NS8 on Debian 11 don't install

how I do:

  1. console.hetzner.cloud
  2. create a VM 2vCPU, RAM: 4GiB, HD 40GiB
  3. login via ssh as root
apt update
apt install -y curl
curl https://raw.githubusercontent.com/NethServer/ns8-core/main/core/install.sh | bash

few errors during the installation about bridge is missing; but continue

var/lib/nethserver/node/validator-definitions.json
WARN[0000] Error validating CNI config file /etc/cni/net.d/87-podman.conflist: [failed to find plugin "bridge" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin "portmap" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin "firewall" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin "tuning" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin]] 
a1afa883b00598ddcc20739acc9734aa556588b41cf114ddc80ab77f93ed3539
Set kernel parameters:
net.ipv4.ip_unprivileged_port_start = 23
user.max_user_namespaces = 28633
net.ipv4.ip_forward = 1
Pulling rclone image docker.io/rclone/rclone:1.57.0:
WARN[0000] Error validating CNI config file /etc/cni/net.d/87-podman.conflist: [failed to find plugin "bridge" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin "portmap" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin "firewall" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin "tuning" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin]] 
Trying to pull docker.io/rclone/rclone:1.57.0...

…

similar error

Start Redis DB:
Generating cluster password:
WARN[0000] Error validating CNI config file /etc/cni/net.d/87-podman.conflist: [failed to find plugin "bridge" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin "portmap" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin "firewall" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin "tuning" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin]] 
Generating api-server password:
WARN[0000] Error validating CNI config file /etc/cni/net.d/87-podman.conflist: [failed to find plugin "bridge" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin "portmap" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin "firewall" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin "tuning" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin]] 
Generating node password:
WARN[0000] Error validating CNI config file /etc/cni/net.d/87-podman.conflist: [failed to find plugin "bridge" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin "portmap" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin "firewall" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin "tuning" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin]] 
WARN[0000] Error validating CNI config file /etc/cni/net.d/87-podman.conflist: [failed to find plugin "bridge" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin "portmap" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin "firewall" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin "tuning" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin]] 

…

then the fatal one

Start API server and core agents:
Grant initial permissions:
Traceback (most recent call last):
  File "<stdin>", line 4, in <module>
  File "/usr/local/agent/pypkg/cluster/grants.py", line 73, in grant
    return _change_role_definition(rdb, False, action_clause, on_clause, to_clause)
  File "/usr/local/agent/pypkg/cluster/grants.py", line 64, in _change_role_definition
    pipe.execute()
  File "/usr/local/agent/pyenv/lib/python3.9/site-packages/redis/client.py", line 4012, in execute
    conn = self.connection_pool.get_connection('MULTI',
  File "/usr/local/agent/pyenv/lib/python3.9/site-packages/redis/connection.py", line 1192, in get_connection
    connection.connect()
  File "/usr/local/agent/pyenv/lib/python3.9/site-packages/redis/connection.py", line 567, in connect
    self.on_connect()
  File "/usr/local/agent/pyenv/lib/python3.9/site-packages/redis/connection.py", line 643, in on_connect
    auth_response = self.read_response()
  File "/usr/local/agent/pyenv/lib/python3.9/site-packages/redis/connection.py", line 756, in read_response
    raise response
redis.exceptions.ResponseError: WRONGPASS invalid username-password pair or user is disabled.

if I use the same machine but change the OS for Centos 9 Stream everything works like a charm

Maybe an su - issue?

1 Like

Yeah! I read that post before
but as I mentioned, I log in via SSH as root.

Or you’re pointing that sudo is needed, and my server might not have sudo installed?

perhaps, sudo is installed

but still have error

Start API server and core agents:
Created symlink /etc/systemd/system/multi-user.target.wants/api-server.service β†’ /etc/systemd/system/api-server.service.
Created symlink /etc/systemd/system/default.target.wants/agent@cluster.service β†’ /etc/systemd/system/agent@.service.
Created symlink /etc/systemd/system/default.target.wants/agent@node.service β†’ /etc/systemd/system/agent@.service.
Grant initial permissions:
Install Traefik:
<7>podman-pull-missing ghcr.io/nethserver/traefik:0.0.5
time="2022-06-02T12:29:35Z" level=warning msg="Error validating CNI config file /etc/cni/net.d/87-podman.conflist: [failed to find plugin \"bridge\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin \"portmap\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin \"firewall\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin \"tuning\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin]]"
time="2022-06-02T12:29:35Z" level=warning msg="Error validating CNI config file /etc/cni/net.d/87-podman.conflist: [failed to find plugin \"bridge\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin \"portmap\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin \"firewall\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin \"tuning\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin]]"
Trying to pull ghcr.io/nethserver/traefik:0.0.5...
Getting image source signatures
Copying blob sha256:f92c6a5906d9e13b2c220ff624228df6a9ce51a13bcd599edbd5d7abadc84a2b
Copying blob sha256:f92c6a5906d9e13b2c220ff624228df6a9ce51a13bcd599edbd5d7abadc84a2b
Copying config sha256:9d96031397094f1451b5e4b556d9385691a3c988585ac07862ca7cf7b3665ed0
Writing manifest to image destination
Storing signatures
9d96031397094f1451b5e4b556d9385691a3c988585ac07862ca7cf7b3665ed0
time="2022-06-02T12:29:37Z" level=warning msg="Error validating CNI config file /etc/cni/net.d/87-podman.conflist: [failed to find plugin \"bridge\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin \"portmap\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin \"firewall\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin \"tuning\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin]]"
<7>extract-ui ghcr.io/nethserver/traefik:0.0.5
time="2022-06-02T12:29:37Z" level=warning msg="Error validating CNI config file /etc/cni/net.d/87-podman.conflist: [failed to find plugin \"bridge\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin \"portmap\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin \"firewall\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin \"tuning\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin]]"
time="2022-06-02T12:29:37Z" level=warning msg="Error validating CNI config file /etc/cni/net.d/87-podman.conflist: [failed to find plugin \"bridge\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin \"portmap\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin \"firewall\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin \"tuning\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin]]"
Extracting container filesystem ui to /var/lib/nethserver/cluster/ui/apps/traefik1
time="2022-06-02T12:29:37Z" level=warning msg="Error validating CNI config file /etc/cni/net.d/87-podman.conflist: [failed to find plugin \"bridge\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin \"portmap\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin \"firewall\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin \"tuning\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin]]"
ui/index.html
time="2022-06-02T12:29:37Z" level=warning msg="Error validating CNI config file /etc/cni/net.d/87-podman.conflist: [failed to find plugin \"bridge\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin \"portmap\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin \"firewall\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin] failed to find plugin \"tuning\" in path [/usr/local/libexec/cni /usr/libexec/cni /usr/local/lib/cni /usr/lib/cni /opt/cni/bin]]"
0296d83d9a44c42e7566238faab3ff15ae627fe49adaac7249e829943ad47b60
Assertion failed
  File "/var/lib/nethserver/cluster/actions/add-module/50update", line 208, in <module>
    agent.assert_exp(create_module_result['exit_code'] == 0) # Ensure create-module is successful

I tried in a local VM
from Debian 11 iso
installed ssh + standard system utilities

login as a root locally (not via ssh)

apt update
apt install -y curl
curl https://raw.githubusercontent.com/NethServer/ns8-core/main/core/install.sh | bash

then it say wget is missing
so I wonder if wget should be in line 37

then now repo can’t be added
image

then

On a Proxmox Debian 11 Container installed with:

bash -c "$(wget -qLO - https://github.com/tteck/Proxmox/raw/main/ct/debian-v3.sh)"

Tried to install Nethserver 8 with:

apt update
apt install -y curl
curl https://raw.githubusercontent.com/NethServer/ns8-core/main/core/install.sh | bash

And got this error:

.....
Collecting Jinja2==3.0.2
  Downloading Jinja2-3.0.2-py3-none-any.whl (133 kB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 133.8/133.8 kB 32.6 MB/s eta 0:00:00
Collecting MarkupSafe==2.0.1
  Downloading MarkupSafe-2.0.1-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (30 kB)
Collecting pyasn1>=0.4.6
  Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 77.1/77.1 kB 22.1 MB/s eta 0:00:00
Requirement already satisfied: setuptools in /usr/local/agent/pyenv/lib/python3.9/site-packages (from jsonschema==3.2.0->-r /etc/nethserver/pythonreq.txt (line 29)) (62.3.2)
Collecting pyrsistent>=0.14.0
  Downloading pyrsistent-0.18.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (115 kB)
     ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 115.6/115.6 kB 34.0 MB/s eta 0:00:00
Installing collected packages: typing-extensions, pyasn1, certifi, cchardet, urllib3, six, semver, redis, pyrsistent, pycparser, psutil, multidict, MarkupSafe, ldap3, idna, hiredis, dnspython, chardet, attrs, async-timeout, yarl, requests, jsonschema, Jinja2, cffi, aioredis, pycares, brotlipy, aiohttp, aiodns
Successfully installed Jinja2-3.0.2 MarkupSafe-2.0.1 aiodns-3.0.0 aiohttp-3.7.4.post0 aioredis-2.0.1 async-timeout-3.0.1 attrs-21.2.0 brotlipy-0.7.0 cchardet-2.1.7 certifi-2021.5.30 cffi-1.14.5 chardet-4.0.0 dnspython-2.1.0 hiredis-2.0.0 idna-2.10 jsonschema-3.2.0 ldap3-2.9.1 multidict-5.1.0 psutil-5.8.0 pyasn1-0.4.8 pycares-4.0.0 pycparser-2.20 pyrsistent-0.18.1 redis-3.5.3 requests-2.25.1 semver-2.13.0 six-1.15.0 typing-extensions-3.10.0.0 urllib3-1.26.6 yarl-1.6.3
Setup registry:
Add /etc/hosts entries:
Generate WireGuard VPN key pair:
s0O0rBN5xxxxxxxxxxxxxxxxxxxxxxxxxxxUGGXcxk=
Add firewalld core rules:
Start Redis DB:
Created symlink /etc/systemd/system/default.target.wants/redis.service β†’ /etc/systemd/system/redis.service.
Job for redis.service failed because the control process exited with error code.
See "systemctl status redis.service" and "journalctl -xe" for details.
root@neth01ct:~#

Lets test it on a Debian 11 KVM also…

Edit: No problem to install it on a Debian 11 KVM (Proxmox), used sudo -i

P.S. Would love to run Nethserver 8 under a Proxmox LXC Container, are there any plans to support it?

1 Like

did you tried with a privileged ct with the nesting option on ?

I understand both of you are pointing to sudo - and sudo -i
but that does mean I need to log in as a user then sudoing to become root?
Because I already validated that the package sudo is installed, and I log directly as root

And yes Hetzner machine are fully Virtualized Machine not container with lxd or something similar.

No, but will test it as soon I have time.

No, you don’t. If you log in as root, you’re root, and you have root’s login environment. It’s if you log in as a non-root user and then su to root that you need to be careful to use su - rather than just su. If you use sudo, sudo -i does the trick (and doesn’t need a root password, which doesn’t get set in some Linux distros). But logging in as root directly is fine for purposes of the installation, even if leaving your server configured for root logins is a bit of a security risk.

don’t worry, I learn that 20 years ago

BTW thanks for pointing out the tteck/Proxmox these are little gems.

this one is weird since the script manage to install gnupg

So I tried;
I see to issues

  1. ns8 or kubic try to install a rt kernel, and LX container can’t have a different kernel then the host.
  2. ns8 or kubic use overlay driver for the storage, which don’t play well with ZFS

There were some recent comments (without much detail) about problems between Debian and Kubic repositories:

2 Likes

@davidep I tried to post and reflect on the issue here :wink:
if you like; I could also try on debian 12 or even testing and follow up

1 Like