OpenStack – Page 2 – Elkano.org Blog!

Verify error: Command ‘openssl’ returned non-zero exit status 4

November 12, 2014November 12, 2014 sysadmin Leave a comment

After migrating the neutron-server and the keystone service from one machine to another I got the following error when running commands like neutron net-list:

2014-11-11 12:45:27.013 23123 WARNING keystoneclient.middleware.auth_token [-] Verify error: Command 'openssl' returned non-zero exit status 4
2014-11-11 12:45:27.013 23123 WARNING keystoneclient.middleware.auth_token [-] Authorization failed for token
2014-11-11 12:45:27.014 23123 INFO keystoneclient.middleware.auth_token [-] Invalid user token - rejecting request

To solve the error I had to remove the existing certificates:

rm /var/lib/neutron/keystone-signing/*

After that the certificates where generated again and the command was run succesfully.

OpenStack: ssh timeout with GRE tunnels

October 28, 2014October 28, 2014 sysadmin 1 Comment

I configured my OpenStack installation and all went Ok. I used the Open vSwitch plugin with GRE tunnels and although I had ping connectivity, when I try to connect to instances through ssh I got a time out. The problem seemed to be in the tunnel MTU size. I had to lower the mtu size on instances to prevent packet fragmentation over GRE tunnel.

Edit /etc/neutron/dhcp_agent.ini file, add this line:

# Override the default dnsmasq settings with this file
dnsmasq_config_file = /etc/neutron/dnsmasq/dnsmasq-neutron.conf

Create file /etc/neutron/dnsmasq/dnsmasq-neutron.conf and add these values:

dhcp-option-force=26,1400

Finally restart neutron server

# service neutron-server restart

References:

http://docs.openstack.org/admin-guide-cloud/content/openvswitch_plugin.html