Public bug reported:
Ganeti uses PyCurl to connect to the master daemon. When PyCurl is linked
against GnuTLS the connection fails:
2012-03-26 07:00:13,862: gnt-cluster init pid=5995 INFO Using PycURL
libcurl/7.22.0 GnuTLS/2.12.14 zlib/1.2.3.4 libidn/1.23 librtmp/2.3
2012-03-26 07:00:18,658: gnt-cluster init pid=5995 ERROR RPC error in version
from node node1.example.com: Error 35: gnutls_handshake() failed: GnuTLS
internal error.
Starting Ganeti is not possible:
# /etc/init.d/ganeti start
* Starting Ganeti cluster
* ganeti-noded... [ OK ]
* ganeti-masterd...
ERROR:root:RPC error in node_start_master from node node2.example.com: Error
35: gnutls_handshake() failed: GnuTLS internal error.
ERROR:root:Can't activate master IP address: Error 35: gnutls_handshake()
failed: GnuTLS internal error.
[ OK ]
* ganeti-rapi... [ OK ]
* ganeti-confd... [ OK ]
# gnt-node list
Node DTotal DFree MTotal MNode MFree Pinst Sinst
node2.example.com ? ? ? ? ? 0 0
Recompiling PyCurl and linking against openssl fixes the issue:
[root]# aptitude install build-essential dpkg-dev
[root]# apt-get source python-pycurl
[root]# aptitude build-dep python-pycurl
[root]# aptitude install libcurl4-openssl-dev
[root]# cd pycurl-7.19.0
[root]# # perl -p -i -e "s/gnutls/openssl/" debian/control
[root]# dpkg-buildpackage -rfakeroot -b
[root]# cd ..
[root]# dpkg -i python-pycurl_7.19.0-4ubuntu3_amd64.deb
# /etc/init.d/ganeti restart
* Restarting Ganeti cluster
* ganeti-confd... [ OK ]
* ganeti-rapi... [ OK ]
* ganeti-masterd... [ OK ]
* ganeti-noded... [ OK ]
* ganeti-noded... [ OK ]
* ganeti-masterd... [ OK ]
* ganeti-rapi... [ OK ]
* ganeti-confd... [ OK ]
root@node1:/var/lib/ganeti# gnt-node list
Node DTotal DFree MTotal MNode MFree Pinst Sinst
node1.example.com 127.9G 127.9G 3.8G 381M 3.6G 0 0
Although during initialization still errors are logged in
/var/log/ganeti/commands.log:
2012-03-26 07:18:53,879: gnt-cluster init pid=20274 INFO Using PycURL
libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3
2012-03-26 07:18:58,521: gnt-cluster init pid=20274 ERROR RPC error in version
from node node1.example.com: Error 60: SSL certificate problem, verify that the
CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify
failed
But the communication is successful.
** Affects: ganeti (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/964989
Title:
Ganeti initialization fails because PyCurl is linked against GnuTLS
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ganeti/+bug/964989/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
