NodeType.Certificates 需要什么样的规范?

【问题标题】:What kind of specification is required for NodeType.Certificates?NodeType.Certificates 需要什么样的规范?
【发布时间】:2018-02-14 03:21:52
【问题描述】:

尝试安装集群时,我收到此错误:

Cluster manifest validation failed with exception System.ArgumentException: NodeType.Certificates is req
uired if section Security parameter ServerAuthCredentialType is  set to X509

我正在尝试安装此配置:

.\CreateServiceFabricCluster.ps1 -ClusterConfigFilePath .\ClusterConfig.X509.DevCluster.json

得到以下错误:

正在运行最佳实践分析器...已完成最佳实践分析器 成功地。创建 Service Fabric 集群...处理和 验证集群配置。配置节点。默认安装 根据机器“localhost”的系统驱动器选择的目录。复印 安装程序到所有机器。配置机器'localhost'。 System.Fabric.FabricDeployer.ClusterManifestValidationException: 集群清单验证失败并出现异常 System.ArgumentException: NodeType.Certificates 是必需的,如果 部分安全参数 ServerAuthCredentialType 设置为 X509
在 System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.VerifyCertificates(字符串 [] 源、String[] 目标、ClusterManifestTypeNodeType nodeT ype)
在 System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.VerifyDependencies() 在 System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.ValidateSettings() 在 System.Fabric.Management.WindowsFabricValidator.FabricValidator.Validate() 在 System.Fabric.FabricDeployer.FabricValidatorWrapper.ValidateAndEnsureDefaultImageStore() 在 System.Fabric.FabricDeployer.FabricValidatorWrapper.ValidateAndEnsureDefaultImageStore() 在 System.Fabric.FabricDeployer.ConfigureOperation.OnExecuteOperation(部署参数 参数,ClusterManifestType clusterManifest,基础设施 基础设施)在 System.Fabric.FabricDeployer.DeploymentOperation.ExecuteOperationPrivate(部署参数 参数)在 System.Fabric.FabricDeployer.DeploymentOperation.ExecuteOperation(部署参数 参数,布尔型 disableFileTrace) 在 System.Fabric.FabricDeployer.ConfigurationDeployer.NewNodeConfigurationInner(字符串 clusterManifestPath,字符串 InfrastructureManifestPath,字符串 jsonClusterConfigPath,字符串 fabricDataRoot,字符串 fabricLogRoot, 字符串 fabricHostCredentialUser, SecureString fabricHostCredentialPassword,布尔运行FabricHostServiceAsManual, Boo 精益 removeExistingConfiguration, FabricPackageType fabricPackageType, String fabricPackageRoot, String machineName, 字符串引导程序包路径) System.Fabric.FabricDeployer.ClusterManifestValidationException: 集群清单验证失败并出现异常 System.ArgumentException: NodeType.Certificates 是必需的,如果 部分安全参数 ServerAuthCredentialType 设置为 X509
在 System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.VerifyCertificates(字符串 [] 源、String[] 目标、ClusterManifestTypeNodeType nodeT ype)
在 System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.VerifyDependencies() 在 System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.ValidateSettings() 在 System.Fabric.Management.WindowsFabricValidator.FabricValidator.Validate() 在 System.Fabric.FabricDeployer.FabricValidatorWrapper.ValidateAndEnsureDefaultImageStore() 在 System.Fabric.FabricDeployer.FabricValidatorWrapper.ValidateAndEnsureDefaultImageStore() 在 System.Fabric.FabricDeployer.ConfigureOperation.OnExecuteOperation(部署参数 参数,ClusterManifestType clusterManifest,基础设施 基础设施)在 System.Fabric.FabricDeployer.DeploymentOperation.ExecuteOperationPrivate(部署参数 参数)在 System.Fabric.FabricDeployer.DeploymentOperation.ExecuteOperation(部署参数 参数,布尔型 disableFileTrace) 在 System.Fabric.FabricDeployer.ConfigurationDeployer.NewNodeConfigurationInner(字符串 clusterManifestPath,字符串 InfrastructureManifestPath,字符串 jsonClusterConfigPath,字符串 fabricDataRoot,字符串 fabricLogRoot, 字符串 fabricHostCredentialUser, SecureString fabricHostCredentialPassword,布尔运行FabricHostServiceAsManual, Boo 精益 removeExistingConfiguration, FabricPackageType fabricPackageType, String fabricPackageRoot, String machineName, 字符串 bootstrapPackagePath) 在 System.Fabric.FabricDeployer.ConfigurationDeployer.NewNodeConfiguration(字符串 clusterManifestPath,字符串 InfrastructureManifestPath,字符串 jsonClusterConfigPath ,字符串 fabricDataRoot,字符串 fabricLogRoot, 字符串 fabricHostCredentialUser, SecureString fabricHostCredentialPassword,布尔运行FabricHostServiceAsManual, Boolean removeExistingConfiguration, FabricPackageType fabricPackageType, String fabricPackageRoot, String machineName, 字符串 bootstrapPackagePath) CreateCluster 错误: System.AggregateException:发生一个或多个错误。 ---> System.Fabric.FabricDeployer.ClusterManifestValidationException: 集群清单验证失败并出现异常 System.ArgumentException:如果节需要 NodeType.Certificates 安全参数 ServerAuthCredentialType 设置为 X509 System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.VerifyCertificates(字符串 [] 源、String[] 目标、ClusterManifestTypeNodeType nodeT ype)
在 System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.VerifyDependencies() 在 System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.ValidateSettings() 在 System.Fabric.Management.WindowsFabricValidator.FabricValidator.Validate() 在 System.Fabric.FabricDeployer.FabricValidatorWrapper.ValidateAndEnsureDefaultImageStore() 在 System.Fabric.FabricDeployer.FabricValidatorWrapper.ValidateAndEnsureDefaultImageStore() 在 System.Fabric.FabricDeployer.ConfigureOperation.OnExecuteOperation(部署参数 参数,ClusterManifestType clusterManifest,基础设施 基础设施)在 System.Fabric.FabricDeployer.DeploymentOperation.ExecuteOperationPrivate(部署参数 参数)在 System.Fabric.FabricDeployer.DeploymentOperation.ExecuteOperation(部署参数 参数,布尔型 disableFileTrace) 在 System.Fabric.FabricDeployer.ConfigurationDeployer.NewNodeConfigurationInner(字符串 clusterManifestPath,字符串 InfrastructureManifestPath,字符串 jsonClusterConfigPath,字符串 fabricDataRoot,字符串 fabricLogRoot, 字符串 fabricHostCredentialUser, SecureString fabricHostCredentialPassword,布尔运行FabricHostServiceAsManual, Boo 精益 removeExistingConfiguration, FabricPackageType fabricPackageType, String fabricPackageRoot, String machineName, 字符串 bootstrapPackagePath) 在 System.Fabric.FabricDeployer.ConfigurationDeployer.NewNodeConfiguration(字符串 clusterManifestPath,字符串 InfrastructureManifestPath,字符串 jsonClusterConfigPath ,字符串 fabricDataRoot,字符串 fabricLogRoot, 字符串 fabricHostCredentialUser, SecureString fabricHostCredentialPassword,布尔运行FabricHostServiceAsManual, Boolean removeExistingConfiguration, FabricPackageType fabricPackageType, String fabricPackageRoot, String machineName, 字符串 bootstrapPackagePath) 在 Microsoft.ServiceFabric.DeploymentManager.DeploymentManagerInternal.c__DisplayClass14_0.b__1(字符串 机器名称)在 System.Threading.Tasks.Parallel.c__DisplayClass17_01.<ForWorker>b__1() at System.Threading.Tasks.Task.InnerInvokeWithArg(Task childTask)
at System.Threading.Tasks.Task.<>c__DisplayClass176_0.<ExecuteSelfReplicating>b__0(Object ) --- End of inner exception stack trace --- at System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions) at System.Threading.Tasks.Task.Wait(Int32 millisecondsTimeout, CancellationToken cancellationToken) at System.Threading.Tasks.Parallel.ForWorker[TLocal](Int32 fromInclusive, Int32 toExclusive, ParallelOptions parallelOptions, Action1 正文, Action2 bodyWithState, F unc4 bodyWithLocal, Func1 localInit, Action1 localFinally) 在 System.Threading.Tasks.Parallel.ForEachWorker[TSource,TLocal](IEnumerable1 source, ParallelOptions parallelOptions, Action1 body, Action2 bodyWithState, Action 3 bodyWithStateAndIndex, Func4 bodyWithStateAndLocal, Func5 bodyWithEverything, Func1 localInit, Action1 localFinally) 在 System.Threading.Tasks.Parallel.ForEach[TSource](IEnumerable1 source, Action1 body) 在 Microsoft.ServiceFabric.DeploymentManager.DeploymentManagerInternal.c__DisplayClass14_0.b__0() 在 System.Threading.Tasks.Task.Execute() --- 从先前抛出异常的位置结束堆栈跟踪 --- 在 System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务 任务)在 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(任务 任务)在 Microsoft.ServiceFabric.DeploymentManager.DeploymentManagerInternal.d__1.MoveNext() --->(内部异常 #0)System.Fabric.FabricDeployer.ClusterManifestValidationException: 集群清单验证失败并出现异常 System.ArgumentException:不需要 deType.Certificates 如果 部分安全参数 ServerAuthCredentialType 设置为 X509
在 System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.VerifyCertificates(字符串 [] 源、String[] 目标、ClusterManifestTypeNodeType nodeT ype)
在 System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.VerifyDependencies() 在 System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.ValidateSettings() 在 System.Fabric.Management.WindowsFabricValidator.FabricValidator.Validate() 在 System.Fabric.FabricDeployer.FabricValidatorWrapper.ValidateAndEnsureDefaultImageStore() 在 System.Fabric.FabricDeployer.FabricValidatorWrapper.ValidateAndEnsureDefaultImageStore() 在 System.Fabric.FabricDeployer.ConfigureOperation.OnExecuteOperation(部署参数 参数,ClusterManifestType clusterManifest,基础设施 基础设施)在 System.Fabric.FabricDeployer.DeploymentOperation.ExecuteOperationPrivate(部署参数 参数)在 System.Fabric.FabricDeployer.DeploymentOperation.ExecuteOperation(部署参数 参数,布尔型 disableFileTrace) 在 System.Fabric.FabricDeployer.ConfigurationDeployer.NewNodeConfigurationInner(字符串 clusterManifestPath,字符串 InfrastructureManifestPath,字符串 jsonClusterConfigPath,字符串 fabricDataRoot,字符串 fabricLogRoot, 字符串 fabricHostCredentialUser, SecureString fabricHostCredentialPassword,布尔运行FabricHostServiceAsManual, Boo 精益 removeExistingConfiguration, FabricPackageType fabricPackageType, String fabricPackageRoot, String machineName, 字符串 bootstrapPackagePath) 在 System.Fabric.FabricDeployer.ConfigurationDeployer.NewNodeConfiguration(字符串 clusterManifestPath,字符串 InfrastructureManifestPath,字符串 jsonClusterConfigPath ,字符串 fabricDataRoot,字符串 fabricLogRoot, 字符串 fabricHostCredentialUser, SecureString fabricHostCredentialPassword,布尔运行FabricHostServiceAsManual, Boolean removeExistingConfiguration, FabricPackageType fabricPackageType, String fabricPackageRoot, String machineName, 字符串 bootstrapPackagePath) 在 Microsoft.ServiceFabric.DeploymentManager.DeploymentManagerInternal.c__DisplayClass14_0.b__1(字符串 机器名称)在 System.Threading.Tasks.Parallel.c__DisplayClass17_0`1.b__1() 在 System.Threading.Tasks.Task.InnerInvokeWithArg(Task childTask)
在 System.Threading.Tasks.Task.c__DisplayClass176_0.b__0(对象 )

跟踪文件夹已存在。跟踪将写入现有跟踪 文件夹:C:\ooo360\5.7.220\DeploymentTraces 清理故障 安装。在目标机器的注册表中找不到 FabricRoot 本地主机。创建集群失败。欲了解更多信息,请查看 FabricLogRoot 中的跟踪。创建集群失败并出现异常: System.AggregateException:发生一个或多个错误。 ---> System.AggregateException:发生一个或多个错误。在 Microsoft.ServiceFabric.DeploymentManager.DeploymentManagerInternal.d__1.MoveNext() --- 从先前抛出异常的位置结束堆栈跟踪 --- 在 System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务 任务)在 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(任务 任务)在 Microsoft.ServiceFabric.DeploymentManager.DeploymentManager.d__2.MoveNext() --- 内部异常堆栈跟踪结束 --- 在 System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions) 在 System.Threading.Tasks.Task.Wait(Int32 毫秒超时, CancellationToken 取消令牌)在 Microsoft.ServiceFabric.Powershell.ClusterCmdletBase.NewCluster(字符串 clusterConfigurationFilePath,字符串 fabricPackageSourcePath,布尔值 noCleanupOnFailure,布尔力) --->(内部异常 #0)System.AggregateException:发生一个或多个错误。在 Microsoft.ServiceFabric.DeploymentManager.DeploymentManagerInternal.d__1.MoveNext() --- 从先前抛出异常的位置结束堆栈跟踪 --- 在 System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务 任务)在 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(任务 任务)在 Microsoft.ServiceFabric.DeploymentManager.DeploymentManager.d__2.MoveNext()

创建集群失败并出现异常:System.AggregateException: One 或更多错误发生。 ---> System.AggregateException:一个或多个 发生错误。在 Microsoft.ServiceFabric.DeploymentManager.DeploymentManagerInternal.d__1.MoveNext() --- 从先前抛出异常的位置结束堆栈跟踪 --- 在 System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务 任务)在 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(任务 任务)在 Microsoft.ServiceFabric.DeploymentManager.DeploymentManager.d__2.MoveNext() --- 内部异常堆栈跟踪结束 --- 在 System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions) 在 System.Threading.Tasks.Task.Wait(Int32 毫秒超时, CancellationToken 取消令牌)在 Microsoft.ServiceFabric.Powershell.ClusterCmdletBase.NewCluster(字符串 clusterConfigurationFilePath,字符串 fabricPackageSourcePath,布尔值 noCleanupOnFailure,嘘精益力) --->(内部异常 #0)System.AggregateException:发生一个或多个错误。在 Microsoft.ServiceFabric.DeploymentManager.DeploymentManagerInternal.d__1.MoveNext() --- 从先前抛出异常的位置结束堆栈跟踪 --- 在 System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(任务 任务)在 System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(任务 任务)在 Microsoft.ServiceFabric.DeploymentManager.DeploymentManager.d__2.MoveNext()

这是我的配置文件:

{
"name": "SampleCluster",
"clusterConfigurationVersion": "1.0.0",
"apiVersion": "04-2017",
"nodes": [
    {
        "nodeName": "vm0",
        "iPAddress": "localhost",
        "nodeTypeRef": "NodeType0",
        "faultDomain": "fd:/dc1/r0",
        "upgradeDomain": "UD0"
    },
    {
        "nodeName": "vm1",
        "iPAddress": "localhost",
        "nodeTypeRef": "NodeType1",
        "faultDomain": "fd:/dc1/r1",
        "upgradeDomain": "UD1"
    },
    {
        "nodeName": "vm2",
        "iPAddress": "localhost",
        "nodeTypeRef": "NodeType2",
        "faultDomain": "fd:/dc1/r2",
        "upgradeDomain": "UD2"
    }
],
"properties": {
    "diagnosticsStore": 
    {
        "metadata":  "Please replace the diagnostics file share with an actual file share accessible from all cluster machines.",
        "dataDeletionAgeInDays": "7",
        "storeType": "FileShare",
        "connectionstring": "c:\\ProgramData\\SF\\DiagnosticsStore"
    },
    "security": {
        "metadata": "The Credential type X509 indicates this is cluster is secured using X509 Certificates. The thumbprint format is - d5 ec 42 3b 79 cb e5 07 fd 83 59 3c 56 b9 d5 31 24 25 42 64.",
       "ClusterCredentialType": "X509",
       "ServerCredentialType": "X509",
       "CertificateInformation": {
           "ClusterCertificateCommonNames": {
             "CommonNames": [
               {
                 "CertificateCommonName": "ooo-WS-Ashort.ccc.int"
               }
             ],
             "X509StoreName": "My"
           },
            "ServerCertificate": {
                "Thumbprint": "719ECFD3F5xxxxxxxxx21C69CC36514126",
                "X509StoreName": "My"
            },
           "ServerCertificateCommonNames": {
             "CommonNames": [
               {
                 "CertificateCommonName": "ooo-WS-Ashort.ccc.int"
               }
             ],
             "X509StoreName": "My"
           },
           "ClientCertificateThumbprints": [{
               "CertificateThumbprint": "719ECFD3F55xxxxxxx69CC36514126",
               "IsAdmin": false
           }, {
               "CertificateThumbprint": "39C52B527B6xxxxxxxxxxDD115274CBE9A",
               "IsAdmin": true
           }]
        }
    },
    "nodeTypes": [
        {
            "name": "NodeType0",
            "clientConnectionEndpointPort": "19000",
            "clusterConnectionEndpointPort": "19001",
            "leaseDriverEndpointPort": "19002",
            "serviceConnectionEndpointPort": "19003",
            "httpGatewayEndpointPort": "19080",
            "reverseProxyEndpointPort": "19081",
            "applicationPorts": {
                "startPort": "20001",
                "endPort": "20031"
            },
            "isPrimary": true
        },
        {
            "name": "NodeType1",
            "clientConnectionEndpointPort": "19004",
            "clusterConnectionEndpointPort": "19005",
            "leaseDriverEndpointPort": "19006",
            "serviceConnectionEndpointPort": "19007",
            "httpGatewayEndpointPort": "19082",
            "reverseProxyEndpointPort": "19083",
            "applicationPorts": {
                "startPort": "20288",
                "endPort": "20318"
            },
            "isPrimary": true
        },
        {
            "name": "NodeType2",
            "clientConnectionEndpointPort": "19008",
            "clusterConnectionEndpointPort": "19009",
            "leaseDriverEndpointPort": "19010",
            "serviceConnectionEndpointPort": "19011",
            "httpGatewayEndpointPort": "19084",
            "reverseProxyEndpointPort": "19085",
            "applicationPorts": {
                "startPort": "20575",
                "endPort": "20605"
            },
            "isPrimary": false
        }
    ],
    "fabricSettings": [
        {
            "name": "Setup",
            "parameters": [
                {
                    "name": "FabricDataRoot",
                    "value": "C:\\ProgramData\\SF"
                },
                {
                    "name": "FabricLogRoot",
                    "value": "C:\\ProgramData\\SF\\Log"
                }
            ]
        }
    ]
}

}

我做错了什么?如何指定 NodeTypes.Certificates 值?

【问题讨论】:

  • 也许你的指纹在 thw 结束时有那个额外的字符(假设你从 mmc 复制它们)也可以尝试使用这个模式,它比一个月新 - github.com/Azure-Samples/…

标签: c# .net azure microservices azure-service-fabric


【解决方案1】:

  • 我敢打赌,您的 clusterManifest.xml 在 NodeTypes 定义中缺少 Certificates 属性。由于此文件是自动生成的,您是否手动更改了清单?如果是这样,您需要获取证书部分以及所有必需的证书(集群、服务器、客户端)。

  • 接下来,您应该验证配置中的证书是否已正确安装,并且您有正确的指纹(不要忘记指纹开头的特殊隐藏字符)。

  • 最后,您的 SF 安装可能已损坏或其他原因,因此您可以重新安装所有 SF 工件。

【讨论】:

    猜你喜欢
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 2016-11-08
    • 2018-07-31
    • 1970-01-01
    • 1970-01-01
    • 2016-05-23
    • 2022-01-25
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode