Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.

Bug 1519216

Summary: OpenStack user sync fails with Timeout with Error: [Excon::Error::Timeout]: connect_write timeout reached Method:[block in method_missing]
Product: Red Hat CloudForms Management Engine Reporter: Loic Avenel <lavenel>
Component: ProvidersAssignee: Richard Su <rwsu>
Status: CLOSED WORKSFORME QA Contact: Ola Pavlenko <opavlenk>
Severity: high Docs Contact:
Priority: high    
Version: 5.9.0CC: cpelland, gblomqui, jfrey, jhardy, lavenel, maufart, obarenbo, simaishi
Target Milestone: GA   
Target Release: 5.9.1   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: testathon
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-02-20 15:59:27 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: Openstack Target Upstream Version:
Description Flags
evm.log none

Description Loic Avenel 2017-11-30 12:17:42 UTC
Description of problem: OpenStack user sync fails with Timeout with Error: [Excon::Error::Timeout]: connect_write timeout reached  Method:[block in method_missing]

Version-Release number of selected component (if applicable):

How reproducible: always

Steps to Reproduce:
1. Go to Openstack Provider
2. select "syn user"

Actual results: Process fails with Error: [Excon::Error::Timeout]: connect_write timeout reached  Method:[block in method_missing]

Expected results: should work

Additional info:

Comment 2 Loic Avenel 2017-11-30 12:22:10 UTC
Created attachment 1360894 [details]

Comment 5 Richard Su 2017-12-01 06:39:19 UTC
I wasn't able to reproduce the error using 5.9 and OSP11.
I used Keystone V2, tenant mapping enabled = true, and Non-SSL.

Loic, which OSP version did you use? Can you let me know how you setup the cloud provider? A screenshot of provider edit screen may be helpful. Thanks.

Comment 6 Richard Su 2017-12-02 05:36:27 UTC
Loic, can you verify port 35357 is accessible from CFME?

Upon further investigation, I believe the error is a result of port 35357 (used by keystone adminURL), on the overcloud controller node, not being accessible from CFME. For Keystone v2, the adminURL, instead of the publicURL, is used to fetch the list of users. The adminURL runs off of port 35357 instead of port 5000.

I was able to reproduce the exact error by blocking 35357 through an iptables DROP rule on the overcloud controller node. And then initiating a user sync.

iptables -I INPUT 1 -p tcp -i eth0 -s 0/0 --dport 35357 -j DROP

Comment 7 Richard Su 2017-12-15 01:26:20 UTC
An update to this issue.

I brought up a CFME appliance using with OSP11 and user sync worked in my environment.

Comment 8 Marek Aufart 2018-02-20 15:59:27 UTC
Discussed with Loic, cannot reproduce, closing for now.