cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sebastien Goasguen <run...@gmail.com>
Subject Re: 4.1 certificate issue
Date Tue, 19 Mar 2013 12:31:35 GMT

On Mar 18, 2013, at 1:07 PM, Edison Su <Edison.su@citrix.com> wrote:

> 
> 
>> -----Original Message-----
>> From: Sebastien Goasguen [mailto:runseb@gmail.com]
>> Sent: Monday, March 18, 2013 7:24 AM
>> To: cloudstack-dev@incubator.apache.org
>> Subject: Re: 4.1 certificate issue
>> 
>> 
>> On Mar 15, 2013, at 8:11 PM, Sheng Yang <sheng@yasker.org> wrote:
>> 
>>> What blocked you is not ssl keystore, it's ssh key. As it said:
>>> 
>>> NFO  [cloud.server.ConfigurationServerImpl] (Timer-2:) Going to update
>>> systemvm iso with generated keypairs if needed
>>> Password:
>>> 
>>> I just found recently we need to input the password many times, then
>>> with latest build I only need to input password one time, but still, I
>>> have no idea why this happening, and who changed it...
>> 
>> Can anybody else comment on this ?
> 
> If it's asking for password, usually, it means the "sudo" on your system needs password.
You can workaround it, by adding "your-user-name ALL=(ALL) NOPASSWD: ALL" in sudo configuration
file(http://askubuntu.com/questions/147241/execute-sudo-without-password)

I am no sysadmin, but If I were one I think I would scream to such a sudoer entry. Steal my
user password and you get root on my system.

I entered my password 9 times and it finally went through. I had these messages:

WARN  [utils.script.Script] (Timer-2:) Timed out: sudo keytool -genkey -keystore /Users/sebastiengoasguen/Documents/incubator-cloudstack/client/target/cloud-client-ui-4.1.0-SNAPSHOT/WEB-INF/classes/cloud.keystore
-storepass vmops.com -keypass vmops.com -keyalg RSA -validity 3650 -dname cn="Cloudstack User",ou="cloud.com",o="cloud.com",c="Unknown"
.  Output is: 
WARN  [cloud.server.ConfigurationServerImpl] (Timer-2:) Would use fail-safe keystore to continue.
java.io.IOException: Fail to generate certificate!: timeout
	at com.cloud.server.ConfigurationServerImpl.generateDefaultKeystore(ConfigurationServerImpl.java:491)
	at com.cloud.server.ConfigurationServerImpl.updateSSLKeystore(ConfigurationServerImpl.java:512)
	at com.cloud.server.ConfigurationServerImpl.persistDefaultValues(ConfigurationServerImpl.java:269)
	at com.cloud.server.ConfigurationServerImpl.configure(ConfigurationServerImpl.java:143)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:601)
	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:319)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
	at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:80)
	at com.cloud.utils.db.TransactionContextBuilder.AroundAnyMethod(TransactionContextBuilder.java:43)
	at sun.reflect.GeneratedMethodAccessor36.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:601)
	at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621)
	at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610)
	at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:65)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:90)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
	at $Proxy388.configure(Unknown Source)
	at com.cloud.utils.component.ComponentContext.initComponentsLifeCycle(ComponentContext.java:97)
	at com.cloud.servlet.CloudStartupServlet$1.run(CloudStartupServlet.java:50)
	at java.util.TimerThread.mainLoop(Timer.java:555)
	at java.util.TimerThread.run(Timer.java:505)
INFO  [cloud.server.ConfigurationServerImpl] (Timer-2:) Processing updateKeyPairs
INFO  [cloud.server.ConfigurationServerImpl] (Timer-2:) Systemvm keypairs not found in database.
Need to store them in the database
INFO  [cloud.server.ConfigurationServerImpl] (Timer-2:) Going to update systemvm iso with
generated keypairs if needed
Password:
Password:
Password:
Password:
Password:
Password:
Password:
Password:
Password:

WARN  [cloud.server.ConfigurationServerImpl] (Timer-2:) Failed to inject generated public
key into systemvm iso Sorry, try again.Sorry, try again.Sorry, try again.sudo: 3 incorrect
password attemptsSorry, try again.Sorry, try again.Sorry, try again.sudo: 3 incorrect password
attemptsinjectkeys.sh: Failed to mount original iso /Users/sebastiengoasguen/Documents/incubator-cloudstack/client/target/cloud-client-ui-4.1.0-SNAPSHOT/WEB-INF/classes/vms/systemvm.isocp:
illegal option -- busage: cp [-R [-H | -L | -P]] [-fi | -n] [-apvX] source_file target_file
      cp [-R [-H | -L | -P]] [-fi | -n] [-apvX] source_file ... target_directoryinjectkeys.sh:
Failed to backup original iso /Users/sebastiengoasguen/Documents/incubator-cloudstack/client/target/cloud-client-ui-4.1.0-SNAPSHOT/WEB-INF/classes/vms/systemvm.isoumount:
/Users/sebastiengoasguen/systemvm_mnt: not currently mountedcp: /Users/sebastiengoasguen/systemvm_mnt/*:
No such file or directoryinjectkeys.sh: Failed to copy from original iso /Users/sebastiengoasguen/Documents/incubator-cloudstack/client/target/cloud-client-ui-4.1.0-SNAPSHOT/WEB-INF/classes/vms/systemvm.isoumount:
/Users/sebastiengoasguen/systemvm_mnt: not currently mountedumount: /Users/sebastiengoasguen/systemvm_mnt:
not currently mountedinjectkeys.sh: Failed to unmount old iso from /Users/sebastiengoasguen/systemvm_mnt
INFO  [cloud.server.ConfigurationServerImpl] (Timer-2:) Need to store secondary storage vm
copy password in the database

I may have mistype my password couple times, but there is a mount issue as well. I am on OSX
10.8.3.


-sebastien


>> 
>> 
>>> 
>>> --Sheng
>>> 
>>> On Fri, Mar 15, 2013 at 5:23 AM, Sebastien Goasguen <runseb@gmail.com>
>> wrote:
>>>> 
>>>> On Mar 15, 2013, at 8:15 AM, Pranav Saxena <pranav.saxena@citrix.com>
>> wrote:
>>>> 
>>>>> This thread explains the reason behind this issue  -
>>>>> http://mail-archives.apache.org/mod_mbox/incubator-cloudstack-
>> dev/20
>>>>> 1302.mbox/%3CCA+2rt40+hwLPB6rv7d9ASJt-
>> cJd3VHXBsWy=C9JonyiZdF_kRQ@mai
>>>>> l.gmail.com%3E
>>>>> 
>>>>> " It would happen if it's not product version, when mgmt server try to
>> generate ssl keystore for ssl communcation, but it would need supervisor
>> privilege to do so.  If it failed, it would use pre-generated fail-safe keystore
>> for continuing "
>>>>> 
>>>>> But this should not block you perhaps from deploying your set up .
>>>> 
>>>> I know we talked about it before, but I am not running as root.
>>>> And the setup takes a long time to go through the "timeout" ~20/30
>>>> minutes...
>>>> 
>>>> -sebastien
>>>> 
>>>> 
>>>>> 
>>>>> Regards,
>>>>> Pranav
>>>>> 
>>>>> -----Original Message-----
>>>>> From: Sebastien Goasguen [mailto:runseb@gmail.com]
>>>>> Sent: Friday, March 15, 2013 5:22 PM
>>>>> To: cloudstack-dev@incubator.apache.org Developers
>>>>> Subject: 4.1 certificate issue
>>>>> 
>>>>> Hi folks,
>>>>> 
>>>>> When trying the latest 4.1 I am still stuck with:
>>>>> 
>>>>> INFO  [cloud.server.ConfigurationServerImpl] (Timer-2:) Executing
>>>>> chmod ugo+x
>>>>> /Users/sebastiengoasguen/Documents/incubator-
>> cloudstack/client/targe
>>>>> t/cloud-client-ui-4.1.0-SNAPSHOT/WEB-
>> INF/classes/scripts/vm/systemvm
>>>>> /injectkeys.sh INFO  [cloud.server.ConfigurationServerImpl]
>>>>> (Timer-2:) Processing updateSSLKeyStore INFO
>>>>> [cloud.server.ConfigurationServerImpl] (Timer-2:) SSL keystore
>>>>> located at
>>>>> /Users/sebastiengoasguen/Documents/incubator-
>> cloudstack/client/targe
>>>>> t/cloud-client-ui-4.1.0-SNAPSHOT/WEB-INF/classes/cloud.keystore
>>>>> Password:WARN  [utils.script.Script] (Script-1:) Interrupting script.
>>>>> WARN  [utils.script.Script] (Timer-2:) Timed out: sudo keytool -genkey
-
>> keystore /Users/sebastiengoasguen/Documents/incubator-
>> cloudstack/client/target/cloud-client-ui-4.1.0-SNAPSHOT/WEB-
>> INF/classes/cloud.keystore -storepass vmops.com -keypass vmops.com -
>> keyalg RSA -validity 3650 -dname cn="Cloudstack
>> User",ou="cloud.com",o="cloud.com",c="Unknown" .  Output is:
>>>>> WARN  [cloud.server.ConfigurationServerImpl] (Timer-2:) Would use
>> fail-safe keystore to continue.
>>>>> java.io.IOException: Fail to generate certificate!: timeout
>>>>>     at
>> com.cloud.server.ConfigurationServerImpl.generateDefaultKeystore(Config
>> urationServerImpl.java:491)
>>>>>     at
>> com.cloud.server.ConfigurationServerImpl.updateSSLKeystore(Configuratio
>> nServerImpl.java:512)
>>>>>     at
>> com.cloud.server.ConfigurationServerImpl.persistDefaultValues(Configurati
>> onServerImpl.java:269)
>>>>>     at
>> com.cloud.server.ConfigurationServerImpl.configure(ConfigurationServerIm
>> pl.java:143)
>>>>>     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>>>>     at
>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.j
>> ava:57)
>>>>>     at
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
>> sorImpl.java:43)
>>>>>     at java.lang.reflect.Method.invoke(Method.java:601)
>>>>>     at
>> org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(
>> AopUtils.java:319)
>>>>>     at
>> org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoi
>> npoint(ReflectiveMethodInvocation.java:183)
>>>>>     at
>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(
>> ReflectiveMethodInvocation.java:150)
>>>>>     at
>> org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.pr
>> oceed(MethodInvocationProceedingJoinPoint.java:80)
>>>>>     at
>> com.cloud.utils.db.TransactionContextBuilder.AroundAnyMethod(Transactio
>> nContextBuilder.java:43)
>>>>>     at sun.reflect.GeneratedMethodAccessor36.invoke(Unknown Source)
>>>>>     at
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
>> sorImpl.java:43)
>>>>>     at java.lang.reflect.Method.invoke(Method.java:601)
>>>>>     at
>> org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMeth
>> odWithGivenArgs(AbstractAspectJAdvice.java:621)
>>>>>     at
>> org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMeth
>> od(AbstractAspectJAdvice.java:610)
>>>>>     at
>> org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJArou
>> ndAdvice.java:65)
>>>>>     at
>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(
>> ReflectiveMethodInvocation.java:172)
>>>>>     at
>> org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(E
>> xposeInvocationInterceptor.java:90)
>>>>>     at
>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(
>> ReflectiveMethodInvocation.java:172)
>>>>>     at
>> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDyna
>> micAopProxy.java:202)
>>>>>     at $Proxy388.configure(Unknown Source)
>>>>>     at
>> com.cloud.utils.component.ComponentContext.initComponentsLifeCycle(Co
>> mponentContext.java:97)
>>>>>     at
>> com.cloud.servlet.CloudStartupServlet$1.run(CloudStartupServlet.java:50)
>>>>>     at java.util.TimerThread.mainLoop(Timer.java:555)
>>>>>     at java.util.TimerThread.run(Timer.java:505)
>>>>> INFO  [cloud.server.ConfigurationServerImpl] (Timer-2:) Processing
>>>>> updateKeyPairs INFO  [cloud.server.ConfigurationServerImpl]
>>>>> (Timer-2:) Systemvm keypairs not found in database. Need to store
>>>>> them in the database INFO  [cloud.server.ConfigurationServerImpl]
>>>>> (Timer-2:) Going to update systemvm iso with generated keypairs if
>>>>> needed
>>>>> Password:
>>>>> 
>>>>> Password:
>>>>> Password:
>>>>> Password:
>>>>> 
>>>>> I am not sure how to get passed this ?
>>>>> 
>>>>> -sebastien
>>>> 
> 


Mime
View raw message