[SOLVED] Missing /etc/pve/local/pve-ssl.key

[danja.vasiliev]

Hi,

after following the official upgrade procedure to PVE 6.0 Buster I lost access to the WebUI.
It seems that the issue is with missing /etc/pve/local/pve-ssl.key, reported by
service pveproxy status:

Oct 31 17:50:23 z10pe pveproxy[51440]: worker 53317 finished
Oct 31 17:50:23 z10pe pveproxy[51440]: starting 1 worker(s)
Oct 31 17:50:23 z10pe pveproxy[51440]: worker 53321 started
Oct 31 17:50:23 z10pe pveproxy[53318]: worker exit
Oct 31 17:50:23 z10pe pveproxy[53320]: /etc/pve/local/pve-ssl.key: failed to load local private key (key_file or key) at /usr/share/perl5/PVE/APIServer/AnyEvent.pm line 1699.
Oct 31 17:50:23 z10pe pveproxy[53321]: /etc/pve/local/pve-ssl.key: failed to load local private key (key_file or key) at /usr/share/perl5/PVE/APIServer/AnyEvent.pm line 1699.
Oct 31 17:50:23 z10pe pveproxy[51440]: worker 53318 finished

In fact, /etc/pve is completely empty.

Any pointers are highly appreciated.

 

[oguz]

hi,

In fact, /etc/pve is completely empty.

that's usually a sign that the pve-cluster service isn't working.

check your journals and systemctl for more information

 

[danja.vasiliev]

seems like a chicken-and-egg issue - pve-cluster service doesn't start because of missing /etc/pve/local/pve-ssl.key:

# service pve-cluster restart
Job for pve-cluster.service failed because the control process exited with error code.
See "systemctl status pve-cluster.service" and "journalctl -xe" for details.

# journalctl -xe
Oct 31 18:42:13 localhost pveproxy[1757]: starting 2 worker(s)
Oct 31 18:42:13 localhost pveproxy[1757]: worker 4407 started
Oct 31 18:42:13 localhost pveproxy[1757]: worker 4400 finished
Oct 31 18:42:13 localhost pveproxy[1757]: worker 4408 started
Oct 31 18:42:13 localhost pveproxy[4407]: /etc/pve/local/pve-ssl.key: failed to load local private key (key_file or key) at /usr/share/perl5/PVE/APIServer/AnyEvent.pm line 1699.
Oct 31 18:42:13 localhost pveproxy[4408]: /etc/pve/local/pve-ssl.key: failed to load local private key (key_file or key) at /usr/share/perl5/PVE/APIServer/AnyEvent.pm line 1699.
Oct 31 18:42:18 localhost pveproxy[1757]: starting 1 worker(s)
Oct 31 18:42:18 localhost pveproxy[1757]: worker 4410 started
Oct 31 18:42:18 localhost pveproxy[4407]: worker exit
Oct 31 18:42:18 localhost pveproxy[4408]: worker exit

My network configuration is slight modded:

#  ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp5s0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 2c:fd:a1:c6:b6:26 brd ff:ff:ff:ff:ff:ff
3: enp6s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master vmbr0 state UP group default qlen 1000
    link/ether 2c:fd:a1:c6:b6:27 brd ff:ff:ff:ff:ff:ff
4: vmbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 2c:fd:a1:c6:b6:27 brd ff:ff:ff:ff:ff:ff
    inet 192.168.12.107/24 brd 192.168.12.255 scope global vmbr0
       valid_lft forever preferred_lft forever
    inet6 fe80::2efd:a1ff:fec6:b627/64 scope link
       valid_lft forever preferred_lft forever
5: vmbr1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
    link/ether 02:a9:99:fd:40:37 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.1/24 brd 10.0.0.255 scope global vmbr1
       valid_lft forever preferred_lft forever
    inet6 fe80::a9:99ff:fefd:4037/64 scope link
       valid_lft forever preferred_lft forever
6: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
    link/none
    inet 192.168.x.x/24 brd 192.168.156.255 scope global tun0
       valid_lft forever preferred_lft forever
    inet6 fe80::474d:9b7:143f:809a/64 scope link stable-privacy

and i reverted /etc/hosts to (what i think was ) default:

# cat /etc/hosts
127.0.0.1 localhost.localdomain localhost

# The following lines are desirable for IPv6 capable hosts

::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

# cat /etc/hostname
localhost

 

[danja.vasiliev]

problem solved!

i made sure /etc/hosts has a line for my LAN iface addr (vmbr0) with the corresponding hostname per /etc/hostname
after a reboot my /etc/pve was populated.