Cannt install firezone on new server. Try ubuntu and debian

Rsggyh · July 25, 2022, 11:08am

I am newbie =(
First error in the log

Recipe: firezone::network
  * replace_or_add[IPv4 packet forwarding] action edit
    * file[/etc/sysctl.conf] action create (up to date)
     (up to date)
  * replace_or_add[IPv6 packet forwarding] action edit
    * file[/etc/sysctl.conf] action create
      - update content in file /etc/sysctl.conf from db6bb3 to bb63f0
      - suppressed sensitive resource

  * execute[sysctl -p /etc/sysctl.conf] action run

    ================================================================================
    Error executing action `run` on resource 'execute[sysctl -p /etc/sysctl.conf]'
    ================================================================================

    Mixlib::ShellOut::ShellCommandFailed
    ------------------------------------
    Expected process to exit with [0], but received '255'
    ---- Begin output of sysctl -p /etc/sysctl.conf ----

gbe0 · July 25, 2022, 11:42am

Hi,

Is there anything after this line?

    ---- Begin output of sysctl -p /etc/sysctl.conf ----

Do you get any errors from this?

sysctl -p /etc/sysctl.conf

Also if you run that followed by echo $? is the return code 0?

Without checking it may be the case that the changes in sysctl are being rolled back after the failure so it may not show the issue, but worth a try first.

Rsggyh · July 25, 2022, 12:05pm

Full log after error:

  * execute[sysctl -p /etc/sysctl.conf] action run

    ================================================================================
    Error executing action `run` on resource 'execute[sysctl -p /etc/sysctl.conf]'
    ================================================================================

    Mixlib::ShellOut::ShellCommandFailed
    ------------------------------------
    Expected process to exit with [0], but received '255'
    ---- Begin output of sysctl -p /etc/sysctl.conf ----
    STDOUT: net.core.netdev_max_backlog = 30000
    net.core.somaxconn = 65535
    net.ipv4.tcp_syncookies = 1
    net.ipv4.tcp_max_syn_backlog = 720000
    net.ipv4.tcp_max_tw_buckets = 720000
    net.ipv4.tcp_timestamps = 1
    net.ipv4.tcp_tw_reuse = 0
    net.ipv4.tcp_fin_timeout = 60
    net.ipv4.tcp_keepalive_time = 7200
    net.ipv4.tcp_keepalive_probes = 9
    net.ipv4.tcp_keepalive_intvl = 75
    net.core.wmem_max = 134217728
    net.core.rmem_max = 134217728
    net.core.rmem_default = 16777216
    net.core.wmem_default = 16777216
    net.ipv4.tcp_rmem = 4096 65536 33554432
    net.ipv4.tcp_wmem = 4096 65536 33554432
    net.ipv4.tcp_moderate_rcvbuf = 1
    net.ipv4.tcp_no_metrics_save = 0
    net.ipv4.tcp_congestion_control = htcp
    net.netfilter.nf_conntrack_max = 134217728
    net.nf_conntrack_max = 134217728
    net.ipv4.ip_forward = 1
    net.ipv4.conf.all.accept_redirects = 0
    net.ipv4.conf.all.send_redirects = 0
    net.ipv4.ip_no_pmtu_disc = 1
    net.ipv6.conf.all.forwarding = 1
    STDERR: sysctl: cannot stat /proc/sys/net/ipv4/tcp_tw_recycle: No such file or directory
    ---- End output of sysctl -p /etc/sysctl.conf ----
    Ran sysctl -p /etc/sysctl.conf returned 255

    Resource Declaration:
    ---------------------
    # In /var/opt/firezone/cache/cache/cookbooks/firezone/recipes/network.rb

     54: execute 'sysctl -p /etc/sysctl.conf'

    Compiled Resource:
    ------------------
    # Declared in /var/opt/firezone/cache/cache/cookbooks/firezone/recipes/network.rb:54:in `from_file'

    execute("sysctl -p /etc/sysctl.conf") do
      action [:run]
      default_guard_interpreter :execute
      command "sysctl -p /etc/sysctl.conf"
      declared_type :execute
      cookbook_name "firezone"
      recipe_name "network"
      domain nil
      user nil
    end

    System Info:
    ------------
    chef_version=16.17.51
    platform=debian
    platform_version=11
    ruby=ruby 2.7.5p203 (2021-11-24 revision f69aeb8314) [x86_64-linux]
    program_name=/opt/firezone/embedded/bin/chef-client
    executable=/opt/firezone/embedded/bin/chef-client


Running handlers:
[2022-07-25T14:59:26+03:00] ERROR: Running exception handlers
Running handlers complete
[2022-07-25T14:59:26+03:00] ERROR: Exception handlers complete
Chef Infra Client failed. 0 resources updated in 04 seconds
[2022-07-25T14:59:28+03:00] FATAL: Stacktrace dumped to /var/opt/firezone/cache/cache/chef-stacktrace.out
[2022-07-25T14:59:28+03:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report
[2022-07-25T14:59:28+03:00] FATAL: Mixlib::ShellOut::ShellCommandFailed: execute[sysctl -p /etc/sysctl.conf] (firezone::network line 54) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '255'
---- Begin output of sysctl -p /etc/sysctl.conf ----
STDOUT: net.core.netdev_max_backlog = 30000
net.core.somaxconn = 65535
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 720000
net.ipv4.tcp_max_tw_buckets = 720000
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_tw_reuse = 0
net.ipv4.tcp_fin_timeout = 60
net.ipv4.tcp_keepalive_time = 7200
net.ipv4.tcp_keepalive_probes = 9
net.ipv4.tcp_keepalive_intvl = 75
net.core.wmem_max = 134217728
net.core.rmem_max = 134217728
net.core.rmem_default = 16777216
net.core.wmem_default = 16777216
net.ipv4.tcp_rmem = 4096 65536 33554432
net.ipv4.tcp_wmem = 4096 65536 33554432
net.ipv4.tcp_moderate_rcvbuf = 1
net.ipv4.tcp_no_metrics_save = 0
net.ipv4.tcp_congestion_control = htcp
net.netfilter.nf_conntrack_max = 134217728
net.nf_conntrack_max = 134217728
net.ipv4.ip_forward = 1
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.ip_no_pmtu_disc = 1
net.ipv6.conf.all.forwarding = 1
STDERR: sysctl: cannot stat /proc/sys/net/ipv4/tcp_tw_recycle: No such file or directory
---- End output of sysctl -p /etc/sysctl.conf ----
Ran sysctl -p /etc/sysctl.conf returned 255

sysctl -p /etc/sysctl.conf
net.core.netdev_max_backlog = 30000
net.core.somaxconn = 65535
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 720000
net.ipv4.tcp_max_tw_buckets = 720000
sysctl: cannot stat /proc/sys/net/ipv4/tcp_tw_recycle: No such file or directory
net.ipv4.tcp_timestamps = 1
net.ipv4.tcp_tw_reuse = 0
net.ipv4.tcp_fin_timeout = 60
net.ipv4.tcp_keepalive_time = 7200
net.ipv4.tcp_keepalive_probes = 9
net.ipv4.tcp_keepalive_intvl = 75
net.core.wmem_max = 134217728
net.core.rmem_max = 134217728
net.core.rmem_default = 16777216
net.core.wmem_default = 16777216
net.ipv4.tcp_rmem = 4096 65536 33554432
net.ipv4.tcp_wmem = 4096 65536 33554432
net.ipv4.tcp_moderate_rcvbuf = 1
net.ipv4.tcp_no_metrics_save = 0
net.ipv4.tcp_congestion_control = htcp
net.netfilter.nf_conntrack_max = 134217728
net.nf_conntrack_max = 134217728
net.ipv4.ip_forward = 1
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.ip_no_pmtu_disc = 1
net.ipv6.conf.all.forwarding = 1


echo $?
0

gbe0 · July 25, 2022, 12:16pm

The config in that sysctl.conf file doesn’t appear to be the OS defaults (at least for Debian/Ubuntu); has it been customised? If you look for the line net.ipv4.tcp_tw_recycle and comment it out it should resolve the issue.

Rsggyh · July 25, 2022, 1:07pm

OS provided by hosting. I dont know.

It works! Thanks a lot!