] Link attached: dir=in source={ expire:sess} target={ expire:sess} 2024-05-30 13:13:53.860449 +0530 SERVER (info) [C3] Accepted connection to 2405:200:802:104a::1ef:5666 from 2405:200:802:104a::1ef:59776 2024-05-30 13:13:53.860974 +0530 ROUTER (info) [C3] Connection Opened: dir=in host=2405:200:802:104a::1ef:59776 vhost= encrypted=no auth=no user=anonymous container_id=openstack.org/om/container/mumbmumbtcucl200co-controller-0/ceilometer-agent-notification/16/02d78581527e497fbf737cddd9c82795 props={:process="ceilometer-agent-notification", :pid=16, :node="mumbmumbtcucl200co-controller-0"} 2024-05-30 13:13:53.862121 +0530 ROUTER (info) [C3][L14] Link attached: dir=out source={ expire:sess} target={rpc-response expire:sess} 2024-05-30 13:13:53.863408 +0530 ROUTER (info) [C3][L15] Link attached: dir=in source={/anycast/ceilometer/nlepdgnvmb-metering.sample expire:sess} target={/anycast/ceilometer/nlepdgnvmb-metering.sample expire:sess} [root@mumbmumbtcucl200co-controller-0 ~]# podman exec -it metrics_qdr qdstat --bus=[2405:200:802:104a::1ef]:5666 --connections ConnectionsConnections id host container role dir security authentication tenant ======================================================================================================================================================================================================================================================================================================================= 1 default-interconnect-5671-service-telemetry.apps.stf.mh.nvmb.dc.jio.indradhanus.com:443 default-interconnect-5c5f77d6cc-vtm4d edge out TLSv1.2(DHE-RSA-AES256-GCM-SHA384) guest@default-interconnect(PLAIN) 2 2405:200:802:104a::1ef:59774 metrics normal in no-security anonymous-user 3 2405:200:802:104a::1ef:59776 openstack.org/om/container/mumbmumbtcucl200co-controller-0/ceilometer-agent-notification/16/02d78581527e497fbf737cddd9c82795 normal in no-security no-auth 4 2405:200:802:104a::1ef:49830 eee4a527-cb2a-4d6f-9892-cd828e02255b normal in no-security no-auth [root@mumbmumbtcucl200co-controller-0 ~]# vi /var/lib/config-data/puppet-generated/metrics_qdr/etc/qpid-dispatch/qdrouterd.conf [root@mumbmumbtcucl200co-controller-0 ~]# systemctl restart tripleo_metrics_qdr.service [root@mumbmumbtcucl200co-controller-0 ~]# cat /var/lib/config-data/puppet-generated/metrics_qdr/etc/qpid-dispatch/qdrouterd.conf | grep -i5 saslpassword connector { } [root@mumbmumbtcucl200co-controller-0 ~]# podman exec -it metrics_qdr qdstat --bus=[2405:200:802:104a::1ef]:5666 --connections Connections id host container role dir security authentication tenant ================================================================================================================================================================================================================== 2 2405:200:802:104a::1ef:57948 metrics normal in no-security anonymous-user 3 2405:200:802:104a::1ef:57950 openstack.org/om/container/mumbmumbtcucl200co-controller-0/ceilometer-agent-notification/16/02d78581527e497fbf737cddd9c82795 normal in no-security no-auth 6 2405:200:802:104a::1ef:33534 0a74dc35-8b63-40e4-bf08-0a2699941e59 normal in no-security no-auth [root@mumbmumbtcucl200co-controller-0 ~]# tail -f /var/log/containers/metrics_qdr/metrics_qdr.log 2024-05-30 13:16:53.139961 +0530 SERVER (info) [C4] Connection to default-interconnect-5671-service-telemetry.apps.stf.mh.nvmb.dc.jio.indradhanus.com:443 failed: amqp:unauthorized-access Authentication failed [mech=PLAIN] 2024-05-30 13:16:58.175088 +0530 SERVER (info) [C5] Connection to default-interconnect-5671-service-telemetry.apps.stf.mh.nvmb.dc.jio.indradhanus.com:443 failed: amqp:unauthorized-access Authentication failed [mech=PLAIN] 2024-05-30 13:17:01.401507 +0530 SERVER (info) [C6] Accepted connection to 2405:200:802:104a::1ef:5666 from 2405:200:802:104a::1ef:33534 2024-05-30 13:17:01.401963 +0530 ROUTER (info) [C6] Connection Opened: dir=in host=2405:200:802:104a::1ef:33534 vhost= encrypted=no auth=no user=anonymous container_id=0a74dc35-8b63-40e4-bf08-0a2699941e59 props= 2024-05-30 13:17:01.403124 +0530 ROUTER (info) [C6][L9] Link attached: dir=in source={ expire:sess} target={$management expire:sess} 2024-05-30 13:17:01.404234 +0530 ROUTER (info) [C6][L10] Link attached: dir=out source={ expire:sess} target={ expire:sess} 2024-05-30 13:17:01.407354 +0530 ROUTER (info) [C6][L9] Link lost: del=1 presett=0 psdrop=0 acc=1 rej=0 rel=0 mod=0 delay1=0 delay10=0 2024-05-30 13:17:01.407368 +0530 ROUTER (info) [C6][L10] Link lost: del=1 presett=1 psdrop=0 acc=0 rej=0 rel=0 mod=0 delay1=0 delay10=0 2024-05-30 13:17:01.407398 +0530 ROUTER (info) [C6] Connection Closed 2024-05-30 13:17:03.215393 +0530 SERVER (info) [C7] Connection to default-interconnect-5671-service-telemetry.apps.stf.mh.nvmb.dc.jio.indradhanus.com:443 failed: amqp:unauthorized-access Authentication failed [mech=PLAIN] 2024-05-30 13:17:08.248843 +0530 SERVER (info) [C8] Connection to default-interconnect-5671-service-telemetry.apps.stf.mh.nvmb.dc.jio.indradhanus.com:443 failed: amqp:unauthorized-access Authentication failed [mech=PLAIN] [root@mumbmumbtcucl200co-controller-0 ~]# vi /var/lib/config-data/puppet-generated/metrics_qdr/etc/qpid-dispatch/qdrouterd.conf [root@mumbmumbtcucl200co-controller-0 ~]# systemctl restart tripleo_metrics_qdr.service [root@mumbmumbtcucl200co-controller-0 ~]# |
Thanks for this, @chaturvedi-kna This is very convincing, but also surprising!
Like I said, your output is very convincing (code > docs!), so we have opened an internal ticket to look closer at this. |
|
I see that this is been tested I guess so what's the reason is it documenting issue or something else? |
|
This change for STF docs should be covered here: #541 |
|
this is taken care of with #541 |
Summary
This pull request fixes the
saslPasswordfield configuration in the following files:proc_configuring-the-stf-connection-for-the-overcloud.adocproc_configuring-the-stf-connection-for-director-operator-for-the-overcloud.adocDescription
Changed
saslPassword: pass:<password_from_stf>tosaslPassword: <password_from_stf>to correct the field and enable proper connection.Verification
Changes have been tested and confirmed to work correctly.