Error with Vagrant and Trusty

[egobsv]

When following the installation instructions for Trusty using DEB packages, after running "Vagrant up" the following error is return:

shell provisioner: The following settings shouldn't exist: type

[egobsv]

The script was tested using Vagrant 1.9.1, which version of Vagrant is installed in your computer? If you can, use Xenial since Trusty is approaching its end of life support. Did you compile your own DEB packages, which packages are you using?

[hainguyen291]

@egobsv When I delete "type" field in bash file, I can run "vagrant up". However, I get a bunch of errors as shown in "Global ..." issue.

I were using vagrant 1.4.3. I compile my own DEB packages, which are downloaded from this site: download the Deb packages as the instruction.

[hainguyen291]

@egobsv I can run though vagrant up step by upgrading vagrant to version 1.9.1. Thank you so much. However, I couldn't access CA and OCSP by these IP addresses Certification Authority will have activated the time stamping service available at http://10.0.0.13:8899 and the OCSP service available at http://10.0.0.13:8888 .

[hainguyen291]

Here is my result when run vagrant up

hai@hainguyen:~/tenoli$ vagrant up Bringing machine 'sc' up with 'virtualbox' provider... Bringing machine 'ss1' up with 'virtualbox' provider... Bringing machine 'ss2' up with 'virtualbox' provider... Bringing machine 'ca' up with 'virtualbox' provider... ==> sc: Clearing any previously set forwarded ports... ==> sc: Clearing any previously set network interfaces... ==> sc: Preparing network interfaces based on configuration... sc: Adapter 1: nat sc: Adapter 2: hostonly ==> sc: Forwarding ports... sc: 22 (guest) => 2222 (host) (adapter 1) ==> sc: Running 'pre-boot' VM customizations... ==> sc: Booting VM... ==> sc: Waiting for machine to boot. This may take a few minutes... sc: SSH address: 127.0.0.1:2222 sc: SSH username: vagrant sc: SSH auth method: private key ==> sc: Machine booted and ready! ==> sc: Checking for guest additions in VM... ==> sc: Setting hostname... ==> sc: Configuring and enabling network interfaces... ==> sc: Mounting shared folders... sc: /vagrant => /home/hai/tenoli ==> sc: Machine already provisioned. Run vagrant provision or use the --provision ==> sc: flag to force provisioning. Provisioners marked to run always will still run. ==> ss1: Clearing any previously set forwarded ports... ==> ss1: Fixed port collision for 22 => 2222. Now on port 2200. ==> ss1: Clearing any previously set network interfaces... ==> ss1: Preparing network interfaces based on configuration... ss1: Adapter 1: nat ss1: Adapter 2: hostonly ==> ss1: Forwarding ports... ss1: 22 (guest) => 2200 (host) (adapter 1) ==> ss1: Running 'pre-boot' VM customizations... ==> ss1: Booting VM... ==> ss1: Waiting for machine to boot. This may take a few minutes... ss1: SSH address: 127.0.0.1:2200 ss1: SSH username: vagrant ss1: SSH auth method: private key ss1: Warning: Remote connection disconnect. Retrying... ==> ss1: Machine booted and ready! ==> ss1: Checking for guest additions in VM... ==> ss1: Setting hostname... ==> ss1: Configuring and enabling network interfaces... ==> ss1: Mounting shared folders... ss1: /vagrant => /home/hai/tenoli ==> ss1: Machine already provisioned. Run vagrant provision or use the --provision ==> ss1: flag to force provisioning. Provisioners marked to run always will still run. ==> ss2: Clearing any previously set forwarded ports... ==> ss2: Fixed port collision for 22 => 2222. Now on port 2201. ==> ss2: Clearing any previously set network interfaces... ==> ss2: Preparing network interfaces based on configuration... ss2: Adapter 1: nat ss2: Adapter 2: hostonly ==> ss2: Forwarding ports... ss2: 22 (guest) => 2201 (host) (adapter 1) ==> ss2: Running 'pre-boot' VM customizations... ==> ss2: Booting VM... ==> ss2: Waiting for machine to boot. This may take a few minutes... ss2: SSH address: 127.0.0.1:2201 ss2: SSH username: vagrant ss2: SSH auth method: private key ss2: Warning: Remote connection disconnect. Retrying... ==> ss2: Machine booted and ready! ==> ss2: Checking for guest additions in VM... ==> ss2: Setting hostname... ==> ss2: Configuring and enabling network interfaces... ==> ss2: Mounting shared folders... ss2: /vagrant => /home/hai/tenoli ==> ss2: Machine already provisioned. Run vagrant provision or use the --provision ==> ss2: flag to force provisioning. Provisioners marked to run always will still run. ==> ca: Clearing any previously set forwarded ports... ==> ca: Fixed port collision for 22 => 2222. Now on port 2202. ==> ca: Clearing any previously set network interfaces... ==> ca: Preparing network interfaces based on configuration... ca: Adapter 1: nat ca: Adapter 2: hostonly ==> ca: Forwarding ports... ca: 22 (guest) => 2202 (host) (adapter 1) ==> ca: Running 'pre-boot' VM customizations... ==> ca: Booting VM... ==> ca: Waiting for machine to boot. This may take a few minutes... ca: SSH address: 127.0.0.1:2202 ca: SSH username: vagrant ca: SSH auth method: private key ca: Warning: Remote connection disconnect. Retrying... ca: Warning: Remote connection disconnect. Retrying... ==> ca: Machine booted and ready! ==> ca: Checking for guest additions in VM... ==> ca: Setting hostname... ==> ca: Configuring and enabling network interfaces... ==> ca: Mounting shared folders... ca: /vagrant => /home/hai/tenoli ==> ca: Machine already provisioned. Run vagrant provision or use the --provision ==> ca: flag to force provisioning. Provisioners marked to run always will still run.

[egobsv]

Hello Hai, The error you are getting "Machine already provisioned." shows up because everytime you run "vagrant up" the script inside Vagrantfile tries to create the machines. You can delete existing Vagrant machines using "vagrant destroy [machine-name]".

If you are still using Trusty, you should see the message "Importing base box 'tenoliBase'" for each one of the virtual machines it creates.

I have fixed a few errors in the install-ca script, it should work as expected now for OCSP and TSA services. Let me know if you run into any problems.

[hainguyen291]

I have pulled updated version of this repository to copiaRepo. Then, I start everything from beginning after vagrant destroy existing vagrant machines.

hai@hainguyen:~/tenoli$ vagrant up Bringing machine 'sc' up with 'virtualbox' provider... Bringing machine 'ss1' up with 'virtualbox' provider... Bringing machine 'ss2' up with 'virtualbox' provider... Bringing machine 'ca' up with 'virtualbox' provider... ==> sc: Machine already provisioned. Run vagrant provision or use the --provision ==> sc: flag to force provisioning. Provisioners marked to run always will still run. ==> ss1: Machine already provisioned. Run vagrant provision or use the --provision ==> ss1: flag to force provisioning. Provisioners marked to run always will still run. ==> ss2: Importing base box 'tenoliBase'... ==> ss2: Matching MAC address for NAT networking... ==> ss2: Setting the name of the VM: tenoli_ss2_1523853160227_40331 ==> ss2: Fixed port collision for 22 => 2222. Now on port 2201. ==> ss2: Clearing any previously set network interfaces... ==> ss2: Preparing network interfaces based on configuration... ss2: Adapter 1: nat ss2: Adapter 2: hostonly ==> ss2: Forwarding ports... ss2: 22 (guest) => 2201 (host) (adapter 1) ==> ss2: Running 'pre-boot' VM customizations... ==> ss2: Booting VM... ==> ss2: Waiting for machine to boot. This may take a few minutes... ss2: SSH address: 127.0.0.1:2201 ss2: SSH username: vagrant ss2: SSH auth method: private key ==> ss2: Machine booted and ready! ==> ss2: Checking for guest additions in VM... ==> ss2: Setting hostname... ==> ss2: Configuring and enabling network interfaces... ==> ss2: Mounting shared folders... ss2: /vagrant => /home/hai/tenoli ==> ss2: Running provisioner: shell (shell)... ss2: Running: inline script ==> ss2: stdin: is not a tty ==> ss2: chpasswd: (user xroad) pam_chauthtok() failed, error: ==> ss2: Authentication token manipulation error ==> ss2: chpasswd: (line 1, user xroad) password not changed ==> ss2: debconf: DbDriver "config": could not write /var/cache/debconf/config.dat-new: No space left on device ==> ss2: Reading package lists... ==> ss2: E ==> ss2: : ==> ss2: Write error - write (28: No space left on device) ==> ss2: E ==> ss2: : ==> ss2: Can't mmap an empty file ==> ss2: E ==> ss2: : ==> ss2: Failed to truncate file - ftruncate (9: Bad file descriptor) ==> ss2: E ==> ss2: : ==> ss2: The package lists or status file could not be parsed or opened. The SSH command responded with a non-zero exit status. Vagrant assumes that this means the command failed. The output for this command should be in the log above. Please read the output to determine what went wrong.

And when I run vagrant status, I got this result

hai@hainguyen:~/tenoli$ vagrant status Current machine states:

sc running (virtualbox) ss1 running (virtualbox) ss2 running (virtualbox) ca not created (virtualbox)

This environment represents multiple VMs. The VMs are all listed above with their current state. For more information about a specific VM, run vagrant status NAME. hai@hainguyen:~/tenoli$ vagrant box list tenoliBase (virtualbox, 0) ubuntu/trusty64 (virtualbox, 0) hai@hainguyen:~/tenoli$

[hainguyen291]

When I access to ca machine, this is its info:

hai@hainguyen:~/tenoli$ vagrant ssh ca Welcome to Ubuntu 14.04.5 LTS (GNU/Linux 3.13.0-144-generic x86_64)

• Documentation: https://help.ubuntu.com/

System information as of Mon Apr 16 04:41:42 UTC 2018

System load: 0.86 Processes: 89 Usage of /: 3.6% of 39.34GB Users logged in: 0 Memory usage: 9% IP address for eth0: 10.0.2.15 Swap usage: 0%

Graph this data and manage this system at: https://landscape.canonical.com/

Get cloud support with Ubuntu Advantage Cloud Guest: http://www.ubuntu.com/business/services/cloud

0 packages can be updated. 0 updates are security updates.

New release '16.04.4 LTS' available. Run 'do-release-upgrade' to upgrade to it.

vagrant@ca:~$ ifconfig eth0 Link encap:Ethernet HWaddr 08:00:27:3a:08:c4
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0 inet6 addr: fe80::a00:27ff:fe3a:8c4/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1593 errors:0 dropped:0 overruns:0 frame:0 TX packets:1209 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:415669 (415.6 KB) TX bytes:142291 (142.2 KB)

eth1 Link encap:Ethernet HWaddr 08:00:27:18:89:c6
inet addr:10.0.0.13 Bcast:10.0.0.255 Mask:255.255.255.0 inet6 addr: fe80::a00:27ff:fe18:89c6/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:92 errors:0 dropped:0 overruns:0 frame:0 TX packets:80 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:9544 (9.5 KB) TX bytes:9337 (9.3 KB)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:32 errors:0 dropped:0 overruns:0 frame:0 TX packets:32 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2866 (2.8 KB) TX bytes:2866 (2.8 KB)

vagrant@ca:~$

Which IP that I should use to access CA server?

[hainguyen291]

I got this error when tried to connect to CA server via 10.0.0.13:8899

[egobsv]

It looks like during the installation your system is running out of space, since you got the "No space left on device" message. Where you able to install all virtual machines?

The OCSP service has not HTTP content, but the error indicates that de service is not available. Please run this commands: vagrant destroy ca vagrant up ca

This will destroy and recreate only the CA machine. Keep in mind that CA services (OCSP and TSA) are not available from the browser, you just need to make sure they running (ports are available):

• requests (POST) to port 8888 go to 8889 for the openssl process started by the OCSP job
• requests (GET, POST) to port 8899 go to localhost:9999 for the python server started by the TSA job

To test these ports you can use telnet, for instance: user@linux:~$ telnet 10.0.0.13 8888

Let me know if you see get errors.

[hainguyen291]

@egobsv You are right, the errors were appeared due to lack of memory. I tried to run vagrant up three times to install all ss1, ss2 and ca machines. I can telnet 10.0.0.13 8888 and 8899 already. When I run vagrant status, results are shown as below:

sc running (virtualbox) ss1 running (virtualbox) ss2 running (virtualbox) ca running (virtualbox)

However, I cannot access SC or SS1/SS2 via the address: https://10.0.0.10:4000/ https://10.0.0.11:4000/

[egobsv]

Did you get any errors while installing those machines, what happens when you try to telnet from outside and inside the machine to port 4000?

[hainguyen291]

When I tried to telnet 10.0.0.13 8899 for example, I got the message in html code about the below page on command environment.

https://user-images.githubusercontent.com/12641471/38792516-8721f44c-4177-11e8-96a7-e1bf23d42daa.png

[egobsv]

Remember that ,according to the docuementation: requests (POST) to port 8888 go to localhost:8889 for the openssl process started by the OCSP job requests (GET, POST) to port 8899 go to localhost:9999 for the python server started by the TSA job

So, if you can't Telnet into ports 8889 and 9999, it means that your services did not start for some reason.

[hainguyen291]

@egobsv I can telnet into port 8889

Also, here are the services run on my CA machine:

vagrant@ca:~$ service --status-all [ + ] acpid [ - ] apparmor [ ? ] apport [ + ] atd [ + ] chef-client [ ? ] console-setup [ + ] cron [ ? ] cryptdisks [ ? ] cryptdisks-early [ - ] dbus [ ? ] dns-clean [ + ] friendly-recovery [ - ] grub-common [ ? ] irqbalance [ ? ] killprocs [ ? ] kmod [ - ] landscape-client [ ? ] networking [ + ] nginx [ ? ] ondemand [ ? ] open-vm-tools [ ? ] pppd-dns [ - ] procps [ + ] puppet [ ? ] rc.local [ + ] resolvconf [ + ] rpcbind [ - ] rsync [ + ] rsyslog [ ? ] screen-cleanup [ ? ] sendsigs [ + ] ssh [ - ] sudo [ + ] udev [ ? ] umountfs [ ? ] umountnfs.sh [ ? ] umountroot [ - ] unattended-upgrades [ - ] urandom [ - ] virtualbox-guest-utils [ ? ] virtualbox-guest-x11 [ - ] x11-common vagrant@ca:~$

[egobsv]

Port 9999 is for the TSA service, make sure is running using: /sbin/stop tsa; /sbin/start tsa;

This service is not related to https web access on port 4000, make sure the xroad-jetty service is running on your SS virtual machines.