search

gravitl / netmaker

Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
https://netmaker.io
Other
9.39k stars 546 forks source link

[Bug]: nm-quick.sh not working on AWS Lightsail VPS #2528

Open Jachimo opened 1 year ago

Jachimo commented 1 year ago

Contact Details

jachimo

What happened?

I am trying to install Netmaker using the nm-quick.sh script on an AWS Lightsail VPS.

I created the Lightsail VPS using the Ubuntu 22.04 LTS image. Only thing I did to it was uninstall snapd (because I don't like Snap and it's resource-heavy). I have a domain set up in Lightsail so I can create DNS records. I have a wildcard DNS entry configured that points to the public IPv4 address of the VPS. Ports 22, 80, 51821-51825 are open. LetsEncrypt can connect to the server on Port 80 for verification just fine, so that is not the problem.

Per the documentation, I am doing the recommended installation route by running the script: sudo wget -qO /root/nm-quick.sh https://raw.githubusercontent.com/gravitl/netmaker/master/scripts/nm-quick.sh && sudo chmod +x /root/nm-quick.sh && sudo /root/nm-quick.sh

I have tried this both as my regular work user (which has sudo permissions) and as root itself. Same results both ways.

Here's a trimmed version of the output I'm getting:

Using config: /root/netmaker.env
-----------Build Options-----------------------------
    EE or CE: ce
  Build Type: version
   Build Tag: v0.20.6
   Image Tag: v0.20.6
   Installer: v0.1.1
checking dependencies...
[...content trimmed; looks good...]
dependency check complete
Would you like to use your own domain for netmaker, or an auto-generated domain?
[custom domain selected and entered]
before continuing, confirm DNS is configured correctly, with records pointing to [REDACTED]
Does everything look right? [y/n]:  y
Email Address for Domain Registration (click 'enter' to use [REDACTED]): [ENTER]
[... content trimmed; choose defaults for MQ and TURN credentials ...]
-----------------------------------------------------------------
                SETUP ARGUMENTS
-----------------------------------------------------------------
        domain: [REDACTED]
         email: [REDACTED]
     public ip: [REDACTED]
-----------------------------------------------------------------
Confirm Settings for Installation
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Does everything look right? [y/n]: y
Stopping all containers...
-----------------------------------------------------------------
Beginning installation...
-----------------------------------------------------------------
. . .
. . .
. . .
Pulling config files...
Saving the config to /root/netmaker.env
Setting up SSL certificates...
fetch https://dl-cdn.alpinelinux.org/alpine/v3.16/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.16/community/x86_64/APKINDEX.tar.gz
v3.16.7-35-g57e1d4dcc07 [https://dl-cdn.alpinelinux.org/alpine/v3.16/main]
v3.16.7-35-g57e1d4dcc07 [https://dl-cdn.alpinelinux.org/alpine/v3.16/community]
OK: 17048 distinct packages available
(1/5) Installing bash (5.1.16-r2)
Executing bash-5.1.16-r2.post-install
(2/5) Installing brotli-libs (1.0.9-r6)
(3/5) Installing nghttp2-libs (1.47.0-r1)
(4/5) Installing libcurl (8.2.1-r0)
(5/5) Installing curl (8.2.1-r0)
Executing busybox-1.35.0-r17.trigger
OK: 29 MiB in 46 packages
certonly --standalone --non-interactive --agree-tos -m [REDACTED] -d api.[REDACTED] -d broker.[REDACTED] -d dashboard.[REDACTED] -d turn.[REDACTED] -d turnapi.[REDACTED]
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Certificate not yet due for renewal

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Certificate not yet due for renewal; no action taken.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SSL certificates ready
Starting containers...
Creating turn     ... done
Creating netmaker ... done
Creating caddy    ... done
Creating coredns     ... done
Creating mq          ... done
Creating netmaker-ui ... done
. . .
. . .
Testing Caddy setup (please be patient, this may take 1-2 minutes)
     Issue establishing connection...retrying in 15 seconds...

There are some more messages but that's essentially it; I'm dead in the water and nothing further productive happens.

I don't know where to proceed from here. I don't know what Caddy is/does, I've never used it, and it doesn't seem to produce any log messages in any obvious place.

Although there's a line that says it's "saving debug log to /var/log/letsencrypt/letsencrypt.log", there's no /var/log/letsencrypt directory much less anything inside it. (And there's nothing inside /var/log that looks like it belongs to Netmaker, Caddy, etc.)

Based on other reports by people with similar issues, I already tried sysctl -w net.core.rmem_max=2500000 and sysctl -w net.core.wmem_max=2500000 which had no effect. In case it was some sort of OOM issue, I also created 4G of additional swap. No effect.

Suggestions greatly welcome since at this point I have no idea how to proceed; the installer is effectively broken as far as I can tell, and I think I followed the instructions pretty closely.

Version

v0.20.6

What OS are you using?

Linux

Relevant log output

No response

Contributing guidelines

mojansch commented 5 months ago

I just ran into this too, it happens when the host is IPv6-only. When I gave it an IPv4 address, it worked as usual.

abhishek9686 commented 5 months ago

I just ran into this too, it happens when the host is IPv6-only. When I gave it an IPv4 address, it worked as usual.

@mojansch In the next release i.e v0.24.0, we are coming up with setup instructions for the server on an ipv6-only machine, and in general, we added full-fledged support for clients to work with ipv6 only networks

borekon commented 1 month ago

I also happens with dual-stack network (ipv4 + ipv6)

I just ran into this too, it happens when the host is IPv6-only. When I gave it an IPv4 address, it worked as usual.