Tested manually as suggested. It seems to be working as expected.
~$ java -classpath /usr/share/cloudstack-common/lib/cloudstack-utils.jar com.cloud.utils.crypt.EncryptionCLI -p mgmtkey -i dbkey ~$ 0kyPpEDMCrGYCmxK/tteR5hcIb8vO24Str7n5LxYLuP+ ~$ java -classpath /usr/share/cloudstack-common/lib/cloudstack-utils.jar com.cloud.utils.crypt.EncryptionCLI -p mgmtkey -i 0kyPpEDMCrGYCmxK/tteR5hcIb8vO24Str7n5LxYLuP+ -d ~$ dbkey On Mon, 26 Feb 2024 at 00:17, Wei ZHOU <ustcweiz...@gmail.com> wrote: > Can you test the decryption manually? > Refer to > > https://cwiki.apache.org/confluence/plugins/servlet/mobile?contentId=235837182#NewdatabaseencryptioncipherAeadBase64Encryptor-6.1Usage > > -Wei > > On Sunday, February 25, 2024, steve savio <st...@bettersms.net.invalid> > wrote: > > > /etc/cloudstack/management/key contains the secret key so I'm not > > comfortable sharing the contents. > > But below are the contents of /etc/cloudstack/management/db.properties > > with the encrypted secret and password values redacted. > > > > > > cluster.node.IP=127.0.1.1 > > cluster.servlet.port=9090 > > region.id=1 > > > > # CloudStack database settings > > db.cloud.username=cloud > > db.cloud.password=ENC([REDACTED]) > > db.cloud.host=localhost > > db.cloud.driver=jdbc:mysql > > db.cloud.port=3306 > > db.cloud.name=cloud > > > > # Connection URI to the database "cloud". When this property is set, only > > the following properties will be used along with it: db.cloud.maxActive, > > db.cloud.maxIdle, db.cloud.maxWait, db.cloud.username, db.cloud.password, > > db.cloud.driver, db.cloud.validationQuery, db.cloud.isolation.level. > Other > > properties will be ignored. > > db.cloud.uri= > > > > > > # CloudStack database tuning parameters > > db.cloud.maxActive=250 > > db.cloud.maxIdle=30 > > db.cloud.maxWait=10000 > > db.cloud.validationQuery=SELECT 1 > > db.cloud.testOnBorrow=true > > db.cloud.testWhileIdle=true > > db.cloud.timeBetweenEvictionRunsMillis=40000 > > db.cloud.minEvictableIdleTimeMillis=240000 > > db.cloud.poolPreparedStatements=false > > db.cloud.url.params=prepStmtCacheSize=517&cachePrepStmts=true& > > sessionVariables=sql_mode='STRICT_TRANS_TABLES,NO_ZERO_ > > IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION'& > > serverTimezone=UTC > > > > # CloudStack database SSL settings > > db.cloud.useSSL=false > > db.cloud.keyStore= > > db.cloud.keyStorePassword= > > db.cloud.trustStore= > > db.cloud.trustStorePassword= > > > > # Encryption Settings > > db.cloud.encryption.type=file > > db.cloud.encrypt.secret=ENC([REDACTED]) > > db.cloud.encryptor.version=V2 > > > > # usage database settings > > db.usage.username=cloud > > db.usage.password=ENC([REDACTED]) > > db.usage.host=localhost > > db.usage.driver=jdbc:mysql > > db.usage.port=3306 > > db.usage.name=cloud_usage > > > > # Connection URI to the database "usage". When this property is set, only > > the following properties will be used along with it: db.usage.maxActive, > > db.cloud.maxIdle, db.cloud.maxWait, db.usage.username, db.usage.password, > > db.usage.driver, db.usage.validationQuery, db.usage.isolation.level. > Other > > properties will be ignored. > > db.usage.uri= > > > > > > # usage database tuning parameters > > db.usage.maxActive=100 > > db.usage.maxIdle=30 > > db.usage.maxWait=10000 > > db.usage.url.params=serverTimezone=UTC > > > > # Simulator database settings > > db.simulator.username=cloud > > db.simulator.password=cloud > > db.simulator.host=localhost > > db.simulator.driver=jdbc:mysql > > db.simulator.port=3306 > > db.simulator.name=simulator > > db.simulator.maxActive=250 > > db.simulator.maxIdle=30 > > db.simulator.maxWait=10000 > > db.simulator.autoReconnect=true > > > > # Connection URI to the database "simulator". When this property is set, > > only the following properties will be used along with it: > > db.simulator.host, db.simulator.port, db.simulator.name, > > db.simulator.autoReconnect. Other properties will be ignored. > > db.simulator.uri= > > > > > > # High Availability And Cluster Properties > > db.ha.enabled=false > > db.ha.loadBalanceStrategy=com.cloud.utils.db.StaticStrategy > > # cloud stack Database > > db.cloud.replicas=localhost,localhost > > db.cloud.autoReconnect=true > > db.cloud.failOverReadOnly=false > > db.cloud.reconnectAtTxEnd=true > > db.cloud.autoReconnectForPools=true > > db.cloud.secondsBeforeRetrySource=3600 > > db.cloud.queriesBeforeRetrySource=5000 > > db.cloud.initialTimeout=3600 > > > > #usage Database > > db.usage.replicas=localhost,localhost > > db.usage.autoReconnect=true > > db.usage.failOverReadOnly=false > > db.usage.reconnectAtTxEnd=true > > db.usage.autoReconnectForPools=true > > db.usage.secondsBeforeRetrySource=3600 > > db.usage.queriesBeforeRetrySource=5000 > > db.usage.initialTimeout=3600 > > > > On Sun, 25 Feb 2024 at 23:23, Wei ZHOU <ustcweiz...@gmail.com> wrote: > > > > > Can you share the content of files "key" and "db.properties" in > > > /etc/cloudstack/management ? > > > > > > -Wei > > > > > > On Sun, Feb 25, 2024 at 8:12 PM steve savio > <st...@bettersms.net.invalid > > > > > > wrote: > > > > > > > Hello, > > > > > > > > I'm looking to try out CloudStack and have been following the guide > on > > > > getting a single node setup going at > > > > > > > > > > > https://docs.cloudstack.apache.org/en/latest/installguide/management- > > server/index.html > > > > . > > > > > > > > But I've run into an issue while trying to set up the system VM > > template > > > - > > > > the > > > > > > > > > > > https://docs.cloudstack.apache.org/en/latest/installguide/management- > > server/index.html#prepare-the-system-vm-template > > > > > > > > I run > > > > > > > > sudo > > > > > > > > > > > /usr/share/cloudstack-common/scripts/storage/secondary/ > > cloud-install-sys-tmplt > > > > -m /mnt/secondary -u > > > > > > > > > > > http://download.cloudstack.org/systemvm/4.19/ > > systemvmtemplate-4.19.0-kvm.qcow2.bz2 > > > > -h > > > > < > > > http://download.cloudstack.org/systemvm/4.19/ > > systemvmtemplate-4.19.0-kvm.qcow2.bz2-h > > > > > > > > kvm -F > > > > > > > > and get a couple of warnings related to log4j and protobuf and then a > > > > failure message > > > > > > > > log4j:WARN No appenders could be found for logger > > > > (com.cloud.utils.crypt.CloudStackEncryptor). > > > > log4j:WARN Please initialize the log4j system properly. > > > > log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig > > for > > > > more info. > > > > WARNING: An illegal reflective access operation has occurred > > > > WARNING: Illegal reflective access by com.google.protobuf.UnsafeUtil > > > > (file:/usr/share/cloudstack-common/lib/cloudstack-utils.jar) to field > > > > java.nio.Buffer.address > > > > WARNING: Please consider reporting this to the maintainers of > > > > com.google.protobuf.UnsafeUtil > > > > WARNING: Use --illegal-access=warn to enable warnings of further > > illegal > > > > reflective access operations > > > > WARNING: All illegal access operations will be denied in a future > > release > > > > Exception in thread "main" > > > com.cloud.utils.exception.CloudRuntimeException: > > > > Failed to decrypt value: +BIIn***** > > > > at > > > > > > > > > > > com.cloud.utils.crypt.CloudStackEncryptor.decrypt( > > CloudStackEncryptor.java:104) > > > > at > > > com.cloud.utils.crypt.EncryptionCLI.main(EncryptionCLI.java:68) > > > > Failed to decrypt DB password from db.properties > > > > Installation failed > > > > > > > > > > > > > > > > Not exactly sure if there's a previous step I missed but I'm > completely > > > new > > > > to CloudStack so any help is welcome. > > > > > > > > The system I'm using is running > > > > - Ubuntu 22.04 > > > > - MySQL 8.0.36 > > > > - OpenJDK version "11.0.21" 2023-10-17 > > > > > > > > Not sure if it's noteworthy but I did create the database and users > > > > manually and then ran the > > > > ` cloudstack-setup-databases` with then ` --schema-only` option. > > > > > > > > > >
