Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Get ha-scale-vpn working in travis-ci #31

Open
mestery opened this issue Dec 17, 2018 · 2 comments
Open

Get ha-scale-vpn working in travis-ci #31

mestery opened this issue Dec 17, 2018 · 2 comments

Comments

@mestery
Copy link
Owner

mestery commented Dec 17, 2018

The containers build in travis-ci, but they do not run. I suspect it's an issue with running keepalived on the docker network in travis-ci.
@mestery
Copy link
Owner Author

mestery commented Dec 17, 2018

More details:

ha-scale-vpn
Looking for ha-scale-vpn
Found this value: 
aef665da95b3ea98f515d4f18157c841b459c51bbbc5d29bfa25f39f0b79b191
4b4dc38fce84667e08fe0e426eeb913673c261e673f52dbca207938f0ea9d784
3516edecdd542dfaf4c1b42159a137c0e37bc2665cf35777b87f024cf7d613e5
809fcc88769ddc6a7f4722196251a9368334e68183eb9e6d5a0afaea7aeccd30
Looking for ha-vpn-net
Found this value: 
3ea9078a6a1338bb1900016724b023f5fa40b4a61cfba65b8a012dcfa213d827
+ mv /etc/strongswan.d/charon-logging.conf /etc/strongswan.d/charon-logging.conf.old
+ cat
+ cat
+ cat
+ sudo mv /tmp/ipsec.conf /etc/ipsec.conf
+ cat
+ sudo mv /tmp/ipsec.secrets /etc/ipsec.secrets
+ cat
+ cat
+ iptables -A INPUT -d 10.222.222.95 -i eth0 -j CLUSTERIP --new --hashmode sourceip --clustermac 03:00:5E:00:00:02 --total-nodes 2 --local-node 1 --hash-init 0
+ iptables -A INPUT -d 10.223.223.55 -i eth1 -j CLUSTERIP --new --hashmode sourceip --clustermac 03:00:5E:00:00:12 --total-nodes 2 --local-node 1 --hash-init 0
+ keepalived
+ mkdir -p /etc/ipsec.d/run
+ ipsec start --debug-all
Starting strongSwan 5.7.2dr2 IPsec [starter]...
Loading config setup
  strictcrlpolicy=no
Loading conn 'net-net'
  auto=add
  left=10.222.222.95
  leftauth=psk
  leftsubnet=10.223.223.0/24
  right=%any
  rightauth=psk
  type=tunnel
  ikelifetime=24h
  keyexchange=ikev2
  lifetime=24h
  mobike=no
kernel appears to lack the native netkey IPsec stack
no netkey IPsec stack detected
kernel appears to lack the KLIPS IPsec stack
no KLIPS IPsec stack detected
no known IPsec stack detected, ignoring!
+ mv /etc/strongswan.d/charon-logging.conf /etc/strongswan.d/charon-logging.conf.old
+ cat
+ cat
+ cat
+ sudo mv /tmp/ipsec.conf /etc/ipsec.conf
+ cat
+ sudo mv /tmp/ipsec.secrets /etc/ipsec.secrets
+ cat
+ cat
+ iptables -A INPUT -d 10.222.222.95 -i eth0 -j CLUSTERIP --new --hashmode sourceip --clustermac 03:00:5E:00:00:02 --total-nodes 2 --local-node 2 --hash-init 0
+ iptables -A INPUT -d 10.223.223.55 -i eth1 -j CLUSTERIP --new --hashmode sourceip --clustermac 03:00:5E:00:00:12 --total-nodes 2 --local-node 2 --hash-init 0
+ keepalived
+ mkdir -p /etc/ipsec.d/run
+ ipsec start --debug-all
Starting strongSwan 5.7.2dr2 IPsec [starter]...
Loading config setup
  strictcrlpolicy=no
Loading conn 'net-net'
  auto=add
  left=10.222.222.95
  leftauth=psk
  leftsubnet=10.223.223.0/24
  right=%any
  rightauth=psk
  type=tunnel
  ikelifetime=24h
  keyexchange=ikev2
  lifetime=24h
  mobike=no
kernel appears to lack the native netkey IPsec stack
no netkey IPsec stack detected
kernel appears to lack the KLIPS IPsec stack
no KLIPS IPsec stack detected
no known IPsec stack detected, ignoring!
+ cat
+ sudo mv /tmp/ipsec.conf /etc/ipsec.conf
+ cat
+ sudo mv /tmp/ipsec.secrets /etc/ipsec.secrets
+ mkdir -p /etc/ipsec.d/run
+ ipsec start
Starting strongSwan 5.7.2dr2 IPsec [starter]...
no netkey IPsec stack detected
no KLIPS IPsec stack detected
no known IPsec stack detected, ignoring!
+ sleep 5
+ ipsec up net-net
initiating IKE_SA net-net[1] to 10.222.222.95
generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
sending packet: from 10.222.222.100[500] to 10.222.222.95[500] (392 bytes)
retransmit 1 of request with message ID 0
sending packet: from 10.222.222.100[500] to 10.222.222.95[500] (392 bytes)
retransmit 2 of request with message ID 0
sending packet: from 10.222.222.100[500] to 10.222.222.95[500] (392 bytes)
retransmit 3 of request with message ID 0
sending packet: from 10.222.222.100[500] to 10.222.222.95[500] (392 bytes)
retransmit 4 of request with message ID 0
sending packet: from 10.222.222.100[500] to 10.222.222.95[500] (392 bytes)
retransmit 5 of request with message ID 0
sending packet: from 10.222.222.100[500] to 10.222.222.95[500] (392 bytes)
giving up after 5 retransmits
peer not responding, trying again (2/3)
initiating IKE_SA net-net[1] to 10.222.222.95
generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
sending packet: from 10.222.222.100[500] to 10.222.222.95[500] (392 bytes)
retransmit 1 of request with message ID 0
sending packet: from 10.222.222.100[500] to 10.222.222.95[500] (392 bytes)
retransmit 2 of request with message ID 0
sending packet: from 10.222.222.100[500] to 10.222.222.95[500] (392 bytes)
retransmit 3 of request with message ID 0
sending packet: from 10.222.222.100[500] to 10.222.222.95[500] (392 bytes)
retransmit 4 of request with message ID 0
sending packet: from 10.222.222.100[500] to 10.222.222.95[500] (392 bytes)
retransmit 5 of request with message ID 0
sending packet: from 10.222.222.100[500] to 10.222.222.95[500] (392 bytes)
giving up after 5 retransmits
peer not responding, trying again (3/3)
initiating IKE_SA net-net[1] to 10.222.222.95
generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
sending packet: from 10.222.222.100[500] to 10.222.222.95[500] (392 bytes)
retransmit 1 of request with message ID 0
sending packet: from 10.222.222.100[500] to 10.222.222.95[500] (392 bytes)
retransmit 2 of request with message ID 0
sending packet: from 10.222.222.100[500] to 10.222.222.95[500] (392 bytes)
retransmit 3 of request with message ID 0
sending packet: from 10.222.222.100[500] to 10.222.222.95[500] (392 bytes)
retransmit 4 of request with message ID 0
sending packet: from 10.222.222.100[500] to 10.222.222.95[500] (392 bytes)
retransmit 5 of request with message ID 0
sending packet: from 10.222.222.100[500] to 10.222.222.95[500] (392 bytes)
giving up after 5 retransmits
establishing IKE_SA failed, peer not responding
establishing connection 'net-net' failed
20800804fa628b30f58a2c0d5e07b87ca59cf09450055522a927ae018055b8e8
Finished
travis_time:end:0bde74d4:start=1545060961476167858,finish=1545061515383616331,duration=553907448473
�[0K�[32;1mThe command "make run" exited with 0.�[0m

@mestery
Copy link
Owner Author

mestery commented Dec 17, 2018

And a full travis-ci failure:

https://travis-ci.org/mestery/vpp-container-fun/builds/469069793?utm_source=github_status&utm_medium=notification

mestery added a commit that referenced this issue Dec 18, 2018
@mestery
Re-enable ha-scale-testing in travis-ci
f6b439c 
Closes #31

Now that #33 has merged, re-enable testing ha-scale-vpn in travis-ci,
as I believe the VRRP configuration fixes should allow this to run
again.

Signed-off-by: Kyle Mestery <[email protected]>
@mestery mestery mentioned this issue Dec 18, 2018
Closed
mestery added a commit that referenced this issue Dec 21, 2018
@mestery
Re-enable ha-scale-testing in travis-ci
10dde48 
Closes #31

Now that #33 has merged, re-enable testing ha-scale-vpn in travis-ci,
as I believe the VRRP configuration fixes should allow this to run
again.

Signed-off-by: Kyle Mestery <[email protected]>
mestery added a commit that referenced this issue Jan 2, 2019
@mestery
Re-enable ha-scale-testing in travis-ci
bc3877a 
Closes #31

Now that #33 has merged, re-enable testing ha-scale-vpn in travis-ci,
as I believe the VRRP configuration fixes should allow this to run
again.

Signed-off-by: Kyle Mestery <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Re-enable ha-scale-testing in travis-ci mestery/vpp-container-fun
1 participant
@mestery