issue with openstack credentials

[faiza.sam...@gmail.com]

Hi All,

Once again I am here with a new issue,
below is the code for openstack in .properties, can somebody check it out? I am getting error, "credentials must not be null"

brooklyn.location.named.openstack=jclouds:openstack-nova:http://9.9.9.9:9999/v2
brooklyn.location.named.openstack.identity=tenant name:user name
brooklyn.location.named.openstack.credentials=password

Regards,
Faiza

[Aled Sage]

Hi Faiza,

Can you try instead with:

brooklyn.location.named.openstack.credential=password

(note the singular "credential").

Aled

[faiza.sam...@gmail.com]

Hi Aled,

machine access is acquired but now another error,
Error resolving template: not authorized (rethrowing: org.jclouds.rest.AuthorizationException: POST http://?.?.?.?/v3/tokens HTTP/1.1 -> HTTP/1.1 401 Unauthorized)

Regards,
Faiza

[Aled Sage]

Hi Faiza,

Your endpoint was http://9.9.9.9:9999/v2 but this error is about /v3/tokens - that's surprising.

Note that under the covers we're using jclouds to connect to OpenStack. Therefore [1] may be of great use to you.

Taking the example jclouds code from that guide, your example configuration corresponds to the endpont and credentials in code like that below.

ComputeServiceContext context = ContextBuilder.newBuilder(provider)
            .endpoint("http://172.16.0.1:5000/v2.0/")
            .credentials(identity, password)
            .modules(modules)
            .buildView(ComputeServiceContext.class);

Is port 9999 definitely right for you, or could it be the default 5000? Is v2 definitely right? Note this should be the *keystone* endpoint.

Aled

[1] http://jclouds.apache.org/guides/openstack/

[Aled Sage]

Hi Faiza,

Your endpoint was http://9.9.9.9:9999/v2 but this error is about /v3/tokens - that's surprising.

Note that under the covers we're using jclouds to connect to OpenStack. Therefore [1] may be of great use to you.

Taking the example jclouds code from that guide, your example configuration corresponds to the endpont and credentials in code like that below.

ComputeServiceContext context = ContextBuilder.newBuilder(provider)
            .endpoint("http://172.16.0.1:5000/v2.0/")
            .credentials(identity, password)
            .modules(modules)
            .buildView(ComputeServiceContext.class);

Is port 9999 definitely right for you, or could it be the default 5000? Is v2 definitely right? Note this should be the *keystone* endpoint.

Aled

[1] http://jclouds.apache.org/guides/openstack/


On 04/04/2014 17:20, faiza.sam...@gmail.com wrote:

[Alex Heneveld]

Hi

> brooklyn.location.named.openstack.credentials=password

This should be singular, ie:

brooklyn.location.named.openstack.credential=password

--A

On 04/04/2014 16:39, faiza.sam...@gmail.com wrote:

[faiza.sam...@gmail.com]

Thanks Aled, my mistake about v3 and default port.
Now it is giving me following error, I think the required image is missing in openstack
"Unable to match required VM template constraints PortableTemplateBuilder. "

[Aled Sage]

Hi Faiza,

Glad your passed those errors. Hopefully the log message has given you
clues about the image it's looking for in the template builder. If you
haven't specified any constraints then it should accept most things.

I expect it will also have written out to brooklyn.debug.log the images
it did find.

Aled

[faiza.sam...@gmail.com]

Hi,

below is the code:

brooklyn.location.named.openstack=jclouds:openstack-nova:http://. . . .:5000/v2.0
brooklyn.location.named.openstack.identity=<project name>:<user name>
brooklyn.location.named.openstack.credential=password
brooklyn.location.named.openstack=jclouds:openstack-nova:RegionOne
brooklyn.location.named.openstack.imageid=RegionOne/<imageid>
brooklyn.location.named.openstack.user=root

Error:
endpoint.gethost() is null.

Can you please help me where am I doing wrong?

Regards,
Faiza

[Aled Sage]

Hi Faiza,

It looks like you're declaring the .named.openstack=... twice (the
second time without a URL endpoint). If you remove the second
declaration of this property, does it work?

Aled

[faiza.sam...@gmail.com]

Hi,

I am trying to give image id as parameter but still it is not working and giving following error:
Unable to match required VM template constraints PortableTemplateBuilder[ports=[22]]
java.lang.IllegalArgumentException: endpoint.getHost() is null for /RegionOne/tokens

I am trying to run the DynamicWebcluster example of brooklyn on openstack.
Please help me

Regards,
Faiza

[Aled Sage]

Hi Faiza,

This error looks similar to previous, of using RegionOne as the hostname. As per my previous email, can you try:

"It looks like you're declaring the .named.openstack=... twice (the second time without a URL endpoint). If you remove the second declaration of this property, does it work?"

Aled

Sent from my iPhone

> --
> You received this message because you are subscribed to the Google Groups "brooklyn-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to brooklyn-user...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

[faiza.sam...@gmail.com]

Hi Aled,

There isn't duplication, I have checked. I am writing following code

brooklyn.location.named.openstack=jclouds:openstack-nova:http://url:5000/v2.0
brooklyn.location.named.openstack.identity=<Proj name> : <username>
brooklyn.location.named.openstack.credential=<pwd>
brooklyn.location.named.openstack=jclouds:openstack-nova:RegionOne
brooklyn.location.named.openstack.imageid=RegionOne/<image id>

#image name: ubuntu-12.04-cloud-live-amd64-iso

Regards,
Faiza

[Richard Downer]

Sorry Faiza, but there is a duplication... your example has two lines that begin "brooklyn.location.named.openstack=":

brooklyn.location.named.openstack=jclouds:openstack-nova:http://url:5000/v2.0 <<<<<this one

brooklyn.location.named.openstack.identity=<Proj name> : <username>
brooklyn.location.named.openstack.credential=<pwd>

brooklyn.location.named.openstack=jclouds:openstack-nova:RegionOne <<<<<and this one
brooklyn.location.named.openstack.imageid=RegionOne/<image id>

Can you remove the second of these and try again?

Richard.

Regards,
Faiza

--
You received this message because you are subscribed to the Google Groups "brooklyn-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to brooklyn-user...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

Richard Downer • Principal Engineer • Cloudsoft Corporation • http://www.cloudsoftcorp.com

GitHub richardcloudsoft • Twitter @FrontierTown

[faiza.sam...@gmail.com]

Thanks Richard,

it did work but unable to match required VM template. Can you please tell me from where can I see the minimum requirements by brooklyn to run DynamicWebcluster example? (my provided image ID does not match with required template)
From log I can see only available profiles provided by my openstack.

Regards,
Faiza

[Alex Heneveld]

Use imageId - note capital I .

If that fails can you put the log in dropbox and we can debug from there.

Best
Alex

[faiza.sam...@gmail.com]

Hi Alex,

To whom should I share the dropbox link for brooklyn.debug.log (63MB). I tried some changes in code following few other links and it ended up creating instances but stuck and finally gets failed.

Regards,
Faiza

[David Toy]

Hi Faiza,

Most dropbox services will provide a direct url to files in the dropbox.

You can share the direct link in your next message here.

There might still be something wrong in your brooklyn.properties.

Sharing your brooklyn.properties, as well as the log, will really help find the problem quickly.

(Don't forget to remove your credentials, obviously.)

David

Regards,
Faiza

[faiza.sam...@gmail.com]

Hi David,

Please find the links for brooklyn.debug.log file as well as brooklyn.properties.
https://www.dropbox.com/s/9ay4ifdw5kp3vfr/brooklyn.debug.log
https://www.dropbox.com/s/l775v5gf9hwp1zv/brooklyn.properties

Hope you would identify the problem soon.

Regards,
Faiza

[David Toy]

Fazia,

Could you check that your catalog.xml has downloaded ok?

It can become corrupt if you opened it in a web browser, then copied and pasted it. e.g. Chrome has a habit of 'pretty printing' xml by adding new lines everywhere, which Brooklyn doesn't like.

Could you use curl or a similar tool to download the sample catalog.xml? e.g:

cd ~/.brooklyn

curl http://brooklyncentral.github.io/v/0.6.0/use/guide/quickstart/catalog.xml > catalog.xml 

(Note for future searches: that link is for version 0.6.0 only.)

David

1. 

2014-04-24 16:24:03,309 INFO  b.r.u.DefaultExceptionMapper [qtp1174710634-14]: No exception mapping for class java.lang.IllegalArgumentException, responding 500

java.lang.IllegalArgumentException: null

at java.net.URI.create(URI.java:859) ~[na:1.6.0_27]

at brooklyn.rest.resources.EntityResource.getIcon(EntityResource.java:92) ~[brooklyn-rest-server-0.6.0.jar:na]

<... snip ...>

Caused by: java.net.URISyntaxException: Illegal character in scheme name at index 0: 

http://downloads.cloudsoftcorp.com/brooklyn/catalog/logos/JBoss_by_Red_Hat.png

...

Regards,
Faiza

[faiza.sam...@gmail.com]

Hi David,

I have replaced old catalog.xml with new via curl.
What to do next?

Regards,
Faiza

[faiza.sam...@gmail.com]

Hi All,

Does anyone find solution for this problem?

Regards,
Faiza

[David Toy]

Hi Faiza,

What happened after you replaced the catalog and ran Brooklyn again?

Does the log show the same problem as before [1] ? Did anything change? 

Thanks,

David

1. 

2014-04-24 16:24:03,309 INFO  b.r.u.DefaultExceptionMapper [qtp1174710634-14]: No exception mapping for class java.lang.IllegalArgumentException, responding 500

java.lang.IllegalArgumentException: null

at java.net.URI.create(URI.java:859) ~[na:1.6.0_27]

at brooklyn.rest.resources.EntityResource.getIcon(EntityResource.java:92) ~[brooklyn-rest-server-0.6.0.jar:na]

<... snip ...>

Caused by: java.net.URISyntaxException: Illegal character in scheme name at index 0: 

http://downloads.cloudsoftcorp.com/brooklyn/catalog/logos/JBoss_by_Red_Hat.png

...

Regards,
Faiza

[faiza.sam...@gmail.com]

Hi David,

no such error as [1], instead some other [2]. Instances are being created in openstack but after 6-8 min it appears OnFire on brooklyn interface.

[2] org.jclouds.compute.RunNodesException: error running 1 node group(brooklyn-ugg9-faiza-webclusterdat-gwc5-jbossas7-q2qg) location(RegionOne) image(2310f8f4-1a5e-4771-b18d-5b725d606da0) size(3) options({inboundPorts=[22, 9443, 10999, 8443, 8080, 9990], scriptPresent=true, autoAssignFloatingIp=false})
Execution failures:

0 error[s]
Node failures:

1) NoSuchElementException on node RegionOne/bbec2dd6-49fb-4529-8e6b-49989025b91b:
java.util.NoSuchElementException: could not connect to any ip address port 22 on node......

Regards,
Faiza

[David Toy]

Faiza,

Great. This new issue reads like a problem with your OpenStack Location config.

I'm not an OpenStack user, but I _think_ others have solved similar problems by enabling floating ips [1].

Have you tried this already? If not, could you add this to your brooklyn.properties?

brooklyn.location.named.openstack.jclouds.openstack-nova.auto-create-floating-ips=true

If this doesn't work, could you post the whole exception, listing the Execution and Node failures in full? This will allow one of the more experienced OpenStack users to help you.

David

1. Please read the conversation between Jose Carrasco and Andrea Turli regarding HP Cloud (runs openstack):

https://groups.google.com/forum/#!msg/brooklyn-dev/jLReMbMa6Og/vXEHBRC6A7gJ

Regards,
Faiza

[faiza.sam...@gmail.com]

Thanks David for your help.

I am already giving floating IP=true, from openstack I have checked that floating IPs are being assigned to VMs.
In openstack, instance detail view shows information about security group[1](might be related to this problem)
[1]Security Groups
default
ALLOW 22:22 from 0.0.0.0/0
ALLOW -1:-1 from 0.0.0.0/0

I appreciate your team's efforts to resolve error.
stdout.log is attached.

Regards,
Faiza

[andrea...@gmail.com]

Hi Faiza,

from your log it is not clear if you are using something like:

brooklyn.location.named.openstack.jclouds.openstack-nova.auto-create-floating-ips=true

in your brooklyn.properties. In fact, in one of your previous log I can see:

"org.jclouds.compute.RunNodesException: error running 1 node group(brooklyn-ugg9-faiza-webclusterdat-gwc5-jbossas7-q2qg) location(RegionOne) image(2310f8f4-1a5e-4771-b18d-5b725d606da0) size(3) options({inboundPorts=[22, 9443, 10999, 8443, 8080, 9990], scriptPresent=true, autoAssignFloatingIp=false})"

so floating-ip are not enabled.

> In openstack, instance detail view shows information about security group[1](might be related to this problem)
> [1]Security Groups
> default
> ALLOW 22:22 from 0.0.0.0/0
> ALLOW -1:-1 from 0.0.0.0/0
>

The securityGroup looks sensible to me, but to be sure, you could create manually a securityGroup in RegionOne called `universal` that enables all tcp connections and add a new property to your brooklyn.properties:

# reuse the same securityGroup
brooklyn.location.named.openstack.securityGroups=universal

HTH,
Andrea

[faiza.sam...@gmail.com]

Thanks Andrea,

I added the floating IP=true parameter after finding the same error which you mentioned. So in new log it didnt appear.
I created security group universal in openstack with TCP connections. it is giving problem with port for each VM IP(after I run brooklyn example on openstack)
"sockets [172.24.4.226:22, 10.0.0.10:22] didn't open after 600000 MILLISECONDS"
I think it is related to some firewall or security limitation. I too am not an openstack expert but I would ask my Admin.
if you know anything to resolve it I would acknowledge it.
Thanks for your help.

Regards,
Faiza

[Andrea Turli]

Faiza,

ok no problem. Out of curiosity, are you able to telnet to the VMs
created by brooklyn manually at least?
I hope this may help your debugging.

Best,
Andrea