Troubleshooting
Problem
Write Permission error on Installation or Upgrade for deployments with SSL connection to Omnibus.
Symptom
The following errors are seen in the logs for the easetupomnibus pod and the pod does not complete successfully.
Importing CA cert will use SSL connection to object server
Certificate was added to keystore
keytool error: java.io.FileNotFoundException: /app/actionServiceTrustStore (Permission denied)
File not found errors:
/app/actionServiceTrustStore
/app/ncodatalayer.jks
Cause
With the arbitary-user change in 1.6.4, pods are now run by a user specified by Red Hat OpenShift.
Previously, the user was specified at the pod level, as user ID 1001. Hence, the 1.6.4 user might not be allowed to write to the /app directory.
Previously, the user was specified at the pod level, as user ID 1001. Hence, the 1.6.4 user might not be allowed to write to the /app directory.
Pods that access Omnibus with an SSL connection must import a certificate to a truststore before they attempt the connection.
For the EA Omnibus Setup pod, the location for the truststore is set by the NOIOMNIBUS_OS_TRUSTSTORE_PATH variable.
The standard path for the NOIOMNIBUS_OS_TRUSTSTORE is under /app and is defined in the yaml for the pod setup:
- name: NOIOMNIBUS_OS_TRUSTSTORE_PATH
value: /app/actionServiceTrustStore
value: /app/actionServiceTrustStore
If the new 1.6.4 user does not have permission to write to /app/actionServiceTrustStore, then the certificate import fails and the setup of Omnibus discontinues.
Resolving The Problem
This problem is fixed in Release 1.6.5.
The workaround - until this release is available - is to use a non-SSL connection for Omnibus.
Document Location
Worldwide
[{"Type":"MASTER","Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSTPTP","label":"Netcool Operations Insight"},"ARM Category":[{"code":"a8m3p000000LPN3AAO","label":"RHOCP-\u003EHybrid Deployment"}],"ARM Case Number":"TS009316254","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
17 May 2022
UID
ibm16586082