Issue while setting up CloudStack Advance Zone with security group

[Atiqul-Islam]

ISSUE TYPE

• Bug Report

COMPONENT NAME

Advanced Zone with Security Groups setup

CLOUDSTACK VERSION

4.17.2

CONFIGURATION

Zone:
    IPV4 DNS: 8.8.8.8
    Internal DNS: 10.4.1.1
Pysical Network 1:
    Management Traffic: cloudbr0
    Guest Traffic: cloudbr1
Pod:
    Gateway: 10.4.1.1
    Netmask: 255.255.0.0
    IP Range: 10.4.2.1 to 10.4.2.255
Guest Traffic: 
    Gateway: 10.6.1.1
    Netmask: 255.255.0.0
    IP Range 10.6.2.1 to 10.6.2.255
Host:
    IP: 10.4.1.20
    User: root
    Password: password
    Tag: h1

OS / ENVIRONMENT

Ubuntu 22.04 server with two network bridge cloudbr0 and cloudbr1

SUMMARY

Apache CloudStack v4.17.2

I am trying to setup CloudStack Advance Zone with security groups.

I have two network bridges cloudbr0 (10.4.1.1/16) and cloudbr1 (10.6.1.1/16). I am using cloudbr0 for Management Network and cloudbr1 for the Guest Network.

However, the zone creation keeps failing adding host with the error message - failed to add host as resource already exists as LibvirtComputingResource.

For some reason it seems like CloudStack is trying to add the same host twice.

STEPS TO REPRODUCE

Configuring CloudStack Advance Zene with security group on Ubuntu 22.04 server

EXPECTED RESULTS

Successfully create advance zone with security group.

ACTUAL RESULTS

Host setup fails with the following error:

Could not add host at [http://10.4.1.20] with zone [1], pod [1] and cluster [1] due to: [ can't setup agent, due to com.cloud.utils.exception.CloudRuntimeException: Skipping host 10.4.1.20 because 2f02300b-d9bf-3229-acb8-21054c500f47 is already in the database for resource 2f02300b-d9bf-3229-acb8-21054c500f47-LibvirtComputingResource with ID 86f5dcd2-9d6e-444e-b0df-e0dcb1509699 - Skipping host 10.4.1.20 because 2f02300b-d9bf-3229-acb8-21054c500f47 is already in the database for resource 2f02300b-d9bf-3229-acb8-21054c500f47-LibvirtComputingResource with ID 86f5dcd2-9d6e-444e-b0df-e0dcb1509699].

[Pearl1594]

Was there an issue faced during zone creation after the host addition step, maybe during setting up the stores? I had faced a similar issue in the past, where in if the zone creation fails at any point and we are prompted to rectify the issue, and then restart the zone creation workflow, it attempts to re-add the host. Can you check the database if an entry already exists in the host table and if it does, delete them and restart the zone creation process.

[weizhouapache]

@Atiqul-Islam Can you upload the full management server log ?

[Atiqul-Islam]

@Pearl1594 I am installing Cloud Stack on a fresh Ubuntu Sever, there was no host created before the zone creation.

@weizhouapache Attached below are the logs agent.log management-server.log

[weizhouapache]

@Atiqul-Islam it looks you use a server as both management server and cloudstack agent. from the log, host was added twice and of course it failed at 2nd attempt. everything else looks good.

[Atiqul-Islam]

@weizhouapache

Why was the host added twice is it because I am using the same server as both management and agent?

I didn't do manually anything to create a host, I just started cloudstack and tried setting up the advanced zone with security group. Thats where I configured the host. During the process of creating the zone it seemed like cloudstack was trying to add the same zone twice.

[weizhouapache]

@weizhouapache

Why was the host added twice is it because I am using the same server as both management and agent?

I didn't do manually anything to create a host, I just started cloudstack and tried setting up the advanced zone with security group. Thats where I configured the host. During the process of creating the zone it seemed like cloudstack was trying to add the same zone twice.

@Atiqul-Islam I just wanted to confirm your configurations. I will try to reproduce the issue.

[Atiqul-Islam]

@weizhouapache

Really appreciate the help.

We are testing out CloudStack as it is part of our stack for our next generation of software and systems. So far been stuck in that roadblock for a while. Any help is greatly appreciated.

[weizhouapache]

@weizhouapache

Really appreciate the help.

We are testing out CloudStack as it is part of our stack for our next generation of software and systems. So far been stuck in that roadblock for a while. Any help is greatly appreciated.

@Atiqul-Islam no problem.

it seems like a minor issue for you I think. The zone has been created successfully, and system vms are Running when you enabed the zone, right ?

[Atiqul-Islam]

@weizhouapache Really appreciate the help. We are testing out CloudStack as it is part of our stack for our next generation of software and systems. So far been stuck in that roadblock for a while. Any help is greatly appreciated.

@Atiqul-Islam no problem.

it seems like a minor issue for you I think. The zone has been created successfully, and system vms are Running when you enabed the zone, right ?

@weizhouapache

Systems VMs are up and running after I enabled the Zone. However, it seems like the zone network might not be properly configured. Some component of the Zone could be in a bad state, as there was no Virtual Router created for the guest network.

I am also getting the following error when I am trying to add an Ubuntu 20.04 iso.

Unable to resolve releases.ubuntu.com

I did check the bare metal system running the management server and the host can ping releases.ubuntu.com

[weizhouapache]

@weizhouapache Really appreciate the help. We are testing out CloudStack as it is part of our stack for our next generation of software and systems. So far been stuck in that roadblock for a while. Any help is greatly appreciated.

@Atiqul-Islam no problem. it seems like a minor issue for you I think. The zone has been created successfully, and system vms are Running when you enabed the zone, right ?

@weizhouapache

Systems VMs are up and running after I enabled the Zone. However, it seems like the zone network might not be properly configured. Some component of the Zone could be in a bad state, as there was no Virtual Router created for the guest network.

I am also getting the following error when I am trying to add an Ubuntu 20.04 iso.

Unable to resolve releases.ubuntu.com

I did check the bare metal system running the management server and the host can ping releases.ubuntu.com

@Atiqul-Islam I have checked your log. It seems everything went smoothly, except the extra step to add host again when all are done. I think you can ignore the error.

for the issue with DNS , you need to log into Secondary storage Vm (a.k.a SSVM) and check if the domain can be resolved. you might need to update the DNS and internal DNS in zone configuration

[Atiqul-Islam]

@weizhouapache Really appreciate the help. We are testing out CloudStack as it is part of our stack for our next generation of software and systems. So far been stuck in that roadblock for a while. Any help is greatly appreciated.

@Atiqul-Islam no problem. it seems like a minor issue for you I think. The zone has been created successfully, and system vms are Running when you enabed the zone, right ?

@weizhouapache Systems VMs are up and running after I enabled the Zone. However, it seems like the zone network might not be properly configured. Some component of the Zone could be in a bad state, as there was no Virtual Router created for the guest network. I am also getting the following error when I am trying to add an Ubuntu 20.04 iso.

Unable to resolve releases.ubuntu.com

I did check the bare metal system running the management server and the host can ping releases.ubuntu.com

@Atiqul-Islam I have checked your log. It seems everything went smoothly, except the extra step to add host again when all are done. I think you can ignore the error.

for the issue with DNS , you need to log into Secondary storage Vm (a.k.a SSVM) and check if the domain can be resolved. you might need to update the DNS and internal DNS in zone configuration

@weizhouapache

I am unable to get into SSVM console. When I try to get into the console using the GUI, it seems to cannot load the page. In addition, where do I find the login credentials to the SSVM.

Also shouldn't there be a virtual router created as well for the gateway of the guest network?

[weizhouapache]

@weizhouapache

I am unable to get into SSVM console. When I try to get into the console using the GUI, it seems to cannot load the page. In addition, where do I find the login credentials to the SSVM.

Also shouldn't there be a virtual router created as well for the gateway of the guest network?

@Atiqul-Islam sorry for late response. you can ssh into system vms and virtual routers from the kvm host. ssh -p 3922 -i /root/.ssh/id_rsa.cloud 169.254.x.x
or "virsh console s-xx-VM" the credential is root/password

The virtual router will be created when a vm is created I think.

[DaanHoogland]

@Atiqul-Islam I am closing this issue. please reopen or create a new one if ou think that is invalid.