Description of problem: During deployment of the nodes there are a lot of authentication failure messages logged to /var/log/messages: Jun 18 10:08:41 localhost snmpd[2632]: Connection from UDP: [192.0.2.1]:47147->[192.0.2.24]:161 Jun 18 10:08:41 localhost snmpd[2632]: Authentication failed for ro_snmp_user Jun 18 10:08:41 localhost snmpd[2632]: Connection from UDP: [192.0.2.1]:47147->[192.0.2.24]:161 Jun 18 10:08:41 localhost snmpd[2632]: Authentication failed for ro_snmp_user Jun 18 10:08:41 localhost snmpd[2632]: Connection from UDP: [192.0.2.1]:47147->[192.0.2.24]:161 Jun 18 10:08:41 localhost snmpd[2632]: Authentication failed for ro_snmp_user Jun 18 10:08:41 localhost snmpd[2632]: Connection from UDP: [192.0.2.1]:47147->[192.0.2.24]:161 Jun 18 10:08:41 localhost snmpd[2632]: Authentication failed for ro_snmp_user Jun 18 10:08:41 localhost snmpd[2632]: Connection from UDP: [192.0.2.1]:47147->[192.0.2.24]:161 Jun 18 10:08:41 localhost snmpd[2632]: Authentication failed for ro_snmp_user Jun 18 10:08:41 localhost snmpd[2632]: Connection from UDP: [192.0.2.1]:47147->[192.0.2.24]:161 Jun 18 10:08:41 localhost snmpd[2632]: Authentication failed for ro_snmp_user Jun 18 10:08:41 localhost snmpd[2632]: Connection from UDP: [192.0.2.1]:47147->[192.0.2.24]:161 Jun 18 10:08:41 localhost snmpd[2632]: Authentication failed for ro_snmp_user How reproducible: 100% Steps to Reproduce: 1. During deployment, log in to the controller and do: journalctl -u os-collect-config -f
This is hammering (especially the logging) the VMs I set up for testing and probably skewing my results a bit. What would be the quickest way to disable all these SNMP queries coming from the undercloud, while we work on a fix? Short of hopping on each controller and fixing it there (by disabling snmp or blocking incoming port 161 via iptables), I mean. Thanks ;)
To fix that errors: snmpd[PID]: Authentication failed for ro_snmp_user snmpd[PID]: Connection from UDP: [172.16.0.1]:56697->[172.16.0.28]:161 Look for the password of ro_snmp_user into compute or controller nodes: ssh root.0.$ "grep 'snmpd_readonly_user_password' -r /etc/ /etc/puppet/hieradata/compute.yaml:snmpd_readonly_user_name: ro_snmp_user /etc/puppet/hieradata/compute.yaml:snmpd_readonly_user_password: ebb07fb0679c4a09981fd4e3ce954c41e0f4b0a6 Then into the undercloud node: openstack-config --set /etc/ceilometer/ceilometer.conf hardware readonly_user_name ro_snmp_user openstack-config --set /etc/ceilometer/ceilometer.conf hardware readonly_user_password ebb07fb0679c4a09981fd4e3ce954c41e0f4b0a6 systemctl restart openstack-ceilometer-central.service And everything should now be working OK. Greetings Adrian Andrade RHCA
*** Bug 1296439 has been marked as a duplicate of this bug. ***
Hello, Please could this be backported to OSP 7. The fix seems trivial and it would be useful not to have to configure this after each overcloud deployment.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHEA-2016-2948.html