Hello Rafael, I'm aware of it, thank you. I also assumed that there could be some problem with it, that's why I shared a link (second one) in my first post, hopping that someone could confirm me that assumption.
After I have set ca.plugin.root.auth.strictness to false everything worked just fine - although it shouldn't be needed to do that for freshly installed environments. At least it was not needed on the CentoOS. The CA framework did "kick in" (as the article says) and has done his job. Regards Daniel Coric On 2018/03/14 00:48:11, Rafael Weingärtner <rafaelweingart...@gmail.com> wrote: > Looking at the logs you provided looks like something wrong with the > certificate used to secure communication with your KVM agent. I am not > familiar with KVM and ACS. I know however, that there is a CA pluging that > can issue and install certificates on hosts. Have you tried that? > > On Tue, Mar 13, 2018 at 5:07 PM, Daniel Coric <cori...@gmail.com> wrote: > > > Hello Rafael, > > > > Thank you for your response. > > > > I really did nothing except installing CS on a fresh installed Ubuntu VM - > > as I did it on the CentOS. On the CentOS everything worked out of the box - > > on the Ubuntu problems. > > > > I tried to install it from different package repositories (community, > > ShapeBlue, self-built), compared and followed Ubuntu specific installation > > instructions from two different sources (ACS, ShapeBlue) every time same > > errors in agent.log. > > > > So, I would rather say that there is something wrong either with the > > source or Ubuntu - but, as the first time CS user I could be wrong, of > > course. > > > > Regards > > Daniel Coric > > > > On 2018/03/13 18:43:46, Rafael Weingärtner <rafaelweingart...@gmail.com> > > wrote: > > > The MySQL thing is only a warning and should not cause problems in your > > > POC. The other is an error. There is something wrong with your agent's > > > configurations/deployment. > > > > > > On Mon, Mar 12, 2018 at 9:57 PM, Daniel Coric <cori...@gmail.com> wrote: > > > > > > > Hello Everyone, > > > > > > > > I'm getting myself familiar with CloudStack so please excuse if I have > > > > overlooked something obvious. > > > > > > > > Using build and install instructions from the official documentation I > > > > have managed to successfully install CloudStack 4.11 on the neasted > > CentOS > > > > 7.4 KVM (from both community provided package repositories and > > self-built > > > > packages). > > > > > > > > I have tried some of the basic operations like: uploading iso images, > > > > adding volumes and users, creating templates, creating and using VMs > > (both > > > > as admin and user) etc. > > > > As far as I can tell, everything worked as expected - except the fact > > that > > > > CentOS VM took about half an hour to shut down. > > > > > > > > Than I decided to give it a try on Ubuntu too. And indeed, Ubuntu > > 16.04.4 > > > > VM shut down normally. > > > > > > > > But, that was also the only thing that worked as expected on that > > Ubuntu > > > > VM. > > > > > > > > I have tried to find some solution on internet but the closest I could > > get > > > > was this thread: > > > > https://www.mail-archive.com/users@cloudstack.apache.org/msg22578.html > > > > and this documentation: > > > > http://docs.cloudstack.apache.org/projects/cloudstack- > > > > administration/en/latest/hosts.html#security > > > > > > > > And I'm not even sure if I am on the right path to the solution - any > > > > assistance would be much appreciated. > > > > > > > > > > > > > > > > Ubuntu 16.04.4 cloudstack-management.err is filled with: > > > > > > > > Mon Mar 12 20:30:24 CET 2018 WARN: Establishing SSL connection without > > > > server's identity verification is not recommended. According to MySQL > > > > 5.5.45+, 5.6.26+ and 5.7.6+ requirements SSL connection must be > > established > > > > by default if explicit option isn't set. For compliance with existing > > > > applications not using SSL the verifyServerCertificate property is set > > to > > > > 'false'. You need either to explicitly disable SSL by setting > > useSSL=false, > > > > or set useSSL=true and provide truststore for server certificate > > > > verification. > > > > > > > > Ubuntu 16.04.4 agent.log is filled with: > > > > > > > > 2018-03-12 20:43:58,782 INFO [utils.exception.CSExceptionErrorCode] > > > > (main:null) (logid:) Could not find exception: > > com.cloud.utils.exception.NioConnectionException > > > > in error code list for exceptions > > > > 2018-03-12 20:43:58,782 WARN [cloud.agent.Agent] (main:null) (logid:) > > NIO > > > > Connection Exception com.cloud.utils.exception. > > NioConnectionException: > > > > SSL Handshake failed while connecting to host: 10.22.0.5 port: 8250 > > > > 2018-03-12 20:43:58,782 INFO [cloud.agent.Agent] (main:null) (logid:) > > > > Attempted to connect to the server, but received an unexpected > > exception, > > > > trying again... > > > > 2018-03-12 20:44:03,783 INFO [cloud.agent.Agent] (main:null) (logid:) > > > > Connecting to host:10.22.0.5 > > > > 2018-03-12 20:44:03,783 INFO [utils.nio.NioClient] (main:null) > > (logid:) > > > > Connecting to 10.22.0.5:8250 > > > > 2018-03-12 20:44:03,786 INFO [utils.nio.Link] (main:null) (logid:) > > Conf > > > > file found: /etc/cloudstack/agent/agent.properties > > > > 2018-03-12 20:44:03,787 WARN [utils.nio.Link] (main:null) (logid:) > > Failed > > > > to load keystore, using trust all manager > > > > 2018-03-12 20:44:03,858 ERROR [utils.nio.Link] (main:null) (logid:) SSL > > > > error caught during unwrap data: Received fatal alert: > > bad_certificate, for > > > > local address=/10.22.0.5:53356, remote address=/10.22.0.5:8250. The > > > > client may have invalid ca-certificates. > > > > 2018-03-12 20:44:03,858 ERROR [utils.nio.NioClient] (main:null) > > (logid:) > > > > SSL Handshake failed while connecting to host: 10.22.0.5 port: 8250 > > > > 2018-03-12 20:44:03,858 ERROR [utils.nio.NioConnection] (main:null) > > > > (logid:) Unable to initialize the threads. > > > > java.io.IOException: SSL Handshake failed while connecting to host: > > > > 10.22.0.5 port: 8250 > > > > at com.cloud.utils.nio.NioClient.init(NioClient.java:67) > > > > at com.cloud.utils.nio.NioConnection.start( > > NioConnection.java:95) > > > > at com.cloud.agent.Agent.start(Agent.java:263) > > > > at com.cloud.agent.AgentShell.launchAgent(AgentShell.java:410) > > > > at com.cloud.agent.AgentShell.launchAgentFromClassInfo( > > > > AgentShell.java:378) > > > > at com.cloud.agent.AgentShell.launchAgent(AgentShell.java:362) > > > > at com.cloud.agent.AgentShell.start(AgentShell.java:467) > > > > at com.cloud.agent.AgentShell.main(AgentShell.java:502) > > > > > > > > > > > > > > > > Regards > > > > D.Coric > > > > > > > > > > > > > > > > -- > > > Rafael Weingärtner > > > > > > > > > -- > Rafael Weingärtner >
