On Mar 18, 2013, at 1:07 PM, Edison Su <edison...@citrix.com> wrote:
> > >> -----Original Message----- >> From: Sebastien Goasguen [mailto:run...@gmail.com] >> Sent: Monday, March 18, 2013 7:24 AM >> To: cloudstack-dev@incubator.apache.org >> Subject: Re: 4.1 certificate issue >> >> >> On Mar 15, 2013, at 8:11 PM, Sheng Yang <sh...@yasker.org> wrote: >> >>> What blocked you is not ssl keystore, it's ssh key. As it said: >>> >>> NFO [cloud.server.ConfigurationServerImpl] (Timer-2:) Going to update >>> systemvm iso with generated keypairs if needed >>> Password: >>> >>> I just found recently we need to input the password many times, then >>> with latest build I only need to input password one time, but still, I >>> have no idea why this happening, and who changed it... >> >> Can anybody else comment on this ? > > If it's asking for password, usually, it means the "sudo" on your system > needs password. You can workaround it, by adding "your-user-name ALL=(ALL) > NOPASSWD: ALL" in sudo configuration > file(http://askubuntu.com/questions/147241/execute-sudo-without-password) I am no sysadmin, but If I were one I think I would scream to such a sudoer entry. Steal my user password and you get root on my system. I entered my password 9 times and it finally went through. I had these messages: WARN [utils.script.Script] (Timer-2:) Timed out: sudo keytool -genkey -keystore /Users/sebastiengoasguen/Documents/incubator-cloudstack/client/target/cloud-client-ui-4.1.0-SNAPSHOT/WEB-INF/classes/cloud.keystore -storepass vmops.com -keypass vmops.com -keyalg RSA -validity 3650 -dname cn="Cloudstack User",ou="cloud.com",o="cloud.com",c="Unknown" . Output is: WARN [cloud.server.ConfigurationServerImpl] (Timer-2:) Would use fail-safe keystore to continue. java.io.IOException: Fail to generate certificate!: timeout at com.cloud.server.ConfigurationServerImpl.generateDefaultKeystore(ConfigurationServerImpl.java:491) at com.cloud.server.ConfigurationServerImpl.updateSSLKeystore(ConfigurationServerImpl.java:512) at com.cloud.server.ConfigurationServerImpl.persistDefaultValues(ConfigurationServerImpl.java:269) at com.cloud.server.ConfigurationServerImpl.configure(ConfigurationServerImpl.java:143) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:601) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:319) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150) at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:80) at com.cloud.utils.db.TransactionContextBuilder.AroundAnyMethod(TransactionContextBuilder.java:43) at sun.reflect.GeneratedMethodAccessor36.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:601) at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621) at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610) at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:65) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:90) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202) at $Proxy388.configure(Unknown Source) at com.cloud.utils.component.ComponentContext.initComponentsLifeCycle(ComponentContext.java:97) at com.cloud.servlet.CloudStartupServlet$1.run(CloudStartupServlet.java:50) at java.util.TimerThread.mainLoop(Timer.java:555) at java.util.TimerThread.run(Timer.java:505) INFO [cloud.server.ConfigurationServerImpl] (Timer-2:) Processing updateKeyPairs INFO [cloud.server.ConfigurationServerImpl] (Timer-2:) Systemvm keypairs not found in database. Need to store them in the database INFO [cloud.server.ConfigurationServerImpl] (Timer-2:) Going to update systemvm iso with generated keypairs if needed Password: Password: Password: Password: Password: Password: Password: Password: Password: WARN [cloud.server.ConfigurationServerImpl] (Timer-2:) Failed to inject generated public key into systemvm iso Sorry, try again.Sorry, try again.Sorry, try again.sudo: 3 incorrect password attemptsSorry, try again.Sorry, try again.Sorry, try again.sudo: 3 incorrect password attemptsinjectkeys.sh: Failed to mount original iso /Users/sebastiengoasguen/Documents/incubator-cloudstack/client/target/cloud-client-ui-4.1.0-SNAPSHOT/WEB-INF/classes/vms/systemvm.isocp: illegal option -- busage: cp [-R [-H | -L | -P]] [-fi | -n] [-apvX] source_file target_file cp [-R [-H | -L | -P]] [-fi | -n] [-apvX] source_file ... target_directoryinjectkeys.sh: Failed to backup original iso /Users/sebastiengoasguen/Documents/incubator-cloudstack/client/target/cloud-client-ui-4.1.0-SNAPSHOT/WEB-INF/classes/vms/systemvm.isoumount: /Users/sebastiengoasguen/systemvm_mnt: not currently mountedcp: /Users/sebastiengoasguen/systemvm_mnt/*: No such file or directoryinjectkeys.sh: Failed to copy from original iso /Users/sebastiengoasguen/Documents/incubator-cloudstack/client/target/cloud-client-ui-4.1.0-SNAPSHOT/WEB-INF/classes/vms/systemvm.isoumount: /Users/sebastiengoasguen/systemvm_mnt: not currently mountedumount: /Users/sebastiengoasguen/systemvm_mnt: not currently mountedinjectkeys.sh: Failed to unmount old iso from /Users/sebastiengoasguen/systemvm_mnt INFO [cloud.server.ConfigurationServerImpl] (Timer-2:) Need to store secondary storage vm copy password in the database I may have mistype my password couple times, but there is a mount issue as well. I am on OSX 10.8.3. -sebastien >> >> >>> >>> --Sheng >>> >>> On Fri, Mar 15, 2013 at 5:23 AM, Sebastien Goasguen <run...@gmail.com> >> wrote: >>>> >>>> On Mar 15, 2013, at 8:15 AM, Pranav Saxena <pranav.sax...@citrix.com> >> wrote: >>>> >>>>> This thread explains the reason behind this issue - >>>>> http://mail-archives.apache.org/mod_mbox/incubator-cloudstack- >> dev/20 >>>>> 1302.mbox/%3CCA+2rt40+hwLPB6rv7d9ASJt- >> cJd3VHXBsWy=C9JonyiZdF_kRQ@mai >>>>> l.gmail.com%3E >>>>> >>>>> " It would happen if it's not product version, when mgmt server try to >> generate ssl keystore for ssl communcation, but it would need supervisor >> privilege to do so. If it failed, it would use pre-generated fail-safe >> keystore >> for continuing " >>>>> >>>>> But this should not block you perhaps from deploying your set up . >>>> >>>> I know we talked about it before, but I am not running as root. >>>> And the setup takes a long time to go through the "timeout" ~20/30 >>>> minutes... >>>> >>>> -sebastien >>>> >>>> >>>>> >>>>> Regards, >>>>> Pranav >>>>> >>>>> -----Original Message----- >>>>> From: Sebastien Goasguen [mailto:run...@gmail.com] >>>>> Sent: Friday, March 15, 2013 5:22 PM >>>>> To: cloudstack-dev@incubator.apache.org Developers >>>>> Subject: 4.1 certificate issue >>>>> >>>>> Hi folks, >>>>> >>>>> When trying the latest 4.1 I am still stuck with: >>>>> >>>>> INFO [cloud.server.ConfigurationServerImpl] (Timer-2:) Executing >>>>> chmod ugo+x >>>>> /Users/sebastiengoasguen/Documents/incubator- >> cloudstack/client/targe >>>>> t/cloud-client-ui-4.1.0-SNAPSHOT/WEB- >> INF/classes/scripts/vm/systemvm >>>>> /injectkeys.sh INFO [cloud.server.ConfigurationServerImpl] >>>>> (Timer-2:) Processing updateSSLKeyStore INFO >>>>> [cloud.server.ConfigurationServerImpl] (Timer-2:) SSL keystore >>>>> located at >>>>> /Users/sebastiengoasguen/Documents/incubator- >> cloudstack/client/targe >>>>> t/cloud-client-ui-4.1.0-SNAPSHOT/WEB-INF/classes/cloud.keystore >>>>> Password:WARN [utils.script.Script] (Script-1:) Interrupting script. >>>>> WARN [utils.script.Script] (Timer-2:) Timed out: sudo keytool -genkey - >> keystore /Users/sebastiengoasguen/Documents/incubator- >> cloudstack/client/target/cloud-client-ui-4.1.0-SNAPSHOT/WEB- >> INF/classes/cloud.keystore -storepass vmops.com -keypass vmops.com - >> keyalg RSA -validity 3650 -dname cn="Cloudstack >> User",ou="cloud.com",o="cloud.com",c="Unknown" . Output is: >>>>> WARN [cloud.server.ConfigurationServerImpl] (Timer-2:) Would use >> fail-safe keystore to continue. >>>>> java.io.IOException: Fail to generate certificate!: timeout >>>>> at >> com.cloud.server.ConfigurationServerImpl.generateDefaultKeystore(Config >> urationServerImpl.java:491) >>>>> at >> com.cloud.server.ConfigurationServerImpl.updateSSLKeystore(Configuratio >> nServerImpl.java:512) >>>>> at >> com.cloud.server.ConfigurationServerImpl.persistDefaultValues(Configurati >> onServerImpl.java:269) >>>>> at >> com.cloud.server.ConfigurationServerImpl.configure(ConfigurationServerIm >> pl.java:143) >>>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>>> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.j >> ava:57) >>>>> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces >> sorImpl.java:43) >>>>> at java.lang.reflect.Method.invoke(Method.java:601) >>>>> at >> org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection( >> AopUtils.java:319) >>>>> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoi >> npoint(ReflectiveMethodInvocation.java:183) >>>>> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed( >> ReflectiveMethodInvocation.java:150) >>>>> at >> org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.pr >> oceed(MethodInvocationProceedingJoinPoint.java:80) >>>>> at >> com.cloud.utils.db.TransactionContextBuilder.AroundAnyMethod(Transactio >> nContextBuilder.java:43) >>>>> at sun.reflect.GeneratedMethodAccessor36.invoke(Unknown Source) >>>>> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces >> sorImpl.java:43) >>>>> at java.lang.reflect.Method.invoke(Method.java:601) >>>>> at >> org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMeth >> odWithGivenArgs(AbstractAspectJAdvice.java:621) >>>>> at >> org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMeth >> od(AbstractAspectJAdvice.java:610) >>>>> at >> org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJArou >> ndAdvice.java:65) >>>>> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed( >> ReflectiveMethodInvocation.java:172) >>>>> at >> org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(E >> xposeInvocationInterceptor.java:90) >>>>> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed( >> ReflectiveMethodInvocation.java:172) >>>>> at >> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDyna >> micAopProxy.java:202) >>>>> at $Proxy388.configure(Unknown Source) >>>>> at >> com.cloud.utils.component.ComponentContext.initComponentsLifeCycle(Co >> mponentContext.java:97) >>>>> at >> com.cloud.servlet.CloudStartupServlet$1.run(CloudStartupServlet.java:50) >>>>> at java.util.TimerThread.mainLoop(Timer.java:555) >>>>> at java.util.TimerThread.run(Timer.java:505) >>>>> INFO [cloud.server.ConfigurationServerImpl] (Timer-2:) Processing >>>>> updateKeyPairs INFO [cloud.server.ConfigurationServerImpl] >>>>> (Timer-2:) Systemvm keypairs not found in database. Need to store >>>>> them in the database INFO [cloud.server.ConfigurationServerImpl] >>>>> (Timer-2:) Going to update systemvm iso with generated keypairs if >>>>> needed >>>>> Password: >>>>> >>>>> Password: >>>>> Password: >>>>> Password: >>>>> >>>>> I am not sure how to get passed this ? >>>>> >>>>> -sebastien >>>> >
