os:ubuntu 2204
ob:4.3.0.1
obd:2.7.0
ocp:4.2.2
建立主机凭证:
并且验证成功,如下:
但是添加主机时,无法通过,如下:
请问大佬们,哪里有错呢?
.
按这里给出的排查方案,都是正常的。
https://www.oceanbase.com/docs/enterprise-oceanbase-ocp-cn-10000000001540067
https://www.oceanbase.com/docs/enterprise-oceanbase-ocp-cn-10000000000777272
Q9: 使用 root 添加主机,但始终报凭据无法连接。
A: OCP 使用 sudo -n true 验证凭证的,建议检查 sudoer 文件是否被修改。
添加主机页面重新建个试试。
我之前遇到过用的好好的凭证,可能是sudo过期了,后面再配置好sudo,用之前配置的也会报错。新建一个又可以。
上面有展示,加入主机时,凭证无法通过
admin用户可以执行sudo -i吗?
方便f12看看ocp添加主机报错的时候的trace_id,根据trace_id查一下ocp-server.log吗?
F12看了下,都是前端的JS校验,没有看到什么有效内容
我这个怎么你发的不一样呢
你开了f12以后,要点一下添加主机,触发接口呢
嗯嗯,有点不一样
[root@ubuntu ocp]# grep 4bafece028dc40f3 *.*
access.log:2024-06-11 14:37:50.655|4bafece028dc40f3|183.xx.xx.46|POST|/api/v2/profiles/me/credentials/validate|-|146|200|100|admin|130|
ocp.log:2024-06-11 14:37:50.529 INFO 9 --- [http-nio-0.0.0.0-28080-exec-3,4bafece028dc40f3,9d357953affb] c.o.o.s.c.c.s.utils.CsrfRequestMatcher : CSRF token required for API [POST /api/v2/profiles/me/credentials/validate, client 183.xx.xx.46, traceId 4bafece028dc40f3]
ocp.log:2024-06-11 14:37:50.531 INFO 9 --- [http-nio-0.0.0.0-28080-exec-3,4bafece028dc40f3,9d357953affb] c.o.o.s.c.trace.RequestTracingAspect : API: [POST /api/v2/profiles/me/credentials/validate?null, client=183.xx.xx.46, traceId=4bafece028dc40f3, method=SuccessResponse com.oceanbase.ocp.server.common.controller.CredentialController.validateConnect(ValidateCredentialParam), args=ValidateCredentialParam(targetType=HOST, obJdbcCredentialProperty=null, sshCredentialProperty=null, agentCredentialProperty=null, batchSshValidateProperty=BatchSshValidateProperty(addressPairs=[BatchSshValidateProperty.AddressPair(hostAddress=10.xx.xx.64, sshPort=x22xx, vpcId=1)], type=null, username=null, passphrase=null, allowSudo=true, changePassphrase=false, credentialId=1000003)),]
ocp.log:2024-06-11 14:37:50.544 INFO 9 --- [http-nio-0.0.0.0-28080-exec-3,4bafece028dc40f3,9d357953affb] c.o.o.s.c.CredentialServiceImpl : Batch validate credential SshSecret(type=PASSWORD, allowSudo=true, username=admin, hosts=[]) for connecting hosts: [BatchSshValidateProperty.AddressPair(hostAddress=10.xx.xx.64, sshPort=x22xx, vpcId=1)]
ocp.log:2024-06-11 14:37:50.546 INFO 9 --- [pool-46-thread-1,4bafece028dc40f3,e3b8b052657e] n.s.sshj.transport.random.JCERandom : Creating new SecureRandom.
ocp.log:2024-06-11 14:37:50.548 INFO 9 --- [pool-46-thread-1,4bafece028dc40f3,e3b8b052657e] n.schmizz.sshj.transport.TransportImpl : Client identity string: SSH-2.0-SSHJ_0.34.0
ocp.log:2024-06-11 14:37:50.562 INFO 9 --- [pool-46-thread-1,4bafece028dc40f3,e3b8b052657e] n.schmizz.sshj.transport.TransportImpl : Server identity string: SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
ocp.log:2024-06-11 14:37:50.581 INFO 9 --- [pool-46-thread-1,4bafece028dc40f3,e3b8b052657e] com.oceanbase.ocp.common.ssh.SshChannel : Connected ssh to host 10.xx.xx.64:x22xx success
ocp.log:2024-06-11 14:37:50.645 WARN 9 --- [pool-46-thread-1,4bafece028dc40f3,e3b8b052657e] com.oceanbase.ocp.common.ssh.SshChannel : Failed to init ssh client auth by PASSWORD
ocp.log:2024-06-11 14:37:50.646 INFO 9 --- [pool-46-thread-1,4bafece028dc40f3,e3b8b052657e] n.schmizz.sshj.transport.TransportImpl : Disconnected - BY_APPLICATION
ocp.log:2024-06-11 14:37:50.646 ERROR 9 --- [pool-46-thread-1,4bafece028dc40f3,e3b8b052657e] c.o.o.e.i.c.impl.DefaultSshConnector : [DefaultSshConnector]:failed to init ssh connector, connect properties:ConnectProperties(hostAddress=10.xx.xx.64, httpPort=null, monitorPort=null, sshPort=x22xx, authentication=Authentication(httpAuth=null, sshAuth=SshAuthentication(authType=password, passwordAuthConfig=PasswordAuthConfig(username=admin), privateKeyAuthConfig=null)), proxy=null, extHttpHeaders=null), errorMsg:net.schmizz.sshj.userauth.UserAuthException: Exhausted available authentication methods, cause:{}
ocp.log:2024-06-11 14:37:50.647 ERROR 9 --- [pool-46-thread-1,4bafece028dc40f3,e3b8b052657e] c.o.o.s.c.u.ConnectionValidationUtils : validate ssh connect failed, reason:[SshClient]: failed to init ssh connector, cause: java.lang.RuntimeException: net.schmizz.sshj.userauth.UserAuthException: Exhausted available authentication methods, cause:{}
ocp.log:2024-06-11 14:37:50.647 INFO 9 --- [http-nio-0.0.0.0-28080-exec-3,4bafece028dc40f3,9d357953affb] c.o.o.s.c.trace.RequestTracingAspect : API OK: [POST /api/v2/profiles/me/credentials/validate client=183.xx.xx.46, traceId=4bafece028dc40f3, duration=122 ms]
2024-06-11 14:37:50.546 INFO 9 --- [pool-46-thread-1,4bafece028dc40f3,e3b8b052657e] n.s.sshj.transport.random.JCERandom : Creating new SecureRandom.
2024-06-11 14:37:50.548 INFO 9 --- [pool-46-thread-1,4bafece028dc40f3,e3b8b052657e] n.schmizz.sshj.transport.TransportImpl : Client identity string: SSH-2.0-SSHJ_0.34.0
2024-06-11 14:37:50.562 INFO 9 --- [pool-46-thread-1,4bafece028dc40f3,e3b8b052657e] n.schmizz.sshj.transport.TransportImpl : Server identity string: SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
2024-06-11 14:37:50.581 INFO 9 --- [pool-46-thread-1,4bafece028dc40f3,e3b8b052657e] com.oceanbase.ocp.common.ssh.SshChannel : Connected ssh to host 10.xx.xx.64:x22xx success
2024-06-11 14:37:50.645 WARN 9 --- [pool-46-thread-1,4bafece028dc40f3,e3b8b052657e] com.oceanbase.ocp.common.ssh.SshChannel : Failed to init ssh client auth by PASSWORD
net.schmizz.sshj.userauth.UserAuthException: Exhausted available authentication methods
at net.schmizz.sshj.SSHClient.auth(SSHClient.java:230)
at net.schmizz.sshj.SSHClient.auth(SSHClient.java:205)
at net.schmizz.sshj.SSHClient.authPassword(SSHClient.java:291)
at net.schmizz.sshj.SSHClient.authPassword(SSHClient.java:261)
at net.schmizz.sshj.SSHClient.authPassword(SSHClient.java:245)
at com.oceanbase.ocp.common.ssh.SshChannel.initSshClient(SshChannel.java:96)
at com.oceanbase.ocp.common.ssh.SshChannel.connect(SshChannel.java:73)
at com.oceanbase.ocp.executor.internal.connector.impl.DefaultSshConnector.init(DefaultSshConnector.java:55)
at com.oceanbase.ocp.executor.internal.connector.Connectors.getConnector(Connectors.java:91)
at com.oceanbase.ocp.executor.internal.connector.Connectors.getSshConnector(Connectors.java:70)
at com.oceanbase.ocp.executor.internal.template.SshTemplate.<init>(SshTemplate.java:40)
at com.oceanbase.ocp.executor.executor.SshExecutor.<init>(SshExecutor.java:84)
at com.oceanbase.ocp.service.credential.util.ConnectionValidationUtils.validateSshConnect(ConnectionValidationUtils.java:103)
at com.oceanbase.ocp.service.credential.util.ConnectionValidationUtils.lambda$validateSshConnect$0(ConnectionValidationUtils.java:83)
at com.oceanbase.ocp.core.thread.ConcurrentExecutor.lambda$exec$2(ConcurrentExecutor.java:73)
at com.oceanbase.ocp.core.thread.LocaleDecorator.lambda$decorate$1(LocaleDecorator.java:41)
at com.oceanbase.ocp.common.trace.TraceDecorator.lambda$decorate$1(TraceDecorator.java:49)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:750)
2024-06-11 14:37:50.646 INFO 9 --- [pool-46-thread-1,4bafece028dc40f3,e3b8b052657e] n.schmizz.sshj.transport.TransportImpl : Disconnected - BY_APPLICATION
2024-06-11 14:37:50.646 ERROR 9 --- [pool-46-thread-1,4bafece028dc40f3,e3b8b052657e] c.o.o.e.i.c.impl.DefaultSshConnector : [DefaultSshConnector]:failed to init ssh connector, connect properties:ConnectProperties(hostAddress=10.xx.xx.64, httpPort=null, monitorPort=null, sshPort=x22xx, authentication=Authentication(httpAuth=null, sshAuth=SshAuthentication(authType=password, passwordAuthConfig=PasswordAuthConfig(username=admin), privateKeyAuthConfig=null)), proxy=null, extHttpHeaders=null), errorMsg:net.schmizz.sshj.userauth.UserAuthException: Exhausted available authentication methods, cause:{}
net.schmizz.sshj.userauth.UserAuthException: Exhausted available authentication methods
at net.schmizz.sshj.SSHClient.auth(SSHClient.java:230)
at net.schmizz.sshj.SSHClient.auth(SSHClient.java:205)
at net.schmizz.sshj.SSHClient.authPassword(SSHClient.java:291)
at net.schmizz.sshj.SSHClient.authPassword(SSHClient.java:261)
at net.schmizz.sshj.SSHClient.authPassword(SSHClient.java:245)
at com.oceanbase.ocp.common.ssh.SshChannel.initSshClient(SshChannel.java:96)
at com.oceanbase.ocp.common.ssh.SshChannel.connect(SshChannel.java:73)
at com.oceanbase.ocp.executor.internal.connector.impl.DefaultSshConnector.init(DefaultSshConnector.java:55)
at com.oceanbase.ocp.executor.internal.connector.Connectors.getConnector(Connectors.java:91)
at com.oceanbase.ocp.executor.internal.connector.Connectors.getSshConnector(Connectors.java:70)
at com.oceanbase.ocp.executor.internal.template.SshTemplate.<init>(SshTemplate.java:40)
at com.oceanbase.ocp.executor.executor.SshExecutor.<init>(SshExecutor.java:84)
at com.oceanbase.ocp.service.credential.util.ConnectionValidationUtils.validateSshConnect(ConnectionValidationUtils.java:103)
at com.oceanbase.ocp.service.credential.util.ConnectionValidationUtils.lambda$validateSshConnect$0(ConnectionValidationUtils.java:83)
at com.oceanbase.ocp.core.thread.ConcurrentExecutor.lambda$exec$2(ConcurrentExecutor.java:73)
at com.oceanbase.ocp.core.thread.LocaleDecorator.lambda$decorate$1(LocaleDecorator.java:41)
at com.oceanbase.ocp.common.trace.TraceDecorator.lambda$decorate$1(TraceDecorator.java:49)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:750)
2024-06-11 14:37:50.647 ERROR 9 --- [pool-46-thread-1,4bafece028dc40f3,e3b8b052657e] c.o.o.s.c.u.ConnectionValidationUtils : validate ssh connect failed, reason:[SshClient]: failed to init ssh connector, cause: java.lang.RuntimeException: net.schmizz.sshj.userauth.UserAuthException: Exhausted available authentication methods, cause:{}
java.lang.RuntimeException: net.schmizz.sshj.userauth.UserAuthException: Exhausted available authentication methods
at com.oceanbase.ocp.common.ssh.SshChannel.initSshClient(SshChannel.java:100)
at com.oceanbase.ocp.common.ssh.SshChannel.connect(SshChannel.java:73)
at com.oceanbase.ocp.executor.internal.connector.impl.DefaultSshConnector.init(DefaultSshConnector.java:55)
at com.oceanbase.ocp.executor.internal.connector.Connectors.getConnector(Connectors.java:91)
at com.oceanbase.ocp.executor.internal.connector.Connectors.getSshConnector(Connectors.java:70)
at com.oceanbase.ocp.executor.internal.template.SshTemplate.<init>(SshTemplate.java:40)
at com.oceanbase.ocp.executor.executor.SshExecutor.<init>(SshExecutor.java:84)
at com.oceanbase.ocp.service.credential.util.ConnectionValidationUtils.validateSshConnect(ConnectionValidationUtils.java:103)
at com.oceanbase.ocp.service.credential.util.ConnectionValidationUtils.lambda$validateSshConnect$0(ConnectionValidationUtils.java:83)
at com.oceanbase.ocp.core.thread.ConcurrentExecutor.lambda$exec$2(ConcurrentExecutor.java:73)
at com.oceanbase.ocp.core.thread.LocaleDecorator.lambda$decorate$1(LocaleDecorator.java:41)
at com.oceanbase.ocp.common.trace.TraceDecorator.lambda$decorate$1(TraceDecorator.java:49)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:750)
Caused by: net.schmizz.sshj.userauth.UserAuthException: Exhausted available authentication methods
at net.schmizz.sshj.SSHClient.auth(SSHClient.java:230)
at net.schmizz.sshj.SSHClient.auth(SSHClient.java:205)
at net.schmizz.sshj.SSHClient.authPassword(SSHClient.java:291)
at net.schmizz.sshj.SSHClient.authPassword(SSHClient.java:261)
at net.schmizz.sshj.SSHClient.authPassword(SSHClient.java:245)
at com.oceanbase.ocp.common.ssh.SshChannel.initSshClient(SshChannel.java:96)
... 15 common frames omitted
2024-06-11 14:37:50.647 INFO 9 --- [http-nio-0.0.0.0-28080-exec-3,4bafece028dc40f3,9d357953affb] c.o.o.s.c.trace.RequestTracingAspect : API OK: [POST /api/v2/profiles/me/credentials/validate client=183.xx.xx.46, traceId=4bafece028dc40f3, duration=122 ms]
收到,我们这边先看看
你这个凭据是什么方式,ssh还是密码?使用凭据的方式在ocp机器上连一下对应机器,看看能不能成功
凭据是密码方式,但是这几个主机我都是配置了ssh免密互访,
ssh ip
或者
ssh user@ip
都可以正常跳转登录。
改成私钥方式就正常了,但是添加主机有,就开始在64默认安装ocp agent,然后报错:
2024-06-11 16:05:16.900 INFO 9 --- [pool-manual-subtask-executor6,17b5416187704104,5d930fe697d5] com.oceanbase.ocp.common.ssh.SshUtils : SSH executeCommand begin: sudo curl -s -S -k -o '/tmp'/'ocp-agent-ce-4.2.2-20240315150922.el7.x86_64.rpm' 'http://0.0.0.0:28080/api/v2/object-storage/sys-package/ocp-agent-ce-4.2.2-20240315150922.el7.x86_64.rpm' on 10.xx.xx.64
2024-06-11 16:05:16.924 INFO 9 --- [pool-manual-subtask-executor6,17b5416187704104,5d930fe697d5] com.oceanbase.ocp.common.ssh.SshUtils : SSH executeCommand end: sudo curl -s -S -k -o '/tmp'/'ocp-agent-ce-4.2.2-20240315150922.el7.x86_64.rpm' 'http://0.0.0.0:28080/api/v2/object-storage/sys-package/ocp-agent-ce-4.2.2-20240315150922.el7.x86_64.rpm' on 10.xx.xx.64, result: SshResult(host=10.xx.xx.64, username=admin, command=sudo curl -s -S -k -o '/tmp'/'ocp-agent-ce-4.2.2-20240315150922.el7.x86_64.rpm' 'http://0.0.0.0:28080/api/v2/object-storage/sys-package/ocp-agent-ce-4.2.2-20240315150922.el7.x86_64.rpm', out=curl: (7) Failed to connect to 0.0.0.0 port 28080 after 0 ms: Connection refused, err=, extOut=null, exitStatus=7)
2024-06-11 16:05:16.926 INFO 9 --- [pool-manual-subtask-executor6,17b5416187704104,5d930fe697d5] c.o.o.e.internal.template.SshTemplate : SSH execute end: sudo curl -s -S -k -o '/tmp'/'ocp-agent-ce-4.2.2-20240315150922.el7.x86_64.rpm' 'http://0.0.0.0:28080/api/v2/object-storage/sys-package/ocp-agent-ce-4.2.2-20240315150922.el7.x86_64.rpm' on 10.xx.xx.64,result:SshResult(host=10.xx.xx.64, username=admin, command=sudo curl -s -S -k -o '/tmp'/'ocp-agent-ce-4.2.2-20240315150922.el7.x86_64.rpm' 'http://0.0.0.0:28080/api/v2/object-storage/sys-package/ocp-agent-ce-4.2.2-20240315150922.el7.x86_64.rpm', out=curl: (7) Failed to connect to 0.0.0.0 port 28080 after 0 ms: Connection refused, err=, extOut=null, exitStatus=7)
2024-06-11 16:05:16.949 INFO 9 --- [pool-manual-subtask-executor6,17b5416187704104,5d930fe697d5] c.o.ocp.executor.executor.SshExecutor : execute ssh command failed, command:sudo curl -s -S -k -o '/tmp'/'ocp-agent-ce-4.2.2-20240315150922.el7.x86_64.rpm' 'http://0.0.0.0:28080/api/v2/object-storage/sys-package/ocp-agent-ce-4.2.2-20240315150922.el7.x86_64.rpm', return code:7, output:curl: (7) Failed to connect to 0.0.0.0 port 28080 after 0 ms: Connection refused, extOut:null
2024-06-11 16:05:16.951 ERROR 9 --- [pool-manual-subtask-executor6,17b5416187704104,5d930fe697d5] c.o.ocp.executor.executor.SshExecutor : failed to execute ssh command, errMsg:[SshClient]: failed to execute ssh command: sudo curl -s -S -k -o '/tmp'/'ocp-agent-ce-4.2.2-20240315150922.el7.x86_64.rpm' 'http://0.0.0.0:28080/api/v2/object-storage/sys-package/ocp-agent-ce-4.2.2-20240315150922.el7.x86_64.rpm', exit code: 7, cause:null
2024-06-11 16:05:16.953 ERROR 9 --- [pool-manual-subtask-executor6,17b5416187704104,5d930fe697d5] c.o.o.c.t.e.c.w.subtask.SubtaskExecutor : [SshClient]: failed to execute ssh command: sudo curl -s -S -k -o '/tmp'/'ocp-agent-ce-4.2.2-20240315150922.el7.x86_64.rpm' 'http://0.0.0.0:28080/api/v2/object-storage/sys-package/ocp-agent-ce-4.2.2-20240315150922.el7.x86_64.rpm', exit code: 7
com.oceanbase.ocp.executor.exception.SshCommandFailedException: [SshClient]: failed to execute ssh command: sudo curl -s -S -k -o '/tmp'/'ocp-agent-ce-4.2.2-20240315150922.el7.x86_64.rpm' 'http://0.0.0.0:28080/api/v2/object-storage/sys-package/ocp-agent-ce-4.2.2-20240315150922.el7.x86_64.rpm', exit code: 7
at com.oceanbase.ocp.executor.executor.SshExecutor.execute(SshExecutor.java:399)
at com.oceanbase.ocp.executor.executor.SshExecutor.lambda$downloadFile$2(SshExecutor.java:383)
at com.oceanbase.ocp.common.lang.pattern.Retry.executeUntilWithLimit(Retry.java:74)
at com.oceanbase.ocp.common.lang.pattern.Retry.executeUntilWithLimit(Retry.java:55)
at com.oceanbase.ocp.executor.executor.SshExecutor.downloadFile(SshExecutor.java:382)
at com.oceanbase.ocp.executor.executor.SshExecutor.installPackage(SshExecutor.java:228)
at com.oceanbase.ocp.service.compute.AgentInstallationTaskService.installOcpAgentRpm(AgentInstallationTaskService.java:219)
at com.oceanbase.ocp.service.compute.AgentInstallationTaskService$$FastClassBySpringCGLIB$$f7a6037f.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
at org.springframework.aop.framework.CglibAopProxy.invokeMethod(CglibAopProxy.java:386)
at org.springframework.aop.framework.CglibAopProxy.access$000(CglibAopProxy.java:85)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:704)
at com.oceanbase.ocp.service.compute.AgentInstallationTaskService$$EnhancerBySpringCGLIB$$85b2f579.installOcpAgentRpm(<generated>)
at com.oceanbase.ocp.service.task.business.host.InstallOcpAgentTask.run(InstallOcpAgent
Task.java:63)
at com.oceanbase.ocp.core.task.engine.runner.JavaSubtaskRunner.execute(JavaSubtaskRunner.java:64)
at com.oceanbase.ocp.core.task.engine.runner.JavaSubtaskRunner.doRun(JavaSubtaskRunner.java:32)
at com.oceanbase.ocp.core.task.engine.runner.JavaSubtaskRunner.run(JavaSubtaskRunner.java:26)
at com.oceanbase.ocp.core.task.engine.runner.RunnerFactory.doRun(RunnerFactory.java:76)
at com.oceanbase.ocp.core.task.engine.coordinator.worker.subtask.SubtaskExecutor.doRun(SubtaskExecutor.java:203)
at com.oceanbase.ocp.core.task.engine.coordinator.worker.subtask.SubtaskExecutor.redirectConsoleOutput(SubtaskExecutor.java:197)
at com.oceanbase.ocp.core.task.engine.coordinator.worker.subtask.SubtaskExecutor.lambda$submit$2(SubtaskExecutor.java:134)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:750)
Set state for subtask: 2040167, operation:EXECUTE, state: FAILED
还有个疑问:
为什么添加了这个主机,什么都没有指定,上来就安装ocp agent呢?
接管主机就要开始部署agent,监控、后续做管理操作
这个报错的命令手动在ocp上执行试试呢