Hey Rohit, (in one-way ssl mode)
The host has been added but the power state is disabled as out of band management is disabled. On enabling I get unknown state, but system vm's still show status running and agent state is marked by '-'. Where are the system VM's running if no agent state is detected? Also my console does not run but I can ssh into my ssvm. There is no ssvm-check file available. I think it is because system VM's are not correctly configured. So how do I power ON my host so that I get an agent state in system VM? regards Swastik On Tue, Apr 3, 2018 at 10:32 AM, Swastik Mittal <mittal.swas...@gmail.com> wrote: > Hey Rohit, > > I set my ca.plugin.root.auth.strictness to false and restarted all the > services and one way ssl works fine. But how do I solve the bug in case I > need to enable two way ssl. > > regards > Swastik > > On Tue, Apr 3, 2018 at 9:21 AM, Swastik Mittal <mittal.swas...@gmail.com> > wrote: > >> Hey Rohit >> >> I was installing a fresh enviroment. Added the host through command >> cloudstack-setup-agent, here it mentions everything done correctly but >> the host doesn't get added. (KVM host) >> >> Agent log file gives: >> >> 2018-04-03 09:12:14,584 INFO [cloud.agent.Agent] (main:null) (logid:) >> Connecting to host:localhost >> 2018-04-03 09:12:14,584 INFO [utils.nio.NioClient] (main:null) >> (logid:) Connecting to localhost:8250 >> 2018-04-03 09:12:14,585 INFO [utils.nio.Link] (main:null) (logid:) >> Conf file found: /etc/cloudstack/agent/agent.properties >> 2018-04-03 09:12:14,585 WARN [utils.nio.Link] (main:null) (logid:) >> Failed to load keystore, using trust all manager >> 2018-04-03 09:12:14,589 ERROR [utils.nio.Link] (main:null) (logid:) >> SSL error caught during unwrap data: Unrecognized SSL message, >> plaintext connection?, for local address=/127.0.0.1:39863, remote >> address=localhost/127.0.0.1:8250. The client may have invalid >> ca-certificates. >> 2018-04-03 09:12:14,589 ERROR [utils.nio.NioClient] (main:null) >> (logid:) SSL Handshake failed while connecting to host: localhost >> port: 8250 >> 2018-04-03 09:12:14,589 ERROR [utils.nio.NioConnection] (main:null) >> (logid:) Unable to initialize the threads. >> java.io.IOException: SSL Handshake failed while connecting to host: >> localhost port: 8250 >> at com.cloud.utils.nio.NioClient.init(NioClient.java:67) >> at com.cloud.utils.nio.NioConnection.start(NioConnection.java:95) >> at com.cloud.agent.Agent.start(Agent.java:263) >> at com.cloud.agent.AgentShell.launchAgent(AgentShell.java:410) >> at com.cloud.agent.AgentShell.launchAgentFromClassInfo(AgentShe >> ll.java:378) >> at com.cloud.agent.AgentShell.launchAgent(AgentShell.java:362) >> at com.cloud.agent.AgentShell.start(AgentShell.java:467) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce >> ssorImpl.java:62) >> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe >> thodAccessorImpl.java:43) >> at java.lang.reflect.Method.invoke(Method.java:498) >> at org.apache.commons.daemon.support.DaemonLoader.start(DaemonL >> oader.java:243) >> 2018-04-03 09:12:14,590 INFO [utils.exception.CSExceptionErrorCode] >> (main:null) (logid:) Could not find exception: >> com.cloud.utils.exception.NioConnectionException in error code list >> for exceptions >> 2018-04-03 09:12:14,590 WARN [cloud.agent.Agent] (main:null) (logid:) >> NIO Connection Exception >> com.cloud.utils.exception.NioConnectionException: SSL Handshake failed >> while connecting to host: localhost port: 8250 >> 2018-04-03 09:12:14,590 INFO [cloud.agent.Agent] (main:null) (logid:) >> Attempted to connect to the server, but received an unexpected >> exception, trying again... >> >> While connecting through UI it gives authentication error. >> >> I also set ssh and sshd ports to 8250 and was able to ssh into >> management from host through it but still getting the same error while >> adding it in cloudstack. Management generates a key(.pem) file in the >> UI, do we need to add that file in the host settings for connection? >> >> Also my ca.plugin.root.auth.strictness settings was set to true. On >> setting it to false gives the same. >> >> Regards >> Swastik >> >> On 4/2/18, Rohit Yadav <rohit.ya...@shapeblue.com> wrote: >> > Swastik, >> > >> > Did you try to upgrade the env or installed a fresh env? How did you >> add the >> > host? Was it a kvm host or something else? Instead of localhost, can >> you use >> > an IP for the mgmt server? Also check and share your ca auth strictness >> > global setting. Setting that to false will enforce legacy behavior. >> > >> > Regards. >> > >> > Get Outlook for Android<https://aka.ms/ghei36> >> > >> > >> > >> > From: Swastik Mittal >> > Sent: Monday, 2 April, 4:58 PM >> > Subject: SSL authentication failure >> > To: users@cloudstack.apache.org >> > >> > >> > Hey, I was using cloudstack version 4.6 earlier and was able to >> > configure/add host to my datacenter. On installing version 4.11 on >> setting >> > up host, host is unable to connect to management on port 8250 because >> > management immediately closes the connection and does not allow >> connection >> > on that port. (Getting this error in agent log) The management server >> log >> > gives, SSL error caught during wrap data: null cert chain, for local >> > address=/127.0.0.1:8250, remote address=/127.0.0.1:46029. I was also >> not >> > able to ssh into management on port 8250 even though setting SSHD to >> all in >> > hosts.allow. I also tried allowing policies on port 8250 through ufw >> command >> > but it din't work. How do I update policies in 4.11? Any help? Reagrds >> > Swastik >> > >> > >> > rohit.ya...@shapeblue.com >> > www.shapeblue.com >> > 53 Chandos Place, Covent Garden, London WC2N 4HSUK >> > @shapeblue >> > >> > >> > >> > >> > >
