1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
|
<!DOCTYPE html>
<html lang='en'>
<head>
<title>
Known issues - LEAP Platform Documentation
</title>
<meta content='width=device-width, initial-scale=1.0' name='viewport'>
<meta charset='UTF-8'>
<base href="" />
<style>
body {
background: #444;
display: flex;
flex-direction: row;
padding: 10px;
margin: 0px;
}
#sidebar {
flex: 0 0 250px;
background: white;
margin-right: 10px;
padding: 20px;
}
#sidebar ul {
list-style-type: none;
padding-left: 0px;
margin: 0;
}
#sidebar li { padding: 4px }
#sidebar li a { text-decoration: none }
#sidebar li.active { background: #444 }
#sidebar li.active a { color: white }
#sidebar li.level1 { padding-left: 20px }
#sidebar li.level2 { padding-left: 40px }
#main {
flex: 1 1 auto;
background: white;
padding: 20px;
}
#title-box {
padding-bottom: 20px;
border-bottom: 5px solid #eee;
}
#title-box h1 {
margin-top: 0px;
}
pre {
padding: 10px;
background: #eef;
}
code {
background: #eef;
}
table {border-collapse: collapse}
table td {
border: 1px solid #ccc;
padding: 4px;
vertical-align: top;
}
</style>
</head>
<body>
<div id='sidebar'>
<ul>
<li class=''>
<a href='../../../index.html'>Home</a>
</li>
<li class=' level0'>
<a class='' href='../../guide.html'>Guide</a>
</li>
<li class=' level0'>
<a class='' href='../../tutorials.html'>Tutorials</a>
</li>
<li class=' level0'>
<a class='' href='../../services.html'>Services</a>
</li>
<li class=' level0'>
<a class='' href='../../upgrading.html'>Upgrading</a>
</li>
<li class='semi-active level0'>
<a class='' href='../../troubleshooting.html'>Troubleshooting</a>
</li>
<li class=' level1'>
<a class='' href='../tests.html'>Tests and Monitoring</a>
</li>
<li class='active level1'>
<a class='' href='../known-issues.html'>Known issues</a>
</li>
<li class=' level1'>
<a class='' href='../where-to-look.html'>Where to look</a>
</li>
<li class=' level0'>
<a class='' href='../../details.html'>Details</a>
</li>
</ul>
</div>
<div id='main'>
<div id='title-box'>
<h1>Leap Platform Release Notes</h1>
<div id='summary'>Known issues in the Leap Platform.</div>
</div>
<div id='content-box'>
<div id="TOC"><ol>
<li>
<a href="index.html#060">0.6.0</a>
<ol>
<li>
<a href="index.html#upgrading">Upgrading</a>
</li>
<li>
<a href="index.html#openvpn">OpenVPN</a>
</li>
<li>
<a href="index.html#couchdb">CouchDB</a>
</li>
<li>
<a href="index.html#user-setup-and-ssh">User setup and ssh</a>
</li>
<li>
<a href="index.html#deploying">Deploying</a>
</li>
<li>
<a href="index.html#ipv6">IPv6</a>
</li>
<li>
<a href="index.html#special-environments">Special Environments</a>
</li>
</ol>
</li>
</ol></div>
<p>Here you can find documentation about known issues and potential work-arounds in the current Leap Platform release.</p>
<h1><a name="060"></a>0.6.0</h1>
<h2><a name="upgrading"></a>Upgrading</h2>
<p>Upgrade your leap_platform to 0.6 and make sure you have the latest leap_cli.</p>
<p><strong>Update leap_platform:</strong></p>
<pre><code>cd leap_platform
git pull
git checkout -b 0.6.0 0.6.0
</code></pre>
<p><strong>Update leap_cli:</strong></p>
<p>If it is installed as a gem from rubygems:</p>
<pre><code>sudo gem update leap_cli
</code></pre>
<p>If it is installed as a gem from source:</p>
<pre><code>cd leap_cli
git pull
git checkout master
rake build
sudo rake install
</code></pre>
<p>If it is run directly from source:</p>
<pre><code>cd leap_cli
git pull
git checkout master
</code></pre>
<p>To upgrade:</p>
<pre><code>leap --version # must be at least 1.6.2
leap cert update
leap deploy
leap test
</code></pre>
<p>If the tests fail, try deploying again. If a test fails because there are two tapicero daemons running, you need to ssh into the server, kill all the tapicero daemons manually, and then try deploying again (sometimes the daemon from platform 0.5 would put its PID file in an odd place).</p>
<h2><a name="openvpn"></a>OpenVPN</h2>
<p>On deployment to a openvpn node, if the following happens:</p>
<pre><code>- err: /Stage[main]/Site_openvpn/Service[openvpn]/ensure: change from stopped to running failed: Could not start Service[openvpn]: Execution of '/etc/init.d/openvpn start' returned 1: at /srv/leap/puppet/modules/site_openvpn/manifests/init.pp:189
</code></pre>
<p>this is likely the result of a kernel upgrade that happened during the deployment, requiring that the machine be restarted before this service can start. To confirm this, login to the node (leap ssh <nodename>) and look at the end of the /var/log/daemon.log:</p>
<pre><code># tail /var/log/daemon.log
Nov 22 19:04:15 snail ovpn-udp_config[16173]: ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such device (errno=19)
Nov 22 19:04:15 snail ovpn-udp_config[16173]: Exiting due to fatal error
</code></pre>
<p>if you see this error, simply restart the node.</p>
<h2><a name="couchdb"></a>CouchDB</h2>
<p>At the moment, we only support one couchdb server for stability purposes.</p>
<h2><a name="user-setup-and-ssh"></a>User setup and ssh</h2>
<p>At the moment, it is only possible to add an admin who will have access to all LEAP servers (see: <a href="https://leap.se/code/issues/2280">https://leap.se/code/issues/2280</a>)</p>
<p>The command <code>leap add-user --self</code> allows only one SSH key. If you want to specify more than one key for a user, you can do it manually:</p>
<pre><code>users/userx/userx_ssh.pub
users/userx/otherkey_ssh.pub
</code></pre>
<p>All keys matching ‘userx/*_ssh.pub’ will be used for that user.</p>
<h2><a name="deploying"></a>Deploying</h2>
<p>If you have any errors during a run, please try to deploy again as this often solves non-deterministic issues that were not uncovered in our testing. Please re-deploy with <code>leap -v2 deploy</code> to get more verbose logs and capture the complete output to provide to us for debugging.</p>
<p>If when deploying your debian mirror fails for some reason, network anomoly or the mirror itself is out of date, then platform deployment will not succeed properly. Check the mirror is up and try to deploy again when it is resolved (see: <a href="https://leap.se/code/issues/1091">https://leap.se/code/issues/1091</a>)</p>
<p>Deployment gives ‘error: in <code>%</code>: too few arguments (ArgumentError)’ - this is because you attempted to do a deploy before initializing a node, please initialize the node first and then do a deploy afterwards (see: <a href="https://leap.se/code/issues/2550">https://leap.se/code/issues/2550</a>)</p>
<p>This release has no ability to custom configure apt sources or proxies (see: <a href="https://leap.se/code/issues/1971">https://leap.se/code/issues/1971</a>)</p>
<p>When running a deploy at a verbosity level of 2 and above, you will notice puppet deprecation warnings, these are known and we are working on fixing them</p>
<h2><a name="ipv6"></a>IPv6</h2>
<p>As of this release, IPv6 is not supported by the VPN configuration. If IPv6 is detected on your network as a client, it is blocked and instead it should revert to IPv4. We plan on adding IPv6 support in an upcoming release.</p>
<h2><a name="special-environments"></a>Special Environments</h2>
<p>When deploying to OpenStack release “nova” or newer, you will need to do an initial deploy, then when it has finished run <code>leap facts update</code> and then deploy again (see: <a href="https://leap.se/code/issues/3020">https://leap.se/code/issues/3020</a>)</p>
<p>It is not possible to actually use the EIP openvpn server on vagrant nodes (see: <a href="https://leap.se/code/issues/2401">https://leap.se/code/issues/2401</a>)</p>
</div>
</div>
</body>
</html>
|