[Tacker] Tacker Not able to create VIM

Yasufumi Ogawa yasufum.o at gmail.com
Mon Jun 7 07:45:28 UTC 2021


Hi Ueha,

It a little bit strange because using barbican is for a consideration 
for security. Without using barbican, encode_vim_auth() should work 
because it just outputs a contents of fernet_key to a file under 
"/etc/tacker/vim/fernet_keys/" if `use_barbican` isn't True.

https://opendev.org/openstack/tacker/src/branch/master/tacker/nfvo/drivers/vim/openstack_driver.py#L224

I think the reason of the error is the output directory doesn't exist or 
wrong permission (Although changing to use barbican might also be 
working as you suggested). What do you think?

Thanks,
Yasufumi

On 2021/06/07 12:02, ueha.ayumu at fujitsu.com wrote:
> Hi
> 
> Have you installed “barbican” as described in the instructions?
> 
> https://docs.openstack.org/tacker/latest/install/manual_installation.html#pre-requisites 
> <https://docs.openstack.org/tacker/latest/install/manual_installation.html#pre-requisites>
> 
> I looked at the error log. It seems that the error occurred on the route 
> that does not use barbican.
> 
> Could you add the following settings to tacker.conf and try again?
> 
> [vim_keys]
> 
> use_barbican = True
> 
> Thanks,
> 
> Ueha
> 
> *From:*dangerzone ar <dangerzonen at gmail.com>
> *Sent:* Saturday, June 5, 2021 12:48 AM
> *To:* yasufum <yasufum.o at gmail.com>
> *Cc:* OpenStack Discuss <openstack-discuss at lists.openstack.org>
> *Subject:* Re: [Tacker] Tacker Not able to create VIM
> 
> Hi All,
> 
> I'm struggling these few days to register vim on my Tacker from the 
> dashboard. What I did is I removed tacker.conf and with the original 
> file and set back the setting each line..when I run the create from 
> dashboard I'm still not able to register the VIM but now I'm getting a 
> new error below.
> 
> Below is the error
> 
> *error: failed to register vim: unable to find key file for vim*
> 
> I also tried from cli and still failed with error below
> 
> command run:-
> 
> tacker vim-register --config-file vim_config.yaml --is-default 
> vim-default --os-username admin --os-project-name admin 
> --os-project-domain-name Default --os-auth-url 
> http://192.168.0.121:5000/v3 
> <http://192.168.0.121:5000/v3> --os-password c81e0c7a842f40c6
> 
> error return:-
> Expecting to find domain in user. The server could not comply with the 
> request since it is either malformed or otherwise incorrect. The client 
> is assumed to be in error. (HTTP 400) (Request-ID: 
> req-a980cea4-adf2-4461-a66d-4c6c3bfd2e7d)
> 
> Most of the line in tacker.conf setting is based on
> 
> https://docs.openstack.org/tacker/latest/install/manual_installation.html <https://docs.openstack.org/tacker/latest/install/manual_installation.html>
> 
> I'm running all-in-one openstack packstack (queens) and deploying Tacker 
> manually. I really hope someone could advise and help me please. Thank 
> you for your help and support.
> 
> **Attached image file and tacker.log for ref.*
> 
> On Fri, Jun 4, 2021 at 11:05 PM yasufum <yasufum.o at gmail.com 
> <mailto:yasufum.o at gmail.com>> wrote:
> 
>     Hi,
> 
>     It might be a failure of not tacker but authentication because I've run
>     VIM registration as you tried and no failure happened although it's
>     just
>     a bit different from your environment. Could you run it from CLI again
>     referring [1] if you cannot register from horizon?
> 
>     [1]
>     https://docs.openstack.org/tacker/latest/install/getting_started.html <https://docs.openstack.org/tacker/latest/install/getting_started.html>
> 
>     Thanks,
>     Yasufumi
> 
>     On 2021/06/03 10:55, dangerzone ar wrote:
>     > Hi all,
>     > 
>     > I just deployed Tacker and tried to add my 1^st VIM but I’m getting 
>     > errors as per attached file. Pls advise how to resolve this problem. Thanks
>     > 
>     >  1. *Error: *Failed to register VIM: {"error": {"message":
>     >     "(http://192.168.0.121:5000/v3/tokens
>     <http://192.168.0.121:5000/v3/tokens>
>     >     <http://192.168.0.121:5000/v3/tokens
>     <http://192.168.0.121:5000/v3/tokens>>): The resource could not be
>     >     found.", "code": 404, "title": "Not Found"}}
>     > 
>     >  2. *Error as below**à**WARNING keystonemiddleware.auth_token [-]
>     >     Authorization failed for token: InvalidToken***
>     > 
>     > **
>     > 
>     > *{"vim": {"vim_project": {"name": "admin", "project_domain_name": 
>     > "Default"}, "description": "d", "is_default": false, "auth_cred": 
>     > {"username": "admin", "user_domain_name": "Default", "password": 
>     > "c81e0c7a842f40c6"}, "auth_url": "**http://192.168.0.121:5000/v3 <http://192.168.0.121:5000/v3>
>     > <http://192.168.0.121:5000/v3 <http://192.168.0.121:5000/v3>>**",
>     "type": "openstack", "name": "d"}}
>     > process_request 
>     > /usr/lib/python2.7/site-packages/tacker/alarm_receiver.py:43*
>     > 
>     > *2021-06-04 09:41:44.655 61233 WARNING keystonemiddleware.auth_token [-] 
>     > Authorization failed for token: InvalidToken*
>     > 
>     > *2021-06-04 09:41:44.655 61233 INFO tacker.wsgi [-] 192.168.0.121 - - 
>     > [04/Jun/2021 09:41:44] "POST //v1.0/vims.json HTTP/1.1" 401 384 0.001720*
>     > 
>     > **
>     > 
>     > Below is my tacker.conf
>     > 
>     > [DEFAULT]
>     > auth_strategy = keystone
>     > policy_file = /etc/tacker/policy.json
>     > debug = True
>     > use_syslog = False
>     > bind_host = 192.168.0.121
>     > bind_port = 9890
>     > service_plugins = nfvo,vnfm
>     > state_path = /var/lib/tacker
>     > 
>     > 
>     > [nfvo]
>     > vim_drivers = openstack
>     > 
>     > [keystone_authtoken]
>     > region_name = RegionOne
>     > auth_type = password
>     > project_domain_name = Default
>     > user_domain_name = Default
>     > username = tacker
>     > password = password
>     > auth_url = http://192.168.0.121:35357 <http://192.168.0.121:35357>
>     <http://192.168.0.121:35357 <http://192.168.0.121:35357>>
>     > auth_uri = http://192.168.0.121:5000 <http://192.168.0.121:5000>
>     <http://192.168.0.121:5000 <http://192.168.0.121:5000>>
>     > 
>     > [agent]
>     > root_helper = sudo /usr/bin/tacker-rootwrap /etc/tacker/rootwrap.conf
>     > 
>     > 
>     > [database]
>     > connection = 
>     > mysql://tacker:password@192.168.0.121:3306/tacker?charset=utf8
>     <http://tacker:password@192.168.0.121:3306/tacker?charset=utf8>
>     > <http://tacker:password@192.168.0.121:3306/tacker?charset=utf8
>     <http://tacker:password@192.168.0.121:3306/tacker?charset=utf8>>**
>     > 
> 



More information about the openstack-discuss mailing list