These IPs are available and not taken. I have found some errors in the ansible logs:

What do they mean by "Unable to connect to database, check login_user and login_password are correct or ~/.my.cnf has the credentials

2015-10-05 19:59:28,655 p=351 u=jarvis |  ...ignoring"

I supposed to set the database admin username and password during the deployment. isn't it?

2015-10-05 19:59:27,201 p=351 u=jarvis |  TASK: [config-db | recheck the status of mysql service in case we just stopped one of them] ***

2015-10-05 19:59:27,547 p=351 u=jarvis |  changed: [192.168.244.216]

2015-10-05 19:59:27,600 p=351 u=jarvis |  changed: [192.168.244.217]

2015-10-05 19:59:27,603 p=351 u=jarvis |  changed: [192.168.244.218]

2015-10-05 19:59:27,617 p=351 u=jarvis |  TASK: [config-db | check wsrep_on variable to see if mysql is a part of the cluster] ***

2015-10-05 19:59:28,654 p=351 u=jarvis |  failed: [192.168.244.216] => {"failed": true}

2015-10-05 19:59:28,655 p=351 u=jarvis |  msg: unable to connect to database, check login_user and login_password are correct or ~/.my.cnf has the credentials

2015-10-05 19:59:28,655 p=351 u=jarvis |  ...ignoring

2015-10-05 19:59:29,340 p=351 u=jarvis |  failed: [192.168.244.218] => {"failed": true}

2015-10-05 19:59:29,341 p=351 u=jarvis |  msg: unable to connect to database, check login_user and login_password are correct or ~/.my.cnf has the credentials

2015-10-05 19:59:29,341 p=351 u=jarvis |  ...ignoring

2015-10-05 19:59:29,480 p=351 u=jarvis |  failed: [192.168.244.217] => {"failed": true}

2015-10-05 19:59:29,481 p=351 u=jarvis |  msg: unable to connect to database, check login_user and login_password are correct or ~/.my.cnf has the credentials

2015-10-05 19:59:29,481 p=351 u=jarvis |  ...ignoring

and then:

2015-10-05 20:02:30,035 p=351 u=jarvis |  changed: [192.168.244.219]

2015-10-05 20:02:30,036 p=351 u=jarvis |  TASK: [config-controller | grant service role to service user on service tenant] ***

2015-10-05 20:02:31,428 p=351 u=jarvis |  failed: [192.168.244.219] => {"failed": true}

2015-10-05 20:02:31,429 p=351 u=jarvis |  msg: exception: name

2015-10-05 20:02:31,429 p=351 u=jarvis |  FATAL: all hosts have already failed -- aborting

I would also add that the deployment works fine if i don't use LDAP. So i am assuming the issue is with the LDAP although the test button returns a successful verification result for all the three fields. Is there a way to deploy the solution without using LDAP and then add LDAP?

To add this to the errors:

2015-10-07 02:46:02,470 p=452 u=jarvis |  TASK: [config-db | recheck the status of mysql service in case we just stopped one of them] ***

2015-10-07 02:46:02,876 p=452 u=jarvis |  changed: [192.168.244.217]

2015-10-07 02:46:02,913 p=452 u=jarvis |  changed: [192.168.244.218]

2015-10-07 02:46:02,924 p=452 u=jarvis |  changed: [192.168.244.216]

2015-10-07 02:46:02,950 p=452 u=jarvis |  TASK: [config-db | check wsrep_on variable to see if mysql is a part of the cluster] ***

2015-10-07 02:46:03,900 p=452 u=jarvis |  failed: [192.168.244.217] => {"failed": true}

2015-10-07 02:46:03,901 p=452 u=jarvis |  msg: unable to connect to database, check login_user and login_password are correct or ~/.my.cnf has the credentials

2015-10-07 02:46:03,901 p=452 u=jarvis |  ...ignoring

2015-10-07 02:46:04,585 p=452 u=jarvis |  failed: [192.168.244.216] => {"failed": true}

Guys

We are piloting "VIO Office Hours", these are opportunities to engage 1x1 with our engineering team. It will be WebEx + Teleconference based. You can share your issues and we can help troubleshoot. If you have any questions/ feedback to improve things, that can be shared as well.

Note: this will be 1x1 with eng team so you will be the only customer and rest will be VMware team.

Please sign up using this link:

http://tinyurl.com/vio-office

Thanks for using our office hours.

Let us know how things are progressing.

arvind

Hello, I have the same issue. Could you please help me.

I installed VIO with LDAP integration. Part of my config file.

configureKeystone": {

  "ldap_group_member_attribute": "uniquemember",

  "ldap_use_tls": "false",

  "keystone_backend": "ldap",

  "ldap_group_id_attribute": "",

  "ldap_group_objectclass": "",

  "ldap_group_filter": "",

  "ldap_group_name_attribute": "",

  "ldap_group_tree_dn": "OU=Groups,OU=Country,DC=example,DC=local",

  "ldap_user_pass_attribute": "",

  "ldap_user_filter": "(&(objectclass=user)(!(objectclass=computer)))",

  "ldap_user_mail_attribute": "",

  "ldap_group_desc_attribute": "",

  "ldap_user_name_attribute": "",

  "ldap_user_tree_dn": "OU=Country,DC=example,DC=local",

  "ldap_user_id_attribute": "sAMAccountName",

  "ldap_password": "",

  "ldap_user_objectclass": "",

  "ldap_user": "vio_user@example.local",

  "ldap_url": "ldap://dccontroller.example.local:389"

Was surprised what VIO has not mixed local and AD accounts.

My issue was resolved. It turned that the password of the Bind user shouldn't have the special character "$" Either Neutron or Keystone "don't remember exactly " was not able to use the password as it drops the "$" part of it. That is why it couldn't authenticate with LDAP. After a webex call with the VIO development team, It turned that it is a Bug, They didn't include the "$" in the special characters script.

Things worked after resetting the password on the bind user account, I also removed the "_" special character from the Bind user username.

Make sure also you have the right LDAP setting, the bind user account is not locked out and it successful connect when you click the three test connection buttons.

Use something like ldapadmin or apache Ad browser to test the the query that you are entering... Let us know if those tools return the users/groups you are expecting from the entered query parameters.