Server – Connect Cluster Controller to the Region Controller (MaaS)

The first clue to the answer lies in the log /var/log/maas/pserv.log on the cluster-controller. The problem was essentially an authentication failure.

2015-02-02 20:36:57+0900 [Uninitialized] ClusterClient connection established (HOST:IPv4Address(TCP, '172.16.10.3', 46209) PEER:IPv4Address(TCP, u'172.16.10. 1', 39492)) 
2015-02-02 20:36:57+0900 [Uninitialized] Event-loop maas:pid=1814 (127.0.0.1:33547): Connection was refused by other side: 111: Connection refused.

The second clue came from the region-controller's /var/log/maas/apache2/error.log.

[Mon Feb 02 18:02:10.106725 2015] [:error] [pid 31259:tid 140386414548864] OperationalError: FATAL:  password authentication failed for user "maas"
[Mon Feb 02 18:02:10.106731 2015] [:error] [pid 31259:tid 140386414548864] FATAL:  password authentication failed for user "maas"

For those that are curious I changed up my IP scheme to my eth0 interfaces which is the cause for the disparity but that did not fix anything.

This is likely a bug as in general this should happen... however the node should still show up in MaaS as pending waiting for administrator approval.

Once approval is given (from my understanding of how the system should work) the /var/lib/maas/secret password is transmitted from the region-controller to the cluster-controller.

Unfortunately the server never hits the pending state so this may not be performed. Therefore what must be done to resolve this issue is to transfer your secret manually through the following commands:

Region Controller

cat /var/lib/maas/secret

Copy the output it should be a ~16 digit hex code. Then on your cluster controller run the following command and enter your copied "secret".

Cluster Controller

maas-provision install-shared-secret

lastly connect to the server through an API query of your choice (this probably isn't necessary but it does force the connection).

My Configurations thus far.

1. Assign Basic Network Settings to CCs and RC
a) Assign an IP from the Management LAN XXX.XXX.XXX.XXX
b) configure interface XXX.XXX.XXX.XXX and XXX.XXX.XXX.XXX

2. Install and configure MaaS
a) apt update && apt upgrade && apt install -y maas-region-controller ubuntu-cloudimage-keyring openssh-server
b) dpkg-reconfigure maas-region-controller
c) sudo maas-region-admin createadmin (use this account to access the web interface)
d) Create and install public key into maas profile
e) ssh-keygen -t rsa -C maas@maas.maas
f) cat /root/.ssh/id_rsa.pub and put the output into the add sshkey page on maas
g) (cluster-controller) apt install -y libvirt-bin maas-cluster-controller

3. Configure MaaS DNS and iptables
a) in /etc/resolv.conf verify XXX.XXX.XXX.XXXis the only nameserver
b) in /etc/resolvconf/head place nameserver XXX.XXX.XXX.XXX
c) (Cluster Controller) in /etc/bind/named.conf.options.* type the follwing:
"forwarders { 
 8.8.8.8;
 8.8.4.4:
};"
d) (Cluster Controller) /etc/sysctl.conf uncomment the line net.ipv4.ip_forward=1
e) (Cluster Controller)run mkdir /etc/yourorg/
f) (Cluster Controller)in /etc/init.d/rc.local write /etc/yourorg/settings.conf
g) (Cluster Controller)create file /etc/yourorg/settings.conf in vim and include:

"#!/bin/bash

/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
/sbin/iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
/sbin/iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT"

4. Install MaaS shared secret on any distributed clusters.
a) sudo cat /var/lib/maas/secret  (On region controller)
b) maas-provision install-shared-secret (Cluster Controller)
<paste secret>