error: 500 Can't connect to XXXX:80 (Connection refused) (443 is set)

Hello,

I have set my lpar2rrd to use API port 443 / HTTPS
But I get this error:

$ /home/lpar2rrd/lpar2rrd/load_xenserver.sh
Image environment is set
load_xenserver.sh      : start
xen-xapi2json.pl       : collect data from XAPI, Thu Oct 17 15:39:01 CEST 2019
xen-json2rrd.pl        : push data to rrd, Thu Oct 17 15:39:01 CEST 2019
RRDp    version: 1.4008
RRDtool version: 1.4.8
xen-json2rrd.pl finish : status 0
xen-cleanup.pl  : already ran today, skip
An error occured in lpar2rrd, check /home/lpar2rrd/lpar2rrd/logs/error.log-xen and output of load.sh

$ tail -1 /home/lpar2rrd/lpar2rrd/logs/error.log-xen

error: 500 Can't connect to XXX:80 (Connection refused)
date end all   : Thu Oct 17 15:39:01 CEST 2019


Settings:

 "platforms" : {
      "XenServer" : {
         "order" : 3,
         "aliases" : {
            "hopharm2" : {
               "proto" : "https",
               "username" : "lpar2rrd",
               "host" : "1XXX",
               "created" : "2019-10-17T13:27:43Z",
               "ssh_port" : "22",
               "password" : "XXX",
               "auth_ssh" : true,
               "api_port" : "443",
               "updated" : "2019-10-17T13:29:51Z",
               "auth_api" : true,
               "ssh_key_id" : "/home/lpar2rrd/.ssh/id_dsa"
            }
         },
         "ssh" : true,
         "api" : true
      },

Web Check:
API host network connection: TCP connection to XXX:443 is OK.
API authorization: OK
SSH network connection: TCP connection to XXX:22 is OK.
SSH authorization: OK

Lpar2rrd version is 6.10 (appliance)

Do I really need port 80 ? (I have firewall active on this port) ?

Comments

  • Hello,

    that is not intended behavior. Please, use the patch available here:

    https://download.lpar2rrd.com/patch/xen-xapi2json.pl.gz

    Gunzip it and copy to /home/lpar2rrd/lpar2rrd/bin (755, lpar2rrd owner)

    -rwxrwxr-x 1 lpar2rrd lpar2rrd 13564 18. říj 10.09 xen-xapi2json.pl

    If your web browser gunzips it automatically then just rename it: mv xen-xapi2json.pl.gz xen-xapi2json.pl

  • Hello,

    Now there is no error: (but there is no xen server shown)

    $ /home/lpar2rrd/lpar2rrd/load_xenserver.sh
    Image environment is set
    load_xenserver.sh      : start
    xen-xapi2json.pl       : collect data from XAPI, Fri Oct 18 14:24:44 CEST 2019
    xen-json2rrd.pl        : push data to rrd, Fri Oct 18 14:24:45 CEST 2019
    RRDp    version: 1.4008
    RRDtool version: 1.4.8
    xen-json2rrd.pl finish : status 0
    xen-cleanup.pl  : already ran today, skip
    date end all   : Fri Oct 18 14:24:46 CEST 2019

    I still have xenserver added as staded here: https://www.lpar2rrd.com/XenServer-Citrix-performance-monitoring-install.htm?

    But I cant find it in GUI or in any file on filesystem exept for /home/lpar2rrd/lpar2rrd/etc/web_config/hosts.json
  • Well, that generally should not be a problem, if the load_xenserver.sh script manages to save XAPI data to the lpar2rrd/data/XEN* directories; the data will appear in the UI as soon as load.sh runs (every hour on most setups) or you can force menu generation by running ./load.sh html in the lpar2rrd/ directory.

  • Ok, this is strange:

    I have XEN data:
    $ ll /home/lpar2rrd/lpar2rrd/data/XEN/5a10d561-256a-415d-957d-5d254b34024b
    total 20564
    -rw-r--r-- 1 lpar2rrd lpar2rrd 10519688 Oct 18 15:20 disk-f9ef6c07.rrd
    -rw-r--r-- 1 lpar2rrd lpar2rrd  1913312 Oct 18 15:20 lan-bond0.rrd
    -rw-r--r-- 1 lpar2rrd lpar2rrd  1913312 Oct 18 15:20 lan-eth0.rrd
    -rw-r--r-- 1 lpar2rrd lpar2rrd  1913312 Oct 18 15:20 lan-eth1.rrd
    -rw-r--r-- 1 lpar2rrd lpar2rrd  4782104 Oct 18 15:20 sys.rrd

    And XEN VM data

    $ ll /home/lpar2rrd/lpar2rrd/data/XEN_VMs/
    total 35488
    -rw-r--r-- 1 lpar2rrd lpar2rrd 18169800 Oct 18 15:20 61e0e494-4e84-460c-b186-cfbe77b86af6.rrd
    -rw-r--r-- 1 lpar2rrd lpar2rrd 18169800 Oct 18 15:20 6d7a3a61-8770-c6e9-a2b7-21b44d10a1bf.rrd

    I have done load.sh and load.sh html and ctrl + F5 and still I cant see any XEN data in GUI
  • I see.

    Can you check if you have a non-empty file data/XEN_iostats/conf.json? If not, do you have JSON file(s) at least in data/XEN_iostats/metadata/?

    If these JSON files are missing, there is a problem with the SSH connection. In that case, please, try a new patch from the same address as above.

    https://download.lpar2rrd.com/patch/xen-xapi2json.pl.gz

    Gunzip it and copy to /home/lpar2rrd/lpar2rrd/bin (755, lpar2rrd owner)

    -rwxrwxr-x 1 lpar2rrd lpar2rrd 13596 18. říj 17.19 xen-xapi2json.pl

    If your web browser gunzips it automatically then just rename it: mv xen-xapi2json.pl.gz xen-xapi2json.pl

  • stator
    edited October 2019
    Hello,

    Situation looks better now bit it is still not working. 

    $ /home/lpar2rrd/lpar2rrd/load_xenserver.sh
    Image environment is set
    load_xenserver.sh      : start
    xen-xapi2json.pl       : collect data from XAPI, Mon Oct 21 09:10:24 CEST 2019
    xen-json2rrd.pl        : push data to rrd, Mon Oct 21 09:12:40 CEST 2019
    RRDp    version: 1.4008
    RRDtool version: 1.4.8
    touch          : /home/lpar2rrd/lpar2rrd/tmp/6.10-xenserver : create_rrd_host /home/lpar2rrd/lpar2rrd/data/XEN/a7e5c25d-1397-4afc-b9e0-f6e514e0e30c/sys.rrd
    xen-json2rrd.pl finish : status 0
    xen-cleanup.pl  : already ran today, skip
    An error occured in lpar2rrd, check /home/lpar2rrd/lpar2rrd/logs/error.log-xen and output of load.sh

    $ tail -38 /home/lpar2rrd/lpar2rrd/logs/error.log-xen

    Authentication failed
    For usage run: 'xe help'
    Authentication failed
    For usage run: 'xe help'
    Authentication failed
    For usage run: 'xe help'
    Authentication failed
    For usage run: 'xe help'
    Authentication failed
    For usage run: 'xe help'
    Authentication failed
    For usage run: 'xe help'
    Authentication failed
    For usage run: 'xe help'
    Authentication failed
    For usage run: 'xe help'
    Authentication failed
    For usage run: 'xe help'
    Authentication failed
    For usage run: 'xe help'
    Authentication failed
    For usage run: 'xe help'
    Authentication failed
    For usage run: 'xe help'
    Authentication failed
    For usage run: 'xe help'
    Authentication failed
    For usage run: 'xe help'
    Authentication failed
    For usage run: 'xe help'
    Authentication failed
    For usage run: 'xe help'
    Authentication failed
    For usage run: 'xe help'
    Authentication failed
    For usage run: 'xe help'
    Authentication failed
    For usage run: 'xe help'
    date end all   : Mon Oct 21 09:12:43 CEST 2019

    We are using Read Only user on XenServer console lpar2rrd and standarad user lpar2rrd created via terminal(ssh) on master server.

    When I ssh into xenserver master i get this:

    [lpar2rrd@XXX1 ~]$ xe host-get-cpu-features
    Authentication failed
    For usage run: 'xe help'
    [lpar2rrd@XXX1 ~]$ 

    I probably need to add more permissions on ssh user lpar2rrd.
    But I do not know what?
    I can't find it on https://www.lpar2rrd.com/XenServer-Citrix-performance-monitoring-install.htm

    Best Regards,
  • Hello,

    unfortunately, it turns out that users with the Read-Only role can access XAPI output, but not on the XenServer host over SSH; Pool-Admin role is required for that (see the conclusions in this thread).

    Solution would be avoiding ssh access, it could be potentially possible as we recently discovered.

    However it is not easy, it would require re-desing data gathering (using different API what bring some other problems ..)

    So no solution here for now from us :(

    If you set the user's role to Pool-Admin, though, it should work.

  • stator
    edited October 2019
    Hello,

    Thx it is working now, and I can see hosts in web GUI.

    But now i get error on check connections:

    API host network connection: TCP connection to XXX:443 is OK.
    API authorization: OK
    SSH network connection: TCP connection to XXX:22 is OK.
    SSH authorization: SSH command exited with value 255
  • So, load_xenserver.sh fetches data and saves them to JSON files in data/XEN_iostats/ fine, but the connection test fails?

    Can you run bin/sshtest.sh (with the XenServer host's IP/hostname and path to SSH key as parameters) from the command line (as user lpar2rrd) to see what happens then?

  • Yes this is correct:

    sshtest.sh fails but ssh is working


    $ ./bin/sshtest.sh XXX1 'DOMAIN\lpar2rrd' /home/lpar2rrd/.ssh/id_dsa
    Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive).
    {"success":0,"error":"SSH command exited with value 255","log":""}



    $ ssh 'DOMAIN\lpar2rrd'@XXX1
    Last login: Mon Oct 21 15:29:34 2019 from <LPAR2RRD Server>
    [root@XXX1 ~]#
  • Because the test has failed now, but previously did not, is there any chance that anything about your configuration has changed? (user credentials, some network settings)

    Either way, can you try with the latest LPAR2RRD? It is available here:

    https://www.lpar2rrd.com/download/lpar2rrd-6.10-2.tar

    The sshtest will require explicit port number, if you run it from the command line, among other changes.

  • >>Because the test has failed now, but previously did not,
     >>is there any chance that anything about your configuration has changed?
    >> (user credentials, some network settings)

    yes I have changed from local (ssh) lpar2rrd user to DOMAIN\lpar2rrd (pool admin)

    After updating to 6.10-2 it's all working now. Thx for support.

    ./bin/sshtest.sh XXX1 22 'DOMAIN\lpar2rrd' /home/lpar2rrd/.ssh/id_dsa
    {"success":1,"error":"User DOMAIN\\\\lpar2rrd@XXX1 has successfully authenticated.","log":""}

Sign In or Register to comment.