[
https://issues.apache.org/jira/browse/CLOUDSTACK-1719?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Chandan Purushothama reopened CLOUDSTACK-1719:
----------------------------------------------
Got through the issue and hit another one as shown below. It looks like the key
is being searched at in the wrong location (instead of /etc/cloudstack, the key
is being searched in /etc/cloud).
EC2RestServlet.doGetOrPost: javax.servlet.forward.request_uri: /awsapi/
EC2RestServlet.doGetOrPost: javax.servlet.forward.context_path: /awsapi
EC2RestServlet.doGetOrPost: javax.servlet.forward.servlet_path:
EC2RestServlet.doGetOrPost: javax.servlet.forward.path_info: /
EC2RestServlet.doGetOrPost: javax.servlet.forward.query_string: null
Mar 25, 2013 6:15:11 PM org.apache.catalina.core.ApplicationDispatcher invoke
SEVERE: Servlet.service() for servlet EC2RestServlet threw exception
java.io.FileNotFoundException: /etc/cloud/management/key (No such file or
directory)
at java.io.FileInputStream.open(Native Method)
at java.io.FileInputStream.<init>(FileInputStream.java:137)
at java.io.FileInputStream.<init>(FileInputStream.java:96)
at java.io.FileReader.<init>(FileReader.java:58)
at
com.cloud.bridge.util.EncryptionSecretKeyCheckerUtil.<clinit>(EncryptionSecretKeyCheckerUtil.java:64)
at
com.cloud.bridge.persist.dao.CloudStackUserDaoImpl.getSecretKeyByAccessKey(CloudStackUserDaoImpl.java:55)
at
com.cloud.bridge.persist.dao.CloudStackUserDaoImpl$$FastClassByCGLIB$$895db09f.invoke(<generated>)
at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
at
org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:689)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
at
org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:80)
at
com.cloud.utils.db.TransactionContextBuilder.AroundAnyMethod(TransactionContextBuilder.java:39)
at sun.reflect.GeneratedMethodAccessor57.invoke(Unknown Source)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:616)
at
org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621)
at
org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610)
at
org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:65)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at
org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:90)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at
org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:622)
at
com.cloud.bridge.persist.dao.CloudStackUserDaoImpl$$EnhancerByCGLIB$$7ccebd20.getSecretKeyByAccessKey(<generated>)
at
com.cloud.bridge.service.EC2RestServlet.authenticateRequest(EC2RestServlet.java:1904)
at
com.cloud.bridge.service.EC2RestServlet.doGetOrPost(EC2RestServlet.java:254)
at
com.cloud.bridge.service.EC2RestServlet.doPost(EC2RestServlet.java:223)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:646)
at
org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:436)
at
org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:374)
at
org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:302)
at
com.cloud.bridge.service.EC2MainServlet.doGetOrPost(EC2MainServlet.java:105)
at
com.cloud.bridge.service.EC2MainServlet.doPost(EC2MainServlet.java:89)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:555)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
at
org.apache.coyote.http11.Http11NioProcessor.process(Http11NioProcessor.java:889)
at
org.apache.coyote.http11.Http11NioProtocol$Http11ConnectionHandler.process(Http11NioProtocol.java:721)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:2268)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
at java.lang.Thread.run(Thread.java:679)
Mar 25, 2013 6:15:11 PM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet EC2MainServlet threw exception
java.lang.RuntimeException: javax.servlet.ServletException: Servlet execution
threw an exception
at
com.cloud.bridge.service.EC2MainServlet.doGetOrPost(EC2MainServlet.java:107)
at
com.cloud.bridge.service.EC2MainServlet.doPost(EC2MainServlet.java:89)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:555)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
at
org.apache.coyote.http11.Http11NioProcessor.process(Http11NioProcessor.java:889)
at
org.apache.coyote.http11.Http11NioProtocol$Http11ConnectionHandler.process(Http11NioProtocol.java:721)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:2268)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
at java.lang.Thread.run(Thread.java:679)
Caused by: javax.servlet.ServletException: Servlet execution threw an exception
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:313)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:646)
at
org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:436)
at
org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:374)
at
org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:302)
at
com.cloud.bridge.service.EC2MainServlet.doGetOrPost(EC2MainServlet.java:105)
... 18 more
Caused by: java.lang.ExceptionInInitializerError
at
com.cloud.bridge.persist.dao.CloudStackUserDaoImpl.getSecretKeyByAccessKey(CloudStackUserDaoImpl.java:55)
at
com.cloud.bridge.persist.dao.CloudStackUserDaoImpl$$FastClassByCGLIB$$895db09f.invoke(<generated>)
at net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
at
org.springframework.aop.framework.Cglib2AopProxy$CglibMethodInvocation.invokeJoinpoint(Cglib2AopProxy.java:689)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
at
org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:80)
at
com.cloud.utils.db.TransactionContextBuilder.AroundAnyMethod(TransactionContextBuilder.java:39)
at sun.reflect.GeneratedMethodAccessor57.invoke(Unknown Source)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:616)
at
org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:621)
at
org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:610)
at
org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:65)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at
org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:90)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at
org.springframework.aop.framework.Cglib2AopProxy$DynamicAdvisedInterceptor.intercept(Cglib2AopProxy.java:622)
at
com.cloud.bridge.persist.dao.CloudStackUserDaoImpl$$EnhancerByCGLIB$$7ccebd20.getSecretKeyByAccessKey(<generated>)
at
com.cloud.bridge.service.EC2RestServlet.authenticateRequest(EC2RestServlet.java:1904)
at
com.cloud.bridge.service.EC2RestServlet.doGetOrPost(EC2RestServlet.java:254)
at
com.cloud.bridge.service.EC2RestServlet.doPost(EC2RestServlet.java:223)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
... 24 more
Caused by: java.lang.RuntimeException: File containing secret key not found:
/etc/cloud/management/key
at
com.cloud.bridge.util.EncryptionSecretKeyCheckerUtil.<clinit>(EncryptionSecretKeyCheckerUtil.java:68)
... 48 more
Caused by: java.io.FileNotFoundException: /etc/cloud/management/key (No such
file or directory)
at java.io.FileInputStream.open(Native Method)
at java.io.FileInputStream.<init>(FileInputStream.java:137)
at java.io.FileInputStream.<init>(FileInputStream.java:96)
at java.io.FileReader.<init>(FileReader.java:58)
at
com.cloud.bridge.util.EncryptionSecretKeyCheckerUtil.<clinit>(EncryptionSecretKeyCheckerUtil.java:64)
... 48 more
INFO [agent.manager.AgentMonitor] (Thread-6:) Found the following agents
behind on ping: [1]
INFO [agent.manager.AgentManagerImpl] (AgentTaskPool-2:) Investigating why
host 1 has disconnected with event PingTimeout
INFO [agent.manager.AgentManagerImpl] (AgentTaskPool-2:) The state determined
is Up
INFO [agent.manager.AgentManagerImpl] (AgentTaskPool-2:) Agent is determined
to be up and running
INFO [agent.manager.AgentMonitor] (Thread-6:) Found the following agents
behind on ping: [1]
INFO [agent.manager.AgentManagerImpl] (AgentTaskPool-3:) Investigating why
host 1 has disconnected with event PingTimeout
INFO [agent.manager.AgentManagerImpl] (AgentTaskPool-3:) The state determined
is Up
INFO [agent.manager.AgentManagerImpl] (AgentTaskPool-3:) Agent is determined
to be up and running
> EC2 REST API: AWS APIs are not getting translated on the CloudStack
> Management Server
> -------------------------------------------------------------------------------------
>
> Key: CLOUDSTACK-1719
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-1719
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Components: Management Server
> Affects Versions: 4.1.0, 4.2.0
> Reporter: Chandan Purushothama
> Assignee: Pradeep Soundararajan
> Priority: Blocker
> Fix For: 4.1.0, 4.2.0
>
> Attachments: awsapi.log, catalina.zip
>
>
> ===========
> Observations:
> ===========
> AWS REST API fired from the client is reaching the management server but it
> is not getting translated to corresponding native CloudStack API Call. The
> awsapi.log doesn't show any information.
> ==============
> On the Client Side:
> ==============
> -----------------------------
> BotoClient Request:
> ------------------------------
> import boto.ec2
> import pprint
> from boto.ec2.connection import EC2Connection as ec2conn
> region =
> boto.ec2.regioninfo.RegionInfo(name="AmazonEC2",endpoint="10.223.59.67")
> conn =
> boto.connect_ec2(aws_access_key_id='d1gbjBy6NjAq9RnkZMo_nAJuB5cUyC3DAF6rdMShLWH8ryXSoXvL_D2fuZM0YW8GIgs8aDWxBdvzXXtNIShZOg',aws_secret_access_key='d1gbjBy6NjAq9RnkZMo_nAJuB5cUyC3DAF6rdMShLWH8ryXSoXvL_D2fuZM0YW8GIgs8aDWxBdvzXXtNIShZOg',is_secure=False,region=region,port=7080,path="/awsapi",api_version="2010-11-15")
> pp = pprint.PrettyPrinter()
> #print globals()
> #DescribeImage
> describeImage = conn.get_all_images()
> pp.pprint(describeImage)
> ----------------------------------
> BotoClient Response:
> ----------------------------------
> Traceback (most recent call last):
> File "/home/chandan/pyworkspace/botoawsproject/src/botoQuery.py", line 13,
> in <module>
> describeImage = conn.get_all_images()
> File
> "/usr/lib/python2.7/site-packages/boto-2.6.0-py2.7.egg/boto/ec2/connection.py",
> line 171, in get_all_images
> [('item', Image)], verb='POST')
> File
> "/usr/lib/python2.7/site-packages/boto-2.6.0-py2.7.egg/boto/connection.py",
> line 971, in get_list
> raise self.ResponseError(response.status, response.reason, body)
> boto.exception.EC2ResponseError: EC2ResponseError: 400 Bad Request
> ------------------------------------------------------------------------------------------
> WireShark Network Analyzer Packet Information on the Client:
> ------------------------------------------------------------------------------------------
> POST /awsapi/ HTTP/1.1
> Host: 10.223.59.67:7080
> Accept-Encoding: identity
> Content-Length: 286
> Content-Type: application/x-www-form-urlencoded; charset=UTF-8
> User-Agent: Boto/2.6.0 (linux2)
> AWSAccessKeyId=d1gbjBy6NjAq9RnkZMo_nAJuB5cUyC3DAF6rdMShLWH8ryXSoXvL_D2fuZM0YW8GIgs8aDWxBdvzXXtNIShZOg&Action=DescribeImages&SignatureMethod=HmacSHA256&SignatureVersion=2&Timestamp=2013-03-19T00%3A57%3A29Z&Version=2010-11-15&Signature=lzo7%2Fb8GfDTRsHuYy4EINS%2FauCoYd2HpMcB%2BqSNWBAQ%3DHTTP/1.1
> 400 Bad Request
> Server: Apache-Coyote/1.1
> Transfer-Encoding: chunked
> Date: Tue, 19 Mar 2013 03:50:13 GMT
> Connection: close
> =====================
> On the Management Server:
> =====================
> -------------------------------------
> Tcpdump of the Request:
> -------------------------------------
> 20:50:13.455199 IP 10.216.133.50.42571 > Rack3Host23.lab.vmops.com.empowerid:
> Flags [S], seq 2327957294, win 5840, options [mss 1380,sackOK,TS val
> 1204227094 ecr 0,nop,wscale 7], length 0
> 20:50:13.455276 IP Rack3Host23.lab.vmops.com.empowerid > 10.216.133.50.42571:
> Flags [S.], seq 2924982523, ack 2327957295, win 14480, options [mss
> 1460,sackOK,TS val 11532923 ecr 1204227094,nop,wscale 7], length 0
> 20:50:13.455494 IP 10.216.133.50.42571 > Rack3Host23.lab.vmops.com.empowerid:
> Flags [.], ack 1, win 46, options [nop,nop,TS val 1204227095 ecr 11532923],
> length 0
> 20:50:13.455573 IP 10.216.133.50.42571 > Rack3Host23.lab.vmops.com.empowerid:
> Flags [P.], seq 1:483, ack 1, win 46, options [nop,nop,TS val 1204227095 ecr
> 11532923], length 482
> 20:50:13.455589 IP Rack3Host23.lab.vmops.com.empowerid > 10.216.133.50.42571:
> Flags [.], ack 483, win 122, options [nop,nop,TS val 11532924 ecr
> 1204227095], length 0
> 20:50:13.456773 IP Rack3Host23.lab.vmops.com.empowerid > 10.216.133.50.42571:
> Flags [P.], seq 1:145, ack 483, win 122, options [nop,nop,TS val 11532925 ecr
> 1204227095], length 144
> 20:50:13.456863 IP Rack3Host23.lab.vmops.com.empowerid > 10.216.133.50.42571:
> Flags [F.], seq 145, ack 483, win 122, options [nop,nop,TS val 11532925 ecr
> 1204227095], length 0
> 20:50:13.457023 IP 10.216.133.50.42571 > Rack3Host23.lab.vmops.com.empowerid:
> Flags [.], ack 145, win 54, options [nop,nop,TS val 1204227096 ecr 11532925],
> length 0
> 20:50:13.457416 IP 10.216.133.50.42571 > Rack3Host23.lab.vmops.com.empowerid:
> Flags [F.], seq 483, ack 146, win 54, options [nop,nop,TS val 1204227097 ecr
> 11532925], length 0
> 20:50:13.457440 IP Rack3Host23.lab.vmops.com.empowerid > 10.216.133.50.42571:
> Flags [.], ack 484, win 122, options [nop,nop,TS val 11532925 ecr
> 1204227097], length 0
> -------------------------------------------------------------
> Firewall Rules on the Management Server:
> --------------------------------------------------------------
> [root@Rack3Host23 awsapi]# iptables-save
> # Generated by iptables-save v1.4.7 on Mon Mar 18 20:33:54 2013
> *filter
> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [122197:37439134]
> -A INPUT -p tcp -m tcp --dport 9090 -j ACCEPT
> -A INPUT -p tcp -m tcp --dport 8250 -j ACCEPT
> -A INPUT -p tcp -m tcp --dport 7080 -j ACCEPT
> -A INPUT -p tcp -m tcp --dport 8080 -j ACCEPT
> -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
> -A INPUT -p icmp -j ACCEPT
> -A INPUT -i lo -j ACCEPT
> -A INPUT -i em1 -j ACCEPT
> -A INPUT -i em2 -j ACCEPT
> -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
> -A INPUT -j REJECT --reject-with icmp-host-prohibited
> -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
> -A FORWARD -p icmp -j ACCEPT
> -A FORWARD -i lo -j ACCEPT
> -A FORWARD -i em1 -j ACCEPT
> -A FORWARD -i em2 -j ACCEPT
> -A FORWARD -j REJECT --reject-with icmp-host-prohibited
> COMMIT
> # Completed on Mon Mar 18 20:33:54 2013
> [root@Rack3Host23 awsapi]#
> ------------------------------------------
> webserver listening on 7080:
> ------------------------------------------
> [root@Rack3Host23 awsapi]# netstat -ant | grep 7080
> tcp 0 0 :::7080 :::*
> LISTEN
> mysql> select * from configuration where name like "%ec2%";
> +----------+----------+-------------------+----------------+-------+------------------------------+
> | category | instance | component | name | value |
> description |
> +----------+----------+-------------------+----------------+-------+------------------------------+
> | Advanced | DEFAULT | management-server | enable.ec2.api | true | enable
> EC2 API on CloudStack |
> +----------+----------+-------------------+----------------+-------+------------------------------+
> 1 row in set (0.00 sec)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
