Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Config: Configuration from source failed verification #2269

Open
dawsarjomaa007 opened this issue Aug 19, 2024 · 5 comments
Open

Config: Configuration from source failed verification #2269

dawsarjomaa007 opened this issue Aug 19, 2024 · 5 comments

Comments

@dawsarjomaa007
Copy link

In an attempt to install a local development environment of X-Road, I have used the ansible-playbook to initiate the following LXC containers:

+----------+---------+-
| NAME | STATE |
+----------+---------+-
| demo-ca | RUNNING |
+----------+---------+-
| demo-cs | RUNNING |
+----------+---------+-
| demo-ss1 | RUNNING |
+----------+---------+-
| demo-ss2 | RUNNING |
+----------+---------+-

In the configuration part, I have managed to follow the necessary steps to setup the central server by creating a member-class, allocating an organization member and uploading all the needed certificates.

When it came to setting up the first security server, it asked me to download the anchor internal configuration provided by the central server and upload it.

The import action kept loading for a while and then returned the following error:

Configuration from source failed verification
ID: 66c350a4291fc2e7aad2c5832c322672

=====================
@petkivim
Copy link
Contributor

Hi @DTJ03! Have you looked at the /var/log/xroad/configuration_client.log log file on the Security Server for details?

@dawsarjomaa007
Copy link
Author

Thank you for replying, it turns to be that I'm dealing with a gnarly issue where LXC containers just refuse to talk to each other over a second network bridge (lxdbr1). Both containers (demo-ss1 and demo-cs) are connected to this bridge with proper interfaces configured, but no matter what I try, they won't ping or connect via Netcat.

Here’s what I’ve done so far:

  • Network Config: Checked and re-checked the LXD network config. The containers are on lxdbr1, which is a bridge with NAT enabled for both IPv4 and IPv6. The bridge and interfaces are all up and running with appropriate IPs.

  • Firewall: Both containers have clean iptables, with no rules blocking anything—everything’s wide open with default ACCEPT policies.

  • IP Forwarding: Confirmed that IP forwarding is enabled in both containers. No luck there either.

  • Subnet Confusion: Initially, there was a subnet mismatch between the bridge and the container interfaces, but that’s been corrected. Still no dice.

  • Host Connectivity: The host can ping the containers just fine, but the containers themselves can’t see each other. Tried disabling and re-enabling NAT on the bridge, and restarted LXD.

I’ve gone through the bridge’s settings, the LXD network show, and even restarted the LXD daemon after toggling NAT. Yet, the containers still refuse to communicate over lxdbr1. Could it be something weird with how the bridge is handling traffic between the containers? Or maybe there's a more subtle networking issue at play?

Any ideas? I'm pretty stumped here.

@petkivim
Copy link
Contributor

Have you tried using the default network bridge (lxdbr0)? I remember that in the past there have been problems when using other than the default bridge.

@eltonlaice
Copy link

im facing the same problem. Any solution?

@eltonlaice
Copy link

fixed from my side!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@petkivim @eltonlaice @dawsarjomaa007