Bug 1185921 - RabbitMQ fails to start if configured with ssl
Summary: RabbitMQ fails to start if configured with ssl
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: RDO
Classification: Community
Component: openstack-packstack
Version: Icehouse
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: Juno
Assignee: Lukas Bezdicka
QA Contact: yeylon@redhat.com
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-01-26 16:02 UTC by Miroslav Suchý
Modified: 2016-04-18 06:47 UTC (History)
4 users (show)

Fixed In Version: openstack-packstack-2014.1.1-0.31.4.dev1279
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-03-30 23:06:13 UTC


Attachments (Terms of Use)

Description Miroslav Suchý 2015-01-26 16:02:21 UTC
Description of problem:
When you set your answerfile to use rabbitmq and enable SSL, rabbitmq fail to start.
It is caused by line 
  RABBITMQ_NODE_PORT=5671
from
  /etc/rabbitmq/rabbitmq-env.conf
RabbitMQ is somehow confused when this port is specified both here and  in 
  /etc/rabbitmq/rabbitmq.config

Commenting (or removing) that line from /etc/rabbitmq/rabbitmq-env.conf resolve this issue.



Astapor had the same problem recently. See:
  https://github.com/redhat-openstack/astapor/blob/master/puppet/modules/quickstack/manifests/amqp/server/rabbitmq.pp#L14-L19
  

Version-Release number of selected component (if applicable):
openstack-packstack-2014.1.1-0.31.1.dev1266.el7.centos.noarch
openstack-packstack-puppet-2014.1.1-0.31.1.dev1266.el7.centos.noarch

How reproducible:
deterministc

Steps to Reproduce:
1. Use this answers:
# Set the server for the AMQP service
CONFIG_AMQP_BACKEND=rabbitmq

# The IP address of the server on which to install the AMQP service
CONFIG_AMQP_HOST=209.132.184.9

# Enable SSL for the AMQP service
CONFIG_AMQP_ENABLE_SSL=y

# Enable Authentication for the AMQP service
CONFIG_AMQP_ENABLE_AUTH=y

# The password for the NSS certificate database of the AMQP service
CONFIG_AMQP_NSS_CERTDB_PW=SANITIZED

# The port in which the AMQP service listens to SSL connections
CONFIG_AMQP_SSL_PORT=5671

# The filename of the certificate that the AMQP service is going to
# use
CONFIG_AMQP_SSL_CERT_FILE=/etc/pki/tls/certs/amqp_selfcert.pem

# The filename of the private key that the AMQP service is going to
# use
CONFIG_AMQP_SSL_KEY_FILE=/etc/pki/tls/private/amqp_selfkey.pem

# Auto Generates self signed SSL certificate and key
CONFIG_AMQP_SSL_SELF_SIGNED=y

# User for amqp authentication
CONFIG_AMQP_AUTH_USER=amqp_user

# Password for user authentication
CONFIG_AMQP_AUTH_PASSWORD=SANITIZED

2. run packstack with this answer file


Actual results:
ERROR : Error appeared during Puppet run: 209.132.184.9_amqp.pp
Error: /Stage[main]/Rabbitmq::Service/Service[rabbitmq-server]: Failed to call refresh: Could not restart Service[rabbitmq-server]: Execution of '/usr/bin/systemctl restart rabbitmq-server' returned 1: Job for rabbitmq-server.service failed. See 'systemctl status rabbitmq-server.service' and 'journalctl -xn' for details.

Expected results:
rabbitmq starts
:

Additional info:
  it seems that bugs 1098821 and 1160885 can be closed as duplicate of this one.

Comment 1 Martin Magr 2015-01-30 10:06:28 UTC
Reproduced. Seems like RabbitMQ port is blocked
=INFO REPORT==== 30-Jan-2015::04:57:56 ===
started TCP Listener on [::]:5671

=INFO REPORT==== 30-Jan-2015::04:57:56 ===
Error description:
   {case_clause,{error,{already_started,<0.267.0>}}}

Log files (may contain more information):
   /var/log/rabbitmq/rabbit@localhost.log
   /var/log/rabbitmq/rabbit@localhost-sasl.log

Stack trace:
   [{rabbit_networking,start_listener0,4,
                       [{file,"src/rabbit_networking.erl"},{line,232}]},
    {rabbit_networking,'-start_listener/4-lc$^0/1-0-',4,
                       [{file,"src/rabbit_networking.erl"},{line,225}]},
    {rabbit_networking,start_listener,4,
                       [{file,"src/rabbit_networking.erl"},{line,225}]},
    {rabbit_networking,'-boot_ssl/0-lc$^0/1-0-',1,
                       [{file,"src/rabbit_networking.erl"},{line,137}]},
    {rabbit_networking,boot_ssl,0,
                       [{file,"src/rabbit_networking.erl"},{line,137}]},
    {rabbit_networking,boot,0,[{file,"src/rabbit_networking.erl"},{line,125}]},
    {rabbit,'-run_boot_step/1-lc$^1/1-1-',1,
            [{file,"src/rabbit.erl"},{line,479}]},
    {rabbit,run_boot_step,1,[{file,"src/rabbit.erl"},{line,478}]}]


=INFO REPORT==== 30-Jan-2015::04:57:57 ===
stopped TCP Listener on [::]:5671

=INFO REPORT==== 30-Jan-2015::04:57:57 ===
Error description:
   {could_not_start,rabbit,
       {bad_return,
           {{rabbit,start,[normal,[]]},
            {'EXIT',
                {rabbit,failure_during_boot,
                    {case_clause,{error,{already_started,<0.267.0>}}}}}}}}


Note You need to log in before you can comment on or make changes to this bug.