[Pulp-list] Issues with Pulp consumer binding to a repo (unconfirmed bind)
Roman Revyakin
roman.rev at googlemail.com
Thu Feb 12 23:32:38 UTC 2015
Ok, looks like I have found the problem on my own meanwhile: seems it was the issue of missing client certificate line in the /etc/pulp/consumer/consumer.conf config file in the [messaging] section:
[messaging]
# (tcp|ssl)
scheme = ssl
host = centos7.localdomain
port = 5671
transport = qpid
cacert = /etc/pki/pulp/qpid/ca.crt
clientcert =
so instead of the proper `/etc/pki/pulp/qpid/client.crt` it was using the `/etc/pki/pulp/consumer/consumer-cert.pem` that was generated every time the consumer was registering with the Pulp server.
After I changed the `clientcert =` line to
clientcert = /etc/pki/pulp/qpid/client.crt
and restarted the `goferd` daemon the `goferd` daemon was able to send all messages through the Pulp server where `pulp.server.agent.direct.services` have processed them all, and the bind of the `pcons1c7` consumer to the `centos7-fasttrack` changed to ‘Confirmed’ state.
Best regards,
Roman
On Fri, Feb 13, 2015 at 8:07 AM, Roman Revyakin <roman.rev at googlemail.com>
wrote:
> Hi guys,
> I am experiencing problems with the unconfirmed repository bindings for a Pulp consumer.
> I run Pulp server on CentOS 7.0.1406 and install Pulp from the upstream "stable" repository: https://repos.fedorapeople.org/repos/pulp/pulp/stable/2/7Server/x86_64/, here are the details:
> Pulp server: `2.5.3-1.el7` (`pulp-server-2.5.3-1.el7.noarch` and all relevant dependencies of the same version )
> Quid: `qpid-cpp-server-0.28-5.el7.x86_64`
> Pulp consumer: pulp-consumer-client-2.5.3-1.el7.noarch
> Messaging client:
> python-gofer-1.3.1-1.el7.noarch
> python-gofer-qpid-1.3.1-1.el7.noarch
> gofer-1.3.1-1.el7.noarch
> I try to use SSL for all traffic between the Pulp and qpid with self-signed SSL certificates. The `/etc/qpid/qpidd.conf` config file from the Pulp server:
> port=5672
> max-connections=65530
> worker-threads=17
> connection-backlog=10
> auth=no
> realm=QPID
> data-dir=/var/lib/qpidd
>
> # Had to allow unencrypted traffic as otherwise was getting protocol
> # errors when trying to connect with qpid-queue-stats to the queue
> require-encryption=no
> ssl-require-client-authentication=yes
> ssl-cert-db=/etc/pki/pulp/qpid/nss
> ssl-cert-password-file=/etc/pki/pulp/qpid/nss/password
> ssl-cert-name=broker
> ssl-port=5671
> And the [/etc/pulp/consumer/consumer.conf](https://gist.github.com/romanrev/e424c6640b5f01443e84).
> I provide below here the process that I followed in order to register the consumer and try to bind it to a repository from the Pulp server. Confirming there are no consumers registered with the Pulp server as yet:
> [vagrant at centos7 ~]$ pulp-admin -u xxxxx -p 'xxxxx' consumer list
> +----------------------------------------------------------------------+
> Consumers
> +----------------------------------------------------------------------+
> Now I register the consumer from the Pulp "client" `pcons1c7` machine:
> [vagrant at pcons1c7 pulp]$ sudo pulp-consumer -u xxxxx -p 'xxxxx' register --consumer-id pcons1c7
> Consumer [pcons1c7] successfully registered
> Confirmed on the server:
> [vagrant at centos7 ~]$ pulp-admin -u xxxxx -p 'xxxxx' consumer list
> +----------------------------------------------------------------------+
> Consumers
> +----------------------------------------------------------------------+
>
> Id: pcons1c7
> Display Name: pcons1c7
> Description: None
> Bindings:
> Notes:
> Confirming existing repository on the Pulp server:
> [vagrant at centos7 ~]$ pulp-admin -u xxxxx -p 'xxxxx' rpm repo list
> +----------------------------------------------------------------------+
> RPM Repositories
> +----------------------------------------------------------------------+
>
> Id: centos7-fasttrack
> Display Name: centos7-fasttrack
> Description: None
> Content Unit Counts:
> Drpm: 152
> Rpm: 155
> Trying to bind the consumer to the existing `centos-fasttrack` repository:
> [vagrant at pcons1c7 pulp]$ sudo pulp-consumer rpm bind --repo-id centos7-fasttrack
> Bind tasks successfully created:
>
> Task Id: 218c4601-adc0-4fe3-b643-a455fd26ff9d
> Can see the consumer binding on the server, however the binding is unconfirmed and remained so for indefinite time (have never observed it changing to "Confirmed")
> [vagrant at centos7 ~]$ pulp-admin -u xxxxx -p 'xxxxx' consumer list
> +----------------------------------------------------------------------+
> Consumers
> +----------------------------------------------------------------------+
>
> Id: pcons1c7
> Display Name: pcons1c7
> Description: None
> Bindings:
> Confirmed:
> Unconfirmed: centos7-fasttrack
> Notes:
> I have also tried to bind the consumer to repository using `pulp-admin` on the server, however the command hung forever:
> [vagrant at centos7 ~]$ pulp-admin -u xxxxx -p 'xxxxx' rpm consumer bind --repo-id centos7-fasttrack --consumer-id pcons1c7
> This command may be exited via ctrl+c without affecting the request.
>
>
> [-]
> Running...
> [-]
> Waiting to begin...
> I also observe the following errors in the `/var/log/messages`:
> Feb 12 16:05:58 centos7 qpidd: 2015-02-12 16:05:58 [System] error Error reading socket: Success(0)
>
> I can see the messages in the qpid queue, running the following command on the Pulp server:
> qpid-queue-stats -a qpid://guest@centos7.localdomain:5672
> ...
> qmfc-v2-ui-centos7.18060.1 9.99 0 0.10 0.10
> celeryev.5008aa02-e22b-488c-af22-c927b63b8cc4 10.00 0 0.80 0.80
> qmfc-v2-ui-centos7.18060.1 10.00 0 0.10 0.10
> celeryev.5008aa02-e22b-488c-af22-c927b63b8cc4 10.00 0 0.80 0.80
> pulp.agent.pcons1c7 60.00 16 0.02 0.00
> qmfc-v2-ui-centos7.18060.1 10.00 0 0.10 0.10
> celeryev.5008aa02-e22b-488c-af22-c927b63b8cc4 10.00 0 0.80 0.80
> qmfc-v2-ui-centos7.18060.1 10.00 0 0.10 0.10
> celeryev.5008aa02-e22b-488c-af22-c927b63b8cc4 10.00 0 0.80 0.80
> qmfc-v2-ui-centos7.18060.1 10.00 0 0.10 0.10
> ...
> Obviously all Pulp components are talking to qpid:
> pulp_resource_manager.service - Pulp Resource Manager
> Loaded: loaded (/usr/lib/systemd/system/pulp_resource_manager.service; enabled)
> Active: active (running) since Fri 2015-02-13 08:01:40 EST; 5s ago
> Main PID: 18669 (celery)
> CGroup: /system.slice/pulp_resource_manager.service
> ├─18669 /usr/bin/python /usr/bin/celery worker -A pulp.server.async.app -n resource_manager@%h -Q resource_manager -c 1 --events --umask 18
> └─18682 /usr/bin/python /usr/bin/celery worker -A pulp.server.async.app -n resource_manager@%h -Q resource_manager -c 1 --events --umask 18
>
> Feb 13 08:01:42 centos7 celery[18669]: - ** ---------- [config]
> Feb 13 08:01:42 centos7 celery[18669]: - ** ---------- .> app: tasks:0x2a0ded0
> Feb 13 08:01:42 centos7 celery[18669]: - ** ---------- .> transport: qpid://guest@centos7.localdomain:5671//
> Feb 13 08:01:42 centos7 celery[18669]: - ** ---------- .> results: mongodb
> Feb 13 08:01:42 centos7 celery[18669]: - *** --- * --- .> concurrency: 1 (prefork)
> Feb 13 08:01:42 centos7 celery[18669]: -- ******* ----
> Feb 13 08:01:42 centos7 celery[18669]: --- ***** ----- [queues]
> Feb 13 08:01:42 centos7 celery[18669]: -------------- .> resource_manager exchange=resource_manager(direct) key=resource_manager
> Feb 13 08:01:42 centos7 celery[18669]: .> resource_manager at centos7.dq exchange=C.dq(direct) key=resource_manager at centos7
> Feb 13 08:01:42 centos7 pulp[18669]: celery.worker.consumer:INFO: Connected to qpid://guest@centos7.localdomain:5671//
> pulp_celerybeat.service - Pulp's Celerybeat
> Loaded: loaded (/usr/lib/systemd/system/pulp_celerybeat.service; enabled)
> Active: active (running) since Fri 2015-02-13 08:02:44 EST; 3s ago
> Main PID: 18712 (celery)
> CGroup: /system.slice/pulp_celerybeat.service
> └─18712 /usr/bin/python /usr/bin/celery beat --scheduler=pulp.server.async.scheduler.Scheduler
> Feb 13 08:02:44 centos7 systemd[1]: Started Pulp's Celerybeat.
> Feb 13 08:02:44 centos7 pulp[18712]: celery.beat:INFO: beat: Starting...
> Feb 13 08:02:44 centos7 pulp[18712]: pulp.server.async.scheduler:INFO: Worker Timeout Monitor Started
> Feb 13 08:02:44 centos7 pulp[18712]: pulp.server.db.connection:INFO: Database authentication enabled, attempting username/passwordauthentication.
> Feb 13 08:02:44 centos7 pulp[18712]: pulp.server.async.scheduler:INFO: Event Monitor Starting
> Feb 13 08:02:44 centos7 pulp[18712]: pulp.server.db.connection:INFO: Database connection established with: seeds = centos7:27017, name = pulp
> Feb 13 08:02:44 centos7 pulp[18712]: kombu.mixins:INFO: Connected to qpid://guest@centos7.localdomain:5671//
> I am sure I am doing something wrong, just cannot put my finger on what exactly. I would appreciate any help or hint with that regard.
> Thank you!
> With kind regards,
> Roman
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pulp-list/attachments/20150212/aaa63c1f/attachment.htm>
More information about the Pulp-list
mailing list