Problem with installation

Hi,
I tried to install ComputeStack with ansible on baremetal server.
In general I want to install to test how that works and how looks like.

First question, is possible to install ComputeStack on single baremetal server?

I got errors about postgresql installation, but I need answer on this first question. Maybe that is problem :slight_smile:

Thanks.

Hi Peter,

Yes, it is possible to install on a single bare metal server, with a big caveat… You’ll need to create virtual machines on the bare metal server. To make it quick and easy, you could:

  1. Install proxmox on the bare metal server
  2. Create the minimum number of Debian virtual machines, which is 5.

Here is more info on the 5 virtual machines you’ll want to create: Notion – The all-in-one workspace for your notes, tasks, wikis, and databases.

Navigate to Example Configurations → Single-Node Environment.

With that being said, I personally run CS on just a single server for development, so it is certainly possible, however that scenario is not covered by our ansible installer since it’s not a common use case.

I would also add that if you just want to see it, you could use our demo server: ComputeStacks

Thank you @kwatson !

1 Like

One more question about this.
I have strong experience with proxmox and that is not problem.

Just question.
Because I have one public IP on that bare metal server. I supposed I can install 5 Debian machines with some IP set from private subnet, because VM can communicate with each other over private subnet?

It’s fine to use a private IP for all the VMs, but there are a few additional steps you’ll need to take.

First, ensure the machine you’re running ansible on as access to the private IP space and that all VMs can communicate with each other prior to running ansible.

We need valid SSL certificates for a few of the key components within the platform. By default this is done via HTTP, which will of course fail with private IPs. We have a solution for this, and that is to use DNS validation.

We have built in support for quite a few DNS providers. Here are the ansible parameters you’ll need:

Because you will be running the metrics server, container registry, and controller on the same VM (if you following our single-node architecture recommendations), you only need to add this to the controller under inventory.yml.

Don’t forget to also set the acme_challenge_method! The name that you will set is in the comment for each method. For example, DigitalOcean would be do, Cloudflare DNS Challenge would be cloudflare.

And finally, unless the two powerdns servers you create are somehow linked to a real domain, you will most likely be unable to generate a wildcard certificate for the load balancer – so all of the default domains for the containers will have a self-signed certificate.

As you move forward writing your inventory.yml file for ansible, I would also encourage you to check against our sample file, as well as, our terraform scripts to make sure you have all the required pieces to your inventory file.

1 Like

Hi @kwatson
just let you know that I successfully installed CS with this.

SSL works, I set dns challenge over CloudFlare.

Now, I have another issue and I can’t figure what is the problem.
I don’t know, may I continue to write here or need to open a new thread?

When I try to create New Project, I select on example Wordpress, I set Project name, title etc…
but, when I choose button CREATE I got error:

There are no availability zones available

I tried to figure out what was the problem, but I didn’t.
Thank you.

Hello –

There are three scenarios that could be causing that error:

  1. The node does not have enough CPU/Memory to accommodate the packages you selected on the package selection screen.
  2. The node is offline, or
  3. Either prometheus (our metrics system) is unable to pull metrics from the node, or the controller is unable to communicate with Prometheus.

You can quickly verify #3 by navigating to the admin and clicking Settings → Regions → and then Manage on the availability zone. You should see a list of the node(s), and stats for memory, cpu, and load. If you see no values, then it’s time to troubleshoot #3 more. I can provide additional guidance if that’s the issue.

Yes, looks like problem is in the Prometheus.
I can’t see values when I manage Regions.

As I can see on the controller, the prometheus docker container is up and running. Also, curl return metrics:

curl http://127.0.0.1:9090/metrics

Edit:

Also, when I run curl from controller to node I get metrics.

curl http://node_ip:9100/metrics

The controller won’t directly connect like that, since normally in production prometheus would be on a different server. Instead, it will be proxied through nginx with basic authentication enabled.

To see how that works, you can review the bootstrap script that was created during installation. That file is here (on the controller): /var/lib/computestacks/rake/bootstrap.rake.When you read the file, search for MetricClient.create!.

Here is the template from the ansible installer: https://git.cmptstks.com/cs-public/ops/ansible-install/-/blob/master/roles/controller/templates/bootstrap.rake#L104

You can then test that it works from the controller by running:

curl -u promuser:PROMETHEUS-PASSWORD https://METRICS-DOMAIN:3101/api/v1/status/buildinfo

If you find that it’s a dns issue with the domain & local ip’s, then you’ll probably need to also look at Loki for log management – logs will probably not work either.

A quick an easy solution is to just add static entries in /etc/hosts on both the controller and node.

Once you make that change on the node, restart fluentd for good measure: systemctl restart fluentd.

Problem is not in DNS.
When I edit /var/lib/computestacks/rake/bootstrap.rake
I saw MetricClient.create! don’t have set password for promuser and loguser.
In htpasswd is set encrypted pass.

I generated new pass and I updated httpasswd file and I can curl, but metrics don’t work. I’m sure somewhere else more I need to change that new pass?

The bootrsrtrap.rake file looks like:

puts "Creating Metric Client"
  mc = MetricClient.find_by(endpoint: "https://metrics.a.my_domain:3101")
  mc = MetricClient.create!(
    endpoint: "https://metrics.a.my_domain:3101",
    username: "promuser",
    password: ""
  ) if mc.nil?

  # Log Client is used by the controller
  # `loki_*` settings on the region are used by containers.
  lc = LogClient.find_by(endpoint: "https://metrics.a.my_domain:3102")
  lc = LogClient.create!(
    endpoint: "https://metrics.a.my_domain:3102",
    username: "loguser",
    password: ""
  ) if lc.nil?

When I updated httpass with known password curl get me:

curl -u promuser:my_new_pass https://metrics.a.my_domain:3101/api/v1/status/buildinfo

{"status":"success","data":{"version":"2.38.0","revision":"818d6e60888b2a3ea363aee8a9828c7bafd73699","branch":"HEAD","buildUser":"root@e6b781f65453","buildDate":"20220816-13:23:14","goVersion":"go1.18.5"}}

Where I need to set a new pass ?

Interesting, so my guess is that the prometheus and Loki pw fields were not filled in:

We have a todo item to generate those automatically for the future…

if you now have passwords for both, you’ll want to update fluentd on the node, as well as, the controller.

FluentD

Edit /etc/systemd/system/fluentd.service and update the LOKI_PASSWORD environmental variable with the Loki password you generated. Then run

systemctl daemon-reload && systemctl restart fluentd

Controller

On the controller, type stacks console to enter the console and run:

MetricClient.first.update password: "THE-PROMETHEUS-PASS"
LogClient.first.update password: "THE-Loki-PASS"
exit

Fluentd I found earlier and yet updated.

Now I set this console variables. At me command for console is cstacks console, maybe you made typo :slight_smile:

After this, metrics works and I can create Project.
Thank you @kwatson on your help.

yes, cstacks. autocorrect got me :slight_smile:

Glad you’re up and running!

1 Like