Closed pradeepn-altran closed 5 years ago
I could ping master, node01, node02 from the local bash shell as the VMs seems to be up and running and can also do a vagrant ssh to master, node01, node02
is it the first time you launch your VMs using ./oc-up.sh
? 'cause I saw this messageflag to force provisioning. Provisioners marked to run always will still run
~I guess this script should be run ONLY once when you first create your virtual machines.~
update: it's no problem to run ./oc-up.sh
for multiple times from my side and I cannot reproduce this on my computer.
Here is the basic package information on my laptop:
➜ ~ vagrant version
Installed Version: 2.2.5
Latest Version: 2.2.5
You're running an up-to-date version of Vagrant!
➜ ~ vagrant plugin list
vagrant-hostmanager (1.8.9, global)
- Version Constraint: > 0
vagrant-scp (0.5.7, global)
- Version Constraint: > 0
➜ ~ VBoxManage --version
6.0.10r132072
➜ ~
Hope this helps.
I updated all the versions to the latest. I did a vagrant up - it seem to complete without any issues. When I access : https://master.example.com:8443/ I get connection refused. Any idea what to look for.
From your notes, it is not clear, if I need to run oc-up.sh after doing a vagrant up. The notes seem to apply to OKD 3.8. Since I am using OKD 3.11, does the oc-up.sh still apply?
I tried running the command individually or via oc-up.sh, in both the cases I get the same error: ''' TASK [Gathering Facts] ***** fatal: [node01.example.com]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\r\n@ WARNING: UNPROTECTED PRIVATE KEY FILE! @\r\n@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\r\nPermissions 0664 for '/home/vagrant/.ssh/node01.key' are too open.\r\nIt is required that your private key files are NOT accessible by others.\r\nThis private key will be ignored.\r\nLoad key \"/home/vagrant/.ssh/node01.key\": bad permissions\r\nPermission denied (publickey,gssapi-keyex,gssapi-with-mic).", "unreachable": true} fatal: [node02.example.com]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\r\n@ WARNING: UNPROTECTED PRIVATE KEY FILE! @\r\n@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\r\nPermissions 0664 for '/home/vagrant/.ssh/node02.key' are too open.\r\nIt is required that your private key files are NOT accessible by others.\r\nThis private key will be ignored.\r\nLoad key \"/home/vagrant/.ssh/node02.key\": bad permissions\r\nPermission denied (publickey,gssapi-keyex,gssapi-with-mic).", "unreachable": true} fatal: [master.example.com]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\r\n@ WARNING: UNPROTECTED PRIVATE KEY FILE! @\r\n@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\r\nPermissions 0664 for '/home/vagrant/.ssh/master.key' are too open.\r\nIt is required that your private key files are NOT accessible by others.\r\nThis private key will be ignored.\r\nLoad key \"/home/vagrant/.ssh/master.key\": bad permissions\r\nPermission denied (publickey,gssapi-keyex,gssapi-with-mic).", "unreachable": true} to retry, use: --limit @/home/vagrant/openshift-ansible/playbooks/prerequisites.retry
PLAY RECAP ***** master.example.com : ok=0 changed=0 unreachable=1 failed=0 node01.example.com : ok=0 changed=0 unreachable=1 failed=0 node02.example.com : ok=0 changed=0 unreachable=1 failed=0 '''
Looks like there is some permission issue : Permissions 0664 for '/home/vagrant/.ssh/node02.key'
Let me try fixing that and retry
Might want to add a note to the instructions to fix the permissions of the key files in /home/vagrant/.ssh/*.key
chmod go-rw /home/vagrant/.ssh/*.key
With the above change it seems to go further. However taking a long time with re-tries on the following . How long does it take to get this up and running? '''
TASK [openshift_control_plane : Wait for control plane pods to appear] **** FAILED - RETRYING: Wait for control plane pods to appear (60 retries left). FAILED - RETRYING: Wait for control plane pods to appear (59 retries left). FAILED - RETRYING: Wait for control plane pods to appear (58 retries left). FAILED - RETRYING: Wait for control plane pods to appear (57 retries left). FAILED - RETRYING: Wait for control plane pods to appear (56 ret '''
The ansible playbooks completed, but with the following error: ''' Failure summary:
Looks like there is some permission issue : Permissions 0664 for '/home/vagrant/.ssh/node02.key'
Let me try fixing that and retry
That's weird because what I saw in my master vm is as below: (Permission 600)
[vagrant@master .ssh]$ pwd
/home/vagrant/.ssh
[vagrant@master .ssh]$ ll *.key
-rw-------. 1 vagrant vagrant 1679 Aug 3 06:51 master.key
-rw-------. 1 vagrant vagrant 1679 Aug 3 06:51 node01.key
-rw-------. 1 vagrant vagrant 1675 Aug 3 06:51 node02.key
[vagrant@master .ssh]$
What operating system does your host machine have?
Host OS is Windows 10.
Hmmm, then i guess you might run oc-up.sh
using some shell-like tools like git-bash
, which does have some file permissions issue. I'll see if I can make a patch for compatibility of Windows platform.
@pradeepn-altran A patch has been applied for fixing permission issue on Windows host. would you please verify if it solves your problem?
I will try this and let you know
The new oc-up.sh fix worked ! Thanks a bunch. Closing this issue.
Can't reach the web console. I see the following during the oc-up.sh. Any pointers what is missing or what to look for. This is my first attempt at getting an OpenShift environment on my laptop Thanks in advance. ''' $ ./oc-up.sh Bringing machine 'node01' up with 'virtualbox' provider... Bringing machine 'node02' up with 'virtualbox' provider... Bringing machine 'master' up with 'virtualbox' provider... ==> node01: [vagrant-hostmanager:guests] Updating hosts file on active guest virtual machines... ==> node01: [vagrant-hostmanager:host] Updating hosts file on your workstation (password may be required)... ==> node01: Machine already provisioned. Run
vagrant provision
or use the--provision
==> node01: flag to force provisioning. Provisioners marked to run always will still run. ==> node02: [vagrant-hostmanager:guests] Updating hosts file on active guest virtual machines... ==> node02: [vagrant-hostmanager:host] Updating hosts file on your workstation (password may be required)... ==> node02: Machine already provisioned. Runvagrant provision
or use the--provision
==> node02: flag to force provisioning. Provisioners marked to run always will still run. ==> master: [vagrant-hostmanager:guests] Updating hosts file on active guest virtual machines... ==> master: [vagrant-hostmanager:host] Updating hosts file on your workstation (password may be required)... ==> master: Machine already provisioned. Runvagrant provision
or use the--provision
==> master: flag to force provisioning. Provisioners marked to run always will still run. ==> master: Running provisioner: master-key (file)... master: .vagrant/machines/master/virtualbox/private_key => /home/vagrant/.ssh/master.key ==> master: Running provisioner: node01-key (file)... master: .vagrant/machines/node01/virtualbox/private_key => /home/vagrant/.ssh/node01.key ==> master: Running provisioner: node02-key (file)... master: .vagrant/machines/node02/virtualbox/private_key => /home/vagrant/.ssh/node02.keyPLAY [Fail openshift_kubelet_name_override for new hosts] ***
TASK [Gathering Facts] ** fatal: [node01.example.com]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\r\n@ WARNING: UNPROTECTED PRIVATE KEY FILE! @\r\n@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\r\nPermissions 0664 for '/home/vagrant/.ssh/node01.key' are too open.\r\nIt is required that your private key files are NOT accessible by others.\r\nThis private key will be ignored.\r\nLoad key \"/home/vagrant/.ssh/node01.key\": bad permissions\r\nPermission denied (publickey,gssapi-keyex,gssapi-with-mic).\r\n", "unreachable": true} fatal: [node02.example.com]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\r\n@ WARNING: UNPROTECTED PRIVATE KEY FILE! @\r\n@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\r\nPermissions 0664 for '/home/vagrant/.ssh/node02.key' are too open.\r\nIt is required that your private key files are NOT accessible by others.\r\nThis private key will be ignored.\r\nLoad key \"/home/vagrant/.ssh/node02.key\": bad permissions\r\nPermission denied (publickey,gssapi-keyex,gssapi-with-mic).\r\n", "unreachable": true} fatal: [master.example.com]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\r\n@ WARNING: UNPROTECTED PRIVATE KEY FILE! @\r\n@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@\r\nPermissions 0664 for '/home/vagrant/.ssh/master.key' are too open.\r\nIt is required that your private key files are NOT accessible by others.\r\nThis private key will be ignored.\r\nLoad key \"/home/vagrant/.ssh/master.key\": bad permissions\r\nPermission denied (publickey,gssapi-keyex,gssapi-with-mic).\r\n", "unreachable": true} to retry, use: --limit @/home/vagrant/openshift-ansible/playbooks/prerequisites.retry
PLAY RECAP ** master.example.com : ok=0 changed=0 unreachable=1 failed=0 node01.example.com : ok=0 changed=0 unreachable=1 failed=0 node02.example.com : ok=0 changed=0 unreachable=1 failed=0
Connection to 127.0.0.1 closed. '''