Troubleshooting [dynes:IN PROGRESS]
To install/replace the CERT on the IDC
The steps to import the cert and key and update the user in the OSCARS webUI. import the cert and key to the oscars.jks and localhost.jks to overwrite the previous entry [root@yourhost ~]# cd /opt/oscars/tools/bin/ [root@yourhost bin]# ./idc-importkeypair -s /etc/oscars/keystores/oscars.jks -a mykey -k /root/yourhost.edu.key -c /root/yourhost.edu.crt -p changeit -O [root@yourhost bin]# ./idc-importkeypair -s /etc/oscars/keystores/localhost.jks -a mykey -k /root/yourhost.edu.key -c /root/yourhost.edu.crt -p changeit -O retrive the updated subject and issuer and update the Local IDC Account (yoursite-idc) in the OSCARS webUI: https://yourhost.edu:8443/OSCARS/ keytool -printcert -file /root/yourhost.edu.crt Owner: CN=<whatever is there>, OU=Services, DC=doegrids, DC=org Issuer: CN=DOEGrids CA 1, OU=Certificate Authorities, DC=DOEGrids, DC=org Copy the new vert and key to the proper places cp /root/yourhost.crt /etc/pki/tls/certs cp /root/yourhost.key /etc/pki/tls/private Update the new cert and key locations in the relevant places /etc/oess/database.xml /etc/httpd/conf.d/ssl.conf restart OSCARS /etc/init.d/oscars restart
- To replace/install the CERT on the FDT server
The cert and the key are stored under: /home/dynes/FDTAgent/conf/OSCARS.jks To import a new certificate and the key: 1) Go to /home/dynes/FDTAgent/bin 2) Import the certs using the `dynesfdt cert` command: ./dynesfdt cert -import -key </path/to/private/key> -cert </path/to/cert> The certs will be imported under a new file (in case the user wants to backup the previous one): /home/dynes/FDTAgent/conf/OSCARS.jks.NEW This file must be copied over: /home/dynes/FDTAgent/conf/OSCARS.jks 3) To list the certificate currently installed in the OSCARS.jks file: ./dynesfdt cert should print the certificate and the validity.
- Stuck circuit creation
- Circuits that don’t terminate
- Instructions on how to interact with the database
- Error in signature with X509Token
log into your OSCARS UI: https:idc.net.<site>.edu:8443/OSCARS/ lookup the reservation examine the error message.
- Can't access both the IDC and FDT iDRAC using Firefox. This is due to all Dell iDRACs using the same cert serial number. Firefox (for some reason) doesn't allow this to be ignored and continue. The workaround is to delete the certs from the first iDRAC accessed or use another browser. Details on removing the certs can be found here.
- Mistakenly "Decommissioned" the switch
# mysql -u root -p Enter password: <enter mysql root password> mysql> use oess; mysql> select * from node; <- Your switch will likely be node=1 Decoming the device sets an end_epoch for it in the node_instantiation table. You must login to mysql as root. mysql> select * from node_instantiation; ----------------------------------------------------------------------------+ node_id end_epoch start_epoch management_addr_ipv4 admin_state dpid ----------------------------------------------------------------------------+ 1 1376100241 1374712867 2170417085 active 281483173139793 ----------------------------------------------------------------------------+ 1 row in set (0.00 sec) Set the end_epoch to -1 and it'll be active. mysql> update node_instantiation set end_epoch =-1 where node_id =1; Query OK, 1 row affected (0.04 sec) Rows matched: 1 Changed: 1 Warnings: 0 mysql> select * from node_instantiation; ---------------------------------------------------------------------------+ node_id end_epoch start_epoch management_addr_ipv4 admin_state dpid ---------------------------------------------------------------------------+ 1 -1 1374712867 2170417085 active 281483173139793 ---------------------------------------------------------------------------+ 1 row in set (0.00 sec)
- Reported by MAX
Problem: -- Decommissioned the node -- Lost the node and could not rediscover -- Deleted oess database -- Reran oess_setup.pl to restore database to clean state -- Discovered and re-added the node and all interfaces -- re-add remote link and click "Submit Topology" This didn't re-submit the topology I believe the correct steps are: -- Go 'admin' page -- Click 'Workgroups' then choose 'OSCARS IDC' -- Add new interfaces in "Allowed Edge Ports" -- Click "Remote Links" then click "Submit Topology"