https://netmaker.org logo
Join Discord
Powered by
I can't access anything after installing it accord...
# install
b
I can't access anything after installing it according to the tutorial. And found that the server port 80 is not started. IP Address: (Public) 8.219.133.149 (Internal) 172.17.43.72 wget -O docker-compose.yml https://raw.githubusercontent.com/gravitl/netmaker/master/compose/docker-compose.yml sed -i 's/NETMAKER_BASE_DOMAIN/sdwan.55860.com/g' docker-compose.yml sed -i 's/SERVER_PUBLIC_IP/8.219.133.149/g' docker-compose.yml sed -i 's/COREDNS_IP/172.17.43.72/g' docker-compose.yml sed -i 's/YOUR_EMAIL/175338101@qq.com/g' docker-compose.yml
j
check traefik logs
@brief-breakfast-32867 ^
"docker logs traefik"
b
@jolly-london-20127thank you very much
root@iZt4nj06dtphbk91swgvqtZ:~# docker logs traefik time="2022-09-29T11:24:36Z" level=info msg="Configuration loaded from flags." time="2022-09-29T11:24:36Z" level=info msg="Traefik version 2.6.7 built on 2022-05-24T14:19:52Z" time="2022-09-29T11:24:36Z" level=info msg="\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://doc.traefik.io/traefik/contributing/data-collection/\n" time="2022-09-29T11:24:36Z" level=info msg="Starting provider aggregator.ProviderAggregator" time="2022-09-29T11:24:36Z" level=info msg="Starting provider *traefik.Provider" time="2022-09-29T11:24:36Z" level=info msg="Starting provider *docker.Provider" time="2022-09-29T11:24:36Z" level=info msg="Starting provider *acme.ChallengeTLSALPN" time="2022-09-29T11:24:36Z" level=info msg="Starting provider *acme.Provider" time="2022-09-29T11:24:36Z" level=info msg="Testing certificate renew..." providerName=http.acme ACME CA="https://acme-v02.api.letsencrypt.org/directory" time="2022-09-29T11:24:38Z" level=error msg="service \"mqtts-svc\" error: unable to find the IP address for the container \"/mq\": the server is ignored" providerName=docker container=mq-root-59d626391021d24268afff6dbcec7f10862349e4ca6eb9211453fb7b267363d3 time="2022-09-29T11:24:39Z" level=error msg="service \"mqtts-svc\" error: unable to find the IP address for the container \"/mq\": the server is ignored" container=mq-root-59d626391021d24268afff6dbcec7f10862349e4ca6eb9211453fb7b267363d3 providerName=docker time="2022-09-29T11:24:41Z" level=info msg=Register... providerName=http.acme time="2022-09-29T11:34:38Z" level=warning msg="A new release has been found: 2.8.7. Please consider updating." root@iZt4nj06dtphbk91swgvqtZ:~#
b
is the mq container running?
b
root@iZt4nj06dtphbk91swgvqtZ:~# docker-compose up -d netmaker is up-to-date traefik is up-to-date mq is up-to-date coredns is up-to-date netmaker-ui is up-to-date
How does MQ work? I see no introduction in the documentation.
Thank you very much for your enthusiasm. I've been working on it for two days and haven't gotten it right.
b
mq is a mosquitto broker and is used to pass updates to/from the netmaker server and netclient nodes
b
This does not write that you need to install MQ separately? Do I need to install manually?
b
it is included in the docker-compose and gets installed updated via docker (same as traefik)
b
Running MQ via command seems to be up.
😭
1664450678: OpenSSL Error[2]: error:140DC002:SSL routines:use_certificate_chain_file:system lib 1664450678: mosquitto version 2.0.11 starting 1664450678: Config loaded from /mosquitto/config/mosquitto.conf. 1664450678: Opening ipv4 listen socket on port 8883. 1664450678: Opening ipv6 listen socket on port 8883. 1664450678: Error: Unable to load CA certificates. Check cafile "/mosquitto/certs/root.pem". 1664450678: Error: Unable to load server certificate "/mosquitto/certs/server.pem". Check certfile. 1664450678: OpenSSL Error[0]: error:02001002:system
docker logs mq
b
mq probably started too quickly before netmaker was able to create the certs run 
docker stop mq; docker start mq
and check the mq logs again
b
1664450678: Opening ipv6 listen socket on port 8883. 1664450678: Error: Unable to load CA certificates. Check cafile "/mosquitto/certs/root.pem". 1664450678: Error: Unable to load server certificate "/mosquitto/certs/server.pem". Check certfile. 1664450678: OpenSSL Error[0]: error:02001002:system library:fopen:No such file or directory 1664450678: OpenSSL Error[1]: error:20074002:BIO routines:file_ctrl:system lib 1664450678: OpenSSL Error[2]: error:140DC002:SSL routines:use_certificate_chain_file:system lib 1664450678: mosquitto version 2.0.11 starting 1664450678: Config loaded from /mosquitto/config/mosquitto.conf. 1664450678: Opening ipv4 listen socket on port 8883. 1664450678: Opening ipv6 listen socket on port 8883. 1664450678: Error: Unable to load CA certificates. Check cafile "/mosquitto/certs/root.pem". 1664450678: Error: Unable to load server certificate "/mosquitto/certs/server.pem". Check certfile. 1664450678: OpenSSL Error[0]: error:02001002:system library:fopen:No such file or directory 1664450678: OpenSSL Error[1]: error:20074002:BIO routines:file_ctrl:system lib 1664450678: OpenSSL Error[2]: error:140DC002:SSL routines:use_certificate_chain_file:system lib 1664450680: mosquitto version 2.0.11 starting 1664450680: Config loaded from /mosquitto/config/mosquitto.conf.
b
what is in your /root/certs dir on the server?
b
My VPS is a device with NAT like a network card is an internal network. Ali Cloud. He has a public IP. root@iZt4nj06dtphbk91swgvqtZ:~# ip route get 1 | sed -n 's/^.*src \([0-9.]*\) .*$/\1/p' 172.17.43.72 root@iZt4nj06dtphbk91swgvqtZ:~# ^C P-Address: (Public) 8.219.133.149 (Internal) 172.17.43.72 Will it affect the installation process? Which IP do I need to configure the file to write to.
docker-compose.yml mosquitto.conf root@iZt4nj06dtphbk91swgvqtZ:~# ls /root docker-compose.yml mosquitto.conf root@iZt4nj06dtphbk91swgvqtZ:~#
b
can you post your docker-compose file
b
ls
b
ok... looks ok
can you provide the output of 
ls /var/lib/docker/volumes/root_shared_certs/_data
b
root@iZt4nj06dtphbk91swgvqtZ:~# ls /var/lib/docker/volumes/root_shared_certs/_data root.key root.pem serverclient.key serverclient.pem server.key server.pem root@iZt4nj06dtphbk91swgvqtZ:~#
b
hmmm... that looks the way it shouldl
ok ... try stopping docker 
docker-compose down
; deleting the files in that dir ; and then restart docker 
docker-compose up -d
b
oot@iZt4nj06dtphbk91swgvqtZ:~# docker-compose down Stopping netmaker-ui ... done Stopping netmaker ... done Stopping coredns ... done Stopping mq ... done Stopping traefik ... done Removing netmaker-ui ... done Removing netmaker ... done Removing coredns ... done Removing mq ... done Removing traefik ... done Removing network root_default root@iZt4nj06dtphbk91swgvqtZ:~# docker-compose up -d Creating network "root_default" with the default driver Creating netmaker ... error Creating traefik ... done ERROR: for netmaker Cannot start service netmaker: failed to create shim: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting "/var/lib/docker/volumes/root_shared_certs/_data" to rootfs at "/etc/netmaker": stat /var/lib/docker/volumes/root_shared_certs/_data: no such file or directory: unknown ERROR: for netmaker Cannot start service netmaker: failed to create shim: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting "/var/lib/docker/volumes/root_shared_certs/_data" to rootfs at "/etc/netmaker": stat /var/lib/docker/volumes/root_shared_certs/_data: no such file or directory: unknown ERROR: Encountered errors while bringing up the project. root@iZt4nj06dtphbk91swgvqtZ:~#
root@iZt4nj06dtphbk91swgvqtZ:~# mkdir /var/lib/docker/volumes/root_shared_certs/_data root@iZt4nj06dtphbk91swgvqtZ:~# docker-compose up -d Starting netmaker ... Starting netmaker ... done Creating coredns ... done Creating netmaker-ui ... done Creating mq ... done root@iZt4nj06dtphbk91swgvqtZ:~#
root@iZt4nj06dtphbk91swgvqtZ:~# docker logs mq 1664465082: mosquitto version 2.0.11 starting 1664465082: Config loaded from /mosquitto/config/mosquitto.conf. 1664465082: Opening ipv4 listen socket on port 8883. 1664465082: Opening ipv6 listen socket on port 8883. 1664465082: Error: Unable to load CA certificates. Check cafile "/mosquitto/certs/root.pem". 1664465082: Error: Unable to load server certificate "/mosquitto/certs/server.pem". Check certfile. 1664465082: OpenSSL Error[0]: error:02001002:system library:fopen:No such file or directory 1664465082: OpenSSL Error[1]: error:20074002:BIO routines:file_ctrl:system lib 1664465082: OpenSSL Error[2]: error:140DC002:SSL routines:use_certificate_chain_file:system lib 1664465082: mosquitto version 2.0.11 starting 1664465082: Config loaded from /mosquitto/config/mosquitto.conf. 1664465082: Opening ipv4 listen socket on port 8883. 1664465082: Opening ipv6 listen socket on port 8883. 1664465082: Opening ipv4 listen socket on port 1883. 1664465082: Opening ipv6 listen socket on port 1883. 1664465082: mosquitto version 2.0.11 running 1664465083: New connection from 172.19.0.3:47946 on port 1883. 1664465083: New client connected from 172.19.0.3:47946 as 6ABK61KDnD3YIQJLCo9EexG (p2, c1, k60). root@iZt4nj06dtphbk91swgvqtZ:~#
b
ok that looks good
b
Still can't seem to open the web ui
b
any errors in traefik or netmaker-ui ?
b
root@iZt4nj06dtphbk91swgvqtZ:~# docker logs traefik time="2022-09-29T15:26:59Z" level=info msg="Configuration loaded from flags." time="2022-09-29T15:26:59Z" level=info msg="Traefik version 2.6.7 built on 2022-05-24T14:19:52Z" time="2022-09-29T15:26:59Z" level=info msg="\nStats collection is disabled.\nHelp us improve Traefik by turning this feature on :)\nMore details on: https://doc.traefik.io/traefik/contributing/data-collection/\n" time="2022-09-29T15:26:59Z" level=info msg="Starting provider aggregator.ProviderAggregator" time="2022-09-29T15:26:59Z" level=info msg="Starting provider *docker.Provider" time="2022-09-29T15:26:59Z" level=info msg="Starting provider *traefik.Provider" time="2022-09-29T15:26:59Z" level=info msg="Starting provider *acme.Provider" time="2022-09-29T15:26:59Z" level=info msg="Testing certificate renew..." providerName=http.acme ACME CA="https://acme-v02.api.letsencrypt.org/directory" time="2022-09-29T15:26:59Z" level=info msg="Starting provider *acme.ChallengeTLSALPN" time="2022-09-29T15:27:00Z" level=error msg="service \"mqtts-svc\" error: unable to find the IP address for the container \"/mq\": the server is ignored" providerName=docker container=mq-root-12297a2e14d897c64199860715759d701a799a3369f0558e39921238e054105e root@iZt4nj06dtphbk91swgvqtZ:~#
root@iZt4nj06dtphbk91swgvqtZ:~# docker logs netmaker-ui >>>> backend set to: https://api.sdwan.55860.com <<<<< 2022/09/29 15:27:00 [notice] 8#8: using the "epoll" event method 2022/09/29 15:27:00 [notice] 8#8: nginx/1.21.6 2022/09/29 15:27:00 [notice] 8#8: built by gcc 10.3.1 20211027 (Alpine 10.3.1_git20211027) 2022/09/29 15:27:00 [notice] 8#8: OS: Linux 5.4.0-47-generic 2022/09/29 15:27:00 [notice] 8#8: getrlimit(RLIMIT_NOFILE): 1048576:1048576 2022/09/29 15:27:00 [notice] 8#8: start worker processes 2022/09/29 15:27:00 [notice] 8#8: start worker process 9 2022/09/29 15:27:00 [notice] 8#8: start worker process 10 root@iZt4nj06dtphbk91swgvqtZ:~#
?
b
nvm. I thought I saw something in your docker-compose file but I was wrong
what does your browser say when you go to http://dashboard.sdswan.55860.com
nslookup fails ... do you have dns records?
b
This page is currently unavailable dashboard.sdswan.55860.com is currently unable to process this request. HTTP ERROR 503
b
1. Prepare DNS¶ Create a wildcard A record pointing to the public IP of your VM. As an example, *.netmaker.example.com. Alternatively, create records for these specific subdomains: dashboard.domain api.domain broker.domain
nslookup dashboard.sdswan.55860.com Server: 127.0.0.53 Address: 127.0.0.53#53 ** server can't find dashboard.sdswan.55860.com: NXDOMAIN
your dns needs fixing; can't help you with that
b
dashboard.sdwan.55860.com
ok
C:\Users\suyun>nslookup dashboard.sdswan.55860.com 服务器: public1.alidns.com Address: 223.5.5.5 * public1.alidns.com 找不到 dashboard.sdswan.55860.com: Non-existent domain
hi
503
Does it not support third-level domain names like sdwan.55860.com?
b
The endpoint has to resolve
b
OK good!
One question, I use below openwrt, is there some preset config file? And correctly compile the integrated firmware. For example /etc/config/netmasker? If so how are the rules?
2 Views
PreviousNext
Powered by