Skip to first unread message
tejas....@gmail.com
Jan 28, 2014, 1:26:44 AM1/28/14
to bosh-...@cloudfoundry.org
Unable to authenticate to CF, which is deployed on Openstack grizzly.
root@ubuntu12-04-x64:~# cf login -t
target: http://ccng.xx.xx.xx.xx.xip.io
>>>
REQUEST: GET http://ccng.xx.xx.xx.xx.xip.io/info
REQUEST_HEADERS:
Accept : application/json
Content-Length : 0
RESPONSE: [200]
RESPONSE_HEADERS:
content-length : 268
content-type : application/json;charset=utf-8
date : Mon, 27 Jan 2014 19:47:48 GMT
server : nginx
x-content-type-options : nosniff
x-vcap-request-id : 26150a13-33d4-48d8-b949-72cb1bc3fda6
RESPONSE_BODY:
{
"name": "vcap",
"build": "2222",
"support": "http://support.cloudfoundry.com",
"version": 2,
"description": "Cloud Foundry sponsored by Pivotal",
"authorization_endpoint": "http://login.xx.xx.xx.xx.xip.io",
"token_endpoint": "http://uaa.xx.xx.xx.xx.xip.io",
"allow_debug": true
}
<<<
Password> ********
Authenticating. --->
request: post http://login.xx.xx.xx.xx.xip.io/oauth/token
headers: {"content-type"=>"application/x-www-form-urlencoded;charset=utf-8", "accept"=>"application/json;charset=utf-8", "authorization"=>"Basic Y2Y6"}
body: grant_type=password&username=admin%40ccng.xx.xx.xx.xx.xip.io&password=c1oudc0w .. <---
response: 500
headers: {"cache-control"=>"no-cache, no-store, no-cache, no-store, max-age=0", "content-language"=>"en-US", "content-type"=>"application/json;charset=UTF-8", "date"=>"Mon, 27 Jan 2014 19:48:04 GMT", "expires"=>"Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT", "pragma"=>"no-cache, no-cache", "server"=>"Apache-Coyote/1.1", "transfer-encoding"=>"chunked"}
body: {"error":"Something went wrong. Please try again later.","analytics":{"code":"UA-22181585-29","domain":"pivotal.io"}} ... FAILED
Ferran Rodenas
Jan 28, 2014, 1:39:49 AM1/28/14
to bosh-...@cloudfoundry.org
Can you share your deployment manifest? Or be sure that the 'login.enabled' property is set to false if you're not deploying the login job.
- Ferdy
To unsubscribe from this group and stop receiving emails from it, send an email to bosh-users+...@cloudfoundry.org.
tejas....@gmail.com
Jan 28, 2014, 6:45:02 AM1/28/14
to bosh-...@cloudfoundry.org
Thanks ferdy, here is manifest
<%
director_uuid = "81fa055f-8a94-4d34-9e67-59edbc25874b"
protocol = "http"
cf_release = "153"
ip_address = "10.10.10.1"
common_password = "c1oudc0w"
#root_domain = "10.10.10.2.xip.io"
root_domain = "10.10.10.1.xip.io"
deployment_name = "cf-demo"
%>
name: <%= deployment_name %>
director_uuid: <%= director_uuid %>
releases:
- name: cf
version: <%= cf_release %>
compilation:
workers: 3
network: default
reuse_compilation_vms: true
cloud_properties:
instance_type: m1.small
update:
canaries: 1
canary_watch_time: 30000-300000
update_watch_time: 30000-300000
max_in_flight: 4
networks:
- name: floating
type: vip
cloud_properties: {}
- name: default
type: manual
subnets:
- name: private
range: 50.50.1.0/24 # CHANGE
gateway: 50.50.1.1 # CHANGE
reserved:
- 50.50.1.5 - 50.50.1.30 # CHANGE
static:
- 50.50.1.31 - 50.50.1.100 # CHANGE
cloud_properties:
net_id: bf34ed93-5d44-455d-a053-d0038c844223 # CHANGE
security_groups:
- cf-private
- ssh
- bosh
- cf-public
resource_pools:
- name: small
network: default
size: 2
stemcell:
name: bosh-openstack-kvm-ubuntu
# name: bosh-stemcell
version: 1256
cloud_properties:
instance_type: m1.small
- name: medium
network: default
size: 3
stemcell:
name: bosh-openstack-kvm-ubuntu
# name: bosh-stemcell
version: 1256
cloud_properties:
instance_type: m1.small
jobs:
- name: common1
template:
- syslog_aggregator
- nats
# - postgres
# - dea_next
# - uaa
# - debian_nfs_server
instances: 1
resource_pool: medium
persistent_disk: 16384
networks:
- name: default
default: [dns, gateway]
static_ips:
- 50.50.1.31
properties:
db: databases
- name: common2
template:
# - syslog_aggregator
# - nats
- postgres
# - dea_next
# - uaa
- debian_nfs_server
instances: 1
resource_pool: medium
persistent_disk: 16384
networks:
- name: default
default: [dns, gateway]
static_ips:
- 50.50.1.32
properties:
db: databases
- name: common3
template:
instances: 1
resource_pool: medium
persistent_disk: 16384
networks:
- name: default
default: [dns, gateway]
static_ips:
- 50.50.1.33
- name: floating
static_ips:
- 10.112.219.55
properties:
db: databases
uaa_endpoint: http://uaa.10.10.10.1.xip.io
- name: common4
template:
- login
- health_manager_next
- collector
instances: 1
resource_pool: small
networks:
- name: default
default: [dns, gateway]
static_ips:
- 50.50.1.34
- name: floating
static_ips:
- 10.112.219.56
- name: common5
template:
- cloud_controller_ng
- gorouter
# - login
# - uaa
instances: 1
resource_pool: small
networks:
- name: default
default: [dns, gateway]
static_ips:
- 50.50.1.35
- name: floating
static_ips:
- 10.10.10.1
properties:
ccdb: ccdb
ccng:
quota_definitions:
free:
non_basic_services_allowed: false
total_services: 2
total_routes: 1000
memory_limit: 1024
default_quota_definition: free
db: databases
properties:
domain: 10.10.10.1.xip.io
system_domain: 10.10.10.1.xip.io
system_domain_organization: "10.10.10.1.xip.io"
app_domains:
networks:
apps: default
management: default
nats:
machines:
- 50.50.1.31
- 50.50.1.31
port: 4222
user: nats
password: "c1oudc0w"
authorization_timeout: 5
use_gnatsd: false
address: 50.50.1.31
router:
port: 8081
status:
port: 8080
user: gorouter
password: "c1oudc0w"
dea: &dea
max_memory: 4096
memory_mb: 1024
memory_overcommit_factor: 4
disk_mb: 16384
disk_overcommit_factor: 4
dea_next: *dea
service_lifecycle:
serialization_data_server:
- 50.50.1.31
nfs_server:
address: 50.50.1.32
network: 50.50.1.0/24
syslog_aggregator:
address: 50.50.1.31
port: 54321
serialization_data_server:
port: 8080
logging_level: debug
upload_token: 8f7COGvThwlmulIzAgOHxMXurBrG364k
upload_timeout: 10
collector:
deployment_name: cf-openstack
use_tsdb: false
use_aws_cloudwatch: false
use_datadog: false
databases: &databases
db_scheme: postgres
address: 50.50.1.32
port: 5524
roles:
- tag: admin
name: ccadmin
password: "c1oudc0w"
- tag: admin
name: uaaadmin
password: "c1oudc0w"
databases:
- tag: cc
name: ccdb
citext: true
- tag: uaa
name: uaadb
citext: true
ccdb: &ccdb
db_scheme: postgres
address: 50.50.1.32
port: 5524
roles:
- tag: admin
name: ccadmin
password: "c1oudc0w"
databases:
- tag: cc
name: ccdb
citext: true
ccdb_ng: *ccdb
uaadb:
db_scheme: postgresql
address: 50.50.1.32
port: 5524
roles:
- tag: admin
name: uaaadmin
password: "c1oudc0w"
databases:
- tag: uaa
name: uaadb
citext: true
cc_api_version: v2
cc: &cc
logging_level: debug
external_host: ccng
srv_api_uri: http://ccng.10.10.10.1.xip.io
cc_partition: default
db_encryption_key: "b963127302433579"
bootstrap_admin_email: "ad...@10.10.10.1.xip.io"
bulk_api_password: "c1oudc0w"
uaa_resource_id: cloud_controller
staging_upload_user: uploaduser
staging_upload_password: c1oudc0w
resource_pool:
resource_directory_key: 10.10.10.1.xip.io-cc-resources
packages:
app_package_directory_key: 10.10.10.1.xip.io-cc-packages
droplets:
droplet_directory_key: 10.10.10.1.xip.io-cc-droplets
ccng: *cc
login:
protocol: http
links:
# enabled: false
uaa:
# enabled: false
spring_profiles: postgresql
no_ssl: true
catalina_opts: -Xmx768m -XX:MaxPermSize=256m
resource_id: account_manager
jwt:
signing_key: |
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQDHFr+KICms+tuT1OXJwhCUmR2dKVy7psa8xzElSyzqx7oJyfJ1
JZyOzToj9T5SfTIq396agbHJWVfYphNahvZ/7uMXqHxf+ZH9BL1gk9Y6kCnbM5R6
0gfwjyW1/dQPjOzn9N394zd2FJoFHwdq9Qs0wBugspULZVNRxq7veq/fzwIDAQAB
AoGBAJ8dRTQFhIllbHx4GLbpTQsWXJ6w4hZvskJKCLM/o8R4n+0W45pQ1xEiYKdA
Z/DRcnjltylRImBD8XuLL8iYOQSZXNMb14h3g5/UGbUXLmCgQLOUUlnYt34QOQm+0
KvUqfMSFBbKMsYBAoQmNdTHBaz3dZa8ON9hh/f5TT8u0OWNRAkEA5opzsIXv+52J
duc1VGyX3SwlxiE2dStW8wZqGiuLH142n6MKnkLU4ctNLiclw6BZePXFZYIK+AkE
xQ+k16je5QJBAN0TIKMPWIbbHVr5rkdUqOyezlFFWYOwnMmw/BKa1d3zp54VP/P8
+5aQ2d4sMoKEOfdWH7UqMe3FszfYFvSu5KMCQFMYeFaaEEP7Jn8rGzfQ5HQd44ek
lQJqmq6CE2BXbY/i34FuvPcKU70HEEygY6Y9d8J3o6zQ0K9SYNu+pcXt4lkCQA3h
jJQQe5uEGJTExqed7jllQ0khFJzLMx0K6tj0NeeIzAaGCQz13oo2sCdeGRHO4aDh
HH6Qlq/6UOV5wP8+GAcCQFgRCcB+hrje8hfEEefHcFpyKH+5g1Eu1k0mLrxK2zd+
4SlotYRHgPCEubokb2S1zfZDWIXW3HmggnGgM949TlY=
-----END RSA PRIVATE KEY-----
verification_key: |
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHFr+KICms+tuT1OXJwhCUmR2d
KVy7psa8xzElSyzqx7oJyfJ1JZyOzToj9T5SfTIq396agbHJWVfYphNahvZ/7uMX
qHxf+ZH9BL1gk9Y6kCnbM5R60gfwjyW1/dQPjOzn9N394zd2FJoFHwdq9Qs0wBug
spULZVNRxq7veq/fzwIDAQAB
-----END PUBLIC KEY-----
cc:
client_secret: "c1oudc0w"
admin:
client_secret: "c1oudc0w"
batch:
username: batchuser
password: c1oudc0w
client:
autoapprove:
- cf
- login
clients:
login:
override: true
scope: openid
authorities: oauth.login
secret: c1oudc0w
authorized-grant-types: authorization_code,client_credentials,refresh_token
redirect-uri: http://login.10.10.10.1.xip.io
cf:
override: true
authorized-grant-types: password,implicit,refresh_token
authorities: uaa.none
scope: cloud_controller.read,cloud_controller.write,openid,password.write,cloud_controller.admin,scim.read,scim.write
access-token-validity: 7200
refresh-token-validity: 1209600
admin:
secret: c1oudc0w
authorized-grant-types: client_credentials
authorities: clients.read,clients.write,clients.secret,password.write,scim.read,uaa.admin
scim:
users:
- admin|<%= common_password %>|scim.write,scim.read,openid,cloud_controller.admin,uaa.admin,password.write
- services|<%= common_password %>|scim.write,scim.read,openid,cloud_controller.admin
Reply all
Reply to author
Forward
0 new messages