Deployment: Self hosted; VMSphere hypervisor; Ubuntu 20.04 virtual machines
EaaSI Version: 2021.10
Browser: Chromium v105.0.5160.0
Description: In trying to deploy EaaSI in a self-hosted environment using virtual machines, we have hit what appears to be a blocking issue: when running the deploy script, it is failing at the task wait for eaas-server to start up
with a 502 Bad Gateway error. At the same time, we were seeing SSL-related errors in the logs for the eaas container. However running this command (gleaned from the setup page of the EaaSI handbook) fixed that issue and (we are assuming) addressed the cause of the 502 error the deploy script was encountering:
$ sudo docker exec eaas sv restart nghttpx
We are able to access the login page using a browser, however if I enter correct credentials I am then taken to a blank page, which eventually redirects back to the login page. Inspecting the source for this page reveals a body tag that contains only a ‘noscript’ tag with a message about EaaSI not working without JavaScript – our browser is running JavaScript, so we do not see this message on the page.
And when we rerun the request we believe the deploy script failed on:
curl -X POST https://eaasi-test-server/emil/environment-repository/actions/prepare
We receive the response:
{"status":"2","message":"Internal error: de.bwl.bwfla.common.exceptions.BWFLAException: Connecting to legacy image-archive failed! (BUILD: 0401EF6384)"}
In case it’s relevant, included below are a number of other problems we encountered and the mitigating steps we took:
Due to being behind a corporate firewall, we had to insert our proxy information (as an environment variable) into the Alpine Dockerfile (/eaasi-installer/eaas/ansible/docker/alpine/Dockerfile
) so that it was able to use its package manager:
[...]
ENV HTTP_PROXY="http://firewall_name.abc.uk:7070"
ENV HTTPS_PROXY="http://firewall_name.abc.uk:7070"
ENV NO_PROXY="localhost,127.0.0.1,192.168.1.1,192.168.1.2"
[...]
We also had to insert our firewall’s certificate into Alpine’s SSL store. In the same file as above:
[...]
COPY gateway.crt .
RUN cat gateway.crt >> /etc/ssl/cert.pem
[...]
Another problem we encountered during deployment was an 'unknown directive “js_import”'
error being thrown by the ‘nginx’ container. It appears this directive has been removed from more recent versions of nginx. To fix this we had to pin the nginx image to an older version (1.18.0) here:
eaasi-installer/eaas/ansible/roles/eaas-server/templates/docker/docker-compose.yaml.j2:
[...]
services:
nginx:
image: nginx:1.18.0
container_name: nginx
[...]
Any advice or suggestion would be warmly welcomed!
Are you able to reproduce the issue or did it happen once? The problems described above occur consistently. When what we expected was for the EaaSI web UI to be usable after login.
Urgency: Quite high: we are working on a proof of concept using EaaSI and would like to move it forward as quickly as possible.