Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1558652 - [Deployment][TLS] Enabling TLS does not explicitly disable HTTP which may cause NB REST failures in ODL
[Deployment][TLS] Enabling TLS does not explicitly disable HTTP which may cau...
Status: CLOSED ERRATA
Product: Red Hat OpenStack
Classification: Red Hat
Component: puppet-opendaylight (Show other bugs)
13.0 (Queens)
Unspecified Unspecified
urgent Severity high
: beta
: 13.0 (Queens)
Assigned To: Tim Rozet
Itzik Brown
odl_deployment, odl_tls
: Triaged
Depends On:
Blocks: 1488826
  Show dependency treegraph
 
Reported: 2018-03-20 12:58 EDT by Tim Rozet
Modified: 2018-10-18 03:22 EDT (History)
6 users (show)

See Also:
Fixed In Version: puppet-opendaylight-7.0.0-0.20180216174117
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
N/A
Last Closed: 2018-06-27 09:48:15 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
OpenDaylight Bug INTPAK-152 None None None 2018-03-20 13:14 EDT
OpenDaylight gerrit 69699 None None None 2018-03-20 13:51 EDT
Red Hat Product Errata RHEA-2018:2086 None None None 2018-06-27 09:48 EDT

  None (edit)
Description Tim Rozet 2018-03-20 12:58:02 EDT 
Description of problem:
The HTTP port is configured to be the same as the HTTPS port (8081) and HTTPS is enabled.  Previously this behavior would result in HTTPS only being enabled.  However, with changes to Oyxgen this is no longer the case.  Now exceptions are thrown because Pax thinks there is a conflict with both HTTP and HTTPs enabled on the same port and jetty NB never comes up.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Deploy ODL TLS container deployment
2. Deployment will fail at step 4 in compute, while 'Waiting for Netvirt to come up'
3. Go to a control/compute node and curl the internal_api ODL IP check URL like: curl -k   --head -u admin:admin https://192.0.2.10:8081/restconf/operational/network-topology:network-topology/topology/netvirt:1

Actual results:
503 service error returned

Expected results:
Should return a web page response 200 OK.

Additional info:
Comment 1 Tim Rozet 2018-03-20 13:00:30 EDT 
According to Pax documentation setting the http port to a negative number should disable http.  I tried this out and it doesn't work.  Jetty complains that it is an invalid value.  The solution is to explicitly disable http in the pax config file via:
org.apache.felix.http.enable = false
Comment 7 Itzik Brown 2018-04-26 05:45:51 EDT 
Checked with:
puppet-opendaylight-8.1.0-0.20180321182556.45c4db7.el7ost.noarch
Comment 9 errata-xmlrpc 2018-06-27 09:48:15 EDT 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2018:2086
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.