I deploy openstack-base-70,then config openstack,but fail

1

hi.

After vault unsealed, juju status is all green:

juju status
Model      Controller       Cloud/Region    Version  SLA          Timestamp
openstack  maas-controller  mymaas/default  2.8.7    unsupported  07:55:00+08:00

App                     Version  Status  Scale  Charm                   Store  Rev  OS      Notes
ceph-mon                15.2.7   active      3  ceph-mon                local    0  ubuntu
ceph-osd                15.2.7   active      3  ceph-osd                local   15  ubuntu
ceph-radosgw            15.2.7   active      1  ceph-radosgw            local   26  ubuntu
cinder                  16.2.1   active      1  cinder                  local  136  ubuntu
cinder-ceph             16.2.1   active      1  cinder-ceph             local    2  ubuntu
cinder-mysql-router     8.0.23   active      1  mysql-router            local    0  ubuntu
dashboard-mysql-router  8.0.23   active      1  mysql-router            local    0  ubuntu
glance                  20.0.1   active      1  glance                  local  150  ubuntu
glance-mysql-router     8.0.23   active      1  mysql-router            local    0  ubuntu
keystone                17.0.0   active      1  keystone                local    0  ubuntu
keystone-mysql-router   8.0.23   active      1  mysql-router            local    0  ubuntu
mysql-innodb-cluster    8.0.23   active      3  mysql-innodb-cluster    local    0  ubuntu
neutron-api             16.2.0   active      1  neutron-api             local    0  ubuntu
neutron-api-plugin-ovn  16.2.0   active      1  neutron-api-plugin-ovn  local    0  ubuntu
neutron-mysql-router    8.0.23   active      1  mysql-router            local    0  ubuntu
nova-cloud-controller   21.1.0   active      1  nova-cloud-controller   local  501  ubuntu
nova-compute            21.1.0   active      3  nova-compute            local  133  ubuntu
nova-mysql-router       8.0.23   active      1  mysql-router            local    0  ubuntu
ntp                     3.5      active      3  ntp                     local    0  ubuntu
openstack-dashboard     18.3.2   active      1  openstack-dashboard     local   32  ubuntu
ovn-central             20.03.1  active      3  ovn-central             local    0  ubuntu
ovn-chassis             20.03.1  active      3  ovn-chassis             local    0  ubuntu
placement               3.0.0    active      1  placement               local    0  ubuntu
placement-mysql-router  8.0.23   active      1  mysql-router            local    0  ubuntu
rabbitmq-server         3.8.2    active      3  rabbitmq-server         local  150  ubuntu
vault                   1.5.4    active      1  vault                   local    0  ubuntu
vault-mysql-router      8.0.23   active      1  mysql-router            local    0  ubuntu

Unit                         Workload  Agent  Machine   Public address  Ports              Message
ceph-mon/0                   active    idle   0/lxd/6   10.0.2.68                          Unit is ready and clustered
ceph-mon/1                   active    idle   1/lxd/6   10.0.2.92                          Unit is ready and clustered
ceph-mon/2*                  active    idle   2/lxd/4   10.0.2.59                          Unit is ready and clustered
ceph-osd/0                   active    idle   0         10.0.0.159                         Unit is ready (1 OSD)
ceph-osd/1                   active    idle   1         10.0.0.156                         Unit is ready (1 OSD)
ceph-osd/2*                  active    idle   2         10.0.0.157                         Unit is ready (1 OSD)
ceph-radosgw/0*              active    idle   0/lxd/7   10.0.2.72       80/tcp             Unit is ready
cinder/0*                    active    idle   1/lxd/7   10.0.2.87       8776/tcp           Unit is ready
  cinder-ceph/0*             active    idle             10.0.2.87                          Unit is ready
  cinder-mysql-router/0*     active    idle             10.0.2.87                          Unit is ready
glance/0*                    active    idle   2/lxd/5   10.0.2.60       9292/tcp           Unit is ready
  glance-mysql-router/0*     active    idle             10.0.2.60                          Unit is ready
keystone/0*                  active    idle   0/lxd/8   10.0.2.81       5000/tcp           Unit is ready
  keystone-mysql-router/0*   active    idle             10.0.2.81                          Unit is ready
mysql-innodb-cluster/0       active    idle   0/lxd/9   10.0.2.75                          Unit is ready: Mode: R/O
mysql-innodb-cluster/1       active    idle   1/lxd/8   10.0.2.83                          Unit is ready: Mode: R/O
mysql-innodb-cluster/2*      active    idle   2/lxd/6   10.0.2.58                          Unit is ready: Mode: R/W
neutron-api/0*               active    idle   1/lxd/9   10.0.2.84       9696/tcp           Unit is ready
  neutron-api-plugin-ovn/0*  active    idle             10.0.2.84                          Unit is ready
  neutron-mysql-router/0*    active    idle             10.0.2.84                          Unit is ready
nova-cloud-controller/0*     active    idle   0/lxd/10  10.0.2.76       8774/tcp,8775/tcp  Unit is ready
  nova-mysql-router/0*       active    idle             10.0.2.76                          Unit is ready
nova-compute/0               active    idle   0         10.0.0.159                         Unit is ready
  ntp/1                      active    idle             10.0.0.159      123/udp            chrony: Ready
  ovn-chassis/1              active    idle             10.0.0.159                         Unit is ready
nova-compute/1               active    idle   1         10.0.0.156                         Unit is ready
  ntp/2                      active    idle             10.0.0.156      123/udp            chrony: Ready
  ovn-chassis/2              active    idle             10.0.0.156                         Unit is ready
nova-compute/2*              active    idle   2         10.0.0.157                         Unit is ready
  ntp/0*                     active    idle             10.0.0.157      123/udp            chrony: Ready
  ovn-chassis/0*             active    idle             10.0.0.157                         Unit is ready
openstack-dashboard/0*       active    idle   1/lxd/10  10.0.2.90       80/tcp,443/tcp     Unit is ready
  dashboard-mysql-router/0*  active    idle             10.0.2.90                          Unit is ready
ovn-central/0                active    idle   0/lxd/11  10.0.2.74       6641/tcp,6642/tcp  Unit is ready
ovn-central/1                active    idle   1/lxd/11  10.0.2.82       6641/tcp,6642/tcp  Unit is ready
ovn-central/2*               active    idle   2/lxd/7   10.0.2.62       6641/tcp,6642/tcp  Unit is ready (leader: ovnnb_db, ovnsb_db northd: active)
placement/0*                 active    idle   2/lxd/8   10.0.2.66       8778/tcp           Unit is ready
  placement-mysql-router/0*  active    idle             10.0.2.66                          Unit is ready
rabbitmq-server/0            active    idle   0/lxd/12  10.0.2.79       5672/tcp           Unit is ready and clustered
rabbitmq-server/1            active    idle   1/lxd/12  10.0.2.93       5672/tcp           Unit is ready and clustered
rabbitmq-server/2*           active    idle   2/lxd/9   10.0.2.65       5672/tcp           Unit is ready and clustered
vault/0*                     active    idle   0/lxd/13  10.0.2.78       8200/tcp           Unit is ready (active: true, mlock: disabled)
  vault-mysql-router/0*      active    idle             10.0.2.78                          Unit is ready

Machine   State    DNS         Inst id               Series  AZ       Message
0         started  10.0.0.159  node4                 focal   default  Deployed
0/lxd/0   started  10.0.2.71   juju-33d214-0-lxd-0   focal   default  Container started
0/lxd/1   started  10.0.2.77   juju-33d214-0-lxd-1   focal   default  Container started
0/lxd/2   started  10.0.2.69   juju-33d214-0-lxd-2   focal   default  Container started
0/lxd/3   started  10.0.2.73   juju-33d214-0-lxd-3   focal   default  Container started
0/lxd/4   started  10.0.2.80   juju-33d214-0-lxd-4   focal   default  Container started
0/lxd/5   started  10.0.2.70   juju-33d214-0-lxd-5   focal   default  Container started
0/lxd/6   started  10.0.2.68   juju-33d214-0-lxd-6   focal   default  Container started
0/lxd/7   started  10.0.2.72   juju-33d214-0-lxd-7   focal   default  Container started
0/lxd/8   started  10.0.2.81   juju-33d214-0-lxd-8   focal   default  Container started
0/lxd/9   started  10.0.2.75   juju-33d214-0-lxd-9   focal   default  Container started
0/lxd/10  started  10.0.2.76   juju-33d214-0-lxd-10  focal   default  Container started
0/lxd/11  started  10.0.2.74   juju-33d214-0-lxd-11  focal   default  Container started
0/lxd/12  started  10.0.2.79   juju-33d214-0-lxd-12  focal   default  Container started
0/lxd/13  started  10.0.2.78   juju-33d214-0-lxd-13  focal   default  Container started
1         started  10.0.0.156  node2                 focal   default  Deployed
1/lxd/0   started  10.0.2.94   juju-33d214-1-lxd-0   focal   default  Container started
1/lxd/1   started  10.0.2.89   juju-33d214-1-lxd-1   focal   default  Container started
1/lxd/2   started  10.0.2.88   juju-33d214-1-lxd-2   focal   default  Container started
1/lxd/3   started  10.0.2.85   juju-33d214-1-lxd-3   focal   default  Container started
1/lxd/4   started  10.0.2.86   juju-33d214-1-lxd-4   focal   default  Container started
1/lxd/5   started  10.0.2.91   juju-33d214-1-lxd-5   focal   default  Container started
1/lxd/6   started  10.0.2.92   juju-33d214-1-lxd-6   focal   default  Container started
1/lxd/7   started  10.0.2.87   juju-33d214-1-lxd-7   focal   default  Container started
1/lxd/8   started  10.0.2.83   juju-33d214-1-lxd-8   focal   default  Container started
1/lxd/9   started  10.0.2.84   juju-33d214-1-lxd-9   focal   default  Container started
1/lxd/10  started  10.0.2.90   juju-33d214-1-lxd-10  focal   default  Container started
1/lxd/11  started  10.0.2.82   juju-33d214-1-lxd-11  focal   default  Container started
1/lxd/12  started  10.0.2.93   juju-33d214-1-lxd-12  focal   default  Container started
2         started  10.0.0.157  node1                 focal   default  Deployed
2/lxd/0   started  10.0.2.63   juju-33d214-2-lxd-0   focal   default  Container started
2/lxd/1   started  10.0.2.67   juju-33d214-2-lxd-1   focal   default  Container started
2/lxd/2   started  10.0.2.61   juju-33d214-2-lxd-2   focal   default  Container started
2/lxd/3   started  10.0.2.64   juju-33d214-2-lxd-3   focal   default  Container started
2/lxd/4   started  10.0.2.59   juju-33d214-2-lxd-4   focal   default  Container started
2/lxd/5   started  10.0.2.60   juju-33d214-2-lxd-5   focal   default  Container started
2/lxd/6   started  10.0.2.58   juju-33d214-2-lxd-6   focal   default  Container started
2/lxd/7   started  10.0.2.62   juju-33d214-2-lxd-7   focal   default  Container started
2/lxd/8   started  10.0.2.66   juju-33d214-2-lxd-8   focal   default  Container started
2/lxd/9   started  10.0.2.65   juju-33d214-2-lxd-9   focal   default  Container started

then config openstack :
source openrcv3_project
echo $OS_USERNAME
admin
openstack endpoint list --interface admin
Failed to discover available identity versions when contacting https://10.0.2.81:5000/v3. Attempting to parse version from URL.
SSL exception connecting to https://10.0.2.81:5000/v3/auth/tokens: HTTPSConnectionPool(host=‘10.0.2.81’, port=5000): Max retries exceeded with url: /v3/auth/tokens (Caused by SSLError(SSLError(“bad handshake: Error([(‘SSL routines’, ‘tls_process_server_certificate’, ‘certificate verify failed’)],)”,),))

source openrc
openstack endpoint list --interface admin
Could not find a suitable TLS CA certificate bundle, invalid path: /tmp/root-ca.crt

Do I need Managing TLS certificates in next step?

thank you a lot!

2

It looks like the root cause is the contents of the init file that was sourced. I will try to reproduce the issue.

3

I’m trying to understand how you deployed. I’m looking at the revisions of your charms and see a lot of 0s, which implies your running local charms. Yet I also see high revision numbers such as 501 for nova-cloud-controller. Can you paste the bundle file you used?

4

I am sorry to reply you so late because I was in long lunnar new year holidays.
the local bundle is:

local_overlay_enabled: true
series: focal
# *** Please refer to the OpenStack Charms Deployment Guide for more        ***
# *** information.
# *** https://docs.openstack.org/project-deploy-guide/charm-deployment-guide **
variables:
  openstack-origin: &openstack-origin distro
  data-port: &data-port br-ex:eno2
  worker-multiplier: &worker-multiplier 0.25
  osd-devices: &osd-devices /dev/sdb /dev/vdb
  expected-osd-count: &expected-osd-count 3
  expected-mon-count: &expected-mon-count 3
machines:
  '0':
    series: focal
  '1':
    series: focal
  '2':
    series: focal
relations:
- - nova-compute:amqp
  - rabbitmq-server:amqp
- - nova-cloud-controller:identity-service
  - keystone:identity-service
- - glance:identity-service
  - keystone:identity-service
- - neutron-api:identity-service
  - keystone:identity-service
- - neutron-api:amqp
  - rabbitmq-server:amqp
- - glance:amqp
  - rabbitmq-server:amqp
- - nova-cloud-controller:image-service
  - glance:image-service
- - nova-compute:image-service
  - glance:image-service
- - nova-cloud-controller:cloud-compute
  - nova-compute:cloud-compute
- - nova-cloud-controller:amqp
  - rabbitmq-server:amqp
- - openstack-dashboard:identity-service
  - keystone:identity-service
- - nova-cloud-controller:neutron-api
  - neutron-api:neutron-api
- - cinder:image-service
  - glance:image-service
- - cinder:amqp
  - rabbitmq-server:amqp
- - cinder:identity-service
  - keystone:identity-service
- - cinder:cinder-volume-service
  - nova-cloud-controller:cinder-volume-service
- - cinder-ceph:storage-backend
  - cinder:storage-backend
- - ceph-mon:client
  - nova-compute:ceph
- - nova-compute:ceph-access
  - cinder-ceph:ceph-access
- - ceph-mon:client
  - cinder-ceph:ceph
- - ceph-mon:client
  - glance:ceph
- - ceph-osd:mon
  - ceph-mon:osd
- - ntp:juju-info
  - nova-compute:juju-info
- - ceph-radosgw:mon
  - ceph-mon:radosgw
- - ceph-radosgw:identity-service
  - keystone:identity-service
- - placement
  - keystone
- - placement
  - nova-cloud-controller
- - keystone:shared-db
  - keystone-mysql-router:shared-db
- - cinder:shared-db
  - cinder-mysql-router:shared-db
- - glance:shared-db
  - glance-mysql-router:shared-db
- - nova-cloud-controller:shared-db
  - nova-mysql-router:shared-db
- - neutron-api:shared-db
  - neutron-mysql-router:shared-db
- - openstack-dashboard:shared-db
  - dashboard-mysql-router:shared-db
- - placement:shared-db
  - placement-mysql-router:shared-db
- - vault:shared-db
  - vault-mysql-router:shared-db
- - keystone-mysql-router:db-router
  - mysql-innodb-cluster:db-router
- - cinder-mysql-router:db-router
  - mysql-innodb-cluster:db-router
- - nova-mysql-router:db-router
  - mysql-innodb-cluster:db-router
- - glance-mysql-router:db-router
  - mysql-innodb-cluster:db-router
- - neutron-mysql-router:db-router
  - mysql-innodb-cluster:db-router
- - dashboard-mysql-router:db-router
  - mysql-innodb-cluster:db-router
- - placement-mysql-router:db-router
  - mysql-innodb-cluster:db-router
- - vault-mysql-router:db-router
  - mysql-innodb-cluster:db-router
- - neutron-api-plugin-ovn:neutron-plugin
  - neutron-api:neutron-plugin-api-subordinate
- - ovn-central:certificates
  - vault:certificates
- - ovn-central:ovsdb-cms
  - neutron-api-plugin-ovn:ovsdb-cms
- - neutron-api:certificates
  - vault:certificates
- - ovn-chassis:nova-compute
  - nova-compute:neutron-plugin
- - ovn-chassis:certificates
  - vault:certificates
- - ovn-chassis:ovsdb
  - ovn-central:ovsdb
- - vault:certificates
  - neutron-api-plugin-ovn:certificates
- - vault:certificates
  - cinder:certificates
- - vault:certificates
  - glance:certificates
- - vault:certificates
  - keystone:certificates
- - vault:certificates
  - nova-cloud-controller:certificates
- - vault:certificates
  - openstack-dashboard:certificates
- - vault:certificates
  - placement:certificates
- - vault:certificates
  - ceph-radosgw:certificates
applications:
  ceph-mon:
    annotations:
      gui-x: '790'
      gui-y: '1540'
    charm: /root/openstack-base-1/ceph-mon
    num_units: 3
    options:
      expected-osd-count: *expected-osd-count
      monitor-count: *expected-mon-count
      source: *openstack-origin
    to:
    - lxd:0
    - lxd:1
    - lxd:2
  ceph-osd:
    annotations:
      gui-x: '1065'
      gui-y: '1540'
    charm: /root/openstack-base-1/ceph-osd
    num_units: 3
    options:
      osd-devices: *osd-devices
      source: *openstack-origin
    to:
    - '0'
    - '1'
    - '2'
  ceph-radosgw:
    annotations:
      gui-x: '850'
      gui-y: '900'
    charm: /root/openstack-base-1/ceph-radosgw
    num_units: 1
    options:
      source: *openstack-origin
    to:
    - lxd:0
  cinder-mysql-router:
    annotations:
      gui-x: '900'
      gui-y: '1400'
    charm: /root/openstack-base-1/mysql-router
  cinder:
    annotations:
      gui-x: '980'
      gui-y: '1270'
    charm: /root/openstack-base-1/cinder
    num_units: 1
    options:
      block-device: None
      glance-api-version: 2
      worker-multiplier: *worker-multiplier
      openstack-origin: *openstack-origin
    to:
    - lxd:1
  cinder-ceph:
    annotations:
      gui-x: '1120'
      gui-y: '1400'
    charm: /root/openstack-base-1/cinder-ceph
    num_units: 0
  glance-mysql-router:
    annotations:
      gui-x: '-290'
      gui-y: '1400'
    charm: /root/openstack-base-1/mysql-router
  glance:
    annotations:
      gui-x: '-230'
      gui-y: '1270'
    charm: /root/openstack-base-1/glance
    num_units: 1
    options:
      worker-multiplier: *worker-multiplier
      openstack-origin: *openstack-origin
    to:
    - lxd:2
  keystone-mysql-router:
    annotations:
      gui-x: '230'
      gui-y: '1400'
    charm: /root/openstack-base-1/mysql-router
  keystone:
    annotations:
      gui-x: '300'
      gui-y: '1270'
    charm: /root/openstack-base-1/keystone
    num_units: 1
    options:
      worker-multiplier: *worker-multiplier
      openstack-origin: *openstack-origin
    to:
    - lxd:0
  neutron-mysql-router:
    annotations:
      gui-x: '505'
      gui-y: '1385'
    charm: /root/openstack-base-1/mysql-router
  neutron-api-plugin-ovn:
    annotations:
      gui-x: '690'
      gui-y: '1385'
    charm: /root/openstack-base-1/neutron-api-plugin-ovn
  neutron-api:
    annotations:
      gui-x: '580'
      gui-y: '1270'
    charm: /root/openstack-base-1/neutron-api
    num_units: 1
    options:
      neutron-security-groups: true
      flat-network-providers: physnet1
      worker-multiplier: *worker-multiplier
      openstack-origin: *openstack-origin
    to:
    - lxd:1
  placement-mysql-router:
    annotations:
      gui-x: '1320'
      gui-y: '1385'
    charm: /root/openstack-base-1/mysql-router
  placement:
    annotations:
      gui-x: '1320'
      gui-y: '1270'
    charm: /root/openstack-base-1/placement
    num_units: 1
    options:
      worker-multiplier: *worker-multiplier
      openstack-origin: *openstack-origin
    to:
    - lxd:2
  nova-mysql-router:
    annotations:
      gui-x: '-30'
      gui-y: '1385'
    charm: /root/openstack-base-1/mysql-router
  nova-cloud-controller:
    annotations:
      gui-x: '35'
      gui-y: '1270'
    charm: /root/openstack-base-1/nova-cloud-controller
    num_units: 1
    options:
      network-manager: Neutron
      worker-multiplier: *worker-multiplier
      openstack-origin: *openstack-origin
    to:
    - lxd:0
  nova-compute:
    annotations:
      gui-x: '190'
      gui-y: '890'
    charm: /root/openstack-base-1/nova-compute
    num_units: 3
    options:
      config-flags: default_ephemeral_format=ext4
      enable-live-migration: true
      enable-resize: true
      migration-auth-type: ssh
      openstack-origin: *openstack-origin
    to:
    - '0'
    - '1'
    - '2'
  ntp:
    annotations:
      gui-x: '315'
      gui-y: '1030'
    charm: /root/openstack-base-1/ntp
    num_units: 0
  dashboard-mysql-router:
    annotations:
      gui-x: '510'
      gui-y: '1030'
    charm: /root/openstack-base-1/mysql-router
  openstack-dashboard:
    annotations:
      gui-x: '585'
      gui-y: '900'
    charm: /root/openstack-base-1/openstack-dashboard
    num_units: 1
    options:
      openstack-origin: *openstack-origin
    to:
    - lxd:1
  rabbitmq-server:
    annotations:
      gui-x: '300'
      gui-y: '1550'
    charm: /root/openstack-base-1/rabbitmq-server
    num_units: 3
    to:
    - lxd:0
    - lxd:1
    - lxd:2
  mysql-innodb-cluster:
    annotations:
      gui-x: '535'
      gui-y: '1550'
    charm: /root/openstack-base-1/mysql-innodb-cluster
    num_units: 3
    to:
    - lxd:0
    - lxd:1
    - lxd:2
  ovn-central:
    annotations:
      gui-x: '70'
      gui-y: '1550'
    charm: /root/openstack-base-1/ovn-central
    num_units: 3
    options:
      source: *openstack-origin
    to:
    - lxd:0
    - lxd:1
    - lxd:2
  ovn-chassis:
    annotations:
      gui-x: '120'
      gui-y: '1030'
    charm: /root/openstack-base-1/ovn-chassis
    # *** Please update the `bridge-interface-mappings` to values suitable ***
    # *** for thehardware used in your deployment.  See the referenced     ***
    # *** documentation at the top of this file.                           ***
    options:
      ovn-bridge-mappings: physnet1:br-ex
      bridge-interface-mappings: *data-port
  vault-mysql-router:
    annotations:
      gui-x: '1535'
      gui-y: '1560'
    charm: /root/openstack-base-1/mysql-router
  vault:
    annotations:
      gui-x: '1610'
      gui-y: '1430'
    charm: /root/openstack-base-1/vault
    num_units: 1
    to:
    - lxd:0
      #options:
      # this makes Vault act as a self-signed root CA
      #auto-generate-root-ca-cert: true

Thank you again!

5

Ok, well you are indeed using local charms, which is fine, I’m just trying to understand what your use case is for doing that. Anyway, the bundle documenation says to source novarc (not openrcv3_project). When the client is installed via the openstackclients snap (which again is what the docs suggest to use) I get:

OS_CACERT=/home/ubuntu/snap/openstackclients/common/root-ca.crt

And not /tmp/root-ca.crt as you are getting.

6

Thank you again.

I source openrc ,then echo $OS_CACERT ,but no output.

Do I need vim openssl.conf to change the dir to /tmp/root-ca.crt?

And I install juju fellow file install juju, have not used novarc interactive install juju.

Would you like paste novarc or openrc ? thank you again.

.

7

I redeploy openstack-base-72 in local ,

source openrc

openstack endpoint list --interface admin
±---------------------------------±----------±-------------±-------------±--------±----------±-----------------------------------------+
| ID | Region | Service Name | Service Type | Enabled | Interface | URL |
±---------------------------------±----------±-------------±-------------±--------±----------±-----------------------------------------+
| 075e5dbf0bf94c99b1863441ce7cab42 | RegionOne | swift | object-store | True | admin | https://10.0.2.103:443/swift |
| 2a91f454e99c47bbae6959be815e4f76 | RegionOne | cinderv2 | volumev2 | True | admin | https://10.0.2.110:8776/v2/$(tenant_id)s |
| 522bdd0accc64aeba73d1ad9414765da | RegionOne | s3 | s3 | True | admin | https://10.0.2.103:443/ |
| 5763f522530145ed90513f97fd734fdd | RegionOne | glance | image | True | admin | https://10.0.2.96:9292 |
| 5dcf573397954218917df491e7f868b9 | RegionOne | keystone | identity | True | admin | https://10.0.2.101:35357/v3 |
| a17a3f32438640f68dfce72763390765 | RegionOne | neutron | network | True | admin | https://10.0.2.113:9696 |
| daaa222120dc4ed2bbc7341590a3acdb | RegionOne | placement | placement | True | admin | https://10.0.2.99:8778 |
| dfab9da33a974dc1b15228a18fac90c7 | RegionOne | cinderv3 | volumev3 | True | admin | https://10.0.2.110:8776/v3/$(tenant_id)s |
| f4b5e242719a48088df20621dea5d643 | RegionOne | nova | compute | True | admin | https://10.0.2.105:8774/v2.1 |
±---------------------------------±----------±-------------±-------------±--------±----------±-----------------------------------------+

May the openstack-base-70 's component which I deployed in my server be missing something.

8

hi,@ pmatulis.
The new question is taht I can’t open horizon page after I deploy keystone Ha base on openstack-base#72,

An error occurred authenticating. Please try again later.

The keystone HA deploying commands was fellow:

juju add-unit --to lxd:1 keystone
juju add-unit --to lxd:2 keystone
juju config keystone vip=10.0.7.12
juju deploy --config cluster_count=3 --series focal hacluster keystone-hacluster
juju add-relation keystone-hacluster:ha keystone:ha

 juju status keystone
Model      Controller       Cloud/Region    Version  SLA          Timestamp
openstack  maas-controller  mymaas/default  2.8.7    unsupported  15:54:28+08:00

App                    Version  Status  Scale  Charm         Store       Rev  OS      Notes
keystone               18.0.0   active      3  keystone      local         0  ubuntu
keystone-hacluster              active      3  hacluster     jujucharms   74  ubuntu
keystone-mysql-router  8.0.23   active      3  mysql-router  local         0  ubuntu

Unit                        Workload  Agent  Machine  Public address  Ports     Message
keystone/0*                 active    idle   0/lxd/2  10.0.2.101      5000/tcp  Unit is ready
  keystone-hacluster/0*     active    idle            10.0.2.101                Unit is ready and clustered
  keystone-mysql-router/0*  active    idle            10.0.2.101                Unit is ready
keystone/1                  active    idle   1/lxd/7  10.0.2.117      5000/tcp  Unit is ready
  keystone-hacluster/1      active    idle            10.0.2.117                Unit is ready and clustered
  keystone-mysql-router/1   active    idle            10.0.2.117                Unit is ready
keystone/2                  active    idle   2/lxd/7  10.0.2.118      5000/tcp  Unit is ready
  keystone-hacluster/2      active    idle            10.0.2.118                Unit is ready and clustered
  keystone-mysql-router/2   active    idle            10.0.2.118                Unit is ready

Machine  State    DNS         Inst id              Series  AZ       Message
0        started  10.0.0.159  node4                focal   default  Deployed
0/lxd/2  started  10.0.2.101  juju-1584e6-0-lxd-2  focal   default  Container started
1        started  10.0.0.156  node2                focal   default  Deployed
1/lxd/7  started  10.0.2.117  juju-1584e6-1-lxd-7  focal   default  Container started
2        started  10.0.0.157  node1                focal   default  Deployed
2/lxd/7  started  10.0.2.118  juju-1584e6-2-lxd-7  focal   default  Container started


openstack image list
Certificate did not match expected hostname: 10.0.7.12. Certificate: {'subject': ((('commonName', 'juju-1584e6-0-lxd-2.maas'),),), 'subjectAltName': [('DNS', 'juju-1584e6-0-lxd-2.maas'), ('IP Address', '10.0.2.101')]}
Failed to discover available identity versions when contacting https://10.0.7.12:5000/v3. Attempting to parse version from URL.
+--------------------------------------+-------+--------+
| ID                                   | Name  | Status |
+--------------------------------------+-------+--------+
| dfaeaebc-64d2-4996-96be-6475b6d06e17 | focal | active |
+--------------------------------------+-------+--------+