KEDB

From EGIWiki
Jump to: navigation, search
Main EGI.eu operations services Support Documentation Tools Activities Performance Technology Catch-all Services Resource Allocation Security


Documentation menu: Home Manuals Procedures Training Other Contact For: VO managers Administrators


Contents

This page provides a central database for Known Errors, namely identified problems for which an underlying cause has been identified already and a workaround is available. Known errors are shared on EGI wiki for the following reasons:

This page can host also problems who root cause is known, but no workaround is yet available, in order to proactively provide a reference to the EGI HelpDesk.

Known errors and corresponding workarounds are also provided:

For these cases, the references are not provided in the Central database for Known Errors and no other central source of information, as aligning the original source and the central replication of information would lead to synchronisation issues and useless information maintenance overload. Instead, references to direct sources are provided in the Product Documentation Guidepost.

Updating the KEDB:

Please use the following template (just copy/paste):

== [$CREATION-DATE-(YYYY/MM/DD)] $TITLE (SOLVED/OPEN) ==
*'''Services affected:''' 
*'''Entities impacted:''' 
*'''Description:''' 
*'''References:''' 
*'''Mitigations/Workarounds:''' 
*'''Solution:''' 


Summary table

Date Name Services affected Entities impacted Description References Mitigations/Workarounds Solution Status
2017-04-12 CREAM-CE connection problems in SLC 6.9 CREAM in UMD3/UMD4 for SL6 CREAM based Resource Centres connection error after upgrade to latest packages GGUS 127656 upgrade Java to java-1.7.0-openjdk 1.7.0.95 upgrade Java to java-1.7.0-openjdk 1.7.0.95 SOLVED
2017-02-10 apt returns "Unable to find expected entry 'main/binary-i386/Packages'on CMD-OS for Trusty CMD-OS 1.0.0 for Ubuntu Trusty Resource Centres using CMD-OS (OpenStack based cloud sites) sources.list distributed with cmd-os-release makes apt default to i386 instead of amd64, preventing from fetching the correct repositories; as a consequence apt cannot fetch Ubuntu Trusty CMD-OS repository and returns "Unable to find expected entry 'main/binary-i386/Packages' in Release file (Wrong sources.list entry or malformed file)" Email reported to UMD team list Add [arch=amd64] manually to repo line in sources.list: released in CMD-OS 1.1.1 SOLVED
2016-12-13 Services using JGlobus fail with RFC proxies from certificates from some CAs dCache < v2.14, BeStMan Services using JGlobus fail with RFC proxies having Non-Repudiation key usage flag set, e.g. those created by usual voms-proxy-init from Grid Canada certificate GGUS 124650 two stage proxy (plain RFC proxy, then voms-proxy-init -noregen) works dCache>=2.14, unknown for BeStMan; problem can be archived after July 2017, when dCache 2.13 will be considered out of production and >=2.16 mandatory for the overall EGI infrastructure SOLVED
2016-10-10 canL upgrade of UMD 3.14.4 and UMD 4.2.1 can break proxy renewal on CREAM CREAM All VOs using proxy renewal on CREAM after canL upgrade CREAM services can stop submitting jobs using proxy renewal UMD 4.2.1 post-mortem CNAF CE WLCG meeting In order to minimize impact of disruptions by upgrades, RCs should use minimal installation of the OS in order to minimize conflicts, and not upgrade all the services at the same time (if there are several instances running for the same service); also not upgrade all the services automatically remove dracut-fips packagebefore upgrading SOLVED
2016-09-06 clock skew on client FedCloud UI causes authentication problems on well-working sites FedCloud UI HOWTO11 All users using FedCloud command line tools HOWTO11 the problems are observed when (re)using a VM used as UI to access the FedCloud resources; restarting a VM from a snapshot/suspension can very easily bring to unsynced CRL and clock skew on the VM GGUS 119839 GGUS 120343 GGUS 123580 GGUS 125530 To mitigate, we advise users to run fetch-crl and ntpdate pool.ntp.org, and usually everything gets fixed (if the root causes are CRL+clock). As a workaround, run fetch-crl at start time and every 6 hours and install and configure ntp to avoid clock skews Fetch CRLs is done at the moment of installation. fetch-crl package includes a cron for updating them. In any case the UI already has this to run on boot. For clock-skew, the image needed ntpd, it has been added to the image usually users use to start the VM. Eventually all running VMs will have fetch-crl and ntp correctly configured. SOLVED
2016-06-29 umd-release-3.0.1 rpm has stopped working, preventing new installation of the UMD3 UMD 3.14.2 All services based on UMD3 umd-release packaged, used for adding the UMD3 repository to an existing installation, is not working anymore GGUS 122424 yum can be invoked with the "--nogpgcheck" new versions of umd-release shipped with UMD 3.14.7 and UMD 4.3.2 fix this both for new installations and updates SOLVED

Known Errors not solved yet

Archived Known Errors

[2017-04-12] CREAM-CE connection problems in SLC 6.9 (SOLVED)

$ glite-ce-job-submit -a -r cream-ce.kipt.kharkov.ua:8443/cream-pbs-cms test.jdl
2017-04-10 20:37:36,236 FATAL - Connection to service [https://cream-ce.kipt.kharkov.ua:8443/ce-cream/services/gridsite-delegation] failed: FaultString=[SSL error] - FaultCode=[SOAP-ENV:Client] - FaultSubCode=[SOAP-ENV:Client] - FaultDetail= [SSL authentication failedin tcp_connect(): check password, key file, and ca file.]

$ openssl s_client -connect cream-ce.kipt.kharkov.ua:8443
140600093460296:error:14082174:SSLroutines:SSL3_CHECK_CERT_AND_ALGORITHM:dh key too small:s3_clnt.c:3345:
Server Temp Key: DH, 768 bits

[2017-02-10] apt returns "Unable to find expected entry 'main/binary-i386/Packages'on CMD-OS for Trusty (SOLVED)

 $ cat CMD-OS-1-base.list

    # CMD-OS-1-base

    deb [arch=amd64]
    [http://repository.egi.eu/sw/production/cmd-os/1/ubuntu/ http://repository.egi.eu/sw/<wbr></wbr>production/cmd-os/1/ubuntu/] trusty main

[2016-12-13] Services using JGlobus fail with RFC proxies from certificates from some CAs (SOLVED)

[2016-10-10] canL upgrade of UMD 3.14.4 and UMD 4.2.1 can break proxy renewal on CREAM (SOLVED)

[2016-09-06] clock skew on client FedCloud UI causes authentication problems on well-working sites (SOLVED)

https://ggus.eu/index.php?mode=ticket_info&ticket_id=119839 https://ggus.eu/index.php?mode=ticket_info&ticket_id=120343 https://ggus.eu/index.php?mode=ticket_info&ticket_id=123580 https://ggus.eu/index.php?mode=ticket_info&ticket_id=125530

As a workaround, run fetch-crl at start time and every 6 hours and install and configure ntp to avoid clock skews

[2016-06-29] umd-release-3.0.1 rpm has stopped working, preventing new installation of the UMD3 (SOLVED)

Personal tools
Namespaces
Variants
Actions
Navigation
Toolbox
Print/export