Also, as far as I can tell, all the correct SSL certs are present and I can ssh directly into the SN without providing login credentials. I don't see any SSL related errors in the system logs either. What is the basic issue that causes the error? An incorrect perl library?
On Mon, Jan 27, 2014 at 11:07 AM, Josh Nielsen <[email protected]>wrote: > Actually there is a disparity between the MN and SN OS type/version. First > of all the MN is RedHat, and my service nodes will be Centos. That's > shouldn't be a large problem. However the real difference is that the MN is > running Red Hat Enterprise Linux Server release 5.9 (Tikanga) right now. I > need the SN up to serve DNS and DHCP while I take the MN down to update it > to RHEL 6.X. Would the versioning difference cause a problem? The OS repo > for the SN is of course only pulling from the Centos 6.4 RPMs. > > Currently the MN has these package versions: > > # rpm -qa | grep -i ssl | sort > gskssl64-8.0-14.14 > openssl-0.9.8e-20.el5 > openssl-0.9.8e-20.el5 > openssl-0.9.8e-20.el5_7.1 > openssl-0.9.8e-20.el5_7.1 > openssl-0.9.8e-22.el5 > openssl-0.9.8e-22.el5 > openssl-0.9.8e-22.el5_8.1 > openssl-0.9.8e-22.el5_8.1 > openssl-0.9.8e-22.el5_8.3 > openssl-0.9.8e-22.el5_8.3 > openssl-0.9.8e-22.el5_8.4 > openssl-0.9.8e-22.el5_8.4 > openssl-devel-0.9.8e-22.el5_8.4 > openssl-devel-0.9.8e-22.el5_8.4 > perl-Crypt-SSLeay-0.51-11.el5 > perl-IO-Socket-SSL-1.01-1.fc6 > perl-Net-SSLeay-1.30-4.fc6 > pyOpenSSL-0.6-2.el5 > > And the SN: > > # rpm -qa | grep -i ssl | sort > openssl098e-0.9.8e-17.el6.centos.2.x86_64 > openssl-1.0.0-27.el6.x86_64 > perl-Crypt-SSLeay-0.57-16.el6.x86_64 > perl-IO-Socket-SSL-1.77-1.x86_64 > perl-Net-SSLeay-1.35-9.el6.x86_64 > > -Josh > > > On Mon, Jan 27, 2014 at 10:34 AM, Lissa Valletta <[email protected]>wrote: > >> Running in XCATBYPASS mode only stops you from using the daemon which >> stops the SSL Credential use, which is why you do not get errors in >> XCATBYPASS. >> >> Is you MN Centos 6.4? I would run rpm -qa | grep -i ssl and see what >> perl ssl rpms are installed. Do the same on the SErvice node. >> My service node has these for Redhat. >> openssl098e-0.9.8e-17.el6_2.2.ppc64 >> perl-Net-SSLeay-1.35-9.el6.ppc64 >> openssl-1.0.0-20.el6_2.5.ppc64 >> openssl098e-0.9.8e-17.el6_2.2.ppc >> perl-IO-Socket-SSL-1.31-2.el6.noarch >> perl-Crypt-SSLeay-0.57-16.el6.ppc64 >> >> Lissa K. Valletta >> 8-3/B10 >> Poughkeepsie, NY 12601 >> (tie 293) 433-3102 >> >> >> >> [image: Inactive hide details for Josh Nielsen ---01/27/2014 10:36:13 >> AM---Yes, I read that on the bug report but mine is already set t]Josh >> Nielsen ---01/27/2014 10:36:13 AM---Yes, I read that on the bug report but >> mine is already set to that, and that is only useful if the r >> >> From: Josh Nielsen <[email protected]> >> To: xCAT Users Mailing list <[email protected]>, >> Date: 01/27/2014 10:36 AM >> Subject: Re: [xcat-user] xCAT start_SSL Bug? >> ------------------------------ >> >> >> >> Yes, I read that on the bug report but mine is already set to that, and >> that is only useful if the repo has the files needed. If it is >> perl-NET-SSLeay then even pointing it to xcat-dep/rh6/x86_64 won't help >> since it isn't present. >> >> Here are my yum repos: >> >> /etc/yum.repos.d/xCAT-otherpkgs0.repo: >> [xcat-otherpkgs0] >> name=xcat-otherpkgs0 >> baseurl=*http://10.20.0.1/install/post/otherpkgs/centos6.4/x86_64/*<http://10.20.0.1/install/post/otherpkgs/centos6.4/x86_64/> >> . >> enabled=1 >> gpgcheck=0 >> >> /etc/yum.repos.d/xCAT-otherpkgs1.repo: >> [xcat-otherpkgs1] >> name=xcat-otherpkgs1 >> baseurl= >> *http://10.20.0.1/install/post/otherpkgs/centos6.4/x86_64/xcat/xcat-core*<http://10.20.0.1/install/post/otherpkgs/centos6.4/x86_64/xcat/xcat-core> >> enabled=1 >> gpgcheck=0 >> >> /etc/yum.repos.d/xCAT-otherpkgs2.repo: >> [xcat-otherpkgs2] >> name=xcat-otherpkgs2 >> baseurl= >> *http://10.20.0.1/install/post/otherpkgs/centos6.4/x86_64/xcat/xcat-dep/rh6/x86_64*<http://10.20.0.1/install/post/otherpkgs/centos6.4/x86_64/xcat/xcat-dep/rh6/x86_64> >> enabled=1 >> gpgcheck=0 >> >> I decided to remove the xCAT-otherpkgs0.repo, just in case it was >> interfering, then uninstall all xCAT packages, and reinstall them but it >> still has the same problem after all that. Here were the yum packages >> grabbed for the install: >> >> Dependencies Resolved >> >> >> ======================================================================================================================================================================== >> Package Arch >> Version Repository >> Size >> >> ======================================================================================================================================================================== >> Installing: >> conserver-xcat x86_64 >> 8.1.16-10 xcat-otherpkgs2 >> 218 k >> cpio x86_64 >> 2.11-20 xcat-otherpkgs2 >> 252 k >> elilo-xcat noarch >> 3.14-4 xcat-otherpkgs2 >> 75 k >> ipmitool-xcat x86_64 >> 1.8.11-3 xcat-otherpkgs2 >> 244 k >> perl-IO-Stty noarch >> 0.03-1 xcat-otherpkgs2 >> 12 k >> perl-xCAT noarch >> 4:2.8.3-snap201311122316 xcat-otherpkgs1 >> 665 k >> syslinux-xcat noarch >> 3.86-2 xcat-otherpkgs2 >> 498 k >> xCAT-client noarch >> 4:2.8.3-snap201311122316 xcat-otherpkgs1 >> 531 k >> xCATsn x86_64 >> 4:2.8.3-snap201311122318 xcat-otherpkgs1 >> 24 k >> Installing for dependencies: >> dhcp x86_64 >> 12:4.1.1-34.P1.el6.centos >> local-centos6.4-x86_64-x86_64 816 k >> httpd x86_64 >> 2.2.15-26.el6.centos >> local-centos6.4-x86_64-x86_64 821 k >> initscripts x86_64 >> 9.03.38-1.el6.centos >> local-centos6.4-x86_64-x86_64 937 k >> iproute x86_64 >> 2.6.32-23.el6 >> local-centos6.4-x86_64-x86_64 344 k >> iptables x86_64 >> 1.4.7-9.el6 >> local-centos6.4-x86_64-x86_64 251 k >> iputils x86_64 >> 20071127-16.el6 >> local-centos6.4-x86_64-x86_64 120 k >> nfs-utils x86_64 >> 1:1.2.3-36.el6 >> local-centos6.4-x86_64-x86_64 319 k >> nfs-utils-lib x86_64 >> 1.1.5-6.el6 >> local-centos6.4-x86_64-x86_64 67 k >> openssh x86_64 >> 5.3p1-84.1.el6 >> local-centos6.4-x86_64-x86_64 236 k >> openssh-clients x86_64 >> 5.3p1-84.1.el6 >> local-centos6.4-x86_64-x86_64 355 k >> perl-Net-SSLeay x86_64 >> 1.35-9.el6 >> local-centos6.4-x86_64-x86_64 173 k >> policycoreutils x86_64 >> 2.0.83-19.30.el6 >> local-centos6.4-x86_64-x86_64 646 k >> tftp-server x86_64 >> 0.49-7.el6 >> local-centos6.4-x86_64-x86_64 39 k >> udev x86_64 >> 147-2.46.el6 >> local-centos6.4-x86_64-x86_64 347 k >> util-linux-ng x86_64 >> 2.17.2-12.9.el6 >> local-centos6.4-x86_64-x86_64 1.5 M >> xCAT-server noarch >> 4:2.8.3-snap201311122316 xcat-otherpkgs1 >> 1.6 M >> xinetd x86_64 >> 2:2.3.14-38.el6 >> local-centos6.4-x86_64-x86_64 121 k >> >> >> A restart of the 'xcatd' service yielded this (including a lot of >> conserver and syslog errors I'll have to fix later): >> >> >> #service xcatd restart >> Restarting xCATd Can't locate object method "start_SSL" via package >> "IO::Socket::SSL" at /opt/xcat/lib/perl/xCAT/Client.pm line 222. >> Stopping xCATd [ OK ] >> Error loading module >> /opt/xcat/lib/perl/xCAT_plugin/*rhevm.pm*<http://rhevm.pm/> >> ...skipping >> Unable to log Error loading module /opt/xcat/lib/perl/xCAT_plugin/ >> *rhevm.pm* <http://rhevm.pm/> ...skipping to syslog because of no >> connection to syslog available >> - getservbyname failed for syslog/tcp and syslogng/tcp >> - /dev/log is not a socket >> - stream /dev/log is not writable at /opt/xcat/lib/perl/xCAT/MsgUtils.pm >> line 463 >> >> Error: Nodeset was run with a noderange containing both service nodes and >> compute nodes. This is not valid. You must submit with either compute nodes >> in the noderange or service nodes. >> >> conserver not running, not stopping [PASSED] >> Starting conserver: [Mon Jan 27 03:25:32 2014] conserver (17886): >> *conserver.com* <http://conserver.com/> version 8.1.16 >> [Mon Jan 27 03:25:32 2014] conserver (17886): started as `root' by `root' >> [Mon Jan 27 03:25:32 2014] conserver (17886): ERROR: no consoles found in >> configuration file >> [Mon Jan 27 03:25:32 2014] conserver (17886): terminated >> [FAILED] >> Error on command: service conserver start >> >> Unable to log Error on command: service conserver start >> to syslog because of no connection to syslog available >> - getservbyname failed for syslog/tcp and syslogng/tcp >> - /dev/log is not a socket >> - stream /dev/log is not writable at /opt/xcat/lib/perl/xCAT/MsgUtils.pm >> line 463 >> >> Stopping named: [ OK ] >> Starting named: [ OK ] >> named has been enabled on boot. >> Unable to log named has been enabled on boot. to syslog because of no >> connection to syslog available >> - getservbyname failed for syslog/tcp and syslogng/tcp >> - /dev/log is not a socket >> - stream /dev/log is not writable at /opt/xcat/lib/perl/xCAT/MsgUtils.pm >> line 463 >> >> Shutting down NFS daemon: [ OK ] >> Shutting down NFS mountd: [ OK ] >> Shutting down NFS services: [ OK ] >> Starting NFS services: [ OK ] >> Starting NFS mountd: [ OK ] >> Starting NFS daemon: [ OK ] >> Stopping httpd: [ OK ] >> Starting httpd: [ OK ] >> Renamed existing dhcp configuration file to /etc/dhcp/dhcpd.conf.xcatbak >> >> Shutting down dhcpd: [ OK ] >> Starting dhcpd: [ OK ] >> Shutting down dhcpd: [ OK ] >> Starting dhcpd: [ OK ] >> [ OK ] >> >> As you can see though the start_SSL problem still exists. Any further >> pointers would be helpful. >> >> Thanks, >> Josh >> >> >> >> On Mon, Jan 27, 2014 at 8:46 AM, Lissa Valletta >> <*[email protected]*<[email protected]>> >> wrote: >> >> In that defect there is also a post for Centos 6.4 from Vadim "I >> have the exact same issue on CentOS 6.4 with the fresh install of 2.8.2 >> using the latest xcat-dep package for Linux" Please check what they >> did and see if it helps you. >> >> Resolved by setting local xcat-dep repo to point to >> xcat-dep/rh6/x86_64 instead of just to xcat-dep >> >> Lissa K. Valletta >> 8-3/B10 >> Poughkeepsie, NY 12601 >> (tie 293) 433-3102 >> >> >> >> [image: Inactive hide details for Josh Nielsen ---01/24/2014 04:49:30 >> PM---Now that I've installed my Service Node there is an issue qu]Josh >> Nielsen ---01/24/2014 04:49:30 PM---Now that I've installed my Service >> Node >> there is an issue querying the Management Node's database be >> >> From: Josh Nielsen <*[email protected]*<[email protected]> >> > >> To: xCAT Users Mailing list >> <*[email protected]*<[email protected]>>, >> >> Date: 01/24/2014 04:49 PM >> Subject: [xcat-user] xCAT start_SSL Bug? >> ------------------------------ >> >> >> >> Now that I've installed my Service Node there is an issue querying the >> Management Node's database because of an SSL related error. If I turn >> on XCATBYPASS=1 however for testing it grabs the database information >> with 'tabdump' from the MN fine (which I imagine must turn off SSL >> else it would encounter the same error). The error that I am seeing is >> the same as reported in this xCAT Bug Report: >> *http://sourceforge.net/p/xcat/bugs/3874/*<http://sourceforge.net/p/xcat/bugs/3874/> >> . >> >> # lsxcatd -d >> Can't locate object method "start_SSL" via package "IO::Socket::SSL" >> at /opt/xcat/lib/perl/xCAT/Client.pm line 222. >> >> That bug report was for AIX but it looks like the fix was for >> perl-NET-SSLeay to be rebuilt: >> "Xiao Peng updated the problem rpm on dave's mgmt node to >> Net-SSLeay-1.55-3, which was built with newer source code and on aix >> 71L." >> >> I have Centos 6.4: >> # uname -a >> Linux xcat-serv1 2.6.32-358.el6.x86_64 #1 SMP Fri Feb 22 00:31:26 UTC >> 2013 x86_64 x86_64 x86_64 GNU/Linux >> >> However, the perl-NET-SSLeay package does not seem to be present in >> xcat-dep for xCAT 2.8.3. I have a version of it already installed but >> it came from the Centos repo: >> >> perl-Net-SSLeay.x86_64 1.35-9.el6 installed >> >> The only perl files I see in xcat/xcat-dep/rh6/x86_64 are: >> >> perl-AppConfig-1.52-4.noarch.rpm >> perl-Crypt-CBC-2.29-3.el6.noarch.rpm >> perl-Crypt-Rijndael-1.09-2.el6.x86_64.rpm >> perl-Expect-1.21-1.noarch.rpm >> perl-IO-Stty-0.03-1.noarch.rpm >> perl-IO-Tty-1.07-1.x86_64.rpm >> perl-JSON-2.50-1.el6.rfx.noarch.rpm >> perl-SOAP-Lite-0.710.08-1.noarch.rpm >> perl-XML-Simple-2.18-1.noarch.rpm >> >> Is it the version of perl-NET-SSLeay? >> >> Thanks, >> Josh >> >> >> >> ------------------------------------------------------------------------------ >> CenturyLink Cloud: The Leader in Enterprise Cloud Services. >> Learn Why More Businesses Are Choosing CenturyLink Cloud For >> Critical Workloads, Development Environments & Everything In Between. >> Get a Quote or Start a Free Trial Today. >> >> >> *http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk*<http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk> >> _______________________________________________ >> xCAT-user mailing list >> *[email protected]* <[email protected]> >> *https://lists.sourceforge.net/lists/listinfo/xcat-user*<https://lists.sourceforge.net/lists/listinfo/xcat-user> >> >> >> >> >> >> ------------------------------------------------------------------------------ >> CenturyLink Cloud: The Leader in Enterprise Cloud Services. >> Learn Why More Businesses Are Choosing CenturyLink Cloud For >> Critical Workloads, Development Environments & Everything In Between. >> Get a Quote or Start a Free Trial Today. >> >> >> *http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk*<http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk> >> _______________________________________________ >> xCAT-user mailing list >> *[email protected]* <[email protected]> >> *https://lists.sourceforge.net/lists/listinfo/xcat-user*<https://lists.sourceforge.net/lists/listinfo/xcat-user> >> >> >> ------------------------------------------------------------------------------ >> CenturyLink Cloud: The Leader in Enterprise Cloud Services. >> Learn Why More Businesses Are Choosing CenturyLink Cloud For >> Critical Workloads, Development Environments & Everything In Between. >> Get a Quote or Start a Free Trial Today. >> >> http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk >> _______________________________________________ >> xCAT-user mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/xcat-user >> >> >> >> ------------------------------------------------------------------------------ >> CenturyLink Cloud: The Leader in Enterprise Cloud Services. >> Learn Why More Businesses Are Choosing CenturyLink Cloud For >> Critical Workloads, Development Environments & Everything In Between. >> Get a Quote or Start a Free Trial Today. >> >> http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk >> _______________________________________________ >> xCAT-user mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/xcat-user >> >> >
<<graycol.gif>>
------------------------------------------------------------------------------ CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments & Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
_______________________________________________ xCAT-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/xcat-user
