点赞

收藏

评论

分享

原创

https证书创建失败-barbican问题判断

弹性负载均衡

2023-05-22 09:14:02

18

0

负载证书创建失败
openstack secret store查看状态如果有回显报错
1. os-control节点ps -ef |grep barbican看有barbican进程吗

2. 看防火墙端口等放行没有
Iptables -nL 查看有没有12001和19001
如果没有
iptables -I INPUT -p tcp -m multiport --dports 19001 -j ACCEPT -s 10.67.88.0/22
iptables -I INPUT -p tcp -m multiport --dports 12001 -j ACCEPT -s 10.67.88.0/22
创建完iptables-save保存一下，三个节点都要看

3. 查看barbican节点，发现有多个barbican服务实体
openstack service list
+----------------------------------+-----------+-------------+
| ID | Name | Type |
+----------------------------------+-----------+-------------+
| 15d7e7b8e18446b5bf055db387f92bc7 | barbican | key-manager |
| 3687fd4050d74f9085c9e90c07d5f2bf | glance | image |
| 5d540c19eb5d4e5682fe76d6d0284f77 | barbican | key-manager |
| 658fd745901c442f9c1fd32e0319b451 | cinderv3 | volumev3 |
| 84da318aface40cf9d2f479b2033f533 | nova | compute |
| 9e9e29631fe4402d885d561e8f912da7 | barbican | key-manager |
| b2965ad185dd48e4b37186a5ae96d8d1 | placement | placement |
| b9c656e6a14f40e38ac43361a0c00f99 | barbican | key-manager |
| d417d7346afc4015b8f0081feeb32c6e | neutron | network |
| f95c32eea3c94b4caece4446c88b31f2 | keystone | identity |
| fff132b81a7e4f3f8d6c286e4aab9526 | cinderv2 | volumev2 |
+----------------------------------+-----------+-------------+
把多余的barbacan节点删除
openstack service delete 15d7e7b8e18446b5bf055db387f92bc7 5d540c19eb5d4e5682fe76d6d0284f77 9e9e29631fe4402d885d561e8f912da7
重新创建证书管理API
openstack endpoint create --region RegionOne key-manager public http://barbican-server.cty.os:12001
openstack endpoint create --region RegionOne key-manager internal http://barbican-server.cty.os:12001
openstack endpoint create --region RegionOne key-manager admin http://barbican-server.cty.os:12001

5.openstack密码有问题
openstack user set --passwor

0条评论

作者已关闭评论

2文章数

0点赞数

0粉丝数

y****n

2 文章 | 0 粉丝

Ta的热门文章查看更多

https证书创建失败-barbican问题判断监控无数据agent排查说明

2文章数

0点赞数

0粉丝数

y****n

2 文章 | 0 粉丝

原创

https证书创建失败-barbican问题判断

弹性负载均衡

2023-05-22 09:14:02

18

0

负载证书创建失败
openstack secret store查看状态如果有回显报错
1. os-control节点ps -ef |grep barbican看有barbican进程吗

2. 看防火墙端口等放行没有
Iptables -nL 查看有没有12001和19001
如果没有
iptables -I INPUT -p tcp -m multiport --dports 19001 -j ACCEPT -s 10.67.88.0/22
iptables -I INPUT -p tcp -m multiport --dports 12001 -j ACCEPT -s 10.67.88.0/22
创建完iptables-save保存一下，三个节点都要看

3. 查看barbican节点，发现有多个barbican服务实体
openstack service list
+----------------------------------+-----------+-------------+
| ID | Name | Type |
+----------------------------------+-----------+-------------+
| 15d7e7b8e18446b5bf055db387f92bc7 | barbican | key-manager |
| 3687fd4050d74f9085c9e90c07d5f2bf | glance | image |
| 5d540c19eb5d4e5682fe76d6d0284f77 | barbican | key-manager |
| 658fd745901c442f9c1fd32e0319b451 | cinderv3 | volumev3 |
| 84da318aface40cf9d2f479b2033f533 | nova | compute |
| 9e9e29631fe4402d885d561e8f912da7 | barbican | key-manager |
| b2965ad185dd48e4b37186a5ae96d8d1 | placement | placement |
| b9c656e6a14f40e38ac43361a0c00f99 | barbican | key-manager |
| d417d7346afc4015b8f0081feeb32c6e | neutron | network |
| f95c32eea3c94b4caece4446c88b31f2 | keystone | identity |
| fff132b81a7e4f3f8d6c286e4aab9526 | cinderv2 | volumev2 |
+----------------------------------+-----------+-------------+
把多余的barbacan节点删除
openstack service delete 15d7e7b8e18446b5bf055db387f92bc7 5d540c19eb5d4e5682fe76d6d0284f77 9e9e29631fe4402d885d561e8f912da7
重新创建证书管理API
openstack endpoint create --region RegionOne key-manager public http://barbican-server.cty.os:12001
openstack endpoint create --region RegionOne key-manager internal http://barbican-server.cty.os:12001
openstack endpoint create --region RegionOne key-manager admin http://barbican-server.cty.os:12001

5.openstack密码有问题
openstack user set --passwor

文章来自个人专栏

文章 | 订阅

0条评论

作者已关闭评论

作者已关闭评论

0

0