Support Questions

Find answers, ask questions, and share your expertise

Template error creating HDP-Cloud Controller Service on AWS

avatar
Explorer

Please see the attached two documents for details:

Document 1: Create Failed-Stack Detail.pdf... contains the error details

Document 2: Create Failed-Procedure-I-Used.pdf ... contains the procedure I followed.

Please advise on how to move forward as I have not been able to create a cluster using the new HDP Cloud on AWS.

Regards

Joginder

create-failed-stack-detail.pdf

create-failed-stack-detail.pdf

1 ACCEPTED SOLUTION

avatar

@Joginder Sethi

One last thing that comes to my mind: Did you use any special characters in your password? At some point, we had problem with some special characters in the Admin Password parameter.

The log says time="2017-01-25T21:20:51Z" level="error" msg="[NewOAuth2HTTPClient] Error while connnecting to https://ec2-52-90-192-197.compute-1.amazonaws.com/identity/oauth/authorize as user: at46@yahoo.com, please check your username and password. (406 Not Acceptable)"

View solution in original post

25 REPLIES 25

avatar
Explorer

Can this cause the issue?

The following resource(s) require capabilities: [AWS::IAM::Role]

This template contains Identity and Access Management (IAM) resources that might provide entities access to make changes to your AWS account. Check that you want to create each of these resources and that they have the minimum required permissions

avatar
Explorer

Finally I am able to Putty into the ec2 instance. Attached are:

- /var/log/cbd-quick-start.log

- the output of the "docker logs cbreak_cloudbreak_1" command

Regards @Dominika Bialek @Marton Sereg

Joginder

cbreak-cloudbreak-1log.txt

cbd-quick-startlog.txt

avatar
Explorer

I see the following error in cbd-quick-startlog.txt

time="2017-01-25T21:20:51Z" level="error" msg="[NewOAuth2HTTPClient] Error while connnecting to https://ec2-52-90-192-197.compute-1.amazonaws.com/identity/oauth/authorize as user: at46@yahoo.com, please check your username and password. (406 Not Acceptable)" + [TRACE /var/lib/cloud/instance/scripts/part-001:1][ellapsed: 212] _trap_error 1 1 247 'hdc create-credential --credential-name aws-access --role-arn $CREDENTIAL_ROLE_ARN --ssh-key-url http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key --existing-ssh-key-pair $KEYPAIR_NAME' + [TRACE /var/lib/cloud/instance/scripts/part-001:29][ellapsed: 212] local err=1 line=1 _=247 'badcommand=hdc create-credential --credential-name aws-access --role-arn $CREDENTIAL_ROLE_ARN --ssh-key-url http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key --existing-ssh-key-pair $KEYPAIR_NAME' + [TRACE /var/lib/cloud/instance/scripts/part-001:31][ellapsed: 212] '[' 1 -eq 0 ']' + [TRACE /var/lib/cloud/instance/scripts/part-001:37][ellapsed: 212] [[ -n '' ]] + [TRACE /var/lib/cloud/instance/scripts/part-001:38][ellapsed: 212] SIGNAL_REASON='ERROR: command '\''hdc create-credential --credential-name aws-access --role-arn $CREDENTIAL_ROLE_ARN --ssh-key-url http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key --existing-ssh-key-pair $KEYPAIR_NAME'\'' exited with status: 1 line: 1' + [TRACE /var/lib/cloud/instance/scripts/part-001:42][ellapsed: 212] /opt/aws/bin/cfn-signal -s false -e 1 --id cbd-init --reason 'ERROR: command '\''hdc create-credential --credential-name aws-access --role-arn $CREDENTIAL_ROLE_ARN --ssh-key-url http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key --existing-ssh-key-pair $KEYPAIR_NAME'\'' exited with status: 1 line: 1' 'https://cloudformation-waitcondition-us-east-1.s3.amazonaws.com/arn%3Aaws%3Acloudformation%3Aus-east-1%3A872510204642%3Astack/AWSMPBASICCloudControllerwithnewVPC1/c20ac050-e342-11e6-9c9a-503acac41ed1/InstanceWaitHandle?AWSAccessKeyId=AKIAIIT3CWAIMJYUTISA&Expires=1485465063&Signature=he%2FIYeQ2160nJVrJ2eeQVqDZ7p4%3D' CloudFormation signaled successfully with FAILURE.

avatar

@Joginder Sethi

Marton can advise on the log output.

On a different note:

I noticed that you are using 0.0.0.0/24 as your Remote Access setting. This setting will not allow you to access the cloud controller web UI.

In the future, try using 0.0.0.0/0 as a Remote Access setting (but know that this allows access from all IP addresses, so it is suitable only if you are just getting started and not in a production setting) or, PREFERABLY, use this tool to convert your external IP address to CIDR: http://www.ipaddressguide.com/cidr.

avatar

@Joginder Sethi

One last thing that comes to my mind: Did you use any special characters in your password? At some point, we had problem with some special characters in the Admin Password parameter.

The log says time="2017-01-25T21:20:51Z" level="error" msg="[NewOAuth2HTTPClient] Error while connnecting to https://ec2-52-90-192-197.compute-1.amazonaws.com/identity/oauth/authorize as user: at46@yahoo.com, please check your username and password. (406 Not Acceptable)"

avatar
Explorer

yes I do have a special character in my password. Do I need to reset my password with no special characters?

Also this time I changed to 0.0.0.0/0 in remote access setting: And perhaps that is the reason I able to Putty into the ec2 instance.

Regards

Joginder

avatar
Explorer

After removing special character from the password, I am able get to create cluster.

Thank you for your help

Regards

Joginder

avatar

@Joginder Sethi Great! It will be helpful for other users if you mark the correct answer so if anyone else encounters the issue and find this post, they will be able to find the answer without reading through the whole thread.

avatar
Explorer

yes I do have a special character in my password. Do I need to reset my password with no special characters?

avatar

@Joginder Sethi

You could try... or just wait until Marton gets back to you; but he is in Central Europe, so it will be a while.