Ask Your Question
0

An Error during nova-manage vpn run

asked 2011-07-05 09:38:14 -0500

tonytkdk gravatar image

Hello guys , this is Hugo

How's going today?

I got a problem with run up cloud-pipe image.

#nova-manage vpn run pro1

Full log : http://pastebin.com/TG1E8Jj6

And there's the short cut log
(nova): TRACE: ProcessExecutionError: Unexpected error while running command. (nova): TRACE: Command: openssl ca -batch -out /tmp/tmpQkmiuR/outbound.csr -config ./openssl.cnf -infiles /tmp/tmpQkmiuR/inbound.csr (nova): TRACE: Exit code: 1 (nova): TRACE: Stdout: '' (nova): TRACE: Stderr: "Using configuration from ./openssl.cnf\nerror loading the config file './openssl.cnf'\n11755:error:02001002:system library:fopen:No such file or directory:bss_file.c:126:fopen('./openssl.cnf','rb')\n11755:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:129:\n11755:error:0E078072:configuration file routines:DEF_LOAD:no such file:conf_def.c:197:\n"

=================================

edit retag flag offensive close merge delete

10 answers

Sort by ยป oldest newest most voted
0

answered 2012-03-06 21:56:51 -0500

vishvananda gravatar image

have you tried running nova-cert on the host?

edit flag offensive delete link more
0

answered 2011-07-05 11:13:24 -0500

tonytkdk gravatar image

about #1 comment

I can avoid it by delete --use_project_ca flag

edit flag offensive delete link more
0

answered 2012-03-06 22:39:06 -0500

swoo gravatar image

I found that for my issue in comment #7, I had to do the following:

cd ~/openstack/nova sudo cp -r nova/CA/* /var/lib/nova/CA

These files were missing from the directory which caused my problem.

edit flag offensive delete link more
0

answered 2011-07-05 16:30:39 -0500

vishvananda gravatar image

Vpns are insecure without use_project_ca. It sounds like the CA directory isn't being created properly or there is a file missing.

Vish

On Jul 5, 2011, at 4:16 AM, Hugo Kou wrote:

Question #163798 on OpenStack Compute (nova) changed: https://answers.launchpad.net/nova/+q...

Hugo Kou posted a new comment: about #1 comment

I can avoid it by delete --use_project_ca flag


You received this question notification because you are a member of Nova Core, which is an answer contact for OpenStack Compute (nova).

edit flag offensive delete link more
0

answered 2012-02-23 21:45:52 -0500

Hi You got the solution for this!! I am getting the same error when i execute "./nova-manage project zipfile sunil_project sunil" . It would be great if any of you guys can help me out here....

sunil@openstack001:~/openstack/nova/bin$ ./nova-manage project zipfile sunil_project sunil /usr/lib/python2.7/dist-packages/paste/deploy/loadwsgi.py:8: UserWarning: Module nova was already imported from /home/sunil/openstack/nova/nova/__init__.pyc, but /usr/lib/python2.7/dist-packages is being added to sys.path import pkg_resources

2012-02-23 18:33:15 DEBUG nova.utils [req-2f0804b9-cd4c-4d95-8712-b4b27356bfe7 None None] backend <module 'nova.db.sqlalchemy.api'="" from="" '="" home="" sunil="" openstack="" nova="" nova="" db="" sqlalchemy="" api.pyc'=""> from (pid=12892) __get_backend /home/sunil/openstack/nova/nova/utils.py:602 2012-02-23 18:33:15 DEBUG nova.utils [-] Running cmd (subprocess): openssl genrsa -out /tmp/tmpFGyQ1D/temp.key 1024 from (pid=12892) execute /home/sunil/openstack/nova/nova/utils.py:208 2012-02-23 18:33:15 DEBUG nova.utils [-] Running cmd (subprocess): openssl req -new -key /tmp/tmpFGyQ1D/temp.key -out /tmp/tmpFGyQ1D/temp.csr -batch -subj /C=US/ST=California/O=OpenStack/OU=NovaDev/CN=sunil_project-sunil-2012-02-23T13:03:15Z from (pid=12892) execute /home/sunil/openstack/nova/nova/utils.py:208 2012-02-23 18:33:15 DEBUG nova.crypto [-] Flags path: /home/sunil/openstack/nova/nova/..//CA from (pid=12892) _sign_csr /home/sunil/openstack/nova/nova/crypto.py:307 2012-02-23 18:33:15 DEBUG nova.utils [-] Running cmd (subprocess): openssl ca -batch -out /tmp/tmpsGT55E/outbound.csr -config ./openssl.cnf -infiles /tmp/tmpsGT55E/inbound.csr from (pid=12892) execute /home/sunil/openstack/nova/nova/utils.py:208 2012-02-23 18:33:15 DEBUG nova.utils [-] Result was 1 from (pid=12892) execute /home/sunil/openstack/nova/nova/utils.py:224 Unexpected error while running command. Command: openssl ca -batch -out /tmp/tmpsGT55E/outbound.csr -config ./openssl.cnf -infiles /tmp/tmpsGT55E/inbound.csr Exit code: 1 Stdout: '' Stderr: "Using configuration from ./openssl.cnf\nerror loading the config file './openssl.cnf'\n139666044880544:error:02001002:system library:fopen:No such file or directory:bss_file.c:169:fopen('./openssl.cnf','rb')\n139666044880544:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:172:\n139666044880544:error:0E078072:configuration file routines:DEF_LOAD:no such file:conf_def.c:197:\n" The above error may show that the certificate db has not been created. Please create a database by running a nova-cert server on this host.

edit flag offensive delete link more
0

answered 2011-07-05 10:45:43 -0500

tonytkdk gravatar image

After that I try to create a new project . Got same error while create zipfile

root@nova:~/pro3# nova-manage project zipfile pro3 hugo Unexpected error while running command. Command: openssl ca -batch -out /tmp/tmppETM_6/outbound.csr -config ./openssl.cnf -infiles /tmp/tmppETM_6/inbound.csr Exit code: 1 Stdout: '' Stderr: "Using configuration from ./openssl.cnf\nerror loading the config file './openssl.cnf'\n12293:error:02001002:system library:fopen:No such file or directory:bss_file.c:126:fopen('./openssl.cnf','rb')\n12293:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:129:\n12293:error:0E078072:configuration file routines:DEF_LOAD:no such file:conf_def.c:197:\n" The above error may show that the certificate db has not been created. Please create a database by running a nova-api server on this host.

edit flag offensive delete link more
0

answered 2011-07-05 16:32:31 -0500

vishvananda gravatar image

Is this using trunk? I remember a similar issue around the time of the cactus release, but I thought it was fixed.

Vish

On Jul 5, 2011, at 4:16 AM, Hugo Kou wrote:

Question #163798 on OpenStack Compute (nova) changed: https://answers.launchpad.net/nova/+q...

Hugo Kou posted a new comment: about #1 comment

I can avoid it by delete --use_project_ca flag


You received this question notification because you are a member of Nova Core, which is an answer contact for OpenStack Compute (nova).

edit flag offensive delete link more
0

answered 2011-07-05 16:52:57 -0500

tonytkdk gravatar image

Dear Vish

Within Vlan test , I'm using Cactus Release. well, you said about file_missig that I'll have a check tomorrow. or Change to trunk for my examination And /var/lib/nova/CA is exist

the tree of my CA http://paste.openstack.org/show/1839/

1.if there any file missing

2.I'll turn to Trunk version

well , an additional question... Is there any approach to setup instance gateway after fire up , I have to change route table gateway to a specify IP instead of nova-network host.

I remember that I had a shot talk with soren before , aobut the metadata must be redirect from nova-network, now.

edit flag offensive delete link more
0

answered 2012-03-06 21:43:25 -0500

swoo gravatar image

Hi --

Has any one gotten a fix for this issue? I'm getting a similar error;

/usr/lib/python2.7/dist-packages/paste/deploy/loadwsgi.py:8: UserWarning: Module nova was already imported from /home/localadmin/openstack/nova/nova/__init__.pyc, but /usr/lib/python2.7/dist-packages is being added to sys.path import pkg_resources

2012-03-06 13:39:38 DEBUG nova.utils [req-23ad7bfd-25c6-4630-b914-18461638024a None None] backend <module 'nova.db.sqlalchemy.api'="" from="" '="" home="" localadmin="" openstack="" nova="" nova="" db="" sqlalchemy="" api.pyc'=""> from (pid=15979) __get_backend /home/localadmin/openstack/nova/nova/utils.py:607 2012-03-06 13:39:42 DEBUG nova.utils [-] Running cmd (subprocess): openssl genrsa -out /tmp/tmpdNzGYR/temp.key 1024 from (pid=15979) execute /home/localadmin/openstack/nova/nova/utils.py:213 2012-03-06 13:39:42 DEBUG nova.utils [-] Running cmd (subprocess): openssl req -new -key /tmp/tmpdNzGYR/temp.key -out /tmp/tmpdNzGYR/temp.csr -batch -subj /C=US/ST=California/O=OpenStack/OU=NovaDev/CN=openstack-localadmin-2012-03-06T21:39:42Z from (pid=15979) execute /home/localadmin/openstack/nova/nova/utils.py:213 2012-03-06 13:39:42 DEBUG nova.crypto [-] Flags path: /var/lib/nova/CA from (pid=15979) _sign_csr /home/localadmin/openstack/nova/nova/crypto.py:292 2012-03-06 13:39:42 DEBUG nova.utils [-] Running cmd (subprocess): openssl ca -batch -out /tmp/tmp6p0qgY/outbound.csr -config ./openssl.cnf -infiles /tmp/tmp6p0qgY/inbound.csr from (pid=15979) execute /home/localadmin/openstack/nova/nova/utils.py:213 2012-03-06 13:39:42 DEBUG nova.utils [-] Result was 1 from (pid=15979) execute /home/localadmin/openstack/nova/nova/utils.py:229 Unexpected error while running command. Command: openssl ca -batch -out /tmp/tmp6p0qgY/outbound.csr -config ./openssl.cnf -infiles /tmp/tmp6p0qgY/inbound.csr Exit code: 1 Stdout: '' Stderr: "Using configuration from ./openssl.cnf\nerror loading the config file './openssl.cnf'\n140116468876960:error:02001002:system library:fopen:No such file or directory:bss_file.c:169:fopen('./openssl.cnf','rb')\n140116468876960:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:172:\n140116468876960:error:0E078072:configuration file routines:DEF_LOAD:no such file:conf_def.c:197:\n" The above error may show that the certificate db has not been created. Please create a database by running a nova-cert server on this host.

edit flag offensive delete link more
0

answered 2012-03-06 22:57:33 -0500

vishvananda gravatar image

these files are supposed to be generated by genrootca.sh during the init_host of nova-cert

105 def ensure_ca_filesystem(): 106 """Ensure the CA filesystem exists.""" 107 ca_dir = ca_folder() 108 if not os.path.exists(ca_path()): 109 genrootca_sh_path = os.path.join(os.path.dirname(__file__), 110 'CA', 111 'genrootca.sh') 112 113 start = os.getcwd() 114 if not os.path.exists(ca_dir): 115 os.makedirs(ca_dir) 116 os.chdir(ca_dir) 117 utils.execute("sh", genrootca_sh_path) 118 os.chdir(start)

I can't verify that manually copying files the way that you did will work properly. Much better to simply run nova-cert as was suggested. by the error message.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2011-07-05 09:38:14 -0500

Seen: 121 times

Last updated: Mar 06 '12