cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dag Sonstebo <Dag.Sonst...@shapeblue.com>
Subject Re: error adding VPN user in VPC network
Date Mon, 28 Nov 2016 15:39:43 GMT
Excellent, glad you found a solution – even though that solution is a workaround to a bug.

Regards,
Dag Sonstebo
Cloud Architect
ShapeBlue

On 28/11/2016, 14:49, "Andrei Mikhailovsky" <andrei@arhont.com.INVALID> wrote:

    Hi Dag,
    
    I can confirm that this error relates to the redundant VPC service offering and not the
single VPC router one. I've converted to a single VPC and I can now create the VPN users.
    
    Thanks
    
    
Dag.Sonstebo@shapeblue.com 
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue
  
 

----- Original Message -----
    > From: "Dag Sonstebo" <Dag.Sonstebo@shapeblue.com>
    > To: "users" <users@cloudstack.apache.org>
    > Sent: Wednesday, 23 November, 2016 11:37:48
    > Subject: Re: error adding VPN user in VPC network
    
    > Hi Andrei,
    > 
    > I guessed you would ask so tested this this morning. First of all – this has not
    > been properly tested and comes with no guarantees, and I strongly recommend you
    > test this thoroughly in a non-production environment + also make sure you do
    > some mysqldumps before carrying this out so you have a rollback point.
    > 
    > As we spotted the API doesn’t have this functionality, so the steps are all
    > database driven:
    > 
    > - Check your VPC offerings and determine the correct one for non-redundant
    > offerings: SELECT * FROM cloud.vpc_offerings;
    > - Find your VPC: SELECT * FROM cloud.vpc;
    > - Update the VPC: update cloud.vpc set vpc_offering_id=<offering ID found from
    > vpc_offering table>, redundant=0 where id=<ID of  your VPC>
    > 
    > Now do a restart *with cleanup* on the VPC and ensure both your redundant VRs
    > are deleted before a *single* VPC VR is recreated.
    > 
    > Regards,
    > Dag Sonstebo
    > Cloud Architect
    > ShapeBlue
    > 
    > On 23/11/2016, 11:24, "Andrei Mikhailovsky" <andrei@arhont.com.INVALID> wrote:
    > 
    >    Hi Dag,
    >    
    >    I see. Do you know if there is a way to convert a VPC from redundant router to
a
    >    single router offering? This option is not selectable when I try to edit the
    >    VPC network. Can this be done on the db backend? I am happy to try this as I
    >    need to have the VPN functionality working asap.
    >    
    >    Thanks
    >    
    >    
    > Dag.Sonstebo@shapeblue.com
    > www.shapeblue.com
    > 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
    > @shapeblue
    >  
    > 
    > 
    > ----- Original Message -----
    >    > From: "Dag Sonstebo" <Dag.Sonstebo@shapeblue.com>
    >    > To: "users" <users@cloudstack.apache.org>
    >    > Sent: Wednesday, 23 November, 2016 09:13:32
    >    > Subject: Re: error adding VPN user in VPC network
    >    
    >    > Hi Andrei,
    >    > 
    >    > When I initially created the first user on the single VPC VR this worked
OK, it
    >    > was only after I configured the redundant router that this failed.
    >    > 
    >    > Regards,
    >    > Dag Sonstebo
    >    > Cloud Architect
    >    > ShapeBlue
    >    > 
    >    > On 22/11/2016, 18:25, "Andrei Mikhailovsky" <andrei@arhont.com.INVALID>
wrote:
    >    > 
    >    >    Dag, does it fail when you are creating a vpn user with a single router
VPC?
    >    >    
    >    >    Thanks
    >    >    
    >    >    
    >    > Dag.Sonstebo@shapeblue.com
    >    > www.shapeblue.com
    >    > 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
    >    > @shapeblue
    >    >  
    >    > 
    >    > 
    >    > ----- Original Message -----
    >    >    > From: "Dag Sonstebo" <Dag.Sonstebo@shapeblue.com>
    >    >    > To: "users" <users@cloudstack.apache.org>
    >    >    > Sent: Tuesday, 22 November, 2016 17:40:08
    >    >    > Subject: Re: error adding VPN user in VPC network
    >    >    
    >    >    > Looks like this one: https://issues.apache.org/jira/browse/CLOUDSTACK-9356
    >    >    > 
    >    >    > Regards,
    >    >    > Dag Sonstebo
    >    >    > Cloud Architect
    >    >    > ShapeBlue
    >    >    > 
    >    >    > On 22/11/2016, 17:27, "Dag Sonstebo" <Dag.Sonstebo@shapeblue.com>
wrote:
    >    >    > 
    >    >    >    Hi Andrei,
    >    >    >    
    >    >    >    Sorry I take that back, I’ve just recreated this, looks like
a bug:
    >    >    >    
    >    >    >    1) Tested by adding VPN users with non-redundant VPC VR >>
works OK
    >    >    >    2) Restarted VPC VR – but ticked the box to configure redundant
VPC VR >>
    >    >    >    completed OK
    >    >    >    3) Tried to add another VPN user >> Fails:
    >    >    >    
    >    >    >    2016-11-22 17:22:05,491 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
    >    >    >    (API-Job-Executor-34:ctx-6d74bcb1 job-45 ctx-f6586168) (logid:a43142cc)
VPN
    >    >    >    User VpnUser[5-batman-5] is set on
    >    >    >    com.cloud.network.dao.RemoteAccessVpnVO$$EnhancerByCGLIB$$2c76655f@4511538c
    >    >    >    2016-11-22 17:22:05,492 WARN  [c.c.n.v.RemoteAccessVpnManagerImpl]
    >    >    >    (API-Job-Executor-34:ctx-6d74bcb1 job-45 ctx-f6586168) (logid:a43142cc)
Unable
    >    >    >    to apply vpn users
    >    >    >    java.lang.IndexOutOfBoundsException: Index: 2, Size: 2
    >    >    >    	at java.util.ArrayList.rangeCheck(ArrayList.java:635)
    >    >    >    	at java.util.ArrayList.get(ArrayList.java:411)
    >    >    >    	at
    >    >    >    	com.cloud.network.vpn.RemoteAccessVpnManagerImpl.applyVpnUsers(RemoteAccessVpnManagerImpl.java:532)
    >    >    >    	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    >    >    >    …
    >    >    >    2016-11-22 17:22:05,493 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
    >    >    >    (API-Job-Executor-34:ctx-6d74bcb1 job-45 ctx-f6586168) (logid:a43142cc)
    >    >    >    Applying vpn access to VirtualRouter
    >    >    >    2016-11-22 17:22:05,493 WARN  [c.c.n.v.RemoteAccessVpnManagerImpl]
    >    >    >    (API-Job-Executor-34:ctx-6d74bcb1 job-45 ctx-f6586168) (logid:a43142cc)
Failed
    >    >    >    to apply vpn for user andrei, accountId=5
    >    >    >    2016-11-22 17:22:05,501 WARN  [c.c.n.v.RemoteAccessVpnManagerImpl]
    >    >    >    (API-Job-Executor-34:ctx-6d74bcb1 job-45 ctx-f6586168) (logid:a43142cc)
Failed
    >    >    >    to apply vpn for user batman, accountId=5
    >    >    >    2016-11-22 17:22:05,502 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
    >    >    >    (API-Job-Executor-34:ctx-6d74bcb1 job-45) (logid:a43142cc) Complete
async
    >    >    >    job-45, jobStatus: FAILED, resultCode: 530, result:
    >    >    >    org.apache.cloudstack.api.response.ExceptionResponse/null/{"uuidList":[],"errorcode":530,"errortext":"Failed
    >    >    >    to add vpn user"}
    >    >    >    2016-11-22 17:22:05,503 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
    >    >    >    (API-Job-Executor-34:ctx-6d74bcb1 job-45) (logid:a43142cc) Publish
async job-45
    >    >    >    complete on message bus
    >    >    >    2016-11-22 17:22:05,503 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
    >    >    >    (API-Job-Executor-34:ctx-6d74bcb1 job-45) (logid:a43142cc) Wake
up jobs related
    >    >    >    to job-45
    >    >    >    2016-11-22 17:22:05,503 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
    >    >    >    (API-Job-Executor-34:ctx-6d74bcb1 job-45) (logid:a43142cc) Update
db status for
    >    >    >    job-45
    >    >    >    2016-11-22 17:22:05,504 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
    >    >    >    (API-Job-Executor-34:ctx-6d74bcb1 job-45) (logid:a43142cc) Wake
up jobs joined
    >    >    >    with job-45 and disjoin all subjobs created from job- 45
    >    >    >    2016-11-22 17:22:05,522 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
    >    >    >    (API-Job-Executor-34:ctx-6d74bcb1 job-45) (logid:a43142cc) Done
executing
    >    >    >    org.apache.cloudstack.api.command.user.vpn.AddVpnUserCmd for job-45
    >    >    >    
    >    >    >    
    >    >    >    Regards,
    >    >    >    Dag Sonstebo
    >    >    >    Cloud Architect
    >    >    >    ShapeBlue
    >    >    >    
    >    >    >    On 22/11/2016, 17:15, "Dag Sonstebo" <Dag.Sonstebo@shapeblue.com>
wrote:
    >    >    >    
    >    >    >        I have just tested this in ACS4.9.0 and can’t recreate the
problems you are
    >    >    >        seeing. Have you tried to restart the VPC with “cleanup”?
    >    >    >        
    >    >    >        Regards,
    >    >    >        Dag Sonstebo
    >    >    >        Cloud Architect
    >    >    >        ShapeBlue
    >    >    >        
    >    >    >        On 22/11/2016, 17:11, "Andrei Mikhailovsky" <andrei@arhont.com.INVALID>
wrote:
    >    >    >        
    >    >    >            Yeah, it's a default one. I believe it comes with redundant
routers by default.
    >    >    >            I think the VPC has been created on ACS 4.7.x about 10
months ago. Several
    >    >    >            months ago I've updated to 4.9.0.
    >    >    >            
    >    >    >            Andrei
    >    >    >            
    >    >    >            
    >    >    >        Dag.Sonstebo@shapeblue.com
    >    >    >        www.shapeblue.com
    >    >    >        53 Chandos Place, Covent Garden, London  WC2N 4HSUK
    >    >    >        @shapeblue
    >    >    >          
    >    >    >         
    >    >    >        
    >    >    >        
    >    >    >    Dag.Sonstebo@shapeblue.com
    >    >    >    www.shapeblue.com
    >    >    >    53 Chandos Place, Covent Garden, London  WC2N 4HSUK
    >    >    >    @shapeblue
    >    >    >      
    >    >    >     
    >    >    >    
    >    >    >    
    >    >    > Dag.Sonstebo@shapeblue.com
    >    >    > www.shapeblue.com
    >    >    > 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
    >    >    > @shapeblue
    >    >    >  
    >    >    > 
    >    >    > 
    >    >    > ----- Original Message -----
    >    >    >            > From: "Dag Sonstebo" <Dag.Sonstebo@shapeblue.com>
    >    >    >            > To: "users" <users@cloudstack.apache.org>
    >    >    >            > Sent: Tuesday, 22 November, 2016 16:46:39
    >    >    >            > Subject: Re: error adding VPN user in VPC network
    >    >    >            
    >    >    >            > Which VPC service offering are you using? Is this
just the standard “default VPC
    >    >    >            > offering”?
    >    >    >            > 
    >    >    >            > Regards,
    >    >    >            > Dag Sonstebo
    >    >    >            > Cloud Architect
    >    >    >            > ShapeBlue
    >    >    >            > 
    >    >    >            > On 22/11/2016, 16:37, "Andrei Mikhailovsky" <andrei@arhont.com.INVALID>
wrote:
    >    >    >            > 
    >    >    >            >    Hi Dag,
    >    >    >            >    
    >    >    >            >    Thanks for the quick response. Actually, the username
that I've tried to set up
    >    >    >            >    was just "andrei". 40 and 45 could be the id numbers
of the account/domain
    >    >    >            >    perhaps? I've also tried to change the usernames
and provided different
    >    >    >            >    passwords, but had the same error.
    >    >    >            >    
    >    >    >            >    Andrei
    >    >    >            >    
    >    >    >            >    
    >    >    >            > Dag.Sonstebo@shapeblue.com
    >    >    >            > www.shapeblue.com
    >    >    >            > 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
    >    >    >            > @shapeblue
    >    >    >            >  
    >    >    >            > 
    >    >    >            > 
    >    >    >            > ----- Original Message -----
    >    >    >            >    > From: "Dag Sonstebo" <Dag.Sonstebo@shapeblue.com>
    >    >    >            >    > To: "users" <users@cloudstack.apache.org>
    >    >    >            >    > Sent: Tuesday, 22 November, 2016 13:37:54
    >    >    >            >    > Subject: Re: error adding VPN user in VPC
network
    >    >    >            >    
    >    >    >            >    > Hi Andrei,
    >    >    >            >    > 
    >    >    >            >    > I’ve discussed with my colleagues and we
think this may be related to
    >    >    >            >    > https://issues.apache.org/jira/browse/CLOUDSTACK-9498
    >    >    >            >    > 
    >    >    >            >    > From your logs it looks like the username
you are using is “40-andrei-45”? Could
    >    >    >            >    > you try with a username with just normal
characters?
    >    >    >            >    > 
    >    >    >            >    > Regards,
    >    >    >            >    > Dag Sonstebo
    >    >    >            >    > Cloud Architect
    >    >    >            >    > ShapeBlue
    >    >    >            >    > 
    >    >    >            >    > On 22/11/2016, 12:14, "Andrei Mikhailovsky"
<andrei@arhont.com.INVALID> wrote:
    >    >    >            >    > 
    >    >    >            >    >    Hello
    >    >    >            >    >    
    >    >    >            >    >    I am running ACS 4.9.0.
    >    >    >            >    >    
    >    >    >            >    >    I am having an issue with adding a VPN
user to the VPC network. I've enabled the
    >    >    >            >    >    VPN service on the static IP. The service
was enabled and I have the PSK shown
    >    >    >            >    >    to me. However, when I am adding a new
user it fails with the following error:
    >    >    >            >    >    
    >    >    >            >    >    2016-11-22 12:05:26,189 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
    >    >    >            >    >    (API-Job-Executor-82:ctx-d62e35c3 job-31537
ctx-8ac8a450) (logid:f76b2eae) VPN
    >    >    >            >    >    User VpnUser[40-andrei-45] is set on
    >    >    >            >    >    com.cloud.network.dao.RemoteAccessVpnVO$$EnhancerByCGLIB$$cc1dfb8d@4465732c
    >    >    >            >    >    2016-11-22 12:05:26,189 WARN [c.c.n.v.RemoteAccessVpnManagerImpl]
    >    >    >            >    >    (API-Job-Executor-82:ctx-d62e35c3 job-31537
ctx-8ac8a450) (logid:f76b2eae)
    >    >    >            >    >    Unable to apply vpn users
    >    >    >            >    >    java.lang.IndexOutOfBoundsException: Index:
1, Size: 1
    >    >    >            >    >    at java.util.ArrayList.rangeCheck(ArrayList.java:635)
    >    >    >            >    >    at java.util.ArrayList.get(ArrayList.java:411)
    >    >    >            >    >    at
    >    >    >            >    >    com.cloud.network.vpn.RemoteAccessVpnManagerImpl.applyVpnUsers(RemoteAccessVpnManagerImpl.java:532)
    >    >    >            >    >    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
Method)
    >    >    >            >    >    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    >    >    >            >    >    at
    >    >    >            >    >    sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    >    >    >            >    >    at java.lang.reflect.Method.invoke(Method.java:606)
    >    >    >            >    >    at
    >    >    >            >    >    org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)
    >    >    >            >    >    at
    >    >    >            >    >    org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
    >    >    >            >    >    at
    >    >    >            >    >    org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
    >    >    >            >    >    at
    >    >    >            >    >    org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:91)
    >    >    >            >    >    at
    >    >    >            >    >    org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
    >    >    >            >    >    at
    >    >    >            >    >    org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
    >    >    >            >    >    at com.sun.proxy.$Proxy237.applyVpnUsers(Unknown
Source)
    >    >    >            >    >    at
    >    >    >            >    >    org.apache.cloudstack.api.command.user.vpn.AddVpnUserCmd.execute(AddVpnUserCmd.java:122)
    >    >    >            >    >    at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:150)
    >    >    >            >    >    at com.cloud.api.ApiAsyncJobDispatcher.runJob(ApiAsyncJobDispatcher.java:108)
    >    >    >            >    >    at
    >    >    >            >    >    org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.runInContext(AsyncJobManagerImpl.java:554)
    >    >    >            >    >    at
    >    >    >            >    >    org.apache.cloudstack.managed.context.ManagedContextRunnable$1.run(ManagedContextRunnable.java:49)
    >    >    >            >    >    at
    >    >    >            >    >    org.apache.cloudstack.managed.context.impl.DefaultManagedContext$1.call(DefaultManagedContext.java:56)
    >    >    >            >    >    at
    >    >    >            >    >    org.apache.cloudstack.managed.context.impl.DefaultManagedContext.callWithContext(DefaultManagedContext.java:103)
    >    >    >            >    >    at
    >    >    >            >    >    org.apache.cloudstack.managed.context.impl.DefaultManagedContext.runWithContext(DefaultManagedContext.java:53)
    >    >    >            >    >    at
    >    >    >            >    >    org.apache.cloudstack.managed.context.ManagedContextRunnable.run(ManagedContextRunnable.java:46)
    >    >    >            >    >    at
    >    >    >            >    >    org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.run(AsyncJobManagerImpl.java:502)
    >    >    >            >    >    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
    >    >    >            >    >    at java.util.concurrent.FutureTask.run(FutureTask.java:262)
    >    >    >            >    >    at
    >    >    >            >    >    java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    >    >    >            >    >    at
    >    >    >            >    >    java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    >    >    >            >    >    at java.lang.Thread.run(Thread.java:745)
    >    >    >            >    >    2016-11-22 12:05:26,190 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
    >    >    >            >    >    (API-Job-Executor-82:ctx-d62e35c3 job-31537
ctx-8ac8a450) (logid:f76b2eae)
    >    >    >            >    >    Applying vpn access to VirtualRouter
    >    >    >            >    >    2016-11-22 12:05:26,192 WARN [c.c.n.v.RemoteAccessVpnManagerImpl]
    >    >    >            >    >    (API-Job-Executor-82:ctx-d62e35c3 job-31537
ctx-8ac8a450) (logid:f76b2eae)
    >    >    >            >    >    Failed to apply vpn for user andrei, accountId=45
    >    >    >            >    >    2016-11-22 12:05:26,193 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
    >    >    >            >    >    (API-Job-Executor-82:ctx-d62e35c3 job-31537)
(logid:f76b2eae) Complete async
    >    >    >            >    >    job-31537, jobStatus: FAILED, resultCode:
530, result:
    >    >    >            >    >    org.apache.cloudstack.api.response.ExceptionResponse/null/{"uuidList":[],"errorcode":530,"errortext":"Failed
    >    >    >            >    >    to add vpn user"}
    >    >    >            >    >    
    >    >    >            >    >    Please advise how to get this problem
fixed and have a working VPN service?
    >    >    >            >    >    
    >    >    >            >    >    Thanks
    >    >    >            >    >    
    >    >    >            >    >    Andrei
    >    >    >            >    >    
    >    >    >            >    > 
    >    >    >            >    > 
    >    >    >            >    > Dag.Sonstebo@shapeblue.com
    >    >    >            >    > www.shapeblue.com
    >    >    >            >    > 53 Chandos Place, Covent Garden, London 
WC2N 4HSUK
    >     >     >             >     > @shapeblue
    

Mime
View raw message