[one.zone.raftstatus] User couldn't be authenticated, aborting call

Greetings all,

This is my first ON install, and I am struggling big time with the password setup.
I installed ON on one machine, and a KVM node on another.
On the ON, I installed MySQL / MariaDB. First start, I had my clear password in /var/lib/one/.one/one_auth . That worked. I was able to login to ON and change my default password.

Every time I use the command “oneuser login oneadmin” , I enter my new password , then it asks me

Do you want to overwrite the file /var/lib/one/.one/one_auth? (Y|N):
which I answer YES to, then it update a token somewhere.

In the /var/log/one/oned.log though, I constantly have this error message:

**Wed Sep 19 12:41:03 2018 [Z0][ReM][D]: Req:6784 UID:-1 one.zone.raftstatus invoked **
Wed Sep 19 12:41:03 2018 [Z0][ReM][E]: Req:6784 UID:- one.zone.raftstatus result FAILURE [one.zone.raftstatus] User couldn’t be authenticated, aborting call.

I am not sure what folder I should update in /var/lib/one/.one/*_auth -> Every time I touch one of those, something else does not work anymore.

Any help would be appreciated. Thank you !

Can you paste here the output for the following command onezone list -x?

Regards!

oneadmin@opennebula-center:~> onezone list -x

<ZONE_POOL>

<ZONE>

<ID>0</ID>

<NAME>OpenNebula</NAME>

<TEMPLATE>

<ENDPOINT><![CDATA[http://localhost:2633/RPC2]]></ENDPOINT>

</TEMPLATE>

<SERVER_POOL>

<SERVER>

<ENDPOINT><![CDATA[http://10.1.2.150:2633/RPC2]]></ENDPOINT>

<ID><![CDATA[0]]></ID>

<NAME><![CDATA[server-0]]></NAME>

</SERVER>

</SERVER_POOL>

</ZONE>

</ZONE_POOL>

Do you have access to this endpoint <ENDPOINT><![CDATA[http://10.1.2.150:2633/RPC2]]></ENDPOINT> ?

Try to do a SSH connection to this IP: 10.1.2.150

yes, that is the public IP address of the same machine (127.0.0.1).
Since localhost did not work, I tried this IP without success…

Hi, i think you are having authentication issues.

First of all oneuser login does not work as you think, browsing in the cli help we see the next:

login username Creates the login token for authentication. The token can be used together with any authentication driver. The
       token will be stored in $HOME/.one/one_auth, and can be used subsequently to authenticate with oned through API, CLI or  Sun‐
       stone.

That means that you need to use login command to generate a token.

So, how do u can change your password for oneadmin? easy:

  • oneuser passwd 0 [ password ] #or throught sunstone
  • echo oneadmin:[ password ] > $ONE_AUTH

Then restart opennebula service (including scheduler).

If you are having troubes with scheduler perform the next steps:

$ pkill -9 mm_sched
$ mm_sched &

opennebula should work after that.

Regards

that was the issue. restarting opennebula services does not restart the scheduler. bug opened.