Onegate Configuration Error


(Ranjith Kumar) #1

I am trying to configure onegate for oneflow services. I have enabled the token and report ready in context section of template and created a VM from it.
I have changed the host ip in onegate conf file to 0.0.0.0 and changed the onegate_endpoint to sunstone IP.
Once VM is in RUNNING state, I have typed onegate command to get the VM information.

onegate vm show

but this error occurs:

ERROR: Cache Access Denied

onegate Log:

Mon Oct 23 14:49:58 2017 [E]: X_ONEGATE_TOKEN header not preset
Mon Oct 23 14:49:58 2017 [I]: Unauthorized login attempt

What is this means?


(Miljan Arandjelovic) #2

In the virtual mashine:
When I start the command #onegate vm show, I get the following message:
ERROR:
Failed to open TCP connection to 192.168.1.53:5030 (No route to host - connect(2) for “192.168.1.53” port 5030)

192.168.1.53 is IP address where the onegate server is installed.

What is the problem?

context.sh

Context variables generated by OpenNebula

DISK_ID=‘1’
ETH0_CONTEXT_FORCE_IPV4=’’
ETH0_DNS=’’
ETH0_GATEWAY=’’
ETH0_GATEWAY6=’’
ETH0_IP=‘192.168.1.208’
ETH0_IP6=’’
ETH0_IP6_PREFIX_LENGTH=’’
ETH0_IP6_ULA=’’
ETH0_MAC=‘02:00:c0:a8:01:d0’
ETH0_MASK=’’
ETH0_MTU=’’
ETH0_NETWORK=’’
ETH0_SEARCH_DOMAIN=’’
ETH0_VLAN_ID=’’
ETH0_VROUTER_IP=’’
ETH0_VROUTER_IP6=’’
ETH0_VROUTER_MANAGEMENT=’’
NETWORK=‘YES’
ONEGATE_ENDPOINT=‘http://192.168.1.53:5030
REPORT_READY=‘YES’
SSH_PUBLIC_KEY=’’
TARGET=‘hdb’
TOKEN=‘YES’
VMID=‘100’

token.txt
nwpOnsn0r91TIAzIUseZ5Q==

ip a

2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 02:00:c0:a8:01:d0 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.211/24 brd 192.168.1.255 scope global ens3
valid_lft forever preferred_lft forever
inet6 fe80::c0ff:fea8:1d0/64 scope link
valid_lft forever preferred_lft forever

ping 192.168.1.53
PING 192.168.1.53 (192.168.1.53) 56(84) bytes of data.
64 bytes from 192.168.1.53: icmp_seq=1 ttl=64 time=1.99 ms
64 bytes from 192.168.1.53: icmp_seq=2 ttl=64 time=0.186 ms
64 bytes from 192.168.1.53: icmp_seq=3 ttl=64 time=0.183 ms
^C
— 192.168.1.53 ping statistics —
3 packets transmitted, 3 received, 0% packet loss, time 2011ms
rtt min/avg/max/mdev = 0.183/0.787/1.992/0.852 ms

ping cisco.net
PING cisco.net (72.163.4.154) 56(84) bytes of data.
64 bytes from redirect.cisco.com (72.163.4.154): icmp_seq=1 ttl=240 time=131 ms
64 bytes from redirect.cisco.com (72.163.4.154): icmp_seq=1 ttl=240 time=131 ms (DUP!)
64 bytes from redirect.cisco.com (72.163.4.154): icmp_seq=2 ttl=240 time=129 ms
64 bytes from redirect.cisco.com (72.163.4.154): icmp_seq=2 ttl=240 time=129 ms (DUP!)
64 bytes from redirect.cisco.com (72.163.4.154): icmp_seq=3 ttl=240 time=128 ms
64 bytes from redirect.cisco.com (72.163.4.154): icmp_seq=3 ttl=240 time=128 ms (DUP!)
^C
cisco.net ping statistics —
3 packets transmitted, 3 received, +3 duplicates, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 128.291/129.548/131.044/1.180 ms

On the server side:
tail -f /var/log/one/onegate.log

Logfile created on 2018-04-27 09:29:44 +0200 by logger.rb/v1.2.7

There is no records in the log file.

nano /etc/one/onegate-server.conf

################################################################################

Server Configuration

################################################################################

OpenNebula sever contact information

:one_xmlrpc: http://localhost:2633/RPC2

Server Configuration

:host: 127.0.0.1
:port: 5030

SSL proxy URL that serves the API (set if is being used)

#:ssl_server: https://service.endpoint.fqdn:port/

ip a

6: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 9c:8e:99:50:a7:5a brd ff:ff:ff:ff:ff:ff
inet 192.168.1.53/24 brd 192.168.1.255 scope global br0
valid_lft forever preferred_lft forever
inet6 fe80::9e8e:99ff:fe50:a75a/64 scope link
valid_lft forever preferred_lft forever


(Anton Todorov) #3

It looks like you must alter /etc/one/onegate-server.conf. The onegate server should listen on 192.168.1.53 instead of 127.0.0.1

Edit: And don’t forget to restart the opennebula-onegate service afterwards.

Best Regards,
Anton Todorov


(Miljan Arandjelovic) #4

Thank you for your help.
I listened to your advice and after restarting opennebula-onegate.service everything works properly.

In the virtual mashine:
#onegate vm show
VM 100
NAME : one_gate_test_vm
STATE : RUNNING
IP : 192.168.1.211