HI Pearl and Zhou, Thanks for the reply. virbr0 is not a problem now.
But I've set the ca.plugin.root.auth.strictness to false and restarted the mgt server, the host still shows ssl handshake error. Also When I tried the deployDatacenter.py, it shows "=== TestClient Creation Failed===" and the mgt server logs ``` ERROR [c.c.u.n.Link] (AgentManager-SSLHandshakeHandler-1:null) (logid:) SSL error caught during unwrap data: Unrecognized SSL message, plaintext connection?, for local address=/172.20.0.1:8250, remote address=/172.20.0.1:54128. The client may have inva lid ca-certificates. ``` Thanks, Junxuan Wu On Mon, 28 Jun 2021 at 23:53, Pearl d'Silva <pearl.dsi...@shapeblue.com> wrote: > Hi Junxuan, > > To address the issue wrt SSL, you may try setting the following global > setting - "ca.plugin.root.auth.strictness" to false and restart your > management server. > > Thanks, > Pearl > ________________________________ > From: Wei ZHOU <ustcweiz...@gmail.com> > Sent: Saturday, June 26, 2021 2:31 PM > To: dev@cloudstack.apache.org <dev@cloudstack.apache.org> > Subject: Re: [GSoC] Issues occured on kvm host: SSL handshake Error > > Hi, > > I can answer your last question about the virbr0. > > In the past we had some issues if vm on another network also uses IP in > 192.168.122.0/24. Hence we decided to disable the default network virbr0. > you can find the commit in > https://github.com/apache/cloudstack/pull/3227/commits > > -Wei > > > > > On Sat, 26 Jun 2021 at 03:57, Junxuan Wu <atrocityth...@gmail.com> wrote: > > > Hi, > > > > I recently migrated my dev environment of cloudstack to a remote Google > > cloud machine. I set up the KVM host and management server there. It was > > working fine after the initial setup. But after a while, got an issue > when > > the KVM host and management server tries to connect. I checked the KVM > host > > cloudstack-agent log, it shows > > > > ``` > > 2021-06-25 01:14:34,933 WARN [utils.nio.Link] (main:null) (logid:) SSL > > Handshake has taken more than 30 > > s to connect to: /192.168.122.1:8250. Please investigate this > connection. > > 2021-06-25 01:14:34,934 ERROR [utils.nio.NioClient] (main:null) (logid:) > > SSL Handshake failed while conn > > ecting to host: 192.168.122.1 port: 8250 > > 2021-06-25 01:14:34,936 ERROR [utils.nio.NioConnection] (main:null) > > (logid:) Unable to initialize the th > > reads. > > java.io.IOException: SSL Handshake failed while connecting to host: > > 192.168.122.1 port: 8250 > > at com.cloud.utils.nio.NioClient.init(NioClient.java:67) > > at com.cloud.utils.nio.NioConnection.start(NioConnection.java:95) > > at com.cloud.agent.Agent.start(Agent.java:283) > > at com.cloud.agent.AgentShell.launchNewAgent(AgentShell.java:455) > > at com.cloud.agent.AgentShell.launchAgentFromClassInfo( > > AgentShell.java:422) > > at com.cloud.agent.AgentShell.launchAgent(AgentShell.java:406) > > at com.cloud.agent.AgentShell.start(AgentShell.java:512) > > at com.cloud.agent.AgentShell.main(AgentShell.java:547) > > 2021-06-25 01:14:34,940 WARN [cloud.agent.Agent] (main:null) (logid:) > NIO > > Connection Exception com.clo > > ud.utils.exception.NioConnectionException: SSL Handshake failed while > > connecting to host: 192.168.122.1 > > port: 8250 > > ``` > > And rerun the deployDatacenter.py keeps failing > > > > I set up my KVM host through monkeybox. > > > > I also find that whenever the cloudstack-agent is started, the network > > interface virbr0 will go down and disappear from ifconfig and virsh > > net-list on the kvm host. The machine type I'm using for kvm host > > is pc-i440fx-2.3, centos7. I've enabled nested virtualization on the > google > > cloud and the L1 VM I chose is debian 9 references: ( > > > > > https://cloud.google.com/compute/docs/instances/nested-virtualization/overview > > ) > > > > Is there a solution to disable the SSL check? Or any ideas on the strange > > behavior of my network interface? > > > > Thanks, > > Junxuan Wu > > >
