- Community Home
- >
- Networking
- >
- Software Defined Networking
- >
- Issue installing latest VAN; possible postgreSQL e...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-14-2015 10:52 AM
04-14-2015 10:52 AM
Issue installing latest VAN; possible postgreSQL error?
I'm trying to run HP VAN on Ubuntu 12.04, using VMware Fusion and giving the VM plenty of resources (8GB RAM, 4 cores). The install appears to run to completion but I can't get to the GUI; the log shows some PSQL exceptions that might be the issue.
All browsers fail to connect, reporting:
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
The port is not listening:
brandonh@precise:~$ netstat -nl | grep 8843
… and the log shows PostgreSQL errors, which might be the root cause of the breakage:
sudo cat /var/log/sdn/virgo/logs/log.log | grep -i except
[2015-04-14 10:31:22.320] INFO System Bundle Shutdown System.out [EL Info]: UnitOfWork(1494023401)--Communication failure detected when attempting to perform read query outside of a transaction. Attempting to retry query. Error was: Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.5.1.v20130918-f2b9fc5): org.eclipse.persistence.exceptions.DatabaseException
[2015-04-14 10:31:22.320] INFO System Bundle Shutdown System.out Internal Excepion: org.postgresql.util.PSQLException: Connection refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections.
Full details of the commands I ran are at the bottom. Anyone have any ideas? Thanks in advance.
#!/bin/bash
# Install script for HP VAN on Ubuntu 12.04
# Instructions from http://h20564.www2.hp.com/hpsc/doc/public/display?docId=c04495134
# Make sure to transfer over the controller zip first:
# # Transfer over VAN_SDN_Controller_2.4.6_hp-van-sdn-ctlr-2.4.6-x64.zip:
# scp ~/Downloads/VAN_SDN_Controller_2.4.6_hp-van-sdn-ctlr-2.4.6-x64.zip precise:~/
# Give it lots of resources (8 GB RAM, 4 cores); apparently it may not start up w/o enough.
set -e
# To address “failed to Fetch” issues during apt-get update:
sudo rm -rf /var/lib/apt/lists/
sudo apt-get -y update
sudo apt-get install -y python-software-properties ubuntu-cloud-keyring
sudo add-apt-repository -y cloud-archive:icehouse
sudo apt-get -y update
sudo apt-get install -y keystone
sudo apt-get install -y unzip
unzip VAN_SDN_Controller_2.4.6_hp-van-sdn-ctlr-2.4.6-x64.zip
sudo dpkg --unpack hp-sdn-ctl_2.4.6.0627_amd64.deb
sudo apt-get install -f -y
sudo dpkg -l hp-sdn-ctl | grep ii
sudo service sdnc start
sleep 60
sudo service sdnc status | grep running
# Workaround to update python for config_local_keystone script to work:
# See
# Suggestion to run ‘sudo apt-get update after adding icehouse repo”:
sudo apt-get upgrade
# Proxy setup:
# Is this needed?
unset https_proxy http_proxy
sudo /opt/sdn/admin/config_local_keystone
# Try connection, in browser:
https://172.16.49.133:8443/sdn/ui/
# DOES NOT WORK
# Or locally
https://127.0.0.1:8443/sdn/ui/
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-15-2015 02:49 PM
04-15-2015 02:49 PM
Re: Issue installing latest VAN; possible postgreSQL error?
I tried out version 2.4.3 as well, and saw the same error.
If you'd like to try it out, I've posted a script here as a gist:
https://gist.github.com/brandonheller/5192dbe6da1a6c77ce12
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-16-2015 11:32 AM - edited 04-16-2015 11:34 AM
04-16-2015 11:32 AM - edited 04-16-2015 11:34 AM
Re: Issue installing latest VAN; possible postgreSQL error?
Hi Brandon
The Certifacte signing requirements for a large portion of browsers has recentaly changed, and because of this the orignal self signed version for the SDN Controller conflicts with these browsers minimum requirements. Here is the procedure for manually generating a new self signed certificate.
Bold Italic text is commands
Bold is Important notes
I have indented sample output
The following needs to be done as root hence( I am assuming the account your are using does have sudo premissions for root)
sudo service sdnc stop
Then the following needs to be done as the user which the sdn controller controller runs as(The user is the user sdn by default), since the truststore and keystore must be readable by that user.
Hint to become the user sdn us the following “sudo su – sdn”.
cd /opt/sdn/admin
ls -l *store*
sdn@ubuntu:~/admin$ ls -l *store*
-rw-r----- 1 sdn sdn 1319 Mar 20 14:53 keystore
-rw-r----- 1 sdn sdn 913 Mar 20 14:53 truststore
Note the permissions and ownership of the files
Here we generate a self-signed certificate with a validity period of 1780 days, after moving the old keystore and truststore away.
Note you need to use the password “skyline” below unless you have changed it. I have added it in for clarity in the commands below but it will not show when it is typed.
Leave the password for the key the same as the keystore password.
mv keystore keystore.orig
mv truststore truststore.orig
keytool -genkey -alias serverKey -keyalg rsa -keysize 2048 -keystore keystore -validity 1780
sdn@ubuntu:~/admin$ keytool -genkey -alias serverKey -keyalg rsa -keysize 2048 -keystore keystore
Enter keystore password: skyline
Re-enter new password: skyline
What is your first and last name?
[Unknown]: 192.168.181.135
What is the name of your organizational unit?
[Unknown]: SDNCOE
What is the name of your organization?
[Unknown]: HP
What is the name of your City or Locality?
[Unknown]: Amstelveen
What is the name of your State or Province?
[Unknown]: Noord-Holland
What is the two-letter country code for this unit?
[Unknown]: NL
Is CN=192.168.181.135, OU=SDNCOE, O=HP, L=Amstelveen, ST=Noord-Holland, C=NL correct?
[no]: y
Enter key password for <serverKey>
(RETURN if same as keystore password): Just press enter here
sdn@ubuntu:~/admin$
keytool -exportcert -keystore keystore -alias serverKey -file serverkey.cer
sdn@ubuntu:~/admin$ keytool -exportcert -keystore keystore -alias serverKey -file serverkey.cer
Enter keystore password:
Certificate stored in file <serverkey.cer>
sdn@ubuntu:~/admin$
ls -ltr
sdn@ubuntu:~/admin$ ls -ltr
total 15728
-rwxr-x--- 1 sdn sdn 462 Jan 29 12:46 uninstall-dpkg
-rwxr-x--- 1 sdn sdn 486 Jan 29 12:46 startup.sh
-rwxr-x--- 1 sdn sdn 1453 Jan 29 12:46 sdnpass
<SNIP>
-rw-rw-r-- 1 sdn sdn 2257 Apr 9 01:51 keystore
-rw-rw-r-- 1 sdn sdn 1088 Apr 9 01:52 sdn-server.csr
-rw-rw-r-- 1 sdn sdn 903 Apr 9 02:06 serverkey.cer
Note you need to use the password “skyline” below unless you have changed it. I have added it in for clarity in the commands below but it will not show when it is typed.
keytool -importcert -trustcacerts -keystore truststore -file serverkey.cer -alias CARoot
sdn@ubuntu:~/admin$ keytool -importcert -trustcacerts -keystore truststore -file serverkey.cer -alias CARoot
Enter keystore password: skyline
Re-enter new password: skyline
Owner: CN=192.168.181.135, OU=SDNCOE, O=HP, L=Amstelveen, ST=Noord-Holland, C=NL
Issuer: CN=192.168.181.135, OU=SDNCOE, O=HP, L=Amstelveen, ST=Noord-Holland, C=NL
Serial number: 54a39e23
Valid from: Thu Apr 09 01:51:25 PDT 2015 until: Wed Jul 08 01:51:25 PDT 2015
Certificate fingerprints:
MD5: 44:02:D6:58:C5:2A:2D:B5:F3:64:9B:40:6D:9B:1D:10
SHA1: C7:59:89:31:9D:79:C9:D5:3A:22:D7:36:C7:43:2D:1B:88:5B:54:5E
SHA256: E9:5D:1E:06:02:25:17:3F:C4:D9:97:C4:28:27:E6:87:2F:BC:B4:C9:E1:47:17:57:FF:33:1B:23:86:41:A5:B0
Signature algorithm name: SHA256withRSA
Version: 3
Extensions:
#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 82 FD 72 7D 83 60 88 C0 DA 67 7D 6A 03 12 11 B7 ..r..`...g.j....
0010: 27 C7 EC D9 '...
]
]
Trust this certificate? [no]: yes
Certificate was added to keystore
sdn@ubuntu:~/admin$
As the user root hence, you might need to type “logout” here to switch to the account you usually log in which has sudo capbilities.
sudo service sdnc start
Kind Regards
Gerhard Roets
HP SDN COE Team