cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrei Mikhailovsky <and...@arhont.com.INVALID>
Subject Re: error adding VPN user in VPC network
Date Thu, 24 Nov 2016 08:49:59 GMT
Thanks Dag, I will try it this weekend.

Andrei

----- Original Message -----
> From: "Dag Sonstebo" <Dag.Sonstebo@shapeblue.com>
> To: "users" <users@cloudstack.apache.org>
> Sent: Wednesday, 23 November, 2016 11:37:48
> Subject: Re: error adding VPN user in VPC network

> Hi Andrei,
> 
> I guessed you would ask so tested this this morning. First of all – this has not
> been properly tested and comes with no guarantees, and I strongly recommend you
> test this thoroughly in a non-production environment + also make sure you do
> some mysqldumps before carrying this out so you have a rollback point.
> 
> As we spotted the API doesn’t have this functionality, so the steps are all
> database driven:
> 
> - Check your VPC offerings and determine the correct one for non-redundant
> offerings: SELECT * FROM cloud.vpc_offerings;
> - Find your VPC: SELECT * FROM cloud.vpc;
> - Update the VPC: update cloud.vpc set vpc_offering_id=<offering ID found from
> vpc_offering table>, redundant=0 where id=<ID of  your VPC>
> 
> Now do a restart *with cleanup* on the VPC and ensure both your redundant VRs
> are deleted before a *single* VPC VR is recreated.
> 
> Regards,
> Dag Sonstebo
> Cloud Architect
> ShapeBlue
> 
> On 23/11/2016, 11:24, "Andrei Mikhailovsky" <andrei@arhont.com.INVALID> wrote:
> 
>    Hi Dag,
>    
>    I see. Do you know if there is a way to convert a VPC from redundant router to a
>    single router offering? This option is not selectable when I try to edit the
>    VPC network. Can this be done on the db backend? I am happy to try this as I
>    need to have the VPN functionality working asap.
>    
>    Thanks
>    
>    
> Dag.Sonstebo@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
> @shapeblue
>  
> 
> 
> ----- Original Message -----
>    > From: "Dag Sonstebo" <Dag.Sonstebo@shapeblue.com>
>    > To: "users" <users@cloudstack.apache.org>
>    > Sent: Wednesday, 23 November, 2016 09:13:32
>    > Subject: Re: error adding VPN user in VPC network
>    
>    > Hi Andrei,
>    > 
>    > When I initially created the first user on the single VPC VR this worked OK,
it
>    > was only after I configured the redundant router that this failed.
>    > 
>    > Regards,
>    > Dag Sonstebo
>    > Cloud Architect
>    > ShapeBlue
>    > 
>    > On 22/11/2016, 18:25, "Andrei Mikhailovsky" <andrei@arhont.com.INVALID>
wrote:
>    > 
>    >    Dag, does it fail when you are creating a vpn user with a single router VPC?
>    >    
>    >    Thanks
>    >    
>    >    
>    > Dag.Sonstebo@shapeblue.com
>    > www.shapeblue.com
>    > 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
>    > @shapeblue
>    >  
>    > 
>    > 
>    > ----- Original Message -----
>    >    > From: "Dag Sonstebo" <Dag.Sonstebo@shapeblue.com>
>    >    > To: "users" <users@cloudstack.apache.org>
>    >    > Sent: Tuesday, 22 November, 2016 17:40:08
>    >    > Subject: Re: error adding VPN user in VPC network
>    >    
>    >    > Looks like this one: https://issues.apache.org/jira/browse/CLOUDSTACK-9356
>    >    > 
>    >    > Regards,
>    >    > Dag Sonstebo
>    >    > Cloud Architect
>    >    > ShapeBlue
>    >    > 
>    >    > On 22/11/2016, 17:27, "Dag Sonstebo" <Dag.Sonstebo@shapeblue.com>
wrote:
>    >    > 
>    >    >    Hi Andrei,
>    >    >    
>    >    >    Sorry I take that back, I’ve just recreated this, looks like a bug:
>    >    >    
>    >    >    1) Tested by adding VPN users with non-redundant VPC VR >> works
OK
>    >    >    2) Restarted VPC VR – but ticked the box to configure redundant
VPC VR >>
>    >    >    completed OK
>    >    >    3) Tried to add another VPN user >> Fails:
>    >    >    
>    >    >    2016-11-22 17:22:05,491 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
>    >    >    (API-Job-Executor-34:ctx-6d74bcb1 job-45 ctx-f6586168) (logid:a43142cc)
VPN
>    >    >    User VpnUser[5-batman-5] is set on
>    >    >    com.cloud.network.dao.RemoteAccessVpnVO$$EnhancerByCGLIB$$2c76655f@4511538c
>    >    >    2016-11-22 17:22:05,492 WARN  [c.c.n.v.RemoteAccessVpnManagerImpl]
>    >    >    (API-Job-Executor-34:ctx-6d74bcb1 job-45 ctx-f6586168) (logid:a43142cc)
Unable
>    >    >    to apply vpn users
>    >    >    java.lang.IndexOutOfBoundsException: Index: 2, Size: 2
>    >    >    	at java.util.ArrayList.rangeCheck(ArrayList.java:635)
>    >    >    	at java.util.ArrayList.get(ArrayList.java:411)
>    >    >    	at
>    >    >    	com.cloud.network.vpn.RemoteAccessVpnManagerImpl.applyVpnUsers(RemoteAccessVpnManagerImpl.java:532)
>    >    >    	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>    >    >    …
>    >    >    2016-11-22 17:22:05,493 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
>    >    >    (API-Job-Executor-34:ctx-6d74bcb1 job-45 ctx-f6586168) (logid:a43142cc)
>    >    >    Applying vpn access to VirtualRouter
>    >    >    2016-11-22 17:22:05,493 WARN  [c.c.n.v.RemoteAccessVpnManagerImpl]
>    >    >    (API-Job-Executor-34:ctx-6d74bcb1 job-45 ctx-f6586168) (logid:a43142cc)
Failed
>    >    >    to apply vpn for user andrei, accountId=5
>    >    >    2016-11-22 17:22:05,501 WARN  [c.c.n.v.RemoteAccessVpnManagerImpl]
>    >    >    (API-Job-Executor-34:ctx-6d74bcb1 job-45 ctx-f6586168) (logid:a43142cc)
Failed
>    >    >    to apply vpn for user batman, accountId=5
>    >    >    2016-11-22 17:22:05,502 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
>    >    >    (API-Job-Executor-34:ctx-6d74bcb1 job-45) (logid:a43142cc) Complete
async
>    >    >    job-45, jobStatus: FAILED, resultCode: 530, result:
>    >    >    org.apache.cloudstack.api.response.ExceptionResponse/null/{"uuidList":[],"errorcode":530,"errortext":"Failed
>    >    >    to add vpn user"}
>    >    >    2016-11-22 17:22:05,503 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
>    >    >    (API-Job-Executor-34:ctx-6d74bcb1 job-45) (logid:a43142cc) Publish
async job-45
>    >    >    complete on message bus
>    >    >    2016-11-22 17:22:05,503 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
>    >    >    (API-Job-Executor-34:ctx-6d74bcb1 job-45) (logid:a43142cc) Wake up
jobs related
>    >    >    to job-45
>    >    >    2016-11-22 17:22:05,503 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
>    >    >    (API-Job-Executor-34:ctx-6d74bcb1 job-45) (logid:a43142cc) Update
db status for
>    >    >    job-45
>    >    >    2016-11-22 17:22:05,504 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
>    >    >    (API-Job-Executor-34:ctx-6d74bcb1 job-45) (logid:a43142cc) Wake up
jobs joined
>    >    >    with job-45 and disjoin all subjobs created from job- 45
>    >    >    2016-11-22 17:22:05,522 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
>    >    >    (API-Job-Executor-34:ctx-6d74bcb1 job-45) (logid:a43142cc) Done executing
>    >    >    org.apache.cloudstack.api.command.user.vpn.AddVpnUserCmd for job-45
>    >    >    
>    >    >    
>    >    >    Regards,
>    >    >    Dag Sonstebo
>    >    >    Cloud Architect
>    >    >    ShapeBlue
>    >    >    
>    >    >    On 22/11/2016, 17:15, "Dag Sonstebo" <Dag.Sonstebo@shapeblue.com>
wrote:
>    >    >    
>    >    >        I have just tested this in ACS4.9.0 and can’t recreate the problems
you are
>    >    >        seeing. Have you tried to restart the VPC with “cleanup”?
>    >    >        
>    >    >        Regards,
>    >    >        Dag Sonstebo
>    >    >        Cloud Architect
>    >    >        ShapeBlue
>    >    >        
>    >    >        On 22/11/2016, 17:11, "Andrei Mikhailovsky" <andrei@arhont.com.INVALID>
wrote:
>    >    >        
>    >    >            Yeah, it's a default one. I believe it comes with redundant
routers by default.
>    >    >            I think the VPC has been created on ACS 4.7.x about 10 months
ago. Several
>    >    >            months ago I've updated to 4.9.0.
>    >    >            
>    >    >            Andrei
>    >    >            
>    >    >            
>    >    >        Dag.Sonstebo@shapeblue.com
>    >    >        www.shapeblue.com
>    >    >        53 Chandos Place, Covent Garden, London  WC2N 4HSUK
>    >    >        @shapeblue
>    >    >          
>    >    >         
>    >    >        
>    >    >        
>    >    >    Dag.Sonstebo@shapeblue.com
>    >    >    www.shapeblue.com
>    >    >    53 Chandos Place, Covent Garden, London  WC2N 4HSUK
>    >    >    @shapeblue
>    >    >      
>    >    >     
>    >    >    
>    >    >    
>    >    > Dag.Sonstebo@shapeblue.com
>    >    > www.shapeblue.com
>    >    > 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
>    >    > @shapeblue
>    >    >  
>    >    > 
>    >    > 
>    >    > ----- Original Message -----
>    >    >            > From: "Dag Sonstebo" <Dag.Sonstebo@shapeblue.com>
>    >    >            > To: "users" <users@cloudstack.apache.org>
>    >    >            > Sent: Tuesday, 22 November, 2016 16:46:39
>    >    >            > Subject: Re: error adding VPN user in VPC network
>    >    >            
>    >    >            > Which VPC service offering are you using? Is this just
the standard “default VPC
>    >    >            > offering”?
>    >    >            > 
>    >    >            > Regards,
>    >    >            > Dag Sonstebo
>    >    >            > Cloud Architect
>    >    >            > ShapeBlue
>    >    >            > 
>    >    >            > On 22/11/2016, 16:37, "Andrei Mikhailovsky" <andrei@arhont.com.INVALID>
wrote:
>    >    >            > 
>    >    >            >    Hi Dag,
>    >    >            >    
>    >    >            >    Thanks for the quick response. Actually, the username
that I've tried to set up
>    >    >            >    was just "andrei". 40 and 45 could be the id numbers
of the account/domain
>    >    >            >    perhaps? I've also tried to change the usernames and
provided different
>    >    >            >    passwords, but had the same error.
>    >    >            >    
>    >    >            >    Andrei
>    >    >            >    
>    >    >            >    
>    >    >            > Dag.Sonstebo@shapeblue.com
>    >    >            > www.shapeblue.com
>    >    >            > 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
>    >    >            > @shapeblue
>    >    >            >  
>    >    >            > 
>    >    >            > 
>    >    >            > ----- Original Message -----
>    >    >            >    > From: "Dag Sonstebo" <Dag.Sonstebo@shapeblue.com>
>    >    >            >    > To: "users" <users@cloudstack.apache.org>
>    >    >            >    > Sent: Tuesday, 22 November, 2016 13:37:54
>    >    >            >    > Subject: Re: error adding VPN user in VPC network
>    >    >            >    
>    >    >            >    > Hi Andrei,
>    >    >            >    > 
>    >    >            >    > I’ve discussed with my colleagues and we think
this may be related to
>    >    >            >    > https://issues.apache.org/jira/browse/CLOUDSTACK-9498
>    >    >            >    > 
>    >    >            >    > From your logs it looks like the username you
are using is “40-andrei-45”? Could
>    >    >            >    > you try with a username with just normal characters?
>    >    >            >    > 
>    >    >            >    > Regards,
>    >    >            >    > Dag Sonstebo
>    >    >            >    > Cloud Architect
>    >    >            >    > ShapeBlue
>    >    >            >    > 
>    >    >            >    > On 22/11/2016, 12:14, "Andrei Mikhailovsky" <andrei@arhont.com.INVALID>
wrote:
>    >    >            >    > 
>    >    >            >    >    Hello
>    >    >            >    >    
>    >    >            >    >    I am running ACS 4.9.0.
>    >    >            >    >    
>    >    >            >    >    I am having an issue with adding a VPN user
to the VPC network. I've enabled the
>    >    >            >    >    VPN service on the static IP. The service
was enabled and I have the PSK shown
>    >    >            >    >    to me. However, when I am adding a new user
it fails with the following error:
>    >    >            >    >    
>    >    >            >    >    2016-11-22 12:05:26,189 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
>    >    >            >    >    (API-Job-Executor-82:ctx-d62e35c3 job-31537
ctx-8ac8a450) (logid:f76b2eae) VPN
>    >    >            >    >    User VpnUser[40-andrei-45] is set on
>    >    >            >    >    com.cloud.network.dao.RemoteAccessVpnVO$$EnhancerByCGLIB$$cc1dfb8d@4465732c
>    >    >            >    >    2016-11-22 12:05:26,189 WARN [c.c.n.v.RemoteAccessVpnManagerImpl]
>    >    >            >    >    (API-Job-Executor-82:ctx-d62e35c3 job-31537
ctx-8ac8a450) (logid:f76b2eae)
>    >    >            >    >    Unable to apply vpn users
>    >    >            >    >    java.lang.IndexOutOfBoundsException: Index:
1, Size: 1
>    >    >            >    >    at java.util.ArrayList.rangeCheck(ArrayList.java:635)
>    >    >            >    >    at java.util.ArrayList.get(ArrayList.java:411)
>    >    >            >    >    at
>    >    >            >    >    com.cloud.network.vpn.RemoteAccessVpnManagerImpl.applyVpnUsers(RemoteAccessVpnManagerImpl.java:532)
>    >    >            >    >    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
Method)
>    >    >            >    >    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
>    >    >            >    >    at
>    >    >            >    >    sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>    >    >            >    >    at java.lang.reflect.Method.invoke(Method.java:606)
>    >    >            >    >    at
>    >    >            >    >    org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)
>    >    >            >    >    at
>    >    >            >    >    org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
>    >    >            >    >    at
>    >    >            >    >    org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
>    >    >            >    >    at
>    >    >            >    >    org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:91)
>    >    >            >    >    at
>    >    >            >    >    org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
>    >    >            >    >    at
>    >    >            >    >    org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
>    >    >            >    >    at com.sun.proxy.$Proxy237.applyVpnUsers(Unknown
Source)
>    >    >            >    >    at
>    >    >            >    >    org.apache.cloudstack.api.command.user.vpn.AddVpnUserCmd.execute(AddVpnUserCmd.java:122)
>    >    >            >    >    at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:150)
>    >    >            >    >    at com.cloud.api.ApiAsyncJobDispatcher.runJob(ApiAsyncJobDispatcher.java:108)
>    >    >            >    >    at
>    >    >            >    >    org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.runInContext(AsyncJobManagerImpl.java:554)
>    >    >            >    >    at
>    >    >            >    >    org.apache.cloudstack.managed.context.ManagedContextRunnable$1.run(ManagedContextRunnable.java:49)
>    >    >            >    >    at
>    >    >            >    >    org.apache.cloudstack.managed.context.impl.DefaultManagedContext$1.call(DefaultManagedContext.java:56)
>    >    >            >    >    at
>    >    >            >    >    org.apache.cloudstack.managed.context.impl.DefaultManagedContext.callWithContext(DefaultManagedContext.java:103)
>    >    >            >    >    at
>    >    >            >    >    org.apache.cloudstack.managed.context.impl.DefaultManagedContext.runWithContext(DefaultManagedContext.java:53)
>    >    >            >    >    at
>    >    >            >    >    org.apache.cloudstack.managed.context.ManagedContextRunnable.run(ManagedContextRunnable.java:46)
>    >    >            >    >    at
>    >    >            >    >    org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.run(AsyncJobManagerImpl.java:502)
>    >    >            >    >    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
>    >    >            >    >    at java.util.concurrent.FutureTask.run(FutureTask.java:262)
>    >    >            >    >    at
>    >    >            >    >    java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
>    >    >            >    >    at
>    >    >            >    >    java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
>    >    >            >    >    at java.lang.Thread.run(Thread.java:745)
>    >    >            >    >    2016-11-22 12:05:26,190 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
>    >    >            >    >    (API-Job-Executor-82:ctx-d62e35c3 job-31537
ctx-8ac8a450) (logid:f76b2eae)
>    >    >            >    >    Applying vpn access to VirtualRouter
>    >    >            >    >    2016-11-22 12:05:26,192 WARN [c.c.n.v.RemoteAccessVpnManagerImpl]
>    >    >            >    >    (API-Job-Executor-82:ctx-d62e35c3 job-31537
ctx-8ac8a450) (logid:f76b2eae)
>    >    >            >    >    Failed to apply vpn for user andrei, accountId=45
>    >    >            >    >    2016-11-22 12:05:26,193 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
>    >    >            >    >    (API-Job-Executor-82:ctx-d62e35c3 job-31537)
(logid:f76b2eae) Complete async
>    >    >            >    >    job-31537, jobStatus: FAILED, resultCode:
530, result:
>    >    >            >    >    org.apache.cloudstack.api.response.ExceptionResponse/null/{"uuidList":[],"errorcode":530,"errortext":"Failed
>    >    >            >    >    to add vpn user"}
>    >    >            >    >    
>    >    >            >    >    Please advise how to get this problem fixed
and have a working VPN service?
>    >    >            >    >    
>    >    >            >    >    Thanks
>    >    >            >    >    
>    >    >            >    >    Andrei
>    >    >            >    >    
>    >    >            >    > 
>    >    >            >    > 
>    >    >            >    > Dag.Sonstebo@shapeblue.com
>    >    >            >    > www.shapeblue.com
>    >    >            >    > 53 Chandos Place, Covent Garden, London  WC2N
4HSUK
>     >     >             >     > @shapeblue

Mime
View raw message