Ask Your Question
0

Nova service using 35357 port instead 5000 to verify admin

asked 2020-05-29 10:32:54 -0500

vladimir.m gravatar image

OS : Centos 8 Openstack version: TRAIN Guide : Minimal deployment for Train All packages from "train"

Note:

Before the Queens release, keystone needed to be run on two separate ports to accommodate the Identity v2 API which ran a separate admin-only service commonly on port 35357. With the removal of the v2 API, keystone can be run on the same port for all interfaces.

General error is: novaclient.exceptions.ClientException: The server is currently unavailable. Please try again at a later time. The Keystone service is temporarily unavailable.

nova_api logs:

2020-05-29 20:11:47.519 3030 CRITICAL keystonemiddleware.auth_token [-] Unable to validate token: Unable to establish connection to http://controller:35357/v3/auth/tokens: HTTPConnectionPool(host='controller', port=35357): Max retries exceeded with url: /v3/auth/tokens (Caused by NewConnectionError('<urllib3.connection.httpconnection 0x7f56f4f38710="" at="" object="">: Failed to establish a new connection: [Errno 111] ECONNREFUSED',)): keystoneauth1.exceptions.connection.ConnectFailure: Unable to establish connection to http://controller:35357/v3/auth/tokens: HTTPConnectionPool(host='controller', port=35357): Max retries exceeded with url: /v3/auth/tokens (Caused by NewConnectionError('<urllib3.connection.httpconnection 0x7f56f4f38710="" at="" object="">: Failed to establish a new connection: [Errno 111] ECONNREFUSED',)) 2020-05-29 20:11:47.525 3030 INFO nova.osapi_compute.wsgi.server [-] 192.168.5.249 "GET /v2.1/os-services?binary=nova-compute HTTP/1.1" status: 503 len: 498 time: 4.2695198</urllib3.connection.httpconnection></urllib3.connection.httpconnection>

nova.conf

[keystone_authtoken]

  • www_authenticate_uri = http://controller:5000/
  • auth_url = http://controller:5000/
  • memcached_servers = controller:11211
  • auth_type = password
  • project_domain_name = Default - user_domain_name = Default
  • project_name = service
  • username = nova
  • password = BLAHBLAH
edit retag flag offensive close merge delete

3 answers

Sort by ยป oldest newest most voted
0

answered 2020-05-31 00:23:30 -0500

vladimir.m gravatar image
openstack compute service list --service nova-compute --debug

REQ: curl -g -i -X GET http://controller:8774/v2.1/os-services?binary=nova-compute (http://controller:8774/v2.1/os-servic...) -H "Accept: application/json" -H "User-Agent: python-novaclient" -H "X-Auth-Token: {SHA256}d27c1d61ab0b96f6aa37e9c282bb9e0c5c63e78769f64a095c3ce8e5c9c6fc46" -H "X-OpenStack-Nova-API-Version: 2.1" Starting new HTTP connection (1): controller:8774 http://controller:8774 "GET /v2.1/os-services?binary=nova-compute HTTP/1.1" 503 218 RESP: [503] Connection: keep-alive Content-Length: 218 Content-Type: application/json Date: Sun, 31 May 2020 05:20:40 GMT X-Compute-Request-Id: req-1db3e778-674e-453e-bf99-77c459cf65a5 X-Openstack-Request-Id: req-1db3e778-674e-453e-bf99-77c459cf65a5 RESP BODY: {"message": "The server is currently unavailable. Please try again at a later time.

\nThe Keystone service is temporarily unavailable.\n\n", "code": "503 Service Unavailable", "title": "Service Unavailable"} GET call to compute for http://controller:8774/v2.1/os-services?binary=nova-compute (http://controller:8774/v2.1/os-servic...) used request id req-1db3e778-674e-453e-bf99-77c459cf65a5 The server is currently unavailable. Please try again at a later time.

The Keystone service is temporarily unavailable.

edit flag offensive delete link more
0

answered 2020-05-30 04:39:26 -0500

ehsan gravatar image

Hi . for install OpenStack in Centos 7 or 8, you must follow some Prerequisites.

did you disable Selinux or not ?

this my config

[keystone_authtoken]

www_authenticate_uri = http://controller01:5000/ auth_url = http://controller01:5000/ memcached_servers = controller01:11211 auth_type = password project_domain_name = Default user_domain_name = Default project_name = service username = nova password = xxxxxxxxxxxx

edit flag offensive delete link more

Comments

Hi! Yes Selinux was disabled. Sorry i did not see any difference between configuration section [keystone_authtoken] project_domain_name = Default - user_domain_name = Default is two split options

vladimir.m gravatar imagevladimir.m ( 2020-05-31 00:12:51 -0500 )edit
0

answered 2020-05-30 03:00:37 -0500

Have you updated your catalog? check keystone endpoints using openstack catalog list

edit flag offensive delete link more

Comments

nova

  • internal: http://controller:8774/v2.1

  • admin: http://controller:8774/v2.1

  • public: http://controller:8774/v2.1

vladimir.m gravatar imagevladimir.m ( 2020-05-31 00:15:52 -0500 )edit

Thanks you very much, found in catalog that keyston use port 35357 for admin purposes fixed it to 5000 and all work as expected

vladimir.m gravatar imagevladimir.m ( 2020-05-31 00:36:47 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

Stats

Asked: 2020-05-29 10:29:42 -0500

Seen: 63 times

Last updated: May 30