Error: BddException, errorId BDD.INVALID_PARAMETER args
search cancel

Error: BddException, errorId BDD.INVALID_PARAMETER args

book

Article ID: 339888

calendar_today

Updated On:

Products

VMware Integrated OpenStack

Issue/Introduction

  • Private AD and DNS in use
  • Errors received looking up a domain while configuring AD
  • Configuring AD as a day-1 operation and fails with error:
    BddException, errorId BDD.INVALID_PARAMETER args



Environment

6.x, 7.x

Cause

  • Inside the pod, valid-keystone-keystone1-validators-#####, the fully qualified domain name of the Active Directory server cannot be resolved.
For example:
kubectl exec -it valid-keystone-keystone1-validators-##### nc corp.local 389 -n openstack 
 
You will see similar to: 
 
Error: Couldn't resolve host "corp.local"
command terminated with exit code 1

 
 

Resolution

The DNS server should be corrected so that name resolution for the Active Directory server(s) is functioning properly.

Workaround:

  1. Edit configmap of node-local-dns to add the server:
kubectl edit cm node-local-dns --namespace=kube-system

After modification, your configmap looks similar to:

 corp.local:53 {        <<<<<<<<<<<<<<<<<<<<< active directory domain name
        errors
        cache 30
        reload
        loop
        bind 169.254.169.10
        forward . <your private nameserver IP> {    
                force_tcp
        }
        prometheus :9256
        }
 
  .:53 {
        errors
        cache 30
        reload
        loop
        bind 169.254.169.10
        forward . /etc/resolv.conf {
                force_tcp
        }
        prometheus :9256
        }

Note: You should only modify "forward" line for the domain in question.
  1. Stop coredns pod to make sure the changes in configmap take effect.
kubectl get pods --namespace=kube-system -l k8s-app=kube-dns
kubectl delete pods coredns-fb8b8dccf-##### coredns-fb8b8dccf-##### --namespace=kube-system

Note: Then the new DNS server will work for your private domain names.