You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cloudstack.apache.org by Andrei Mikhailovsky <an...@arhont.com.INVALID> on 2016/11/22 13:35:01 UTC
error adding VPN user in VPC network
Hello
Duplicating this from the users list.
I am running ACS 4.9.0.
I am having an issue with adding a VPN user to the VPC network. I've enabled the VPN service on the static IP. The service was enabled and I have the PSK shown to me. However, when I am adding a new user it fails with the following error:
2016-11-22 12:05:26,189 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl] (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450) (logid:f76b2eae) VPN User VpnUser[40-andrei-45] is set on com.cloud.network.dao.RemoteAccessVpnVO$$EnhancerByCGLIB$$cc1dfb8d@4465732c
2016-11-22 12:05:26,189 WARN [c.c.n.v.RemoteAccessVpnManagerImpl] (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450) (logid:f76b2eae) Unable to apply vpn users
java.lang.IndexOutOfBoundsException: Index: 1, Size: 1
at java.util.ArrayList.rangeCheck(ArrayList.java:635)
at java.util.ArrayList.get(ArrayList.java:411)
at com.cloud.network.vpn.RemoteAccessVpnManagerImpl.applyVpnUsers(RemoteAccessVpnManagerImpl.java:532)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:91)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at com.sun.proxy.$Proxy237.applyVpnUsers(Unknown Source)
at org.apache.cloudstack.api.command.user.vpn.AddVpnUserCmd.execute(AddVpnUserCmd.java:122)
at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:150)
at com.cloud.api.ApiAsyncJobDispatcher.runJob(ApiAsyncJobDispatcher.java:108)
at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.runInContext(AsyncJobManagerImpl.java:554)
at org.apache.cloudstack.managed.context.ManagedContextRunnable$1.run(ManagedContextRunnable.java:49)
at org.apache.cloudstack.managed.context.impl.DefaultManagedContext$1.call(DefaultManagedContext.java:56)
at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.callWithContext(DefaultManagedContext.java:103)
at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.runWithContext(DefaultManagedContext.java:53)
at org.apache.cloudstack.managed.context.ManagedContextRunnable.run(ManagedContextRunnable.java:46)
at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.run(AsyncJobManagerImpl.java:502)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
at java.util.concurrent.FutureTask.run(FutureTask.java:262)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
2016-11-22 12:05:26,190 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl] (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450) (logid:f76b2eae) Applying vpn access to VirtualRouter
2016-11-22 12:05:26,192 WARN [c.c.n.v.RemoteAccessVpnManagerImpl] (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450) (logid:f76b2eae) Failed to apply vpn for user andrei, accountId=45
2016-11-22 12:05:26,193 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl] (API-Job-Executor-82:ctx-d62e35c3 job-31537) (logid:f76b2eae) Complete async job-31537, jobStatus: FAILED, resultCode: 530, result: org.apache.cloudstack.api.response.ExceptionResponse/null/{"uuidList":[],"errorcode":530,"errortext":"Failed to add vpn user"}
Please advise how to get this problem fixed and have a working VPN service?
Thanks
Andrei
Re: error adding VPN user in VPC network
Posted by Andrei Mikhailovsky <an...@arhont.com.INVALID>.
Hi Wei
Is this something that will be merged in the next release?
Thanks
----- Original Message -----
> From: "Wei ZHOU" <us...@gmail.com>
> To: "dev" <de...@cloudstack.apache.org>
> Sent: Tuesday, 22 November, 2016 15:06:18
> Subject: Re: error adding VPN user in VPC network
> Hi Andrii,
>
> I fixed by following change
> '''
> diff --git
> a/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
> b/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
> index b473f05..2a84714 100644
> --- a/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
> +++ b/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
> @@ -521,21 +521,26 @@ public class RemoteAccessVpnManagerImpl extends
> ManagerBase implements RemoteAcc
>
> boolean success = true;
>
> - boolean[] finals = new boolean[users.size()];
> + Boolean[] finals = new Boolean[users.size()];
> for (RemoteAccessVPNServiceProvider element :
> _vpnServiceProviders) {
> s_logger.debug("Applying vpn access to " + element.getName());
> for (RemoteAccessVpnVO vpn : vpns) {
> try {
> String[] results = element.applyVpnUsers(vpn, users);
> if (results != null) {
> + int indexUser = -1;
> for (int i = 0; i < results.length; i++) {
> - s_logger.debug("VPN User " + users.get(i) +
> (results[i] == null ? " is set on " : (" couldn't be set due to " +
> results[i]) + " on ") + vpn);
> + indexUser ++;
> + if (indexUser == users.size()) {
> + indexUser = 0; // results on multiple VPC
> routers are combined in commit 13eb789, reset user index if one VR is done.
> + }
> + s_logger.debug("VPN User " +
> users.get(indexUser) + (results[i] == null ? " is set on " : (" couldn't be
> set due to " + results[i]) + " on ") + vpn.getUuid());
> if (results[i] == null) {
> - if (!finals[i]) {
> - finals[i] = true;
> + if (finals[indexUser] == null) {
> + finals[indexUser] = true;
> }
> } else {
> - finals[i] = false;
> + finals[indexUser] = false;
> success = false;
> }
> }
> '''
>
> 2016-11-22 14:35 GMT+01:00 Andrei Mikhailovsky <an...@arhont.com.invalid>:
>
>> Hello
>>
>> Duplicating this from the users list.
>>
>> I am running ACS 4.9.0.
>>
>> I am having an issue with adding a VPN user to the VPC network. I've
>> enabled the VPN service on the static IP. The service was enabled and I
>> have the PSK shown to me. However, when I am adding a new user it fails
>> with the following error:
>>
>> 2016-11-22 12:05:26,189 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
>> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
>> (logid:f76b2eae) VPN User VpnUser[40-andrei-45] is set on
>> com.cloud.network.dao.RemoteAccessVpnVO$$EnhancerByCGLIB$$cc1dfb8d@
>> 4465732c
>> 2016-11-22 12:05:26,189 WARN [c.c.n.v.RemoteAccessVpnManagerImpl]
>> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
>> (logid:f76b2eae) Unable to apply vpn users
>> java.lang.IndexOutOfBoundsException: Index: 1, Size: 1
>> at java.util.ArrayList.rangeCheck(ArrayList.java:635)
>> at java.util.ArrayList.get(ArrayList.java:411)
>> at com.cloud.network.vpn.RemoteAccessVpnManagerImpl.applyVpnUsers(
>> RemoteAccessVpnManagerImpl.java:532)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> at sun.reflect.NativeMethodAccessorImpl.invoke(
>> NativeMethodAccessorImpl.java:57)
>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(
>> DelegatingMethodAccessorImpl.java:43)
>> at java.lang.reflect.Method.invoke(Method.java:606)
>> at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection
>> (AopUtils.java:317)
>> at org.springframework.aop.framework.ReflectiveMethodInvocation.
>> invokeJoinpoint(ReflectiveMethodInvocation.java:183)
>> at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(
>> ReflectiveMethodInvocation.java:150)
>> at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(
>> ExposeInvocationInterceptor.java:91)
>> at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(
>> ReflectiveMethodInvocation.java:172)
>> at org.springframework.aop.framework.JdkDynamicAopProxy.
>> invoke(JdkDynamicAopProxy.java:204)
>> at com.sun.proxy.$Proxy237.applyVpnUsers(Unknown Source)
>> at org.apache.cloudstack.api.command.user.vpn.AddVpnUserCmd.execute(
>> AddVpnUserCmd.java:122)
>> at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:150)
>> at com.cloud.api.ApiAsyncJobDispatcher.runJob(ApiAsyncJobDispatcher.java:
>> 108)
>> at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.
>> runInContext(AsyncJobManagerImpl.java:554)
>> at org.apache.cloudstack.managed.context.ManagedContextRunnable$1.run(
>> ManagedContextRunnable.java:49)
>> at org.apache.cloudstack.managed.context.impl.
>> DefaultManagedContext$1.call(DefaultManagedContext.java:56)
>> at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.
>> callWithContext(DefaultManagedContext.java:103)
>> at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.
>> runWithContext(DefaultManagedContext.java:53)
>> at org.apache.cloudstack.managed.context.ManagedContextRunnable.run(
>> ManagedContextRunnable.java:46)
>> at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.run(
>> AsyncJobManagerImpl.java:502)
>> at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
>> at java.util.concurrent.FutureTask.run(FutureTask.java:262)
>> at java.util.concurrent.ThreadPoolExecutor.runWorker(
>> ThreadPoolExecutor.java:1145)
>> at java.util.concurrent.ThreadPoolExecutor$Worker.run(
>> ThreadPoolExecutor.java:615)
>> at java.lang.Thread.run(Thread.java:745)
>> 2016-11-22 12:05:26,190 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
>> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
>> (logid:f76b2eae) Applying vpn access to VirtualRouter
>> 2016-11-22 12:05:26,192 WARN [c.c.n.v.RemoteAccessVpnManagerImpl]
>> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
>> (logid:f76b2eae) Failed to apply vpn for user andrei, accountId=45
>> 2016-11-22 12:05:26,193 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
>> (API-Job-Executor-82:ctx-d62e35c3 job-31537) (logid:f76b2eae) Complete
>> async job-31537, jobStatus: FAILED, resultCode: 530, result:
>> org.apache.cloudstack.api.response.ExceptionResponse/null/{"uuidList":[],"
>> errorcode":530,"errortext":"Failed to add vpn user"}
>>
>> Please advise how to get this problem fixed and have a working VPN service?
>>
>> Thanks
>>
>> Andrei
Re: error adding VPN user in VPC network
Posted by Wei ZHOU <us...@gmail.com>.
Hi Andrii,
I fixed by following change
'''
diff --git
a/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
b/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
index b473f05..2a84714 100644
--- a/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
+++ b/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
@@ -521,21 +521,26 @@ public class RemoteAccessVpnManagerImpl extends
ManagerBase implements RemoteAcc
boolean success = true;
- boolean[] finals = new boolean[users.size()];
+ Boolean[] finals = new Boolean[users.size()];
for (RemoteAccessVPNServiceProvider element :
_vpnServiceProviders) {
s_logger.debug("Applying vpn access to " + element.getName());
for (RemoteAccessVpnVO vpn : vpns) {
try {
String[] results = element.applyVpnUsers(vpn, users);
if (results != null) {
+ int indexUser = -1;
for (int i = 0; i < results.length; i++) {
- s_logger.debug("VPN User " + users.get(i) +
(results[i] == null ? " is set on " : (" couldn't be set due to " +
results[i]) + " on ") + vpn);
+ indexUser ++;
+ if (indexUser == users.size()) {
+ indexUser = 0; // results on multiple VPC
routers are combined in commit 13eb789, reset user index if one VR is done.
+ }
+ s_logger.debug("VPN User " +
users.get(indexUser) + (results[i] == null ? " is set on " : (" couldn't be
set due to " + results[i]) + " on ") + vpn.getUuid());
if (results[i] == null) {
- if (!finals[i]) {
- finals[i] = true;
+ if (finals[indexUser] == null) {
+ finals[indexUser] = true;
}
} else {
- finals[i] = false;
+ finals[indexUser] = false;
success = false;
}
}
'''
2016-11-22 14:35 GMT+01:00 Andrei Mikhailovsky <an...@arhont.com.invalid>:
> Hello
>
> Duplicating this from the users list.
>
> I am running ACS 4.9.0.
>
> I am having an issue with adding a VPN user to the VPC network. I've
> enabled the VPN service on the static IP. The service was enabled and I
> have the PSK shown to me. However, when I am adding a new user it fails
> with the following error:
>
> 2016-11-22 12:05:26,189 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
> (logid:f76b2eae) VPN User VpnUser[40-andrei-45] is set on
> com.cloud.network.dao.RemoteAccessVpnVO$$EnhancerByCGLIB$$cc1dfb8d@
> 4465732c
> 2016-11-22 12:05:26,189 WARN [c.c.n.v.RemoteAccessVpnManagerImpl]
> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
> (logid:f76b2eae) Unable to apply vpn users
> java.lang.IndexOutOfBoundsException: Index: 1, Size: 1
> at java.util.ArrayList.rangeCheck(ArrayList.java:635)
> at java.util.ArrayList.get(ArrayList.java:411)
> at com.cloud.network.vpn.RemoteAccessVpnManagerImpl.applyVpnUsers(
> RemoteAccessVpnManagerImpl.java:532)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(
> NativeMethodAccessorImpl.java:57)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(
> DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection
> (AopUtils.java:317)
> at org.springframework.aop.framework.ReflectiveMethodInvocation.
> invokeJoinpoint(ReflectiveMethodInvocation.java:183)
> at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(
> ReflectiveMethodInvocation.java:150)
> at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(
> ExposeInvocationInterceptor.java:91)
> at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(
> ReflectiveMethodInvocation.java:172)
> at org.springframework.aop.framework.JdkDynamicAopProxy.
> invoke(JdkDynamicAopProxy.java:204)
> at com.sun.proxy.$Proxy237.applyVpnUsers(Unknown Source)
> at org.apache.cloudstack.api.command.user.vpn.AddVpnUserCmd.execute(
> AddVpnUserCmd.java:122)
> at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:150)
> at com.cloud.api.ApiAsyncJobDispatcher.runJob(ApiAsyncJobDispatcher.java:
> 108)
> at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.
> runInContext(AsyncJobManagerImpl.java:554)
> at org.apache.cloudstack.managed.context.ManagedContextRunnable$1.run(
> ManagedContextRunnable.java:49)
> at org.apache.cloudstack.managed.context.impl.
> DefaultManagedContext$1.call(DefaultManagedContext.java:56)
> at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.
> callWithContext(DefaultManagedContext.java:103)
> at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.
> runWithContext(DefaultManagedContext.java:53)
> at org.apache.cloudstack.managed.context.ManagedContextRunnable.run(
> ManagedContextRunnable.java:46)
> at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.run(
> AsyncJobManagerImpl.java:502)
> at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
> at java.util.concurrent.FutureTask.run(FutureTask.java:262)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(
> ThreadPoolExecutor.java:1145)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(
> ThreadPoolExecutor.java:615)
> at java.lang.Thread.run(Thread.java:745)
> 2016-11-22 12:05:26,190 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
> (logid:f76b2eae) Applying vpn access to VirtualRouter
> 2016-11-22 12:05:26,192 WARN [c.c.n.v.RemoteAccessVpnManagerImpl]
> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
> (logid:f76b2eae) Failed to apply vpn for user andrei, accountId=45
> 2016-11-22 12:05:26,193 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
> (API-Job-Executor-82:ctx-d62e35c3 job-31537) (logid:f76b2eae) Complete
> async job-31537, jobStatus: FAILED, resultCode: 530, result:
> org.apache.cloudstack.api.response.ExceptionResponse/null/{"uuidList":[],"
> errorcode":530,"errortext":"Failed to add vpn user"}
>
> Please advise how to get this problem fixed and have a working VPN service?
>
> Thanks
>
> Andrei
>
Re: error adding VPN user in VPC network
Posted by Andrei Mikhailovsky <an...@arhont.com.INVALID>.
Hi Will, yeah, it's a typo. I meant to say the SourceNat IP.
Any idea when the next release is out?
Thanks
----- Original Message -----
> From: "Will Stevens" <ws...@cloudops.com>
> To: "dev" <de...@cloudstack.apache.org>
> Sent: Tuesday, 22 November, 2016 13:47:36
> Subject: Re: error adding VPN user in VPC network
> I am not sure how you are able to add the VPN user to a Static NAT IP. You
> should be adding it to the Source NAT IP. Was that just a typo or are you
> targeting the wrong IP address using the API or something like that?
>
> There are known issues with the current VPN implementation (openswan).
> Basically, if you try to scp files over it or tail a log, it will drop your
> connection. You may want to try the code from my PR
> https://github.com/apache/cloudstack/pull/1741 if you have problems with
> the current implementation. That PR should make it into the next release...
>
> *Will STEVENS*
> Lead Developer
>
> <https://goo.gl/NYZ8KK>
>
> On Tue, Nov 22, 2016 at 8:35 AM, Andrei Mikhailovsky <
> andrei@arhont.com.invalid> wrote:
>
>> Hello
>>
>> Duplicating this from the users list.
>>
>> I am running ACS 4.9.0.
>>
>> I am having an issue with adding a VPN user to the VPC network. I've
>> enabled the VPN service on the static IP. The service was enabled and I
>> have the PSK shown to me. However, when I am adding a new user it fails
>> with the following error:
>>
>> 2016-11-22 12:05:26,189 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
>> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
>> (logid:f76b2eae) VPN User VpnUser[40-andrei-45] is set on
>> com.cloud.network.dao.RemoteAccessVpnVO$$EnhancerByCGLIB$$cc1dfb8d@
>> 4465732c
>> 2016-11-22 12:05:26,189 WARN [c.c.n.v.RemoteAccessVpnManagerImpl]
>> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
>> (logid:f76b2eae) Unable to apply vpn users
>> java.lang.IndexOutOfBoundsException: Index: 1, Size: 1
>> at java.util.ArrayList.rangeCheck(ArrayList.java:635)
>> at java.util.ArrayList.get(ArrayList.java:411)
>> at com.cloud.network.vpn.RemoteAccessVpnManagerImpl.applyVpnUsers(
>> RemoteAccessVpnManagerImpl.java:532)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> at sun.reflect.NativeMethodAccessorImpl.invoke(
>> NativeMethodAccessorImpl.java:57)
>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(
>> DelegatingMethodAccessorImpl.java:43)
>> at java.lang.reflect.Method.invoke(Method.java:606)
>> at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection
>> (AopUtils.java:317)
>> at org.springframework.aop.framework.ReflectiveMethodInvocation.
>> invokeJoinpoint(ReflectiveMethodInvocation.java:183)
>> at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(
>> ReflectiveMethodInvocation.java:150)
>> at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(
>> ExposeInvocationInterceptor.java:91)
>> at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(
>> ReflectiveMethodInvocation.java:172)
>> at org.springframework.aop.framework.JdkDynamicAopProxy.
>> invoke(JdkDynamicAopProxy.java:204)
>> at com.sun.proxy.$Proxy237.applyVpnUsers(Unknown Source)
>> at org.apache.cloudstack.api.command.user.vpn.AddVpnUserCmd.execute(
>> AddVpnUserCmd.java:122)
>> at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:150)
>> at com.cloud.api.ApiAsyncJobDispatcher.runJob(ApiAsyncJobDispatcher.java:
>> 108)
>> at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.
>> runInContext(AsyncJobManagerImpl.java:554)
>> at org.apache.cloudstack.managed.context.ManagedContextRunnable$1.run(
>> ManagedContextRunnable.java:49)
>> at org.apache.cloudstack.managed.context.impl.
>> DefaultManagedContext$1.call(DefaultManagedContext.java:56)
>> at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.
>> callWithContext(DefaultManagedContext.java:103)
>> at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.
>> runWithContext(DefaultManagedContext.java:53)
>> at org.apache.cloudstack.managed.context.ManagedContextRunnable.run(
>> ManagedContextRunnable.java:46)
>> at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.run(
>> AsyncJobManagerImpl.java:502)
>> at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
>> at java.util.concurrent.FutureTask.run(FutureTask.java:262)
>> at java.util.concurrent.ThreadPoolExecutor.runWorker(
>> ThreadPoolExecutor.java:1145)
>> at java.util.concurrent.ThreadPoolExecutor$Worker.run(
>> ThreadPoolExecutor.java:615)
>> at java.lang.Thread.run(Thread.java:745)
>> 2016-11-22 12:05:26,190 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
>> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
>> (logid:f76b2eae) Applying vpn access to VirtualRouter
>> 2016-11-22 12:05:26,192 WARN [c.c.n.v.RemoteAccessVpnManagerImpl]
>> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
>> (logid:f76b2eae) Failed to apply vpn for user andrei, accountId=45
>> 2016-11-22 12:05:26,193 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
>> (API-Job-Executor-82:ctx-d62e35c3 job-31537) (logid:f76b2eae) Complete
>> async job-31537, jobStatus: FAILED, resultCode: 530, result:
>> org.apache.cloudstack.api.response.ExceptionResponse/null/{"uuidList":[],"
>> errorcode":530,"errortext":"Failed to add vpn user"}
>>
>> Please advise how to get this problem fixed and have a working VPN service?
>>
>> Thanks
>>
>> Andrei
Re: error adding VPN user in VPC network
Posted by Wei ZHOU <us...@gmail.com>.
Will, this issue did happen for me in the remote access vpn of vpc with
redundant VRs.
Andrei, if you confirm it works, I will create a PR.
2016-11-22 20:58 GMT+01:00 Andrei Mikhailovsky <an...@arhont.com.invalid>:
> Dag from the users mailing list has pointed to this:
> https://issues.apache.org/jira/browse/CLOUDSTACK-9356
>
>
> ----- Original Message -----
> > From: "Will Stevens" <wi...@gmail.com>
> > To: "dev" <de...@cloudstack.apache.org>
> > Sent: Tuesday, 22 November, 2016 17:37:56
> > Subject: Re: error adding VPN user in VPC network
>
> > Hmm. That is strange. I have not seen that behavior before.
> >
> > On Nov 22, 2016 11:45 AM, "Andrei Mikhailovsky"
> <an...@arhont.com.invalid>
> > wrote:
> >
> >> Hi Will,
> >>
> >> forgot to mention that my VPN services are working well for all existing
> >> accounts on a none VPC networks. I am running version 4.9.0 and have no
> >> issues apart from creating new vpn users to a VPC enabled network.
> >>
> >> Actually, I've just checked that I can successfully add a new user to a
> >> non-VPC network. No issues there as far as I can see.
> >>
> >> Andrei
> >>
> >> ----- Original Message -----
> >> > From: "Will Stevens" <ws...@cloudops.com>
> >> > To: "dev" <de...@cloudstack.apache.org>
> >> > Sent: Tuesday, 22 November, 2016 13:47:36
> >> > Subject: Re: error adding VPN user in VPC network
> >>
> >> > I am not sure how you are able to add the VPN user to a Static NAT IP.
> >> You
> >> > should be adding it to the Source NAT IP. Was that just a typo or are
> >> you
> >> > targeting the wrong IP address using the API or something like that?
> >> >
> >> > There are known issues with the current VPN implementation (openswan).
> >> > Basically, if you try to scp files over it or tail a log, it will drop
> >> your
> >> > connection. You may want to try the code from my PR
> >> > https://github.com/apache/cloudstack/pull/1741 if you have problems
> with
> >> > the current implementation. That PR should make it into the next
> >> release...
> >> >
> >> > *Will STEVENS*
> >> > Lead Developer
> >> >
> >> > <https://goo.gl/NYZ8KK>
> >> >
> >> > On Tue, Nov 22, 2016 at 8:35 AM, Andrei Mikhailovsky <
> >> > andrei@arhont.com.invalid> wrote:
> >> >
> >> >> Hello
> >> >>
> >> >> Duplicating this from the users list.
> >> >>
> >> >> I am running ACS 4.9.0.
> >> >>
> >> >> I am having an issue with adding a VPN user to the VPC network. I've
> >> >> enabled the VPN service on the static IP. The service was enabled
> and I
> >> >> have the PSK shown to me. However, when I am adding a new user it
> fails
> >> >> with the following error:
> >> >>
> >> >> 2016-11-22 12:05:26,189 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
> >> >> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
> >> >> (logid:f76b2eae) VPN User VpnUser[40-andrei-45] is set on
> >> >> com.cloud.network.dao.RemoteAccessVpnVO$$EnhancerByCGLIB$$cc1dfb8d@
> >> >> 4465732c
> >> >> 2016-11-22 12:05:26,189 WARN [c.c.n.v.RemoteAccessVpnManagerImpl]
> >> >> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
> >> >> (logid:f76b2eae) Unable to apply vpn users
> >> >> java.lang.IndexOutOfBoundsException: Index: 1, Size: 1
> >> >> at java.util.ArrayList.rangeCheck(ArrayList.java:635)
> >> >> at java.util.ArrayList.get(ArrayList.java:411)
> >> >> at com.cloud.network.vpn.RemoteAccessVpnManagerImpl.applyVpnUsers(
> >> >> RemoteAccessVpnManagerImpl.java:532)
> >> >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> >> >> at sun.reflect.NativeMethodAccessorImpl.invoke(
> >> >> NativeMethodAccessorImpl.java:57)
> >> >> at sun.reflect.DelegatingMethodAccessorImpl.invoke(
> >> >> DelegatingMethodAccessorImpl.java:43)
> >> >> at java.lang.reflect.Method.invoke(Method.java:606)
> >> >> at org.springframework.aop.support.AopUtils.
> >> invokeJoinpointUsingReflection
> >> >> (AopUtils.java:317)
> >> >> at org.springframework.aop.framework.ReflectiveMethodInvocation.
> >> >> invokeJoinpoint(ReflectiveMethodInvocation.java:183)
> >> >> at org.springframework.aop.framework.ReflectiveMethodInvocation.
> >> proceed(
> >> >> ReflectiveMethodInvocation.java:150)
> >> >> at org.springframework.aop.interceptor.ExposeInvocationInterceptor.
> >> invoke(
> >> >> ExposeInvocationInterceptor.java:91)
> >> >> at org.springframework.aop.framework.ReflectiveMethodInvocation.
> >> proceed(
> >> >> ReflectiveMethodInvocation.java:172)
> >> >> at org.springframework.aop.framework.JdkDynamicAopProxy.
> >> >> invoke(JdkDynamicAopProxy.java:204)
> >> >> at com.sun.proxy.$Proxy237.applyVpnUsers(Unknown Source)
> >> >> at org.apache.cloudstack.api.command.user.vpn.AddVpnUserCmd.execute(
> >> >> AddVpnUserCmd.java:122)
> >> >> at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:150)
> >> >> at com.cloud.api.ApiAsyncJobDispatcher.runJob(
> >> ApiAsyncJobDispatcher.java:
> >> >> 108)
> >> >> at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.
> >> >> runInContext(AsyncJobManagerImpl.java:554)
> >> >> at org.apache.cloudstack.managed.context.
> ManagedContextRunnable$1.run(
> >> >> ManagedContextRunnable.java:49)
> >> >> at org.apache.cloudstack.managed.context.impl.
> >> >> DefaultManagedContext$1.call(DefaultManagedContext.java:56)
> >> >> at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.
> >> >> callWithContext(DefaultManagedContext.java:103)
> >> >> at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.
> >> >> runWithContext(DefaultManagedContext.java:53)
> >> >> at org.apache.cloudstack.managed.context.ManagedContextRunnable.run(
> >> >> ManagedContextRunnable.java:46)
> >> >> at org.apache.cloudstack.framework.jobs.impl.
> AsyncJobManagerImpl$5.run(
> >> >> AsyncJobManagerImpl.java:502)
> >> >> at java.util.concurrent.Executors$RunnableAdapter.
> >> call(Executors.java:471)
> >> >> at java.util.concurrent.FutureTask.run(FutureTask.java:262)
> >> >> at java.util.concurrent.ThreadPoolExecutor.runWorker(
> >> >> ThreadPoolExecutor.java:1145)
> >> >> at java.util.concurrent.ThreadPoolExecutor$Worker.run(
> >> >> ThreadPoolExecutor.java:615)
> >> >> at java.lang.Thread.run(Thread.java:745)
> >> >> 2016-11-22 12:05:26,190 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
> >> >> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
> >> >> (logid:f76b2eae) Applying vpn access to VirtualRouter
> >> >> 2016-11-22 12:05:26,192 WARN [c.c.n.v.RemoteAccessVpnManagerImpl]
> >> >> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
> >> >> (logid:f76b2eae) Failed to apply vpn for user andrei, accountId=45
> >> >> 2016-11-22 12:05:26,193 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
> >> >> (API-Job-Executor-82:ctx-d62e35c3 job-31537) (logid:f76b2eae)
> Complete
> >> >> async job-31537, jobStatus: FAILED, resultCode: 530, result:
> >> >> org.apache.cloudstack.api.response.ExceptionResponse/
> >> null/{"uuidList":[],"
> >> >> errorcode":530,"errortext":"Failed to add vpn user"}
> >> >>
> >> >> Please advise how to get this problem fixed and have a working VPN
> >> service?
> >> >>
> >> >> Thanks
> >> >>
> >> >> Andrei
>
Re: error adding VPN user in VPC network
Posted by Andrei Mikhailovsky <an...@arhont.com.INVALID>.
Dag from the users mailing list has pointed to this: https://issues.apache.org/jira/browse/CLOUDSTACK-9356
----- Original Message -----
> From: "Will Stevens" <wi...@gmail.com>
> To: "dev" <de...@cloudstack.apache.org>
> Sent: Tuesday, 22 November, 2016 17:37:56
> Subject: Re: error adding VPN user in VPC network
> Hmm. That is strange. I have not seen that behavior before.
>
> On Nov 22, 2016 11:45 AM, "Andrei Mikhailovsky" <an...@arhont.com.invalid>
> wrote:
>
>> Hi Will,
>>
>> forgot to mention that my VPN services are working well for all existing
>> accounts on a none VPC networks. I am running version 4.9.0 and have no
>> issues apart from creating new vpn users to a VPC enabled network.
>>
>> Actually, I've just checked that I can successfully add a new user to a
>> non-VPC network. No issues there as far as I can see.
>>
>> Andrei
>>
>> ----- Original Message -----
>> > From: "Will Stevens" <ws...@cloudops.com>
>> > To: "dev" <de...@cloudstack.apache.org>
>> > Sent: Tuesday, 22 November, 2016 13:47:36
>> > Subject: Re: error adding VPN user in VPC network
>>
>> > I am not sure how you are able to add the VPN user to a Static NAT IP.
>> You
>> > should be adding it to the Source NAT IP. Was that just a typo or are
>> you
>> > targeting the wrong IP address using the API or something like that?
>> >
>> > There are known issues with the current VPN implementation (openswan).
>> > Basically, if you try to scp files over it or tail a log, it will drop
>> your
>> > connection. You may want to try the code from my PR
>> > https://github.com/apache/cloudstack/pull/1741 if you have problems with
>> > the current implementation. That PR should make it into the next
>> release...
>> >
>> > *Will STEVENS*
>> > Lead Developer
>> >
>> > <https://goo.gl/NYZ8KK>
>> >
>> > On Tue, Nov 22, 2016 at 8:35 AM, Andrei Mikhailovsky <
>> > andrei@arhont.com.invalid> wrote:
>> >
>> >> Hello
>> >>
>> >> Duplicating this from the users list.
>> >>
>> >> I am running ACS 4.9.0.
>> >>
>> >> I am having an issue with adding a VPN user to the VPC network. I've
>> >> enabled the VPN service on the static IP. The service was enabled and I
>> >> have the PSK shown to me. However, when I am adding a new user it fails
>> >> with the following error:
>> >>
>> >> 2016-11-22 12:05:26,189 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
>> >> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
>> >> (logid:f76b2eae) VPN User VpnUser[40-andrei-45] is set on
>> >> com.cloud.network.dao.RemoteAccessVpnVO$$EnhancerByCGLIB$$cc1dfb8d@
>> >> 4465732c
>> >> 2016-11-22 12:05:26,189 WARN [c.c.n.v.RemoteAccessVpnManagerImpl]
>> >> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
>> >> (logid:f76b2eae) Unable to apply vpn users
>> >> java.lang.IndexOutOfBoundsException: Index: 1, Size: 1
>> >> at java.util.ArrayList.rangeCheck(ArrayList.java:635)
>> >> at java.util.ArrayList.get(ArrayList.java:411)
>> >> at com.cloud.network.vpn.RemoteAccessVpnManagerImpl.applyVpnUsers(
>> >> RemoteAccessVpnManagerImpl.java:532)
>> >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> >> at sun.reflect.NativeMethodAccessorImpl.invoke(
>> >> NativeMethodAccessorImpl.java:57)
>> >> at sun.reflect.DelegatingMethodAccessorImpl.invoke(
>> >> DelegatingMethodAccessorImpl.java:43)
>> >> at java.lang.reflect.Method.invoke(Method.java:606)
>> >> at org.springframework.aop.support.AopUtils.
>> invokeJoinpointUsingReflection
>> >> (AopUtils.java:317)
>> >> at org.springframework.aop.framework.ReflectiveMethodInvocation.
>> >> invokeJoinpoint(ReflectiveMethodInvocation.java:183)
>> >> at org.springframework.aop.framework.ReflectiveMethodInvocation.
>> proceed(
>> >> ReflectiveMethodInvocation.java:150)
>> >> at org.springframework.aop.interceptor.ExposeInvocationInterceptor.
>> invoke(
>> >> ExposeInvocationInterceptor.java:91)
>> >> at org.springframework.aop.framework.ReflectiveMethodInvocation.
>> proceed(
>> >> ReflectiveMethodInvocation.java:172)
>> >> at org.springframework.aop.framework.JdkDynamicAopProxy.
>> >> invoke(JdkDynamicAopProxy.java:204)
>> >> at com.sun.proxy.$Proxy237.applyVpnUsers(Unknown Source)
>> >> at org.apache.cloudstack.api.command.user.vpn.AddVpnUserCmd.execute(
>> >> AddVpnUserCmd.java:122)
>> >> at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:150)
>> >> at com.cloud.api.ApiAsyncJobDispatcher.runJob(
>> ApiAsyncJobDispatcher.java:
>> >> 108)
>> >> at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.
>> >> runInContext(AsyncJobManagerImpl.java:554)
>> >> at org.apache.cloudstack.managed.context.ManagedContextRunnable$1.run(
>> >> ManagedContextRunnable.java:49)
>> >> at org.apache.cloudstack.managed.context.impl.
>> >> DefaultManagedContext$1.call(DefaultManagedContext.java:56)
>> >> at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.
>> >> callWithContext(DefaultManagedContext.java:103)
>> >> at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.
>> >> runWithContext(DefaultManagedContext.java:53)
>> >> at org.apache.cloudstack.managed.context.ManagedContextRunnable.run(
>> >> ManagedContextRunnable.java:46)
>> >> at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.run(
>> >> AsyncJobManagerImpl.java:502)
>> >> at java.util.concurrent.Executors$RunnableAdapter.
>> call(Executors.java:471)
>> >> at java.util.concurrent.FutureTask.run(FutureTask.java:262)
>> >> at java.util.concurrent.ThreadPoolExecutor.runWorker(
>> >> ThreadPoolExecutor.java:1145)
>> >> at java.util.concurrent.ThreadPoolExecutor$Worker.run(
>> >> ThreadPoolExecutor.java:615)
>> >> at java.lang.Thread.run(Thread.java:745)
>> >> 2016-11-22 12:05:26,190 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
>> >> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
>> >> (logid:f76b2eae) Applying vpn access to VirtualRouter
>> >> 2016-11-22 12:05:26,192 WARN [c.c.n.v.RemoteAccessVpnManagerImpl]
>> >> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
>> >> (logid:f76b2eae) Failed to apply vpn for user andrei, accountId=45
>> >> 2016-11-22 12:05:26,193 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
>> >> (API-Job-Executor-82:ctx-d62e35c3 job-31537) (logid:f76b2eae) Complete
>> >> async job-31537, jobStatus: FAILED, resultCode: 530, result:
>> >> org.apache.cloudstack.api.response.ExceptionResponse/
>> null/{"uuidList":[],"
>> >> errorcode":530,"errortext":"Failed to add vpn user"}
>> >>
>> >> Please advise how to get this problem fixed and have a working VPN
>> service?
>> >>
>> >> Thanks
>> >>
>> >> Andrei
Re: error adding VPN user in VPC network
Posted by Will Stevens <wi...@gmail.com>.
Hmm. That is strange. I have not seen that behavior before.
On Nov 22, 2016 11:45 AM, "Andrei Mikhailovsky" <an...@arhont.com.invalid>
wrote:
> Hi Will,
>
> forgot to mention that my VPN services are working well for all existing
> accounts on a none VPC networks. I am running version 4.9.0 and have no
> issues apart from creating new vpn users to a VPC enabled network.
>
> Actually, I've just checked that I can successfully add a new user to a
> non-VPC network. No issues there as far as I can see.
>
> Andrei
>
> ----- Original Message -----
> > From: "Will Stevens" <ws...@cloudops.com>
> > To: "dev" <de...@cloudstack.apache.org>
> > Sent: Tuesday, 22 November, 2016 13:47:36
> > Subject: Re: error adding VPN user in VPC network
>
> > I am not sure how you are able to add the VPN user to a Static NAT IP.
> You
> > should be adding it to the Source NAT IP. Was that just a typo or are
> you
> > targeting the wrong IP address using the API or something like that?
> >
> > There are known issues with the current VPN implementation (openswan).
> > Basically, if you try to scp files over it or tail a log, it will drop
> your
> > connection. You may want to try the code from my PR
> > https://github.com/apache/cloudstack/pull/1741 if you have problems with
> > the current implementation. That PR should make it into the next
> release...
> >
> > *Will STEVENS*
> > Lead Developer
> >
> > <https://goo.gl/NYZ8KK>
> >
> > On Tue, Nov 22, 2016 at 8:35 AM, Andrei Mikhailovsky <
> > andrei@arhont.com.invalid> wrote:
> >
> >> Hello
> >>
> >> Duplicating this from the users list.
> >>
> >> I am running ACS 4.9.0.
> >>
> >> I am having an issue with adding a VPN user to the VPC network. I've
> >> enabled the VPN service on the static IP. The service was enabled and I
> >> have the PSK shown to me. However, when I am adding a new user it fails
> >> with the following error:
> >>
> >> 2016-11-22 12:05:26,189 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
> >> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
> >> (logid:f76b2eae) VPN User VpnUser[40-andrei-45] is set on
> >> com.cloud.network.dao.RemoteAccessVpnVO$$EnhancerByCGLIB$$cc1dfb8d@
> >> 4465732c
> >> 2016-11-22 12:05:26,189 WARN [c.c.n.v.RemoteAccessVpnManagerImpl]
> >> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
> >> (logid:f76b2eae) Unable to apply vpn users
> >> java.lang.IndexOutOfBoundsException: Index: 1, Size: 1
> >> at java.util.ArrayList.rangeCheck(ArrayList.java:635)
> >> at java.util.ArrayList.get(ArrayList.java:411)
> >> at com.cloud.network.vpn.RemoteAccessVpnManagerImpl.applyVpnUsers(
> >> RemoteAccessVpnManagerImpl.java:532)
> >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> >> at sun.reflect.NativeMethodAccessorImpl.invoke(
> >> NativeMethodAccessorImpl.java:57)
> >> at sun.reflect.DelegatingMethodAccessorImpl.invoke(
> >> DelegatingMethodAccessorImpl.java:43)
> >> at java.lang.reflect.Method.invoke(Method.java:606)
> >> at org.springframework.aop.support.AopUtils.
> invokeJoinpointUsingReflection
> >> (AopUtils.java:317)
> >> at org.springframework.aop.framework.ReflectiveMethodInvocation.
> >> invokeJoinpoint(ReflectiveMethodInvocation.java:183)
> >> at org.springframework.aop.framework.ReflectiveMethodInvocation.
> proceed(
> >> ReflectiveMethodInvocation.java:150)
> >> at org.springframework.aop.interceptor.ExposeInvocationInterceptor.
> invoke(
> >> ExposeInvocationInterceptor.java:91)
> >> at org.springframework.aop.framework.ReflectiveMethodInvocation.
> proceed(
> >> ReflectiveMethodInvocation.java:172)
> >> at org.springframework.aop.framework.JdkDynamicAopProxy.
> >> invoke(JdkDynamicAopProxy.java:204)
> >> at com.sun.proxy.$Proxy237.applyVpnUsers(Unknown Source)
> >> at org.apache.cloudstack.api.command.user.vpn.AddVpnUserCmd.execute(
> >> AddVpnUserCmd.java:122)
> >> at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:150)
> >> at com.cloud.api.ApiAsyncJobDispatcher.runJob(
> ApiAsyncJobDispatcher.java:
> >> 108)
> >> at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.
> >> runInContext(AsyncJobManagerImpl.java:554)
> >> at org.apache.cloudstack.managed.context.ManagedContextRunnable$1.run(
> >> ManagedContextRunnable.java:49)
> >> at org.apache.cloudstack.managed.context.impl.
> >> DefaultManagedContext$1.call(DefaultManagedContext.java:56)
> >> at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.
> >> callWithContext(DefaultManagedContext.java:103)
> >> at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.
> >> runWithContext(DefaultManagedContext.java:53)
> >> at org.apache.cloudstack.managed.context.ManagedContextRunnable.run(
> >> ManagedContextRunnable.java:46)
> >> at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.run(
> >> AsyncJobManagerImpl.java:502)
> >> at java.util.concurrent.Executors$RunnableAdapter.
> call(Executors.java:471)
> >> at java.util.concurrent.FutureTask.run(FutureTask.java:262)
> >> at java.util.concurrent.ThreadPoolExecutor.runWorker(
> >> ThreadPoolExecutor.java:1145)
> >> at java.util.concurrent.ThreadPoolExecutor$Worker.run(
> >> ThreadPoolExecutor.java:615)
> >> at java.lang.Thread.run(Thread.java:745)
> >> 2016-11-22 12:05:26,190 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
> >> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
> >> (logid:f76b2eae) Applying vpn access to VirtualRouter
> >> 2016-11-22 12:05:26,192 WARN [c.c.n.v.RemoteAccessVpnManagerImpl]
> >> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
> >> (logid:f76b2eae) Failed to apply vpn for user andrei, accountId=45
> >> 2016-11-22 12:05:26,193 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
> >> (API-Job-Executor-82:ctx-d62e35c3 job-31537) (logid:f76b2eae) Complete
> >> async job-31537, jobStatus: FAILED, resultCode: 530, result:
> >> org.apache.cloudstack.api.response.ExceptionResponse/
> null/{"uuidList":[],"
> >> errorcode":530,"errortext":"Failed to add vpn user"}
> >>
> >> Please advise how to get this problem fixed and have a working VPN
> service?
> >>
> >> Thanks
> >>
> >> Andrei
>
Re: error adding VPN user in VPC network
Posted by Andrei Mikhailovsky <an...@arhont.com.INVALID>.
Hi Will,
forgot to mention that my VPN services are working well for all existing accounts on a none VPC networks. I am running version 4.9.0 and have no issues apart from creating new vpn users to a VPC enabled network.
Actually, I've just checked that I can successfully add a new user to a non-VPC network. No issues there as far as I can see.
Andrei
----- Original Message -----
> From: "Will Stevens" <ws...@cloudops.com>
> To: "dev" <de...@cloudstack.apache.org>
> Sent: Tuesday, 22 November, 2016 13:47:36
> Subject: Re: error adding VPN user in VPC network
> I am not sure how you are able to add the VPN user to a Static NAT IP. You
> should be adding it to the Source NAT IP. Was that just a typo or are you
> targeting the wrong IP address using the API or something like that?
>
> There are known issues with the current VPN implementation (openswan).
> Basically, if you try to scp files over it or tail a log, it will drop your
> connection. You may want to try the code from my PR
> https://github.com/apache/cloudstack/pull/1741 if you have problems with
> the current implementation. That PR should make it into the next release...
>
> *Will STEVENS*
> Lead Developer
>
> <https://goo.gl/NYZ8KK>
>
> On Tue, Nov 22, 2016 at 8:35 AM, Andrei Mikhailovsky <
> andrei@arhont.com.invalid> wrote:
>
>> Hello
>>
>> Duplicating this from the users list.
>>
>> I am running ACS 4.9.0.
>>
>> I am having an issue with adding a VPN user to the VPC network. I've
>> enabled the VPN service on the static IP. The service was enabled and I
>> have the PSK shown to me. However, when I am adding a new user it fails
>> with the following error:
>>
>> 2016-11-22 12:05:26,189 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
>> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
>> (logid:f76b2eae) VPN User VpnUser[40-andrei-45] is set on
>> com.cloud.network.dao.RemoteAccessVpnVO$$EnhancerByCGLIB$$cc1dfb8d@
>> 4465732c
>> 2016-11-22 12:05:26,189 WARN [c.c.n.v.RemoteAccessVpnManagerImpl]
>> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
>> (logid:f76b2eae) Unable to apply vpn users
>> java.lang.IndexOutOfBoundsException: Index: 1, Size: 1
>> at java.util.ArrayList.rangeCheck(ArrayList.java:635)
>> at java.util.ArrayList.get(ArrayList.java:411)
>> at com.cloud.network.vpn.RemoteAccessVpnManagerImpl.applyVpnUsers(
>> RemoteAccessVpnManagerImpl.java:532)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> at sun.reflect.NativeMethodAccessorImpl.invoke(
>> NativeMethodAccessorImpl.java:57)
>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(
>> DelegatingMethodAccessorImpl.java:43)
>> at java.lang.reflect.Method.invoke(Method.java:606)
>> at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection
>> (AopUtils.java:317)
>> at org.springframework.aop.framework.ReflectiveMethodInvocation.
>> invokeJoinpoint(ReflectiveMethodInvocation.java:183)
>> at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(
>> ReflectiveMethodInvocation.java:150)
>> at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(
>> ExposeInvocationInterceptor.java:91)
>> at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(
>> ReflectiveMethodInvocation.java:172)
>> at org.springframework.aop.framework.JdkDynamicAopProxy.
>> invoke(JdkDynamicAopProxy.java:204)
>> at com.sun.proxy.$Proxy237.applyVpnUsers(Unknown Source)
>> at org.apache.cloudstack.api.command.user.vpn.AddVpnUserCmd.execute(
>> AddVpnUserCmd.java:122)
>> at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:150)
>> at com.cloud.api.ApiAsyncJobDispatcher.runJob(ApiAsyncJobDispatcher.java:
>> 108)
>> at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.
>> runInContext(AsyncJobManagerImpl.java:554)
>> at org.apache.cloudstack.managed.context.ManagedContextRunnable$1.run(
>> ManagedContextRunnable.java:49)
>> at org.apache.cloudstack.managed.context.impl.
>> DefaultManagedContext$1.call(DefaultManagedContext.java:56)
>> at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.
>> callWithContext(DefaultManagedContext.java:103)
>> at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.
>> runWithContext(DefaultManagedContext.java:53)
>> at org.apache.cloudstack.managed.context.ManagedContextRunnable.run(
>> ManagedContextRunnable.java:46)
>> at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.run(
>> AsyncJobManagerImpl.java:502)
>> at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
>> at java.util.concurrent.FutureTask.run(FutureTask.java:262)
>> at java.util.concurrent.ThreadPoolExecutor.runWorker(
>> ThreadPoolExecutor.java:1145)
>> at java.util.concurrent.ThreadPoolExecutor$Worker.run(
>> ThreadPoolExecutor.java:615)
>> at java.lang.Thread.run(Thread.java:745)
>> 2016-11-22 12:05:26,190 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
>> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
>> (logid:f76b2eae) Applying vpn access to VirtualRouter
>> 2016-11-22 12:05:26,192 WARN [c.c.n.v.RemoteAccessVpnManagerImpl]
>> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
>> (logid:f76b2eae) Failed to apply vpn for user andrei, accountId=45
>> 2016-11-22 12:05:26,193 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
>> (API-Job-Executor-82:ctx-d62e35c3 job-31537) (logid:f76b2eae) Complete
>> async job-31537, jobStatus: FAILED, resultCode: 530, result:
>> org.apache.cloudstack.api.response.ExceptionResponse/null/{"uuidList":[],"
>> errorcode":530,"errortext":"Failed to add vpn user"}
>>
>> Please advise how to get this problem fixed and have a working VPN service?
>>
>> Thanks
>>
>> Andrei
Re: error adding VPN user in VPC network
Posted by Will Stevens <ws...@cloudops.com>.
I am not sure how you are able to add the VPN user to a Static NAT IP. You
should be adding it to the Source NAT IP. Was that just a typo or are you
targeting the wrong IP address using the API or something like that?
There are known issues with the current VPN implementation (openswan).
Basically, if you try to scp files over it or tail a log, it will drop your
connection. You may want to try the code from my PR
https://github.com/apache/cloudstack/pull/1741 if you have problems with
the current implementation. That PR should make it into the next release...
*Will STEVENS*
Lead Developer
<https://goo.gl/NYZ8KK>
On Tue, Nov 22, 2016 at 8:35 AM, Andrei Mikhailovsky <
andrei@arhont.com.invalid> wrote:
> Hello
>
> Duplicating this from the users list.
>
> I am running ACS 4.9.0.
>
> I am having an issue with adding a VPN user to the VPC network. I've
> enabled the VPN service on the static IP. The service was enabled and I
> have the PSK shown to me. However, when I am adding a new user it fails
> with the following error:
>
> 2016-11-22 12:05:26,189 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
> (logid:f76b2eae) VPN User VpnUser[40-andrei-45] is set on
> com.cloud.network.dao.RemoteAccessVpnVO$$EnhancerByCGLIB$$cc1dfb8d@
> 4465732c
> 2016-11-22 12:05:26,189 WARN [c.c.n.v.RemoteAccessVpnManagerImpl]
> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
> (logid:f76b2eae) Unable to apply vpn users
> java.lang.IndexOutOfBoundsException: Index: 1, Size: 1
> at java.util.ArrayList.rangeCheck(ArrayList.java:635)
> at java.util.ArrayList.get(ArrayList.java:411)
> at com.cloud.network.vpn.RemoteAccessVpnManagerImpl.applyVpnUsers(
> RemoteAccessVpnManagerImpl.java:532)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(
> NativeMethodAccessorImpl.java:57)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(
> DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection
> (AopUtils.java:317)
> at org.springframework.aop.framework.ReflectiveMethodInvocation.
> invokeJoinpoint(ReflectiveMethodInvocation.java:183)
> at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(
> ReflectiveMethodInvocation.java:150)
> at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(
> ExposeInvocationInterceptor.java:91)
> at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(
> ReflectiveMethodInvocation.java:172)
> at org.springframework.aop.framework.JdkDynamicAopProxy.
> invoke(JdkDynamicAopProxy.java:204)
> at com.sun.proxy.$Proxy237.applyVpnUsers(Unknown Source)
> at org.apache.cloudstack.api.command.user.vpn.AddVpnUserCmd.execute(
> AddVpnUserCmd.java:122)
> at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:150)
> at com.cloud.api.ApiAsyncJobDispatcher.runJob(ApiAsyncJobDispatcher.java:
> 108)
> at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.
> runInContext(AsyncJobManagerImpl.java:554)
> at org.apache.cloudstack.managed.context.ManagedContextRunnable$1.run(
> ManagedContextRunnable.java:49)
> at org.apache.cloudstack.managed.context.impl.
> DefaultManagedContext$1.call(DefaultManagedContext.java:56)
> at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.
> callWithContext(DefaultManagedContext.java:103)
> at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.
> runWithContext(DefaultManagedContext.java:53)
> at org.apache.cloudstack.managed.context.ManagedContextRunnable.run(
> ManagedContextRunnable.java:46)
> at org.apache.cloudstack.framework.jobs.impl.AsyncJobManagerImpl$5.run(
> AsyncJobManagerImpl.java:502)
> at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
> at java.util.concurrent.FutureTask.run(FutureTask.java:262)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(
> ThreadPoolExecutor.java:1145)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(
> ThreadPoolExecutor.java:615)
> at java.lang.Thread.run(Thread.java:745)
> 2016-11-22 12:05:26,190 DEBUG [c.c.n.v.RemoteAccessVpnManagerImpl]
> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
> (logid:f76b2eae) Applying vpn access to VirtualRouter
> 2016-11-22 12:05:26,192 WARN [c.c.n.v.RemoteAccessVpnManagerImpl]
> (API-Job-Executor-82:ctx-d62e35c3 job-31537 ctx-8ac8a450)
> (logid:f76b2eae) Failed to apply vpn for user andrei, accountId=45
> 2016-11-22 12:05:26,193 DEBUG [o.a.c.f.j.i.AsyncJobManagerImpl]
> (API-Job-Executor-82:ctx-d62e35c3 job-31537) (logid:f76b2eae) Complete
> async job-31537, jobStatus: FAILED, resultCode: 530, result:
> org.apache.cloudstack.api.response.ExceptionResponse/null/{"uuidList":[],"
> errorcode":530,"errortext":"Failed to add vpn user"}
>
> Please advise how to get this problem fixed and have a working VPN service?
>
> Thanks
>
> Andrei
>