[et-mgmt-tools] re: "invalid kernel" -- found the problem!
JimmyT _
jtatpbl at gmail.com
Mon Feb 4 19:45:13 UTC 2008
(moving this discussion thread from private email & irc chats to this
list, per request)
-------------------------------------------------------------------------------
if I,
cd /tmp/xen
wget http://mirrors.kernel.org/fedora/releases/8/Fedora/x86_64/os/images/xen/vmlinuz
wget http://mirrors.kernel.org/fedora/releases/8/Fedora/x86_64/os/images/xen/initrd.img
ls -al /tmp/xen
cobbler distro add --name=f8 \
--kernel='/tmp/xen/vmlinuz' --initrd='/tmp/xen/initrd.img' \
--arch=x86_64 --breed=redhat
cobbler profile add --name=f8pv --distro=f8 --virt-type=xenpv \
--virt-ram=512 --virt-cpus=1 --virt-bridge=eth0 --kickstart=/tmp/f8pv_ks.cfg
cobbler sync
ls -al /tmp/xen
-rw-r--r-- 1 root root 6735017 2007-11-02 08:00 initrd.img
-rw-r--r-- 1 root root 1961293 2007-11-02 08:00 vmlinuz
koan --virt --virt-name=testvm --profile=f8pv --server=server.internal.net \
--virt-path=/dev/VG01/testvm \
--autonet --nogfx
FAILS:
- using kickstart: http://10.0.0.100/cblr/kickstarts/f8_min_pv/ks.cfg
libvirtd (pid 2322) is running...
downloading initrd initrd.img to /var/lib/xen/initrd.img
url=http://server.internal.net/cobbler/images/fedora8/initrd.img
- using kickstart:
http://server.internal.net/cobbler/images/fedora8/initrd.img
downloading kernel vmlinuz to /var/lib/xen/vmlinuz
url=http://server.internal.net/cobbler/images/fedora8/vmlinuz
- using kickstart: http://server.internal.net/cobbler/images/fedora8/vmlinuz
libvir: Xen Daemon error : GET operation failed:
libvir: Xen Daemon error : GET operation failed:
libvir: Xen Daemon error : POST operation failed: (xend.err "Error
creating domain: (2, 'Invalid kernel', 'xc_dom_find_loader: no loader
found\\n')")
Traceback (most recent call last):
File "/usr/lib/python2.5/site-packages/koan/app.py", line 192, in main
k.run()
File "/usr/lib/python2.5/site-packages/koan/app.py", line 402, in run
self.virt()
File "/usr/lib/python2.5/site-packages/koan/app.py", line 670, in virt
return self.net_install(after_download)
File "/usr/lib/python2.5/site-packages/koan/app.py", line 624, in
net_install
after_download(self, profile_data)
File "/usr/lib/python2.5/site-packages/koan/app.py", line 668, in
after_download
self.virt_net_install(profile_data)
File "/usr/lib/python2.5/site-packages/koan/app.py", line 1243,
in virt_net_install
fullvirt = fullvirt
File "/usr/lib/python2.5/site-packages/koan/xencreate.py", line
128, in start_install
guest.start_install()
File "/usr/lib/python2.5/site-packages/virtinst/Guest.py", line
813, in start_install
return self._do_install(consolecb, meter)
File "/usr/lib/python2.5/site-packages/virtinst/Guest.py", line
834, in _do_install
self.domain = self.conn.createLinux(install_xml, 0)
File "/usr/lib64/python2.5/site-packages/libvirt.py", line 585,
in createLinux
if ret is None:raise libvirtError('virDomainCreateLinux()
failed', conn=self)
libvirtError: virDomainCreateLinux() failed POST operation failed:
(xend.err "Error creating domain: (2, 'Invalid kernel',
'xc_dom_find_loader: no loader found\\n')")
Checking,
ls -al /var/lib/xen/{vmlinuz*,initrd*}
-rw-r--r-- 1 root root 609 2008-02-01 16:56 /var/lib/xen/initrd.img
-rw-r--r-- 1 root root 609 2008-02-01 16:56 /var/lib/xen/vmlinuz
Those sizes are clearly WRONG! What's "in there"?
Oddly,
cat /var/lib/xen/{vmlinuz,initrd.img)
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
Reason: You're speaking plain HTTP to an SSL-enabled server port.<br />
Instead use the HTTPS scheme to access this URL, please.<br />
<blockquote>Hint: <a
href="https://server.internal.net/"><b>https://server.internal.net/</b></a></blockquote></p>
<hr>
<address>Apache/2.2.6 (Fedora) Server at <a
href="mailto:root at localhost">server.internal.net</a> Port
443</address>
</body></html>
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
Reason: You're speaking plain HTTP to an SSL-enabled server port.<br />
Instead use the HTTPS scheme to access this URL, please.<br />
<blockquote>Hint: <a
href="https://server.internal.net/"><b>https://server.internal.net/</b></a></blockquote></p>
<hr>
<address>Apache/2.2.6 (Fedora) Server at <a
href="mailto:root at localhost">server.internal.net</a> Port
443</address>
</body></html>
This is happening, I believe because koan's DL'ing from:
url=http://server.internal.net/cobbler/images/fedora8/initrd.img
rather than,
url=https://server.internal.net/cobbler/images/fedora8/initrd.img
Checking, if I nav to:
links http://server.internal.net/cobbler/images/fedora8/
I see,
400 Bad Request
Bad
Request
Your browser sent a request that this server could not
understand.
Reason: You're speaking plain HTTP to an SSL-enabled server
port.
Instead use the HTTPS scheme to access this URL, please.
Hint: https://server.internal.net/
---------------------------------------------------------------------------------------------------------------------------------------------------------------
Apache/2.2.6 (Fedora) Server at server.internal.net Port 443
which is what's in those "errant" koan DL's ...
Whereas if I instead nav to:
links https://server.internal.net/cobbler/images/fedora8/
i see as expected,
Index of /cobbler/images/fedora8
Index of /cobbler/images/fedora8
[ICO] Name Last modified Size Description
---------------------------------------------------------
[DIR] Parent Directory -
[ ] initrd.img 01-Feb-2008 16:50 6.4M
[ ] vmlinuz 01-Feb-2008 16:50 1.9M
---------------------------------------------------------
Apache/2.2.6 (Fedora) Server at server.internal.net Port 443
Bottom line ... koan's NOT getting files via the required https://....
And, this, of course, would explain the "invalid kernel" messages I've
been seeing.
Now, the question is config change in koan/cobbler? apache? or a koan
source problem?
HTH,
Jimmy
-------------------------------------------------------------------------------
So to summarize, you have port 80 configured to be HTTPS and you have
shut http:// off?
To get things going you'll need to turn it back on in the Cobbler
server. The address of the cobbler server and the port is configured
in settings, but the URLs
generated will be http://. It does not need to be port 80, but if
it's not, you need to change the port value in /var/lib/cobbler/settings.
This probably explains both your transfer error and the XMLRPC messages.
It would be possible to allow cobbler to generate https:// URLs, though
there is not much point in doing so -- Anaconda itself does not support
authentication.
--Michael
-------------------------------------------------------------------------------
Michael,
I decided to step away from it myself, and have someone else here
setup a new/clean box. again, vanilla f8 + apache.
They've pulled latest git heads of cobbler/koan.
Now, @ their "koan ...",
koan --virt --virt-name=test --server=http://server3.internal.net
--profile=f8test \
--virt-path=/dev/VG03/test --autonet --nogfx
Could not communicate with http://server3.internal.net:25151
checking @ server3
service iptables status
iptables: Firewall is not running.
service ip6tables status
ip6tables: Firewall is not running.
and,
telnet server3.internal.net 25151
Trying 10.0.0.203...
Connected to server3.internal.net.
Escape character is '^]'.
has something changed?
-------------------------------------------------------------------------------
Is cobbler check clean? Is cobblerd running?
-------------------------------------------------------------------------------
yes to both.
cobbler check
No setup problems found
Manual review and editing of /var/lib/cobbler/settings is recommended
to tailor cobbler to your particular configuration.
Good luck.
service cobblerd status
cobblerd (pid 7761 7760 7759 7758) is running...
-------------------------------------------------------------------------------
Can you actually telnet to that port from the remote box?
FYI: Q&A should go to the public list.
-------------------------------------------------------------------------------
yes. that's what the above,
telnet server3.internal.net 25151
Trying 10.0.0.203...
Connected to server3.internal.net.
Escape character is '^]'.
was. sorry, did not make it cleat that the telnet was from a remote.
-------------------------------------------------------------------------------
More information about the et-mgmt-tools
mailing list