Model Controller Cloud/Region Version SLA Timestamp
xxxxx-mellon1 google-controller google/us-east1 2.5.1 unsupported 13:28:44Z
App Version Status Scale Charm Store Rev OS Notes
glance 17.0.0 waiting 1 glance jujucharms 363 ubuntu
keystone 14.0.1 error 1 keystone jujucharms 426 ubuntu
keystone-saml-mellon 14.0.1 active 1 keystone-saml-mellon jujucharms 1 ubuntu
mysql 5.7.20-29.24 active 1 percona-cluster jujucharms 332 ubuntu
openstack-dashboard 14.0.1 waiting 1 openstack-dashboard jujucharms 411 ubuntu
vault 1.0.3 active 1 vault jujucharms 47 ubuntu
Unit Workload Agent Machine Public address Ports Message
glance/0* waiting idle 0/lxd/0 252.5.238.180 9292/tcp Incomplete relations: identity
keystone/0* error idle 0/lxd/1 252.5.235.27 5000/tcp hook failed: "shared-db-relation-changed"
keystone-saml-mellon/0* active idle 252.5.235.27 Unit is ready
mysql/0* active idle 0/lxd/2 252.5.239.57 3306/tcp Unit is ready
openstack-dashboard/0* waiting idle 0/lxd/3 252.5.239.43 80/tcp,443/tcp Incomplete relations: identity
vault/0* active idle 0/lxd/4 252.5.231.134 8200/tcp Unit is ready (active: true, mlock: disabled)
Machine State DNS Inst id Series AZ Message
0 started 35.231.190.66 juju-f80d42-0 bionic us-east1-b RUNNING
0/lxd/0 started 252.5.238.180 juju-f80d42-0-lxd-0 bionic us-east1-b Container started
0/lxd/1 started 252.5.235.27 juju-f80d42-0-lxd-1 bionic us-east1-b Container started
0/lxd/2 started 252.5.239.57 juju-f80d42-0-lxd-2 bionic us-east1-b Container started
0/lxd/3 started 252.5.239.43 juju-f80d42-0-lxd-3 bionic us-east1-b Container started
0/lxd/4 started 252.5.231.134 juju-f80d42-0-lxd-4 bionic us-east1-b Container started
Same lack of certs in /etc/apache2:
ubuntu@juju-f80d42-0-lxd-1:/etc/apache2$ ls -ltr
total 80
-rw-r--r-- 1 root root 320 Oct 10 18:59 ports.conf
-rw-r--r-- 1 root root 31063 Oct 10 18:59 magic
-rw-r--r-- 1 root root 1782 Oct 10 18:59 envvars
-rw-r--r-- 1 root root 7224 Oct 10 18:59 apache2.conf
drwxr-xr-x 2 root root 4096 Mar 28 11:37 conf-available
drwxr-xr-x 2 root root 4096 Mar 28 11:37 conf-enabled
drwxr-xr-x 2 root root 4096 Mar 28 11:38 sites-enabled
drwxr-xr-x 2 root root 4096 Mar 28 11:39 sites-available
drwxr-xr-x 2 root root 12288 Mar 28 11:40 mods-available
drwxr-xr-x 2 root root 4096 Mar 28 11:42 mods-enabled
Same error in keystone juju log:
2019-03-28 13:32:49 DEBUG shared-db-relation-changed RuntimeError: The call within manager.py failed with the error: 'Unable to establish connection to http://localhost:35337/v3/services?'. The call was: path=['list_services'], args=(), kwargs={}, api_version=None
2019-03-28 13:32:49 DEBUG shared-db-relation-changed /usr/lib/python3/dist-packages/keystoneauth1/adapter.py:200: UserWarning: Using keystoneclient sessions has been deprecated. Please update your software to use keystoneauth1.
Nothing listening on 35337 hence why connection timeout.
Happy to drop onto a call to demonstrate and give first hand access?
here you go:
series: bionic
applications:
..
keystone: password: dpcopopenstack -origin: cloud:bionic-rocky public- hostname: dev.xxxx. xxxx.xxxx. net multiplier: 0.25
charm: cs:keystone-294
num_units: 1
to:
- lxd:0
options:
admin-
openstack
os-
worker-
annotations:
gui-x: "500"
gui-y: "0"
..
vault: generate- root-ca- cert: true unsecure- auto-unlock: true type=n1- highmem- 16 certificates
charm: cs:vault-12
series: xenial
num_units: 1
to:
- lxd:0
options:
auto-
totally-
annotations:
gui-x: "750"
gui-y: "250"
machines:
"0":
constraints: root-disk=500000 instance-
relations:
...
- - vault:shared-db
- mysql:shared-db
- - vault:certificates
- keystone:
- - keystone:shared-db
- mysql:shared-db
...
BTW, I'm getting the same thing on this bundle too which we were using for other testing:
machines: type=n1- standard- 4 root-disk=500000" origin: &openstack-origin distro identity- service identity- service saml-mellon certificates dashboard: certificates saml-mellon websso- trusted- dashboard dashboard: websso- trusted- dashboard dashboard: identity- service identity- service charmers- next/percona- cluster charmers- next/keystone -origin: *openstack-origin provider: 'fernet' expiration: 60 public- hostname: 'auth.xxxxvxx. customera. internal' saml-mellon: charmers- next/keystone- saml-mellon name: 'mapped' facing- name: "samltest.id" confirmation- data-address- check: False formats: "urn:oasis: names:tc: SAML:1. 1:nameid- format: emailAddress" metadata_ xxxx_domain. xml' signing- keyinfo: './http_ openstack_ dev.xxxxxxx_ 5000_JustKeyInf o.xml' private- key: './http_ openstack_ dev.xxxxxxxx_ 5000.pem' charmers- next/glance -origin: *openstack-origin charmers- next/vault generate- root-ca- cert: true unsecure- auto-unlock: true dashboard: charmers- next/openstack- dashboard -origin: *openstack-origin
'0':
series: bionic
constraints: "instance-
series: bionic
variables:
#openstack-
openstack-origin: &openstack-origin cloud:bionic-rocky
relations:
- - keystone:shared-db
- mysql:shared-db
- - glance:shared-db
- mysql:shared-db
- - glance:
- keystone:
- - keystone
- keystone-
- - vault:shared-db
- mysql:shared-db
- - vault:certificates
- keystone:
- - vault:certificates
- glance:certificates
- - vault:certificates
- openstack-
- - openstack-dashboard
- keystone-
- - keystone:
- openstack-
- - openstack-
- keystone:
applications:
mysql:
constraints: mem=3072M
charm: cs:~openstack-
num_units: 1
options:
source: *openstack-origin
to:
- lxd:0
keystone:
series: bionic
charm: cs:~openstack-
num_units: 1
options:
openstack
token-
token-
os-
to:
- lxd:0
keystone-
series: bionic
charm: cs:~openstack-
num_units: 0
options:
idp-name: 'samltest'
protocol-
user-
subject-
nameid-
resources:
idp-metadata: './IdP_
sp-
sp-
glance:
charm: cs:~openstack-
num_units: 1
options:
openstack
to:
- lxd:0
vault:
num_units: 1
charm: cs:~openstack-
options:
# these options need changing for production
auto-
totally-
to:
- lxd:0
openstack-
num_units: 1
charm: cs:~openstack-
options:
openstack
to:
- lxd:0
which gives this:
Model Controller Cloud/Region Version SLA Timestamp
xxxxx-mellon1 google-controller google/us-east1 2.5.1 unsupported 13:28:44Z
App Version Status Scale Charm Store Rev OS Notes saml-mellon 14.0.1 active 1 keystone- saml-mellon jujucharms 1 ubuntu
glance 17.0.0 waiting 1 glance jujucharms 363 ubuntu
keystone 14.0.1 error 1 keystone jujucharms 426 ubuntu
keystone-
mysql 5.7.20-29.24 active 1 percona-cluster jujucharms 332 ubuntu
openstack-dashboard 14.0.1 waiting 1 openstack-dashboard jujucharms 411 ubuntu
vault 1.0.3 active 1 vault jujucharms 47 ubuntu
Unit Workload Agent Machine Public address Ports Message db-relation- changed" saml-mellon/ 0* active idle 252.5.235.27 Unit is ready dashboard/ 0* waiting idle 0/lxd/3 252.5.239.43 80/tcp,443/tcp Incomplete relations: identity
glance/0* waiting idle 0/lxd/0 252.5.238.180 9292/tcp Incomplete relations: identity
keystone/0* error idle 0/lxd/1 252.5.235.27 5000/tcp hook failed: "shared-
keystone-
mysql/0* active idle 0/lxd/2 252.5.239.57 3306/tcp Unit is ready
openstack-
vault/0* active idle 0/lxd/4 252.5.231.134 8200/tcp Unit is ready (active: true, mlock: disabled)
Machine State DNS Inst id Series AZ Message
0 started 35.231.190.66 juju-f80d42-0 bionic us-east1-b RUNNING
0/lxd/0 started 252.5.238.180 juju-f80d42-0-lxd-0 bionic us-east1-b Container started
0/lxd/1 started 252.5.235.27 juju-f80d42-0-lxd-1 bionic us-east1-b Container started
0/lxd/2 started 252.5.239.57 juju-f80d42-0-lxd-2 bionic us-east1-b Container started
0/lxd/3 started 252.5.239.43 juju-f80d42-0-lxd-3 bionic us-east1-b Container started
0/lxd/4 started 252.5.231.134 juju-f80d42-0-lxd-4 bionic us-east1-b Container started
Same lack of certs in /etc/apache2:
ubuntu@ juju-f80d42- 0-lxd-1: /etc/apache2$ ls -ltr
total 80
-rw-r--r-- 1 root root 320 Oct 10 18:59 ports.conf
-rw-r--r-- 1 root root 31063 Oct 10 18:59 magic
-rw-r--r-- 1 root root 1782 Oct 10 18:59 envvars
-rw-r--r-- 1 root root 7224 Oct 10 18:59 apache2.conf
drwxr-xr-x 2 root root 4096 Mar 28 11:37 conf-available
drwxr-xr-x 2 root root 4096 Mar 28 11:37 conf-enabled
drwxr-xr-x 2 root root 4096 Mar 28 11:38 sites-enabled
drwxr-xr-x 2 root root 4096 Mar 28 11:39 sites-available
drwxr-xr-x 2 root root 12288 Mar 28 11:40 mods-available
drwxr-xr-x 2 root root 4096 Mar 28 11:42 mods-enabled
Same error in keystone juju log:
2019-03-28 13:32:49 DEBUG shared- db-relation- changed RuntimeError: The call within manager.py failed with the error: 'Unable to establish connection to http:// localhost: 35337/v3/ services? '. The call was: path=[' list_services' ], args=(), kwargs={}, api_version=None db-relation- changed /usr/lib/ python3/ dist-packages/ keystoneauth1/ adapter. py:200: UserWarning: Using keystoneclient sessions has been deprecated. Please update your software to use keystoneauth1.
2019-03-28 13:32:49 DEBUG shared-
Nothing listening on 35337 hence why connection timeout.
Happy to drop onto a call to demonstrate and give first hand access?