deajan commented on issue #10703: URL: https://github.com/apache/cloudstack/issues/10703#issuecomment-2804552167
I double checked that the labels are set correctly. All the bridges are up and connected to ethernet interfaces. When I add the host on UI, I get the same error message as in the screenshot above (530: Failed to setup keystore on the KVM host). On the KVM host, journalctl -r shows the following entries (no errors): ``` avril 15 12:00:01 redacted_kvm_host.local sudo[54135]: root : no tty ; PWD=/root ; USER=root ; COMMAND=/usr/share/cloudstack-common/scripts/util/keystore-setup /etc/cloudstack/agent/agent.properties /etc/cloudstack/agent/cloud.jks hrguMbgNwpX4bw8w 365 /etc/cloudstack/agent/cloud.csr ``` On the management server, `/var/log/cloudstack/management/management-server.log` relevant output ``` 2025-04-15 12:00:01,054 INFO [c.c.u.e.CSExceptionErrorCode] (qtp1513608173-22181:[ctx-2414a1f9, ctx-8130a03c]) (logid:b90fe3f8) Could not find exception: com.cl oud.exception.DiscoveryException in error code list for exceptions 2025-04-15 12:00:01,054 WARN [o.a.c.a.c.a.h.AddHostCmd] (qtp1513608173-22181:[ctx-2414a1f9, ctx-8130a03c]) (logid:b90fe3f8) Exception: com.cloud.exception.Disco veryException: Could not add host at [http://redacted_host_name.local] with zone [1], pod [1] and cluster [1] due to: [ can't setup agent, due to com.cloud.utils.e xception.CloudRuntimeException: Failed to setup keystore on the KVM host: 10.13.37.2 - Failed to setup keystore on the KVM host: 10.13.37.2]. at com.cloud.resource.ResourceManagerImpl.discoverHostsFull(ResourceManagerImpl.java:835) at com.cloud.resource.ResourceManagerImpl.discoverHosts(ResourceManagerImpl.java:661) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:569) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:344) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:198) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163) at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:97) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:215) at jdk.proxy3/jdk.proxy3.$Proxy223.discoverHosts(Unknown Source) at org.apache.cloudstack.api.command.admin.host.AddHostCmd.execute(AddHostCmd.java:134) at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:173) at com.cloud.api.ApiServer.queueCommand(ApiServer.java:831) at com.cloud.api.ApiServer.handleRequest(ApiServer.java:652) at com.cloud.api.ApiServlet.processRequestInContext(ApiServlet.java:354) at com.cloud.api.ApiServlet$1.run(ApiServlet.java:157) at org.apache.cloudstack.managed.context.impl.DefaultManagedContext$1.call(DefaultManagedContext.java:56) at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.callWithContext(DefaultManagedContext.java:103) at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.runWithContext(DefaultManagedContext.java:53) at com.cloud.api.ApiServlet.processRequest(ApiServlet.java:154) at com.cloud.api.ApiServlet.doPost(ApiServlet.java:113) at javax.servlet.http.HttpServlet.service(HttpServlet.java:665) at javax.servlet.http.HttpServlet.service(HttpServlet.java:750) at org.eclipse.jetty.servlet.ServletHolder$NotAsync.service(ServletHolder.java:1450) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:554) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:600) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1440) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:505) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1355) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:772) at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:146) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) at org.eclipse.jetty.server.Server.handle(Server.java:516) at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:487) at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:732) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:479) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277) at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311) at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105) at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131) at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:409) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883) at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034) at java.base/java.lang.Thread.run(Thread.java:840) Caused by: com.cloud.exception.DiscoveredWithErrorException: can't setup agent, due to com.cloud.utils.exception.CloudRuntimeException: Failed to setup keystore on the KVM host: 10.13.37.2 - Failed to setup keystore on the KVM host: 10.13.37.2 at com.cloud.hypervisor.kvm.discoverer.LibvirtServerDiscoverer.find(LibvirtServerDiscoverer.java:379) at com.cloud.resource.ResourceManagerImpl.discoverHostsFull(ResourceManagerImpl.java:828) ... 60 more Caused by: com.cloud.utils.exception.CloudRuntimeException: Failed to setup keystore on the KVM host: 10.13.37.2 at com.cloud.hypervisor.kvm.discoverer.LibvirtServerDiscoverer.setupAgentSecurity(LibvirtServerDiscoverer.java:181) at com.cloud.hypervisor.kvm.discoverer.LibvirtServerDiscoverer.find(LibvirtServerDiscoverer.java:324) ... 61 more ``` Of course, keytool is installed. I decided to manually run the given keystore setup command on the KVM host: ``` export LANG=C [root@host root]# /usr/share/cloudstack-common/scripts/util/keystore-setup /etc/cloudstack/agent/agent.properties /etc/cloudstack/agent/cloud.jks hrguMbgNwpX4bw8w 365 /etc/cloudstack/agent/cloud.csr Generating 2,048 bit RSA key pair and self-signed certificate (SHA256withRSA) with a validity of 365 days for: CN=hyper02p.val.npf.local, OU=cloudstack, O=cloudstack, C=cloudstack -----BEGIN NEW CERTIFICATE REQUEST----- [redacted] -----END NEW CERTIFICATE REQUEST----- ``` So running the keystore script looks good. Even after this step, trying to add the KVM host via the UI failed with the same 530 error. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@cloudstack.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
