Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Octavia Config:
- [DEFAULT]
- debug = True
- transport_url = rabbit://xxxx:xxxx@openstack-galera1.sdsc.edu:5672,xxx:xxxx@openstack-galera2.sdsc.edu:5672/
- log_file=/var/log/octavia/octavia.log
- log_dir=/var/log/octavia
- [api_settings]
- [database]
- connection = mysql+pymysql://octavia:xxxxxx@openstack-galera.sdsc.edu/octavia?charset=utf8
- [health_manager]
- bind_ip = 0.0.0.0
- controller_ip_port_list =10.10.0.8:5555,10.10.0.14:5555
- heartbeat_key =xxxxxx
- [keystone_authtoken]
- auth_uri = http://identity-int.cloud.sdsc.edu:5000
- auth_url = http://identity-int.cloud.sdsc.edu:35357
- username = octavia
- password = NdB40s1m
- project_name = service
- project_domain_name = default
- user_domain_name = default
- auth_type=password
- memcached_servers=openstack-controller1.sdsc.edu:11211,openstack-controller2.sdsc.edu:11211
- region_name=SDSC
- [certificates]
- ca_certificate = /etc/pki/tls/certs/octavia_server_ca.pem
- ca_private_key = /etc/pki/tls/private/octavia_server_ca.key
- ca_private_key_passphrase =xxxxx
- [anchor]
- [networking]
- [haproxy_amphora]
- client_cert = /etc/pki/tls/certs/octavia_client_cert.pem
- server_ca = /etc/pki/tls/certs/octavia_client_ca.pem
- [controller_worker]
- amp_active_retries = 50
- amp_active_wait_sec = 10
- amp_image_tag =octavia-amphora-image
- amp_flavor_id =5d5a2106-e74c-4488-843f-1a7bbcb146d9
- amp_ssh_key_name =octavia_key
- amp_boot_network_list =09d14821-e471-4548-a57f-5b29b33de0d7
- amp_secgroup_list =54d35af1-25e9-47d3-872d-9829a5783930
- client_ca = /etc/pki/tls/certs/octavia_client_ca.pem
- amphora_driver = amphora_haproxy_rest_driver
- compute_driver = compute_nova_driver
- network_driver = allowed_address_pairs_driver
- [task_flow]
- disable_revert = True
- [oslo_messaging]
- topic = octavia-rpc
- [house_keeping]
- [amphora_agent]
- [keepalived_vrrp]
- [service_auth]
- project_domain_name = default
- project_name = service
- user_domain_name = default
- password = xxxx
- username = octavia
- auth_type = password
- auth_url = http://identity-int.cloud.sdsc.edu:5000/
- [nova]
- [glance]
- [neutron]
- [quotas]
- [oslo_messaging_notifications]
- transport_url=rabbit://xxxx:xxx@openstack-galera1:5672,xxxx:xxxx@openstack-galera2:5672/
- My curl command from worker (that does not generate any SSL errors):
- curl --cacert /etc/pki/tls/certs/octavia_server_ca.pem --key /etc/pki/tls/private/octavia_server_ca.key --pass xxx --resolve 'eb2ba854-d38f-4100-b5dc-578c1db556ac:9443:10.10.0.7' --verbose https://eb2ba854-d38f-4100-b5dc-578c1db556ac:9443/0.5/info
- * Added eb2ba854-d38f-4100-b5dc-578c1db556ac:9443:10.10.0.7 to DNS cache
- * About to connect() to eb2ba854-d38f-4100-b5dc-578c1db556ac port 9443 (#0)
- * Trying 10.10.0.7...
- * Connected to eb2ba854-d38f-4100-b5dc-578c1db556ac (10.10.0.7) port 9443 (#0)
- * Initializing NSS with certpath: sql:/etc/pki/nssdb
- * CAfile: /etc/pki/tls/certs/octavia_server_ca.pem
- CApath: none
- * NSS: client certificate not found (nickname not specified)
- * SSL connection using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- * Server certificate:
- * subject: CN=eb2ba854-d38f-4100-b5dc-578c1db556ac
- * start date: Aug 14 20:45:58 2018 GMT
- * expire date: Aug 13 20:45:58 2020 GMT
- * common name: eb2ba854-d38f-4100-b5dc-578c1db556ac
- * issuer: CN=octavia_server_ca.cloud.sdsc.edu,O=San Diego Supercomputer Center,L=La Jolla,ST=California,C=US
- > GET /0.5/info HTTP/1.1
- > User-Agent: curl/7.29.0
- > Host: eb2ba854-d38f-4100-b5dc-578c1db556ac:9443
- > Accept: */*
- >
- < HTTP/1.1 200 OK
- < Server: gunicorn/19.9.0
- < Date: Wed, 15 Aug 2018 17:38:57 GMT
- < Connection: close
- < Content-Type: application/json
- < Content-Length: 116
- <
- * Closing connection 0
- {"haproxy_version":"1.6.3-1ubuntu0.1","api_version":"0.5","hostname":"amphora-eb2ba854-d38f-4100-b5dc-578c1db556ac"}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement