T-Shoot: VIRL on Packet

     

    Important: If you are using VIRL 1.2 or newer, make sure that you use UWM to deploy your VIRL server to Packet. More information can be found in the Remote Server Panel section of the VIRL 1.2.64 (July 2016 Release) version.

     

    Common errors when deploying your Packet server

    Here are just some errors which you may run into when deploying your new VIRL on Packet server. Most errors occur from misconfiguration or an improperly edited or save file. If you are on Windows, be careful not when saving a configuration file. By default, Windows removes common file extensions which can easily confuse an user when saving the text file.

     

    You have reached maximum number of projects

     

    Summary

    Typically this error is because you have already created a project in Packet and your account does not allow multiple concurrent projects.

     

    Error returned:

    Error applying plan:

     

    1 error(s) occurred:

     

    * packet_project.virl_project: You have reached the maximum number of projects you can create (1); You have reached the maximum number of projects you can create (1); Memberships is invalid

     

    Terraform does not automatically rollback in the face of errors.

    Instead, your Terraform state file has been partially updated with

    any resources that successfully completed. Please address the error

    above and apply again to incrementally change your infrastructure.

     

    Resolution

    • Log into your Packet account and Manage
    • Click on the name of your project listed
    • Select "Settings" tab
    • Scroll to the bottom of the page and click on the button to delete the project

     


     

    Script exited with non-zero exit status: 127

     

    Summary

    This can happen when the application pwgen does not get loaded correctly during the initial terraform command.

    The error returned may be similar to this:

    Error applying plan:

        1 error(s) occurred:

        Script exited with non-zero exit status: 127

     

    Verify that the problem is indeed because the pwgen package did not install as expected. To do this, open your terraform password file:

    cat /home/virl/virl_packet/passwords.tf

      If you see the following lines then continue to resolution. Otherwise the problem may be something else and it would be best to start a new thread.

    cat passwords.tf

        variable "guest_password" {

        description = "password for the guest account - stick with letters and numbers for now please"

        default = "/bin/bash: /usr/bin/pwgen: No such file or directory" <<=== NOTE!!

        }

        variable "uwmadmin_password" {

        description = "password for the uwm admin account - stick with letters and numbers for now please"

        default = "/bin/bash: /usr/bin/pwgen: No such file or directory" <<=== NOTE!!

        }


    Resolution

    Run the initial setup command again:

    sudo salt-call state.sls virl.terraform

    Once the command completes, check the password file once more to ensure that you now have passwords where they belong.

    cat passwords.tf

        variable "guest_password" {

        description = "password for the guest account - stick with letters and numbers for now please"

        default = "3xample321" <<=== NOTE!!

        }

        variable "uwmadmin_password" {

        description = "password for the uwm admin account - stick with letters and numbers for now please"

        default = "3xampl321" <<=== NOTE!!

        }

     


     

    File "/var/local/virl/client.ovpn" not found


    Summary

    It is possible that when deploying VIRL on Packet using Vagrant, the vagrant user private SSH key is not created.

    If this happens, you will see an error similar to this:

    packet_device.virl: Provisioning with 'local-exec'...

    packet_device.virl (local-exec): Executing: /bin/sh -c "sftp -o 'IdentityFile=~/.ssh/id_rsa' -o 'StrictHostKeyChecking=no' root@147.75.xxx.57:/var/local/virl/client.ovpn client.ovpn"

    packet_device.virl (local-exec): Warning: Permanently added '147.75.xxx.57' (ECDSA) to the list of known hosts.

    packet_device.virl (local-exec): Connected to 147.75.xxx.57

    .

    packet_device.virl (local-exec): File "/var/local/virl/client.ovpn" not found.Error applying plan:

        1 error(s) occurred:

        * Error running command 'sftp -o 'IdentityFile=~/.ssh/id_rsa' -o

        'StrictHostKeyChecking=no' root@147.75.xxx.57:/var/local/virl/client.ovpn client.ovpn': exit status 1. Output: Warning: Permanently added '147.75.xxx.57' (ECDSA) to the list of known hosts.Connected to 147.75.xxx.57.

        File "/var/local/virl/client.ovpn" not found.

     

    Resolution

    You can verify that the private key is indeed missing by listing the SSH contents of the currently logged in user. To list the contents run this command:

    ls ~/.ssh

    With the above error, we should not expect to find id_rsa file in the user's SSH directory. If it is there, it is possible the file has been corrupted.

    Create a new private:

    ssh-keygen -b2048
    (accept all the default prompts. do not apply passphrase)

    Once your new key has been generated, the Packet deployment should succeed as expected.

     


    Not Authorized to view this SSH key

     

    Summary

    You may see this error after generating a new Packet API key and have previously launched successful deployments to Packet. The error returned may be similar to this:

    virl@virl:~/virl_packet$ terraform plan .

    Refreshing Terraform state prior to plan...


    packet_ssh_key.virlkey: Refreshing state... (ID: f0279d4d-480a-44bf-8be6-4de88f0bb714)Error refreshing state: 1 error(s) occurred:

    * packet_ssh_key.virlkey: You are not authorized to view this ssh ke

    Resolution

    Replace your terraform.tfstate file with the original and rerun your deployment

    virl@virl:~/virl_packet$ cp terraform.tfstate.backup terraform.tfstate

     


    How to update / reset your VIRL on Packet server

     

    Summary

    Occasionally updated settings will be made available to allow for new features or different deployment options. Typically the easiest way to prepare your packet server is to clean all the files and re-deploy. New settings will only take effect on subsequent launches. This procedure can also be used if you are having problems with deployment, mistakenly deleted files, or have incorrectly edited a required file.

     

    Resolution

    VIRL on Packet deployment (Typical)

    1. Remove existing Packet directories (Only required when reseting your information to default)
      • sudo su
      • rm -R virl_packet && rm -R virl_cluster
      • exit
    2. Download the new and updated default information
      • sudo salt-call state.sls virl.terraform
      • cd virl_packet
    3. Continue from Step 4. by editing the required files as outlined in the VIRL on Packet deployment thread if you performed a reset. Otherwise, continue from Step 5.


    You should now have any updated changes or features as well as settings returned to default.


    Alternative
    These steps will update your VIRL on packet server with new features and configuration changes. It does not perform a software upgrade as it is not handled at this level. Your VIRL on packet server will always have the latest available release.

     

    From your VIRL server

    1. Change directory to virl_packet or virl_cluster as needed
      • cd virl_packet
    2. Perform a 'Pull' operation
      • git pull

    Output will return all files which have been updated. No further steps needed as all of your Packet information and license files have not been altered.

      • Continue from Step 5.

     



    Box Cutter deployment notes and tips


    Updating box-cutter deployment files

    1. Open your Git application (i.e. SmartGit)
    2. Select virl_boxcutter repository; click on 'Pull' from Action bar
    3. Continue deployment from Step 11. of VIRL on Packet (Box Cutter) installation instructions
    4. Destroy your vagrant VM:
      • vagrant destroy

    or via CLI

    1. Change directory to your local repository i.e. C:\Users\user\Documents\GitHub\virl_boxcutter
    2. Perform 'Pull' operation (must have git cli tools installed)
      • git pull
    3. Destroy your vagrant VM:
      • vagrant destroy
    4. Continue deployment from Step 11. of VIRL on Packet (Box Cutter) installation instructions

    You should now have any updated changes or features from the VIRL team. Performing a "pull" operation does not remove your VIRL server key. But, always a good idea to make sure nothing has changed.

     

    Vagrant virtual machine (VM) fails or has missing virl_boxcutter directory

     

    Summary

    In some cases when you deploy your Vagrant virtual machine, Virtual Box (vBox) fails to connect the network adaptor. When this happens when this happens Vagrant is not able to auto-connect and finish the deployment process. Vagrant will continue to re-try until the defined wait period expires. You will see output similar to this:

    virl_boxcutter$ vagrant up

    Bringing machine 'default' up with 'virtualbox' provider...

    ==> default: Checking if box 'boxcutter/ubuntu1404' is up to date...

    ==> default: Clearing any previously set forwarded ports...

    ==> default: Clearing any previously set network interfaces...

    ==> default: Preparing network interfaces based on configuration...

        default: Adapter 1: nat

    ==> default: Forwarding ports...

        default: 22 => 2222 (adapter 1)

    ==> default: Booting VM...

    ==> default: Waiting for machine to boot. This may take a few minutes...

        default: SSH address: 127.0.0.1:2222

        default: SSH username: vagrant

        default: SSH auth method: private key

        default: Warning: Connection timeout. Retrying...

        default: Warning: Connection timeout. Retrying...

        default: Warning: Connection timeout. Retrying...

    Resolution

    Open the Virtual Box GUI interface and connect the network adapter of the vagrant VM via its properties page. Take a look at following discussion for more detailed information.

    Warning: Connection timeout. Retrying...

    It is recommended that you destroy the Vagrant VM, before you perform the following steps. If you do not destroy the VM, on subsequent launch the required scripts will not run and you will not have the required directories.

     

    1. Start you deployment again, 'vagrant up'

    2. Wait until you see the first couple of timeout messages

    3. Open Virtual Box GUI and click on 'Network'

    Vagrant_vBox_Network.png

    4. Tick the box to connect the adapter

    Vagrant_vBox_NetConnext.png

    5. Click 'OK' to apply the setting and you may now close the vBox GUI

    6. After a few seconds you should see the deployment continue as expected