Closed lgayatri closed 6 years ago
@sergiosagu @martin-borisov is this an admiral issue?
@lgayatri When opening issues, please include the OVA name such as vic-dev-2571-v1.3.0-dev1-200-ga9048f6.ova
because VIC 1.3
does not currently exist and it is very difficult to root cause this if we don't know the version of the components that are running.
@andrewtchin , sure- will do. Here is the build: vic-dev-2419-v1.3.0-dev1-178-gfbdb6d5.ova
The actual issue seems to be a failure during the registration, or in other words, the registration wasn't successful... or wasn't completely successful.
The vmware-identity-sts-default.log
logs here are misleading since that's probably an expected error message in clean environments. The registration process, before trying to create the vic-cloud-admin default user, first it tries to delete it in case it already exists (and since it doesn't exist, that's the error displayed in the vmware-identity-sts-default.log
file).
@lgayatri - where did you see that the registration was successful? can you attach the registration logs?
@sergiosagu I dont have the setup , but I am sure that the registration succeeded for UI. As I always open the management portal from web page on 9443 . Is there a separate log for registration? I usually check journalctl
@lgayatri The registration log from the Getting Started Page is in journalctl -u fileserver
Also please always include the host/credentials either in the issue or in the vic-product-standup Slack channel with a reference the bug number so that there isn't a delay in triaging
@andrewtchin , here is the repro.
VCSA: 6.6.3.10000 VIC 1.3 : vic-v1.3.0-rc4-2870-f8cc7317.ova
PSC registration is successful
journalctl -u fileserver
Dec 19 06:38:39 vic-st-h2-189.eng.vmware.com start_fileserver.sh[1467]: time="2017-12-19T06:38:39Z" level=info msg="server URL: cloud02-w3.stls.local\n"
Dec 19 06:38:39 vic-st-h2-189.eng.vmware.com start_fileserver.sh[1467]: time="2017-12-19T06:38:39Z" level=debug msg="Accepting host \"cloud02-w3.stls.local\" thumbprint 03:C7:7C:AE:4C:6C:20:40:8F:A
B:C3:43:99:B9:7B:46:DA:BD:0D:21"
Dec 19 06:38:39 vic-st-h2-189.eng.vmware.com start_fileserver.sh[1467]: time="2017-12-19T06:38:39Z" level=debug msg="Creating VMOMI session with thumbprint 03:C7:7C:AE:4C:6C:20:40:8F:AB:C3:43:99:B9
:7B:46:DA:BD:0D:21"
Dec 19 06:38:39 vic-st-h2-189.eng.vmware.com start_fileserver.sh[1467]: time="2017-12-19T06:38:39Z" level=debug msg="Session Environment Info: " API Type=VirtualCenter API Version=6.7 Build=7362297
Name="VMware vCenter Server" OS Type=linux-x64 Product ID=vpx UUID=87036cae-8d5e-4639-867b-e0b123c4b99b Vendor="VMware, Inc." Version=6.6.3
Dec 19 06:38:39 vic-st-h2-189.eng.vmware.com start_fileserver.sh[1467]: time="2017-12-19T06:38:39Z" level=debug msg="vSphere resource cache populating..."
Dec 19 06:38:39 vic-st-h2-189.eng.vmware.com start_fileserver.sh[1467]: time="2017-12-19T06:38:39Z" level=debug msg="Error count populating vSphere cache: (5)"
Dec 19 06:38:39 vic-st-h2-189.eng.vmware.com start_fileserver.sh[1467]: time="2017-12-19T06:38:39Z" level=debug msg="new validator Session.Populate: Failure finding dc (): default datacenter resolv
es to multiple instances, please specify\nFailure finding cluster (): please specify a datacenter\nFailure finding ds (): please specify a datacenter\nFailure finding host (): please specify a data
center\nFailure finding pool (): please specify a datacenter"
Dec 19 06:38:39 vic-st-h2-189.eng.vmware.com start_fileserver.sh[1467]: time="2017-12-19T06:38:39Z" level=info msg="Validation succeeded"
Dec 19 06:38:40 vic-st-h2-189.eng.vmware.com start_fileserver.sh[1467]: time="2017-12-19T06:38:40Z" level=debug msg="successfully attached the product tag"
Dec 19 06:38:40 vic-st-h2-189.eng.vmware.com start_fileserver.sh[1467]: time="2017-12-19T06:38:40Z" level=info msg="User domain: vsphere.local PSC domain: vsphere.local. Using vsphere.local"
Dec 19 06:38:40 vic-st-h2-189.eng.vmware.com start_fileserver.sh[1467]: time="2017-12-19T06:38:40Z" level=info msg="vCenter user: administrator@vsphere.local"
Dec 19 06:38:40 vic-st-h2-189.eng.vmware.com start_fileserver.sh[1467]: time="2017-12-19T06:38:40Z" level=info msg="PSC instance: w3-stras-sso01.stls.local"
Dec 19 06:38:40 vic-st-h2-189.eng.vmware.com start_fileserver.sh[1467]: time="2017-12-19T06:38:40Z" level=info msg="PSC domain: vsphere.local"
Dec 19 06:38:40 vic-st-h2-189.eng.vmware.com start_fileserver.sh[1467]: time="2017-12-19T06:38:40Z" level=info msg="PSC Out of the box users. CreateUsers: True, FoundCreateUsers: true, Prefix: vic"
Dec 19 06:38:43 vic-st-h2-189.eng.vmware.com start_fileserver.sh[1467]: time="2017-12-19T06:38:43Z" level=info msg="Successfully registered harbor with PSC"
Dec 19 06:38:46 vic-st-h2-189.eng.vmware.com start_fileserver.sh[1467]: time="2017-12-19T06:38:46Z" level=info msg="Successfully registered engine with PSC"
Dec 19 06:38:54 vic-st-h2-189.eng.vmware.com start_fileserver.sh[1467]: time="2017-12-19T06:38:54Z" level=info msg="Successfully registered admiral with PSC"
Dec 19 06:38:54 vic-st-h2-189.eng.vmware.com start_fileserver.sh[1467]: time="2017-12-19T06:38:54Z" level=info msg="render: html/index.html"
Dec 19 06:38:54 vic-st-h2-189.eng.vmware.com start_fileserver.sh[1467]: time="2017-12-19T06:38:54Z" level=info msg="render: /opt/vmware/fileserver/html/index.html"
Dec 19 06:38:55 vic-st-h2-189.eng.vmware.com start_fileserver.sh[1467]: time="2017-12-19T06:38:55Z" level=info msg="render: html/index.html"
Dec 19 06:38:55 vic-st-h2-189.eng.vmware.com start_fileserver.sh[1467]: time="2017-12-19T06:38:55Z" level=info msg="render: /opt/vmware/fileserver/html/index.html"
Admiral page does not open
admiral log says:
[359][I][2017-12-19T06:50:05.685Z][11][8282/][lambda$schedulePeriodicCertificatesReload$1][Host https://vic-st-h2-189.eng.vmware.com:8282/: reloading all certificates]
[360][W][2017-12-19T06:53:23.928Z][125][8282/auth/psc/callback][redirectToSamlSso][Could not generate redirect URL: java.lang.IllegalStateException: SsoManager has not been initialized
at com.vmware.admiral.auth.idm.psc.saml.util.SamlManager.getInstance(SamlManager.java:100)
at com.vmware.admiral.auth.idm.psc.saml.sso.authentication.SamlRequestSender.<init>(SamlRequestSender.java:45)
at com.vmware.admiral.auth.idm.psc.saml.util.SsoUriGenerator.generateRedirectUrl(SsoUriGenerator.java:47)
at com.vmware.admiral.auth.idm.psc.service.PscAuthenticationService.redirectToSamlSso(PscAuthenticationService.java:457)
at com.vmware.admiral.auth.idm.psc.service.PscAuthenticationService.redirectToSso(PscAuthenticationService.java:451)
at com.vmware.admiral.auth.idm.psc.service.PscAuthenticationService.handleGet(PscAuthenticationService.java:435)
at com.vmware.xenon.common.StatelessService.handleRequest(StatelessService.java:120)
at com.vmware.xenon.common.StatelessService.handleRequest(StatelessService.java:103)
at com.vmware.xenon.common.ServiceHost.lambda$queueOrScheduleRequestInternal$44(ServiceHost.java:4292)
at java.util.concurrent.ForkJoinTask$RunnableExecuteAction.exec(ForkJoinTask.java:1402)
at java.util.concurrent.ForkJoinTask.doExec(ForkJoinTask.java:289)
at java.util.concurrent.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1056)
at java.util.concurrent.ForkJoinPool.runWorker(ForkJoinPool.java:1692)
at java.util.concurrent.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:157)
]
Will ping the setup details on standup channel.
@mdubya66 - Lets target this bug for 1.4 given the timelines.
VCSA has external PSC with F5 Load balancer (PSCs are behind LB)
I tried on embedded VCSA with version 6.6.3 and still see the same issue that despite successful VCSA registration, admiral does not open.
Per conversation on slack it looks like this is an Admiral issue with PSC on 6.6.3
@lgayatri Is there an issue open in Admiral to track this? If so, I will close this. If not, I will move it to Admiral repo.
@andrewtchin / @lgayatri - We have a task in our Jira to track it (VBV-1791). Feel free to close this issue. cc @lazarin
This is a feature that we are tracking in jira. Closing this one.
@mdubya66 @sergiosagu
VCSA: CLOUDVM_VERSION:6.6.3.10000 VIC 1.3
We have the required user already on VCSA:
Expected Admiral to open successfully. Live setup available upon request.