MCollective 守護程序未綁定網路套接字
我剛剛使用 puppet-enterprise-2.0-ubuntu-10.04-amd64.tar.gz(從http://puppetlabs.com/misc/pe-files/下載)在 Ubuntu 10.04 LTS 上安裝了 PE,現在相同機器正在執行主機、控制台和代理角色。
我似乎對 MCollective 伺服器有疑問,儘管它似乎開始正常,但它並沒有按應有的方式打開埠 61613。
守護程序啟動正常
$ sudo /etc/init.d/pe-mcollective start * Starting mcollective daemon [ OK ]
出現是PS
$ ps aux | grep mcol | grep -v grep root 25636 0.0 0.5 64680 12056 ? S 07:21 0:00 /opt/puppet/bin/ruby /opt/puppet/sbin/mcollectived --pid /var/run/pe-mcollective.pid
Pid 文件包含正確的值
$ sudo cat /var/run/pe-mcollective.pid 25636
但是我沒有看到任何程序在埠 61613 上偵聽
$ sudo netstat -lntp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 2395/mysqld tcp 0 0 127.0.0.1:11211 0.0.0.0:* LISTEN 25542/memcached tcp 0 0 0.0.0.0:8140 0.0.0.0:* LISTEN 25620/pe-httpd tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 10096/apache2 tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2345/sshd tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2822/master tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 25620/pe-httpd
當我查看日誌時,我在 mcollective 伺服器和客戶端日誌中都看到了錯誤
$ sudo tail -f /var/log/pe-*/* ==> /var/log/pe-puppet-dashboard/mcollective_client.log <== I, [2011-12-20T07:26:22.731870 #30944] INFO -- : stomp.rb:79:in `on_connectfail' Connction to stomp://mcollective@puppetmaster.example.org:61613 failed on attempt 1646 ==> /var/log/pe-mcollective/mcollective.log <== I, [2011-12-20T07:26:24.852641 #25636] INFO -- : stomp.rb:79:in `on_connectfail' Connction to stomp://mcollective@puppetmaster.example.org:61613 failed on attempt 20
當我檢查 mcollective ruby 腳本 /opt/puppet/sbin/mcollectived 時,我可以看到它引用了具有以下配置指令的配置文件 /etc/puppetlabs/mcollective/server.cfg:
plugin.stomp.pool.size = 1 plugin.stomp.pool.host1 = puppetmaster.example.org plugin.stomp.pool.port1 = 61613 plugin.stomp.pool.user1 = mcollective plugin.stomp.pool.password1 = *************** plugin.stomp.pool.ssl1 = true plugin.stomp.base64 = true
我可以解析plugin.stomp.pool.host1,如果我將plugin.stomp.pool.port1例如更改為 61614 我看到它反映在上面提到的 mcollective.log 錯誤中。我設置了loglevel = debug但它沒有給我更多提示。我手動執行了腳本(/opt/puppet/bin/ruby /opt/puppet/sbin/mcollectived),但它也沒有給我任何線索。
問:如何進一步解決此問題?
問題在於 java 密鑰庫:
pe-activemq 開始正常
$ sudo /etc/init.d/pe-activemq start * pe-activemq started
然而,通過觀看 PS,我注意到 activemq 嘗試啟動但幾乎立即失敗。我修改了啟動腳本來做一些調試:
start() { echo -n "Starting $APP_NAME... " getpid if [ "X$pid" = "X" ] then # original command # COMMAND_LINE="$CMDNICE $WRAPPER_CMD $WRAPPER_CONF wrapper.syslog.ident=$APP_NAME wrapper.pidfile=$PIDFILE wrapper.daemonize=TRUE $ANCHORPROP $IGNOREPROP $LOCKPROP" # custom command with deamonize=FALSE COMMAND_LINE="$CMDNICE $WRAPPER_CMD $WRAPPER_CONF wrapper.syslog.ident=$APP_NAME wrapper.pidfile=$PIDFILE wrapper.daemonize=FALSE $ANCHORPROP $IGNOREPROP $LOCKPROP" echo "executing [$COMMAND_LINE]"
啟動 pe-activemq 出現以下錯誤
jvm 1 | ERROR | Failed to start ActiveMQ JMS Message Broker. Reason: java.io.IOException: Transport Connector could not be registered in JMX: Failed to bind to server socket: stomp+ssl://0.0.0.0:61613 due to: java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.DefaultSSLContextImpl)
看起來像是密鑰庫的問題。/opt/puppet/activemq/conf/activemq-wrapper.conf 配置文件為您提供以下詳細資訊:
set.default.ACTIVEMQ_BASE=/opt/puppet/activemq wrapper.working.dir=/var/log/pe-activemq [...] # Enable SSL of the Stomp Connection (Note, this provides encryption only as per #10596) wrapper.java.additional.7=-Djavax.net.ssl.keyStorePassword=puppet wrapper.java.additional.8=-Djavax.net.ssl.keyStore=%ACTIVEMQ_BASE%/conf/broker.ks # The trust store need not be present. wrapper.java.additional.9=-Djavax.net.ssl.trustStorePassword=puppet wrapper.java.additional.10=-Djavax.net.ssl.trustStore=%ACTIVEMQ_BASE%/conf/broker.ts
僅供參考 /opt/puppet/activemq/conf 是 /etc/puppetlabs/activemq 的符號連結 在該目錄中,broket.ts 文件存在,但缺少 broker.ks
基於這個頁面(http://activemq.apache.org/how-do-i-use-ssl.html),我做了以下
$ cd /etc/puppetlabs/activemq $ sudo keytool -genkey -alias broker -keyalg RSA -keystore broker.ks => provided puppet password everywhere
然後activemq開始正常
jvm 1 | INFO | Using Persistence Adapter: KahaDBPersistenceAdapter[/opt/puppet/activemq/data/kahadb] jvm 1 | INFO | KahaDB is version 3 jvm 1 | INFO | Recovering from the journal ... jvm 1 | INFO | Recovery replayed 1 operations from the journal in 0.022 seconds. jvm 1 | INFO | ActiveMQ 5.5.0 JMS Message Broker (localhost) is starting jvm 1 | INFO | For help or more information please see: http://activemq.apache.org/ jvm 1 | INFO | Installing StaticsBroker jvm 1 | INFO | Starting StatisticsBroker jvm 1 | INFO | Listening for connections at: tcp://myserver:61616 jvm 1 | INFO | Connector openwire Started jvm 1 | INFO | Listening for connections at: stomp+ssl://myserver:61613 jvm 1 | INFO | Connector stomp+ssl Started jvm 1 | INFO | ActiveMQ JMS Message Broker (localhost, ID:myserver-44300-1324455724257-0:1) started jvm 1 | INFO | jetty-7.1.6.v20100715 jvm 1 | INFO | ActiveMQ WebConsole initialized. jvm 1 | INFO | Initializing Spring FrameworkServlet 'dispatcher' jvm 1 | INFO | ActiveMQ Console at http://0.0.0.0:8161/admin jvm 1 | INFO | WebApp@2109578614 at http://0.0.0.0:8161/camel jvm 1 | INFO | WebApp@2109578614 at http://0.0.0.0:8161/demo jvm 1 | INFO | WebApp@2109578614 at http://0.0.0.0:8161/fileserver jvm 1 | INFO | Started SelectChannelConnector@0.0.0.0:8161
問題解決了