cloudstack: Agent : SSL Handshake failed while connecting to host on port: 8250

ISSUE TYPE
  • Bug Report
COMPONENT NAME
cloudstack-agent - kvm
CLOUDSTACK VERSION
4.15.0.0
SUMMARY

I cant add a kvm, it works with xcp-ng/xen but not with kvm and I get this error :

Feb  7 00:59:56 cloud java[3387]: INFO  [cloud.agent.Agent] (main:) (logid:) Connecting to host:192.168.56.85
Feb  7 00:59:56 cloud java[3387]: INFO  [utils.nio.NioClient] (main:) (logid:) Connecting to 192.168.56.85:8250
Feb  7 00:59:56 cloud java[3387]: INFO  [utils.nio.Link] (main:) (logid:) Conf file found: /etc/cloudstack/agent/agent.properties
Feb  7 00:59:56 cloud java[3387]: WARN  [utils.nio.Link] (main:) (logid:) Failed to load keystore, using trust all manager
Feb  7 00:59:56 cloud java[1689]: ERROR [c.c.u.n.Link] (AgentManager-SSLHandshakeHandler-1:null) (logid:) SSL error caught during wrap data: Empty server certificate chain, for local address=>Feb  7 00:59:56 cloud java[3387]: ERROR [utils.nio.Link] (main:) (logid:) SSL error caught during unwrap data: Received fatal alert: bad_certificate, for local address=/192.168.56.85:53164, r>Feb  7 00:59:56 cloud java[3387]: ERROR [utils.nio.NioClient] (main:) (logid:) SSL Handshake failed while connecting to host: 192.168.56.85 port: 8250
Feb  7 00:59:56 cloud java[3387]: ERROR [utils.nio.NioConnection] (main:) (logid:) Unable to initialize the threads.
Feb  7 00:59:56 cloud java[3387]: java.io.IOException: SSL Handshake failed while connecting to host: 192.168.56.85 port: 8250
Feb  7 00:59:56 cloud java[3387]: #011at com.cloud.utils.nio.NioClient.init(NioClient.java:67)
Feb  7 00:59:56 cloud java[3387]: #011at com.cloud.utils.nio.NioConnection.start(NioConnection.java:95)
Feb  7 00:59:56 cloud java[3387]: #011at com.cloud.agent.Agent.start(Agent.java:294)
Feb  7 00:59:56 cloud java[3387]: #011at com.cloud.agent.AgentShell.launchNewAgent(AgentShell.java:455)
Feb  7 00:59:56 cloud java[3387]: #011at com.cloud.agent.AgentShell.launchAgentFromClassInfo(AgentShell.java:422)
Feb  7 00:59:56 cloud java[3387]: #011at com.cloud.agent.AgentShell.launchAgent(AgentShell.java:406)
Feb  7 00:59:56 cloud java[3387]: #011at com.cloud.agent.AgentShell.start(AgentShell.java:512)
Feb  7 00:59:56 cloud java[3387]: #011at com.cloud.agent.AgentShell.main(AgentShell.java:547)
Feb  7 00:59:56 cloud java[3387]: INFO  [utils.nio.NioClient] (main:) (logid:) NioClient connection closed
Feb  7 00:59:56 cloud java[3387]: INFO  [cloud.agent.Agent] (main:) (logid:) Attempted to connect to the server, but received an unexpected exception, trying again...
Feb  7 00:59:56 cloud java[3387]: com.cloud.utils.exception.NioConnectionException: SSL Handshake failed while connecting to host: 192.168.56.85 port: 8250
Feb  7 00:59:56 cloud java[3387]: #011at com.cloud.utils.nio.NioConnection.start(NioConnection.java:101)
Feb  7 00:59:56 cloud java[3387]: #011at com.cloud.agent.Agent.start(Agent.java:294)
Feb  7 00:59:56 cloud java[3387]: #011at com.cloud.agent.AgentShell.launchNewAgent(AgentShell.java:455)
Feb  7 00:59:56 cloud java[3387]: #011at com.cloud.agent.AgentShell.launchAgentFromClassInfo(AgentShell.java:422)
Feb  7 00:59:56 cloud java[3387]: #011at com.cloud.agent.AgentShell.launchAgent(AgentShell.java:406)
Feb  7 00:59:56 cloud java[3387]: #011at com.cloud.agent.AgentShell.start(AgentShell.java:512)
Feb  7 00:59:56 cloud java[3387]: #011at com.cloud.agent.AgentShell.main(AgentShell.java:547)
Feb  7 00:59:56 cloud java[3387]: Caused by: java.io.IOException: SSL Handshake failed while connecting to host: 192.168.56.85 port: 8250
Feb  7 00:59:56 cloud java[3387]: #011at com.cloud.utils.nio.NioClient.init(NioClient.java:67)
Feb  7 00:59:56 cloud java[3387]: #011at com.cloud.utils.nio.NioConnection.start(NioConnection.java:95)
Feb  7 00:59:56 cloud java[3387]: #011... 6 more
Feb  7 00:59:56 cloud java[1689]: INFO  [c.c.a.m.AgentManagerImpl] (AgentManager-Handler-3:null) (logid:) Connection from /192.168.56.85 closed but no cleanup was done.

About this issue

  • Original URL
  • State: closed
  • Created 3 years ago
  • Comments: 31 (27 by maintainers)

Most upvoted comments

@abdelouahabb since you’ve disabled auth strictness you may want to do the same on your libvirtd, set the listen_tls = 0 and listen_tcp = 1 in libvirtd conf, restart libvirtd and try again.

Since the original issue of agent SSL failure was fixed with the global setting workaround, I’ll close the ticket. Please open new ticket for unrelated failures. I think you’re using a nested env in VirtualBox and the env lack entropy, otherwise the SSL handshake would also work. (from experience VMs in some desktop hypervisors for ex. VirtualBox run slower compared to on baremetal or more modern/well-supported hypervisors such as KVM, VMware).

+1
rohityadavcloud on Mar 6, 2021
Read more comments on GitHub
← cloudstack: 4.12 add host fail ,using tls connection
cloudstack: Cannot associate a public IP to a new isolated network (4.12.0.0) →