[Pulp-list] nodes and Oauth
Salvatore Di Nardo
sdinardo at ebi.ac.uk
Mon May 18 11:19:36 UTC 2015
Hello everyone. I hope someone could help me with this.
Since i dont want to rely on a single server (for resiliency reasons). I
triied to configure a child pulp node but i'm stuck with some Oauth
authentication failure that instst triing to use ssl:
pulp-admin node sync run --node-id=************
This command may be exited via ctrl+c without affecting the request.
RequestException: GET request on
/pulp/api/v2/consumers/************/bindings/
failed with 401 - Authentication with username None failed: invalid SSL
certificate.
Trying to dig with the issue it seems that oauth had been depretated
since pulp 2.4 :
/"/Deprecated since version 2.4.0: OAuth"
but still its a mandatory requirement on pulp 2.6:
"The communication between the child and parent nodes is secured
using OAuth. The child node must have OAuth enabled and configured. "
Should i assume that the whole nodes concept its deprecated? I dont see
ANY alternative authentication form in /etc/pulp/nodes.conf or
documented. Googling i saw similar issues but no solutions so far. I
could even ignore the deprecated thing if at least works, but it doesn't:
May 18 11:07:49 hx-syr-02 goferd: [INFO][worker-0]
gofer.messaging.adapter.qpid.connection:115 - connecting: URL:
amqp://************|SSL: ca: None|key: None|certificate: /etc/pki/pul
p/consumer/consumer-cert.pem|host-validation: None
May 18 11:07:49 hx-syr-02 goferd: [INFO][worker-0]
gofer.messaging.adapter.qpid.connection:129 - connected:
amqp://hx-syr-01.ebi.ac.uk
May 18 11:07:49 hx-syr-02 goferd: [INFO][worker-0]
gofer.rmi.dispatcher:600 - call: Content.update()
sn=ab39781f-6cfb-44d1-9a21-b668f1592803 data={'task_id':
'8ec78b83-bf04-4406-a8a5-d947645
f5028', 'consumer_id': 'hx-syr-02'}
May 18 11:07:49 hx-syr-02 goferd: [ERROR][worker-0]
pulp.agent.lib.dispatcher:112 - handler failed
May 18 11:07:49 hx-syr-02 goferd: [ERROR][worker-0]
pulp.agent.lib.dispatcher:112 - Traceback (most recent call last):
May 18 11:07:49 hx-syr-02 goferd: [ERROR][worker-0]
pulp.agent.lib.dispatcher:112 - File
"/usr/lib/python2.7/site-packages/pulp/agent/lib/dispatcher.py",
line 108, in update
May 18 11:07:49 hx-syr-02 goferd: [ERROR][worker-0]
pulp.agent.lib.dispatcher:112 - report = handler.update(conduit,
units, dict(options))
May 18 11:07:49 hx-syr-02 goferd: [ERROR][worker-0]
pulp.agent.lib.dispatcher:112 - File
"/usr/lib/python2.7/site-packages/pulp_node/handlers/handler.py",
line 92, in update
May 18 11:07:49 hx-syr-02 goferd: [ERROR][worker-0]
pulp.agent.lib.dispatcher:112 - bindings =
RepositoryBinding.fetch_all(pulp_bindings, conduit.consumer_id)
May 18 11:07:49 hx-syr-02 goferd: [ERROR][worker-0]
pulp.agent.lib.dispatcher:112 - File
"/usr/lib/python2.7/site-packages/pulp_node/handlers/model.py", line
513, in fetch_all
May 18 11:07:49 hx-syr-02 goferd: [ERROR][worker-0]
pulp.agent.lib.dispatcher:112 - http =
bindings.bind.find_by_id(node_id)
May 18 11:07:49 hx-syr-02 goferd: [ERROR][worker-0]
pulp.agent.lib.dispatcher:112 - File
"/usr/lib/python2.7/site-packages/pulp/bindings/consumer.py", line
158, in find_by_id
May 18 11:07:49 hx-syr-02 goferd: [ERROR][worker-0]
pulp.agent.lib.dispatcher:112 - return self.server.GET(path)
May 18 11:07:49 hx-syr-02 goferd: [ERROR][worker-0]
pulp.agent.lib.dispatcher:112 - File
"/usr/lib/python2.7/site-packages/pulp/bindings/server.py", line 92,
in GET
May 18 11:07:49 hx-syr-02 goferd: [ERROR][worker-0]
pulp.agent.lib.dispatcher:112 - return self._request('GET',
path, queries)
May 18 11:07:49 hx-syr-02 goferd: [ERROR][worker-0]
pulp.agent.lib.dispatcher:112 - File
"/usr/lib/python2.7/site-packages/pulp/bindings/server.py", line
150, in _request
May 18 11:07:49 hx-syr-02 goferd: [ERROR][worker-0]
pulp.agent.lib.dispatcher:112 -
self._handle_exceptions(response_code, response_body)
May 18 11:07:49 hx-syr-02 goferd: [ERROR][worker-0]
pulp.agent.lib.dispatcher:112 - File
"/usr/lib/python2.7/site-packages/pulp/bindings/server.py", line
191, in _handle_exceptions
May 18 11:07:49 hx-syr-02 goferd: [ERROR][worker-0]
pulp.agent.lib.dispatcher:112 - raise
code_class_mappings[response_code](response_body)
May 18 11:07:49 hx-syr-02 goferd: [ERROR][worker-0]
pulp.agent.lib.dispatcher:112 - PermissionsException:
RequestException: GET request on
/pulp/api/v2/consumers/hx-syr-02/bindings/ failed w
ith 401 - Authentication with username admin failed: invalid oauth
credentials.
May 18 11:07:49 hx-syr-02 goferd: [INFO][worker-0]
gofer.agent.rmi:128 - sn=ab397
Since didn't wanted to acquire a valid ssl signature i disabled ssl
everywhere and i managed to sign consumers properly, but it does not
work withparent-child repo syncs. I tried to generate oauth keys witht
his script:
https://thomashunter.name/blog/generate-oauth-consumer-key-and-shared-secrets-using-php/
and even triied with the defult "pre 2.4" keys:
[oauth]
enabled = true
oauth_key = ab3cd9j4ks73hf7g
oauth_secret = xyz4992k83j47x0bBoo8fue3yohneepo
but nothing works. Did anyone managed to configure a child node in pulp 2.6?
Thanks in advance for any hint/help
Salvatore
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pulp-list/attachments/20150518/157e8dae/attachment.htm>
More information about the Pulp-list
mailing list