AWS Deployment of Docker Engine

[naqsh01]

Hi--

Deploying to region: us-east-1. But when I look at the IAM Management Console it says the keys were last used on: eu-central-1. Deployment fails. The keys are valid and work, I've verified.

Ver: brooklyn-dist-0.10.0-20160930.1659

Here is my configuration:

Using the following blueprint to deploy docker:

name: docker
location: aws-central-centos7
services:
  - type: 'docker-engine-template:2.0.0'

My location:

brooklyn.locations:
- type: jclouds:aws-ec2
  brooklyn.config:
    region: us-east-1
    identity: XXXXX
    credential: XXXXXXXXXX
    installDevUrandom: true
    minRam: 2000

    imageId: us-east-1/ami-6d1c2007
    maxConcurrentMachineCreations: 3
    loginUser: centos

  # There are a couple of known issues with auto configuring security groups
  # on AWS using brooklyn. We recommend configuring a security group manually
  # that allows all internal communication between VMs and inbound traffic on
  #22, 8080, and 32768-65534 (for swarm) or 30000-32767 (for kubernetes)
  # You will also need to set either kubernetes.sharedsecuritygroup.create or
  # swarm.sharedsecuritygroup.create to false when you deploy the swarm or kubernetes

    securityGroups: launch-wizard-5

I get the following error:

2016-10-06 16:59:12,122 INFO  Launched from YAML: name: docker
location: aws-central-centos7
services:
  - type: 'docker-engine-template:2.0.0' -> BasicApplicationImpl{id=t5t916pue8} (Task[start]@AJZI1x87)
2016-10-06 16:59:12,132 INFO  Starting VanillaSoftwareProcessImpl{id=h6027rjcbe}, obtaining a new location instance in JcloudsLocation[AWS Virginia:AKIAIYDOUQBHTYJIKTQQ/aws-ec2:us-east-1@r8jk025nqi] with ports [22]
2016-10-06 16:59:12,134 INFO  Creating VM aws-ec2:us-east-1@VanillaSoftwareProcessImpl{id=h6027rjcbe} in JcloudsLocation[AWS Virginia:AKIAIYDOUQBHTYJIKTQQ/aws-ec2:us-east-1@r8jk025nqi]
2016-10-06 16:59:20,285 ERROR Failed to start VM for aws-ec2:us-east-1@VanillaSoftwareProcessImpl{id=h6027rjcbe} after 8.15s (semaphore obtained in 0ms; template built in 7.14s;): POST https://ec2.us-east-1.amazonaws.com/ HTTP/1.1 -> HTTP/1.1 401 Unauthorized
2016-10-06 16:59:20,286 WARN  Attempt #1/1 to obtain machine threw error: org.jclouds.rest.AuthorizationException: POST https://ec2.us-east-1.amazonaws.com/ HTTP/1.1 -> HTTP/1.1 401 Unauthorized
2016-10-06 16:59:20,299 WARN  Error invoking start at VanillaSoftwareProcessImpl{id=h6027rjcbe}: AuthorizationException: POST https://ec2.us-east-1.amazonaws.com/ HTTP/1.1 -> HTTP/1.1 401 Unauthorized
2016-10-06 16:59:20,512 WARN  Service is not up when setting running on BasicApplicationImpl{id=t5t916pue8}; delayed 205ms but Sensor: service.isUp (java.lang.Boolean) did not recover from false; not-up-indicators={service.state=Application starting, service-lifecycle-indicators-from-children-and-members=VanillaSoftwareProcessImpl{id=h6027rjcbe} is not up}
2016-10-06 16:59:20,512 WARN  Setting BasicApplicationImpl{id=t5t916pue8} on-fire due to problems when expected running, up=false, problems: {service-lifecycle-indicators-from-children-and-members=Required entity not healthy: VanillaSoftwareProcessImpl{id=h6027rjcbe}}
2016-10-06 16:59:20,513 WARN  Error invoking start at BasicApplicationImpl{id=t5t916pue8}: Error invoking start at VanillaSoftwareProcessImpl{id=h6027rjcbe}: AuthorizationException: POST https://ec2.us-east-1.amazonaws.com/ HTTP/1.1 -> HTTP/1.1 401 Unauthorized
2016-10-06 16:59:20,512 WARN  Setting BasicApplicationImpl{id=t5t916pue8} on-fire due to problems when expected running, up=false, problems: {service-lifecycle-indicators-from-children-and-members=Required entity not healthy: VanillaSoftwareProcessImpl{id=h6027rjcbe}}
2016-10-06 16:59:21,303 WARN  Unable to create spec for org.apache.brooklyn.core.catalog.internal.CatalogItemDo[CatalogEntityItemDto[docker-swarm:2.0.0/Docker Swarm with Discovery and CA]]: java.lang.IllegalStateException: Transformer for Brooklyn OASIS CAMP interpreter gave an error creating this plan: Unable to create spec for type ca-server. No resolver knew how to handle it. Using resolvers: class org.apache.brooklyn.camp.brooklyn.spi.creation.service.CampServiceSpecResolver[[org.apache.brooklyn.entity.resolve.ChefEntitySpecResolver@634c7f5e, org.apache.brooklyn.entity.resolve.HardcodedCatalogEntitySpecResolver@5f42cb42, org.apache.brooklyn.core.resolve.entity.CatalogEntitySpecResolver@294afa78, org.apache.brooklyn.core.resolve.entity.JavaEntitySpecResolver@57e42c52, org.apache.brooklyn.camp.brooklyn.spi.creation.service.UrlServiceSpecResolver@57520f7f]]
java.lang.IllegalStateException: Transformer for Brooklyn OASIS CAMP interpreter gave an error creating this plan: Unable to create spec for type ca-server. No resolver knew how to handle it. Using resolvers: class org.apache.brooklyn.camp.brooklyn.spi.creation.service.CampServiceSpecResolver[[org.apache.brooklyn.entity.resolve.ChefEntitySpecResolver@634c7f5e, org.apache.brooklyn.entity.resolve.HardcodedCatalogEntitySpecResolver@5f42cb42, org.apache.brooklyn.core.resolve.entity.CatalogEntitySpecResolver@294afa78, org.apache.brooklyn.core.resolve.entity.JavaEntitySpecResolver@57e42c52, org.apache.brooklyn.camp.brooklyn.spi.creation.service.UrlServiceSpecResolver@57520f7f]]
        at org.apache.brooklyn.util.guava.IllegalStateExceptionSupplier.get(IllegalStateExceptionSupplier.java:40) ~[org.apache.brooklyn-brooklyn-utils-common-0.10.0-20160930.1659.jar:0.10.0-20160930.1659]
Caused by: org.apache.brooklyn.util.exceptions.PropagatedRuntimeException:
        at org.apache.brooklyn.util.exceptions.Exceptions.create(Exceptions.java:429) ~[org.apache.brooklyn-brooklyn-utils-common-0.10.0-20160930.1659.jar:0.10.0-20160930.1659]
Caused by: org.apache.brooklyn.util.exceptions.PropagatedRuntimeException: Transformer for Brooklyn OASIS CAMP interpreter gave an error creating this plan: Unable to create spec for type ca-server. No resolver knew how to handle it. Using resolvers: class org.apache.brooklyn.camp.brooklyn.spi.creation.service.CampServiceSpecResolver[[org.apache.brooklyn.entity.resolve.ChefEntitySpecResolver@634c7f5e, org.apache.brooklyn.entity.resolve.HardcodedCatalogEntitySpecResolver@5f42cb42, org.apache.brooklyn.core.resolve.entity.CatalogEntitySpecResolver@294afa78, org.apache.brooklyn.core.resolve.entity.JavaEntitySpecResolver@57e42c52, org.apache.brooklyn.camp.brooklyn.spi.creation.service.UrlServiceSpecResolver@57520f7f]]
        at org.apache.brooklyn.core.plan.PlanToSpecFactory.attemptWithLoaders(PlanToSpecFactory.java:137) ~[org.apache.brooklyn-brooklyn-core-0.10.0-20160930.1659.jar:0.10.0-20160930.1659]
Caused by: java.lang.IllegalStateException: Unable to create spec for type ca-server. No resolver knew how to handle it. Using resolvers: class org.apache.brooklyn.camp.brooklyn.spi.creation.service.CampServiceSpecResolver[[org.apache.brooklyn.entity.resolve.ChefEntitySpecResolver@634c7f5e, org.apache.brooklyn.entity.resolve.HardcodedCatalogEntitySpecResolver@5f42cb42, org.apache.brooklyn.core.resolve.entity.CatalogEntitySpecResolver@294afa78, org.apache.brooklyn.core.resolve.entity.JavaEntitySpecResolver@57e42c52, org.apache.brooklyn.camp.brooklyn.spi.creation.service.UrlServiceSpecResolver@57520f7f]]
        at org.apache.brooklyn.camp.brooklyn.spi.creation.BrooklynComponentTemplateResolver.resolveSpec(BrooklynComponentTemplateResolver.java:181) ~[org.apache.brooklyn-brooklyn-camp-0.10.0-20160930.1659.jar:0.10.0-20160930.1659]
2016-10-06 16:59:24,012 WARN  Unable to create spec for org.apache.brooklyn.core.catalog.internal.CatalogItemDo[CatalogEntityItemDto[kubernetes-cluster-application:2.0.0/Kubernetes Cluster]]: java.lang.IllegalStateException: Transformer for Brooklyn OASIS CAMP interpreter gave an error creating this plan: Unable to create spec for type ca-server. No resolver knew how to handle it. Using resolvers: class org.apache.brooklyn.camp.brooklyn.spi.creation.service.CampServiceSpecResolver[[org.apache.brooklyn.entity.resolve.ChefEntitySpecResolver@24c1ac75, org.apache.brooklyn.entity.resolve.HardcodedCatalogEntitySpecResolver@332581f, org.apache.brooklyn.core.resolve.entity.CatalogEntitySpecResolver@7148273a, org.apache.brooklyn.core.resolve.entity.JavaEntitySpecResolver@38944f05, org.apache.brooklyn.camp.brooklyn.spi.creation.service.UrlServiceSpecResolver@111fee66]]
java.lang.IllegalStateException: Transformer for Brooklyn OASIS CAMP interpreter gave an error creating this plan: Unable to create spec for type ca-server. No resolver knew how to handle it. Using resolvers: class org.apache.brooklyn.camp.brooklyn.spi.creation.service.CampServiceSpecResolver[[org.apache.brooklyn.entity.resolve.ChefEntitySpecResolver@24c1ac75, org.apache.brooklyn.entity.resolve.HardcodedCatalogEntitySpecResolver@332581f, org.apache.brooklyn.core.resolve.entity.CatalogEntitySpecResolver@7148273a, org.apache.brooklyn.core.resolve.entity.JavaEntitySpecResolver@38944f05, org.apache.brooklyn.camp.brooklyn.spi.creation.service.UrlServiceSpecResolver@111fee66]]
        at org.apache.brooklyn.util.guava.IllegalStateExceptionSupplier.get(IllegalStateExceptionSupplier.java:40) ~[org.apache.brooklyn-brooklyn-utils-common-0.10.0-20160930.1659.jar:0.10.0-20160930.1659]
Caused by: org.apache.brooklyn.util.exceptions.PropagatedRuntimeException:
        at org.apache.brooklyn.util.exceptions.Exceptions.create(Exceptions.java:429) ~[org.apache.brooklyn-brooklyn-utils-common-0.10.0-20160930.1659.jar:0.10.0-20160930.1659]
Caused by: org.apache.brooklyn.util.exceptions.PropagatedRuntimeException: Transformer for Brooklyn OASIS CAMP interpreter gave an error creating this plan: Unable to create spec for type ca-server. No resolver knew how to handle it. Using resolvers: class org.apache.brooklyn.camp.brooklyn.spi.creation.service.CampServiceSpecResolver[[org.apache.brooklyn.entity.resolve.ChefEntitySpecResolver@24c1ac75, org.apache.brooklyn.entity.resolve.HardcodedCatalogEntitySpecResolver@332581f, org.apache.brooklyn.core.resolve.entity.CatalogEntitySpecResolver@7148273a, org.apache.brooklyn.core.resolve.entity.JavaEntitySpecResolver@38944f05, org.apache.brooklyn.camp.brooklyn.spi.creation.service.UrlServiceSpecResolver@111fee66]]
        at org.apache.brooklyn.core.plan.PlanToSpecFactory.attemptWithLoaders(PlanToSpecFactory.java:137) ~[org.apache.brooklyn-brooklyn-core-0.10.0-20160930.1659.jar:0.10.0-20160930.1659]
Caused by: java.lang.IllegalStateException: Unable to create spec for type ca-server. No resolver knew how to handle it. Using resolvers: class org.apache.brooklyn.camp.brooklyn.spi.creation.service.CampServiceSpecResolver[[org.apache.brooklyn.entity.resolve.ChefEntitySpecResolver@24c1ac75, org.apache.brooklyn.entity.resolve.HardcodedCatalogEntitySpecResolver@332581f, org.apache.brooklyn.core.resolve.entity.CatalogEntitySpecResolver@7148273a, org.apache.brooklyn.core.resolve.entity.JavaEntitySpecResolver@38944f05, org.apache.brooklyn.camp.brooklyn.spi.creation.service.UrlServiceSpecResolver@111fee66]]
        at org.apache.brooklyn.camp.brooklyn.spi.creation.BrooklynComponentTemplateResolver.resolveSpec(BrooklynComponentTemplateResolver.java:181) ~[org.apache.brooklyn-brooklyn-camp-0.10.0-20160930.1659.jar:0.10.0-20160930.1659]
2016-10-06 17:00:12,111 WARN  Read of VanillaSoftwareProcessImpl{id=h6027rjcbe}->Sensor: machine.cpu (java.lang.Double) gave exception (grace period expired, occurring for 30s 4ms): java.lang.IllegalStateException: No instances of class org.apache.brooklyn.location.ssh.SshMachineLocation available (in [])
2016-10-06 17:00:12,111 WARN  Read of VanillaSoftwareProcessImpl{id=h6027rjcbe}->Sensor: machine.uptime (org.apache.brooklyn.util.time.Duration) gave exception (grace period expired, occurring for 30s 1ms): java.lang.IllegalStateException: No instances of class org.apache.brooklyn.location.ssh.SshMachineLocation available (in [])
2016-10-06 17:00:12,111 WARN  Read of VanillaSoftwareProcessImpl{id=h6027rjcbe}->Sensor: machine.loadAverage (java.lang.Double) gave exception (grace period expired, occurring for 30s 4ms): java.lang.IllegalStateException: No instances of class org.apache.brooklyn.location.ssh.SshMachineLocation available (in [])
2016-10-06 17:00:12,114 WARN  Read of VanillaSoftwareProcessImpl{id=h6027rjcbe}->Sensor: machine.memory.total (java.lang.Long) gave exception (grace period expired, occurring for 30s 3ms): java.lang.IllegalStateException: No instances of class org.apache.brooklyn.location.ssh.SshMachineLocation available (in [])
2016-10-06 17:00:12,115 WARN  Read of VanillaSoftwareProcessImpl{id=h6027rjcbe}->Sensor: machine.memory.used (java.lang.Long) gave exception (grace period expired, occurring for 30s 4ms): java.lang.IllegalStateException: No instances of class org.apache.brooklyn.location.ssh.SshMachineLocation available (in [])
2016-10-06 17:00:12,116 WARN  Read of VanillaSoftwareProcessImpl{id=h6027rjcbe}->Sensor: machine.memory.free (java.lang.Long) gave exception (grace period expired, occurring for 30s 5ms): java.lang.IllegalStateException: No instances of class org.apache.brooklyn.location.ssh.SshMachineLocation available (in [])

[neykov]

Hi @naqsh01. I hit the exact same problem yesterday and the fix might surprise you :).

The key is

2016-10-06 16:59:20,286 WARN  Attempt #1/1 to obtain machine threw error: org.jclouds.rest.AuthorizationException: POST https://ec2.us-east-1.amazonaws.com/ HTTP/1.1 -> HTTP/1.1 401 Unauthorized

In my case it was due to Amazon requiring me to accept the license agreement for the image - the official image of the CentOS project. It's failing even if you try to launch it through Amazon's console until the license is accepted. It's a one time process.

Go to the marketplace and try to launch the image. Somewhere along the process you'll see a yellow button in the right column asking you to accept the license agreement. You don't even need to complete the launch process. After accepting go back and retry the deployment.

[naqsh01]

So, manually go through wizard process and then once I get to the screen about the license, I accept it. I don't have to go any further? And then go back Brooklyn and deploy the blueprint for the docker engine -- and it should work? :)

If I understood that correctly I'll give it a shot.

Side comments: In clocker 2 is the a way to point to an existing docker engine?

Thanks

[neykov]

So, manually go through wizard process and then once I get to the screen about the license, I accept it. I don't have to go any further? And then go back Brooklyn and deploy the blueprint for the docker engine -- and it should work? :)

That's correct.

Side comments: In clocker 2 is the a way to point to an existing docker engine?

No clocker2 is all about deploying docker, swarm, kubernetes, etc. (and of course not be constrained to a single cloud).

You can deploy to docker, swarm, kubernetes using AMP's Cloudsoft Container Service.

[naqsh01]

@neykov

That was it! Fixed the issue.

One thing worth noting: securityGroups: <SECURITY GROUP ID>

Is not the group id but the name.

In Clocker2 -- would the blueprint to deploy to docker engine be the same as it was for clocker1? Is there an example I can follow?

[neykov]

Glad it worked @naqsh01. Good point about securityGroups we will update the docs.

Here's how you can deploy to a docker engine or Swarm endpoint. That's using the Cloudsoft Container Service which builds on top of Clocker 2.