[Users] 3.2.2 allinone install fails on CentOS 6.4

Itamar Heim iheim at redhat.com
Thu Jul 18 03:42:02 UTC 2013 

On 07/17/2013 11:55 PM, Jim Kinney wrote:
> I'm tying to install $STABLE (3.2.2) on CentOS 6.4 . I have the repo for
> the el6 from ovirt.

this looks like
packaging: Creating keystore for jboss use

Currently jboss uses apache.p12 keystore file. In cases
where apache is not used for proxying, jboss tries to
use this file directly and fails on permissions.

This patch tries to resolve the issue by adding an additional
keystore jboss.p12 during setup/upgrade for the use by the jboss.

Change-Id: I22d71d9de011e8af4bde26d9e2a048a6387ce70f
Signed-off-by: Alex Lourie <alourie at redhat.com>

http://gerrit.ovirt.org/#/c/12374/

alex - was it backported to 3.2?
i also see some other potentially relevant patches were backported to 
3.2.2 by alon - shouldn't we refresh the build for this?
http://gerrit.ovirt.org/gitweb?p=ovirt-engine.git;a=shortlog;h=refs%2Fheads%2Fengine_3.2

>
> Before the engine-setup --with-allinone=yes can complete it errors out
> with the following in the setup log:
>
> 2013-07-17 15:52:47::DEBUG::all_in_one_100::451::root:: Checking JBoss
> status.
> 2013-07-17 15:52:47::INFO::all_in_one_100::454::root:: JBoss is up and
> running.
> 2013-07-17 15:52:47::DEBUG::setup_sequences::59::root:: running initAPI
> 2013-07-17 15:52:47::DEBUG::all_in_one_100::240::root:: Initiating the
> API object
> 2013-07-17 15:52:47::ERROR::all_in_one_100::251::root:: Traceback (most
> recent call last):
>    File "/usr/share/ovirt-engine/scripts/plugins/all_in_one_100.py",
> line 248, in initAPI
>      ca_file=basedefs.FILE_CA_CRT_SRC,
>    File "/usr/lib/python2.6/site-packages/ovirtsdk/api.py", line 119, in
> __init__
>      url='/api'
>    File
> "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/proxy.py",
> line 112, in request
>      persistent_auth=self._persistent_auth)
>    File
> "/usr/lib/python2.6/site-packages/ovirtsdk/infrastructure/proxy.py",
> line 134, in __doRequest
>      persistent_auth=persistent_auth
>    File "/usr/lib/python2.6/site-packages/ovirtsdk/web/connection.py",
> line 148, in doRequest
>      raise ConnectionError, str(e)
> ConnectionError: [ERROR]::oVirt API connection failure, [Errno 111]
> Connection refused
>
> 2013-07-17 15:52:47::DEBUG::setup_sequences::62::root:: Traceback (most
> recent call last):
>    File "/usr/share/ovirt-engine/scripts/setup_sequences.py", line 60,
> in run
>      function()
>    File "/usr/share/ovirt-engine/scripts/plugins/all_in_one_100.py",
> line 252, in initAPI
>      raise Exception(ERROR_CREATE_API_OBJECT)
> Exception: Error: could not create ovirtsdk API object
>
> 2013-07-17 15:52:47::DEBUG::engine-setup::1972::root:: *** The following
> params were used as user input:
> 2013-07-17 15:52:47::DEBUG::engine-setup::1977::root::
> override-httpd-config: no
> 2013-07-17 15:52:47::DEBUG::engine-setup::1977::root:: http-port: 8700
> 2013-07-17 15:52:47::DEBUG::engine-setup::1977::root:: https-port: 8701
> 2013-07-17 15:52:47::DEBUG::engine-setup::1977::root:: random-passwords: no
> 2013-07-17 15:52:47::DEBUG::engine-setup::1977::root:: mac-range:
> 00:1A:4A:8C:8A:00-00:1A:4A:8C:8A:FF
> 2013-07-17 15:52:47::DEBUG::engine-setup::1977::root:: host-fqdn:
> storage01.mydomain.me <http://storage01.mydomain.me>
> 2013-07-17 15:52:47::DEBUG::engine-setup::1977::root:: auth-pass: ********
> 2013-07-17 15:52:47::DEBUG::engine-setup::1977::root:: org-name:
> mydomain.me <http://mydomain.me>
> 2013-07-17 15:52:47::DEBUG::engine-setup::1977::root:: application-mode:
> virt
> 2013-07-17 15:52:47::DEBUG::engine-setup::1977::root:: default-dc-type:
> POSIXFS
> 2013-07-17 15:52:47::DEBUG::engine-setup::1977::root::
> db-remote-install: local
> 2013-07-17 15:52:47::DEBUG::engine-setup::1977::root:: db-host: localhost
> 2013-07-17 15:52:47::DEBUG::engine-setup::1977::root:: db-local-pass:
> ********
> 2013-07-17 15:52:47::DEBUG::engine-setup::1977::root:: nfs-mp:
> /var/lib/exports/iso
> 2013-07-17 15:52:47::DEBUG::engine-setup::1977::root:: iso-domain-name:
> ISO_DOMAIN
> 2013-07-17 15:52:47::DEBUG::engine-setup::1977::root:: config-nfs: yes
> 2013-07-17 15:52:47::DEBUG::engine-setup::1977::root::
> override-firewall: None
> 2013-07-17 15:52:47::DEBUG::engine-setup::1977::root:: config-allinone: yes
> 2013-07-17 15:52:47::DEBUG::engine-setup::1977::root:: storage-path:
> /var/lib/images
> 2013-07-17 15:52:47::DEBUG::engine-setup::1977::root:: superuser-pass:
> ********
> 2013-07-17 15:52:47::ERROR::engine-setup::2392::root:: Traceback (most
> recent call last):
>    File "/usr/bin/engine-setup", line 2386, in <module>
>      main(confFile)
>    File "/usr/bin/engine-setup", line 2169, in main
>      runSequences()
>    File "/usr/bin/engine-setup", line 2092, in runSequences
>      controller.runAllSequences()
>    File "/usr/share/ovirt-engine/scripts/setup_controller.py", line 54,
> in runAllSequences
>      sequence.run()
>    File "/usr/share/ovirt-engine/scripts/setup_sequences.py", line 154,
> in run
>      step.run()
>    File "/usr/share/ovirt-engine/scripts/setup_sequences.py", line 60,
> in run
>      function()
>    File "/usr/share/ovirt-engine/scripts/plugins/all_in_one_100.py",
> line 252, in initAPI
>      raise Exception(ERROR_CREATE_API_OBJECT)
> Exception: Error: could not create ovirtsdk API object
>
>
>
> After much digging, it seems like the issue is in the certs but it's not
> making sense to me why it fails. From the server.log:
>
> 2013-07-17 16:37:28,873 INFO  [org.jboss.as.server.deployment.scanner]
> (MSC service thread 1-3) JBAS015012: Started FileSystemDeploymentService
> for directory /var/lib/ovirt-engine/deployments
> 2013-07-17 16:37:28,877 ERROR
> [org.apache.tomcat.util.net.jsse.JSSESocketFactory] (MSC service thread
> 1-4) Failed to load keystore type PKCS12 with path
> /etc/pki/ovirt-engine/keys/apache.p12 due to
> /etc/pki/ovirt-engine/keys/apache.p12 (Permission denied):
> java.io.FileNotFoundException: /etc/pki/ovirt-engine/keys/apache.p12
> (Permission denied)
>      at java.io.FileInputStream.open(Native Method) [rt.jar:1.7.0_25]
>      at java.io.FileInputStream.<init>(FileInputStream.java:138)
> [rt.jar:1.7.0_25]
>      at
> org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:374)
> [jbossweb-7.0.13.Final.jar:]
>      at
> org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESocketFactory.java:299)
> [jbossweb-7.0.13.Final.jar:]
>      at
> org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:515)
> [jbossweb-7.0.13.Final.jar:]
>      at
> org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:452)
> [jbossweb-7.0.13.Final.jar:]
>      at
> org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:168)
> [jbossweb-7.0.13.Final.jar:]
>      at
> org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:977)
> [jbossweb-7.0.13.Final.jar:]
>      at
> org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:190)
> [jbossweb-7.0.13.Final.jar:]
>      at org.apache.catalina.connector.Connector.init(Connector.java:983)
> [jbossweb-7.0.13.Final.jar:]
>      at
> org.jboss.as.web.WebConnectorService.start(WebConnectorService.java:267)
> [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
>      at
> org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1811)
> [jboss-msc-1.0.2.GA.jar:1.0.2.GA <http://1.0.2.GA>]
>      at
> org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1746)
> [jboss-msc-1.0.2.GA.jar:1.0.2.GA <http://1.0.2.GA>]
>      at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
> [rt.jar:1.7.0_25]
>      at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
> [rt.jar:1.7.0_25]
>      at java.lang.Thread.run(Thread.java:724) [rt.jar:1.7.0_25]
>
> 2013-07-17 16:37:28,883 ERROR [org.apache.coyote.http11.Http11Protocol]
> (MSC service thread 1-4) Error initializing endpoint:
> java.io.FileNotFoundException: /etc/pki/ovirt-engine/keys/apache.p12
> (Permission denied)
>      at java.io.FileInputStream.open(Native Method) [rt.jar:1.7.0_25]
>      at java.io.FileInputStream.<init>(FileInputStream.java:138)
> [rt.jar:1.7.0_25]
>      at
> org.apache.tomcat.util.net.jsse.JSSESocketFactory.getStore(JSSESocketFactory.java:374)
> [jbossweb-7.0.13.Final.jar:]
>      at
> org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeystore(JSSESocketFactory.java:299)
> [jbossweb-7.0.13.Final.jar:]
>      at
> org.apache.tomcat.util.net.jsse.JSSESocketFactory.getKeyManagers(JSSESocketFactory.java:515)
> [jbossweb-7.0.13.Final.jar:]
>      at
> org.apache.tomcat.util.net.jsse.JSSESocketFactory.init(JSSESocketFactory.java:452)
> [jbossweb-7.0.13.Final.jar:]
>      at
> org.apache.tomcat.util.net.jsse.JSSESocketFactory.createSocket(JSSESocketFactory.java:168)
> [jbossweb-7.0.13.Final.jar:]
>      at
> org.apache.tomcat.util.net.JIoEndpoint.init(JIoEndpoint.java:977)
> [jbossweb-7.0.13.Final.jar:]
>      at
> org.apache.coyote.http11.Http11Protocol.init(Http11Protocol.java:190)
> [jbossweb-7.0.13.Final.jar:]
>      at org.apache.catalina.connector.Connector.init(Connector.java:983)
> [jbossweb-7.0.13.Final.jar:]
>      at
> org.jboss.as.web.WebConnectorService.start(WebConnectorService.java:267)
> [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
>      at
> org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1811)
> [jboss-msc-1.0.2.GA.jar:1.0.2.GA <http://1.0.2.GA>]
>      at
> org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1746)
> [jboss-msc-1.0.2.GA.jar:1.0.2.GA <http://1.0.2.GA>]
>      at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
> [rt.jar:1.7.0_25]
>      at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
> [rt.jar:1.7.0_25]
>      at java.lang.Thread.run(Thread.java:724) [rt.jar:1.7.0_25]
>
> 2013-07-17 16:37:28,892 ERROR [org.jboss.msc.service.fail] (MSC service
> thread 1-4) MSC00001: Failed to start service jboss.web.connector.https:
> org.jboss.msc.service.StartException in service
> jboss.web.connector.https: JBAS018007: Error starting web connector
>      at
> org.jboss.as.web.WebConnectorService.start(WebConnectorService.java:271)
>      at
> org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1811)
> [jboss-msc-1.0.2.GA.jar:1.0.2.GA <http://1.0.2.GA>]
>      at
> org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1746)
> [jboss-msc-1.0.2.GA.jar:1.0.2.GA <http://1.0.2.GA>]
>      at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
> [rt.jar:1.7.0_25]
>      at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
> [rt.jar:1.7.0_25]
>      at java.lang.Thread.run(Thread.java:724) [rt.jar:1.7.0_25]
> Caused by: LifecycleException:  Protocol handler initialization failed:
> java.io.FileNotFoundException: /etc/pki/ovirt-engine/keys/apache.p12
> (Permission denied)
>      at org.apache.catalina.connector.Connector.init(Connector.java:985)
>      at
> org.jboss.as.web.WebConnectorService.start(WebConnectorService.java:267)
>      ... 5 more
>
> 2013-07-17 16:37:28,904 INFO  [org.jboss.as.server.deployment.scanner]
> (DeploymentScanner-threads - 1) JBAS015003: Found engine.ear in
> deployment directory. To trigger deployment create a file called
> engine.ear.dodeploy
> 2013-07-17 16:37:28,957 INFO
> [org.jboss.as.connector.subsystems.datasources] (MSC service thread
> 1-11) JBAS010400: Bound data source [java:/ENGINEDataSource]
> 2013-07-17 16:37:28,966 INFO  [org.jboss.as.controller] (Controller Boot
> Thread) JBAS014774: Service status report
> JBAS014777:   Services which failed to start:      service
> jboss.web.connector.https: org.jboss.msc.service.StartException in
> service jboss.web.connector.https: JBAS018007: Error starting web connector
>
>
> the /etc/pki/ovirt-engine/keys:
>
> ls -la /etc/pki/ovirt-engine/keys/
> total 24
> drwxr-xr-x. 2 ovirt  ovirt  4096 Jul 17 15:51 .
> drwxr-xr-x. 6 ovirt  ovirt  4096 Jul 17 15:51 ..
> -rw-r-----. 1 apache apache 1828 Jul 17 15:51 apache.key.nopass
> -rw-r-----. 1 apache apache 2685 Jul 17 15:51 apache.p12
> -rw-------. 1 root   root   1832 Jul 17 15:51 engine_id_rsa
> -rw-r-----. 1 ovirt  ovirt  2685 Jul 17 15:51 engine.p12
>
>
> I've tried with setenforce 0 and no change.
>
> I've downgraded to earlier 3.2.0 versions, earlier jboss-as, beta
> allinone plugin for 3.2, no changes. At one point I added some
> additional debuggingto the allinone script to make sure that reasonable
> variables were being passed around (they are).
>
> I'm stumped.
>
> --
> --
> James P. Kinney III
> ////
> ////Every time you stop a school, you will have to build a jail. What
> you gain at one end you lose at the other. It's like feeding a dog on
> his own tail. It won't fatten the dog.
> - Speech 11/23/1900 Mark Twain
> ////
> http://electjimkinney.org
> http://heretothereideas.blogspot.com/
> ////
>
>
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>

More information about the Users mailing list