Unable to Authenticate after successful deployment of CF on Openstack Grizzly

40 views

openstack

Skip to first unread message

tejas....@gmail.com

unread,

Jan 28, 2014, 1:26:44 AM1/28/14

to bosh-...@cloudfoundry.org

Unable to authenticate to CF, which is deployed on Openstack grizzly.

root@ubuntu12-04-x64:~# cf login -t

target: http://ccng.xx.xx.xx.xx.xip.io

>>>

REQUEST: GET http://ccng.xx.xx.xx.xx.xip.io/info

REQUEST_HEADERS:

Accept : application/json

Content-Length : 0

RESPONSE: [200]

RESPONSE_HEADERS:

content-length : 268

content-type : application/json;charset=utf-8

date : Mon, 27 Jan 2014 19:47:48 GMT

server : nginx

x-content-type-options : nosniff

x-vcap-request-id : 26150a13-33d4-48d8-b949-72cb1bc3fda6

RESPONSE_BODY:

{

"name": "vcap",

"build": "2222",

"support": "http://support.cloudfoundry.com",

"version": 2,

"description": "Cloud Foundry sponsored by Pivotal",

"authorization_endpoint": "http://login.xx.xx.xx.xx.xip.io",

"token_endpoint": "http://uaa.xx.xx.xx.xx.xip.io",

"allow_debug": true

}

<<<

Email> ad...@ccng.xx.xx.xx.xx.xip.io

Password> ********

Authenticating. --->

request: post http://login.xx.xx.xx.xx.xip.io/oauth/token

headers: {"content-type"=>"application/x-www-form-urlencoded;charset=utf-8", "accept"=>"application/json;charset=utf-8", "authorization"=>"Basic Y2Y6"}

body: grant_type=password&username=admin%40ccng.xx.xx.xx.xx.xip.io&password=c1oudc0w .. <---

response: 500

headers: {"cache-control"=>"no-cache, no-store, no-cache, no-store, max-age=0", "content-language"=>"en-US", "content-type"=>"application/json;charset=UTF-8", "date"=>"Mon, 27 Jan 2014 19:48:04 GMT", "expires"=>"Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT", "pragma"=>"no-cache, no-cache", "server"=>"Apache-Coyote/1.1", "transfer-encoding"=>"chunked"}

body: {"error":"Something went wrong. Please try again later.","analytics":{"code":"UA-22181585-29","domain":"pivotal.io"}} ... FAILED

Ferran Rodenas

unread,

Jan 28, 2014, 1:39:49 AM1/28/14

to bosh-...@cloudfoundry.org

Can you share your deployment manifest? Or be sure that the 'login.enabled' property is set to false if you're not deploying the login job.

- Ferdy

2014-01-27 <tejas....@gmail.com>

To unsubscribe from this group and stop receiving emails from it, send an email to bosh-users+...@cloudfoundry.org.

tejas....@gmail.com

unread,

Jan 28, 2014, 6:45:02 AM1/28/14

to bosh-...@cloudfoundry.org

Thanks ferdy, here is manifest

director_uuid = "81fa055f-8a94-4d34-9e67-59edbc25874b"

protocol = "http"

cf_release = "153"

ip_address = "10.10.10.1"

common_password = "c1oudc0w"

#root_domain = "10.10.10.2.xip.io"

root_domain = "10.10.10.1.xip.io"

deployment_name = "cf-demo"

director_uuid: <%= director_uuid %>

releases:

- name: cf

version: <%= cf_release %>

compilation:

workers: 3

network: default

reuse_compilation_vms: true

cloud_properties:

instance_type: m1.small

update:

canaries: 1

canary_watch_time: 30000-300000

update_watch_time: 30000-300000

max_in_flight: 4

networks:

- name: floating

type: vip

cloud_properties: {}

- name: default

type: manual

subnets:

- name: private

range: 50.50.1.0/24 # CHANGE

gateway: 50.50.1.1 # CHANGE

reserved:

- 50.50.1.5 - 50.50.1.30 # CHANGE

static:

- 50.50.1.31 - 50.50.1.100 # CHANGE

cloud_properties:

net_id: bf34ed93-5d44-455d-a053-d0038c844223 # CHANGE

security_groups:

- cf-private

- ssh

- bosh

- cf-public

resource_pools:

- name: small

network: default

size: 2

stemcell:

# name: bosh-stemcell

version: 1256

cloud_properties:

instance_type: m1.small

- name: medium

network: default

size: 3

stemcell:

# name: bosh-stemcell

version: 1256

cloud_properties:

instance_type: m1.small

jobs:

- name: common1

template:

- syslog_aggregator

- nats

# - postgres

# - dea_next

# - uaa

# - debian_nfs_server

instances: 1

resource_pool: medium

persistent_disk: 16384

networks:

- name: default

default: [dns, gateway]

static_ips:

- 50.50.1.31

properties:

db: databases

- name: common2

template:

# - syslog_aggregator

# - nats

- postgres

# - dea_next

# - uaa

- debian_nfs_server

instances: 1

resource_pool: medium

persistent_disk: 16384

networks:

- name: default

default: [dns, gateway]

static_ips:

- 50.50.1.32

properties:

db: databases

- name: common3

template:

instances: 1

resource_pool: medium

persistent_disk: 16384

networks:

- name: default

default: [dns, gateway]

static_ips:

- 50.50.1.33

- name: floating

static_ips:

- 10.112.219.55

properties:

db: databases

uaa_endpoint: http://uaa.10.10.10.1.xip.io

- name: common4

template:

- login

- health_manager_next

- collector

instances: 1

resource_pool: small

networks:

- name: default

default: [dns, gateway]

static_ips:

- 50.50.1.34

- name: floating

static_ips:

- 10.112.219.56

- name: common5

template:

- cloud_controller_ng

- gorouter

# - login

# - uaa

instances: 1

resource_pool: small

networks:

- name: default

default: [dns, gateway]

static_ips:

- 50.50.1.35

- name: floating

static_ips:

- 10.10.10.1

properties:

ccdb: ccdb

ccng:

quota_definitions:

free:

non_basic_services_allowed: false

total_services: 2

total_routes: 1000

memory_limit: 1024

default_quota_definition: free

db: databases

properties:

domain: 10.10.10.1.xip.io

system_domain: 10.10.10.1.xip.io

system_domain_organization: "10.10.10.1.xip.io"

app_domains:

- 10.10.10.1.xip.io

networks:

apps: default

management: default

nats:

machines:

- 50.50.1.31

port: 4222

user: nats

password: "c1oudc0w"

authorization_timeout: 5

use_gnatsd: false

address: 50.50.1.31

router:

port: 8081

status:

port: 8080

user: gorouter

password: "c1oudc0w"

dea: &dea

max_memory: 4096

memory_mb: 1024

memory_overcommit_factor: 4

disk_mb: 16384

disk_overcommit_factor: 4

dea_next: *dea

service_lifecycle:

serialization_data_server:

- 50.50.1.31

nfs_server:

address: 50.50.1.32

network: 50.50.1.0/24

syslog_aggregator:

address: 50.50.1.31

port: 54321

serialization_data_server:

port: 8080

logging_level: debug

upload_token: 8f7COGvThwlmulIzAgOHxMXurBrG364k

upload_timeout: 10

collector:

deployment_name: cf-openstack

use_tsdb: false

use_aws_cloudwatch: false

use_datadog: false

databases: &databases

db_scheme: postgres

address: 50.50.1.32

port: 5524

roles:

- tag: admin

password: "c1oudc0w"

- tag: admin

password: "c1oudc0w"

databases:

- tag: cc

citext: true

- tag: uaa

citext: true

ccdb: &ccdb

db_scheme: postgres

address: 50.50.1.32

port: 5524

roles:

- tag: admin

password: "c1oudc0w"

databases:

- tag: cc

citext: true

ccdb_ng: *ccdb

uaadb:

db_scheme: postgresql

address: 50.50.1.32

port: 5524

roles:

- tag: admin

password: "c1oudc0w"

databases:

- tag: uaa

citext: true

cc_api_version: v2

cc: &cc

logging_level: debug

external_host: ccng

srv_api_uri: http://ccng.10.10.10.1.xip.io

cc_partition: default

db_encryption_key: "b963127302433579"

bootstrap_admin_email: "ad...@10.10.10.1.xip.io"

bulk_api_password: "c1oudc0w"

uaa_resource_id: cloud_controller

staging_upload_user: uploaduser

staging_upload_password: c1oudc0w

resource_pool:

resource_directory_key: 10.10.10.1.xip.io-cc-resources

packages:

app_package_directory_key: 10.10.10.1.xip.io-cc-packages

droplets:

droplet_directory_key: 10.10.10.1.xip.io-cc-droplets

ccng: *cc

protocol: http

links:

home: http://console.10.10.10.1.xip.io

passwd: http://console.10.10.10.1.xip.io/password_resets/new

signup: http://console.10.10.10.1.xip.io/register

# enabled: false

uaa:

# enabled: false

url: http://uaa.10.10.10.1.xip.io

spring_profiles: postgresql

no_ssl: true

catalina_opts: -Xmx768m -XX:MaxPermSize=256m

resource_id: account_manager

jwt:

signing_key: |

-----BEGIN RSA PRIVATE KEY-----

MIICXAIBAAKBgQDHFr+KICms+tuT1OXJwhCUmR2dKVy7psa8xzElSyzqx7oJyfJ1

JZyOzToj9T5SfTIq396agbHJWVfYphNahvZ/7uMXqHxf+ZH9BL1gk9Y6kCnbM5R6

0gfwjyW1/dQPjOzn9N394zd2FJoFHwdq9Qs0wBugspULZVNRxq7veq/fzwIDAQAB

AoGBAJ8dRTQFhIllbHx4GLbpTQsWXJ6w4hZvskJKCLM/o8R4n+0W45pQ1xEiYKdA

Z/DRcnjltylRImBD8XuLL8iYOQSZXNMb14h3g5/UGbUXLmCgQLOUUlnYt34QOQm+0

KvUqfMSFBbKMsYBAoQmNdTHBaz3dZa8ON9hh/f5TT8u0OWNRAkEA5opzsIXv+52J

duc1VGyX3SwlxiE2dStW8wZqGiuLH142n6MKnkLU4ctNLiclw6BZePXFZYIK+AkE

xQ+k16je5QJBAN0TIKMPWIbbHVr5rkdUqOyezlFFWYOwnMmw/BKa1d3zp54VP/P8

+5aQ2d4sMoKEOfdWH7UqMe3FszfYFvSu5KMCQFMYeFaaEEP7Jn8rGzfQ5HQd44ek

lQJqmq6CE2BXbY/i34FuvPcKU70HEEygY6Y9d8J3o6zQ0K9SYNu+pcXt4lkCQA3h

jJQQe5uEGJTExqed7jllQ0khFJzLMx0K6tj0NeeIzAaGCQz13oo2sCdeGRHO4aDh

HH6Qlq/6UOV5wP8+GAcCQFgRCcB+hrje8hfEEefHcFpyKH+5g1Eu1k0mLrxK2zd+

4SlotYRHgPCEubokb2S1zfZDWIXW3HmggnGgM949TlY=

-----END RSA PRIVATE KEY-----

verification_key: |

-----BEGIN PUBLIC KEY-----

MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHFr+KICms+tuT1OXJwhCUmR2d

KVy7psa8xzElSyzqx7oJyfJ1JZyOzToj9T5SfTIq396agbHJWVfYphNahvZ/7uMX

qHxf+ZH9BL1gk9Y6kCnbM5R60gfwjyW1/dQPjOzn9N394zd2FJoFHwdq9Qs0wBug

spULZVNRxq7veq/fzwIDAQAB

-----END PUBLIC KEY-----

cc:

client_secret: "c1oudc0w"

admin:

client_secret: "c1oudc0w"

batch:

username: batchuser

password: c1oudc0w

client:

autoapprove:

- cf

- login

clients:

override: true

scope: openid

authorities: oauth.login

secret: c1oudc0w

authorized-grant-types: authorization_code,client_credentials,refresh_token

redirect-uri: http://login.10.10.10.1.xip.io

cf:

override: true

authorized-grant-types: password,implicit,refresh_token

authorities: uaa.none

scope: cloud_controller.read,cloud_controller.write,openid,password.write,cloud_controller.admin,scim.read,scim.write

access-token-validity: 7200

refresh-token-validity: 1209600

admin:

secret: c1oudc0w

authorized-grant-types: client_credentials

authorities: clients.read,clients.write,clients.secret,password.write,scim.read,uaa.admin

scim:

users:

- admin|<%= common_password %>|scim.write,scim.read,openid,cloud_controller.admin,uaa.admin,password.write

- services|<%= common_password %>|scim.write,scim.read,openid,cloud_controller.admin

Reply all

Reply to author

Forward

0 new messages