Installation on FC3 under Xen

Ask questions about your setup or get help installing ZCS server (ZD section below).
Post Reply
andreground
Posts: 6
Joined: Fri Sep 12, 2014 10:00 pm

Installation on FC3 under Xen

Post by andreground »

Hi all,

couldn't see what's wrong....
Thanks in advance!
[root@area51 zcs]# cat /etc/hosts

# Do not remove the following line, or various programs

# that require network functionality will fail.

127.0.0.1 localhost.localdomain localhost area51 area51.panotto.org

[root@area51 zcs]#
zimbra-ldap......zimbra-ldap-3.0.M1_21.FC3-20050920155949_.i386.rpm...done

zimbra-mta......zimbra-mta-3.0.M1_21.FC3-20050920155949_.i386.rpm...done

zimbra-snmp......zimbra-snmp-3.0.M1_21.FC3-20050920155949_.i386.rpm...done

zimbra-store......zimbra-store-3.0.M1_21.FC3-20050920155949_.i386.rpm...done
Post installation configuration
Creating db...done

Setting the hostname to area51.panotto.org...done

Setting the LDAP host to area51.panotto.org...done

Initializing ldap...done

Creating server area51.panotto.org...done

Creating domain panotto.org...done

Creating admin account admin@panotto.org...done

Adding area51.panotto.org to zimbraMailHostPool in default COS...done

Initializing mta config...done

Configuring SNMP...done

Setting services on area51.panotto.org...done

Setting up SSL...done

Starting servers...Calling GetServiceInfoRequest (area51.panotto.org)
RESPONSE: (Zimbra::Mon::serviceInfo)

host

ip 127.0.0.1

name area51.panotto.org

done

ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.CommunicationException area51.panotto.org:389)
Installation complete!
Operations logged to /tmp/install.log.2306
Here's the cat from the log:
[root@area51 zcs]# cat /tmp/install.log.2306

Preparing packages for installation...

zimbra-core-3.0.M1_21.FC3-20050920155949_

ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.CommunicationException localhost:389)

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

iptables v1.2.11: can't initialize iptables table `nat': iptables who? (do you need to insmod?)

Perhaps iptables or your kernel needs to be upgraded.

Preparing packages for installation...

zimbra-ldap-3.0.M1_21.FC3-20050920155949_

Preparing packages for installation...

zimbra-mta-3.0.M1_21.FC3-20050920155949_

Preparing packages for installation...

zimbra-snmp-3.0.M1_21.FC3-20050920155949_

Preparing packages for installation...

zimbra-store-3.0.M1_21.FC3-20050920155949_

COMMAND: /opt/zimbra/libexec/zmmyinit

* Creating required directories

* Generating mysql config /opt/zimbra/conf/my.cnf

* Creating database in /opt/zimbra/db/data

* Starting mysql server

* Loading schema /opt/zimbra/db/db.sql

* Loading version from /opt/zimbra/db/versions-init.sql

* Setting random password for mysql root user in zimbra local config

* Setting random password for mysql zimbra user in zimbra local config

* Changing mysql root user password

* Changing mysql zimbra user password

* Changed zimbra mysql user password

COMMAND: zmlocalconfig -e zimbra_server_hostname=area51.panotto.org

COMMAND: zmlocalconfig -e ldap_host=area51.panotto.org

COMMAND: zmlocalconfig -e ldap_port=389

COMMAND: /opt/zimbra/libexec/zmldapinit

Started slapd: pid

ldap_bind: Can't contact LDAP server (-1)

ldap_bind: Can't contact LDAP server (-1)

COMMAND: zmprov cs area51.panotto.org

ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.CommunicationException area51.panotto.org:389)

COMMAND: zmprov cd panotto.org

ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.CommunicationException area51.panotto.org:389)

COMMAND: zmprov mcf zimbraDefaultDomainName panotto.org

ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.CommunicationException area51.panotto.org:389)

COMMAND: zmprov ca admin@panotto.org 100560 zimbraIsAdminAccount TRUE

ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.CommunicationException area51.panotto.org:389)

COMMAND: id=`zmprov gs area51.panotto.org | grep zimbraId | awk '{print $2}'`; for i in `zmprov gc default | grep zimbraMailHostPool | sed 's/zimbraMailHostPool: //'`; do host="$host zimbraMailHostPool $i"; done; zmprov mc default $host zimbraMailHostPool $id

ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.CommunicationException area51.panotto.org:389)

ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.CommunicationException area51.panotto.org:389)

zmprov [cmd] [args ...]
CreateAccount(ca) {name@domain} {password} [attr1 value1 [attr2 value2...]]

DeleteAccount(da) {name@domain|id}

GetAccount(ga) {name@domain|id}

GetAllAccounts(gaa) [-v] [{domain}]

GetAllAdminAccounts(gaaa) [-v]

ModifyAccount(ma) {name@domain|id} [attr1 value1 [attr2 value2...]]

SetPassword(sp) {name@domain|id} {password}

AddAccountAlias(aaa) {name@domain|id} {alias@domain}

RemoveAccountAlias(raa) {name@domain|id} {alias@domain}

SetAccountCos(sac) {name@domain|id} {cos-name|cos-id}

SearchAccounts(sa) [-v] {ldap-query} [limit {limit}] [offset {offset}] [sortBy {attr}] [attrs {a1,a2...}] [sortAscending 0|1*] [applyCos [0|1*] [domain {domain}]

SearchGal(sg) {domain} {name}

RenameAccount(ra) {name@domain|id} {newName@domain}
CreateDomain(cd) {domain} [attr1 value1 [attr2 value2...]]

DeleteDomain(dd) {domain|id}

GetDomain(gd) {domain|id}

GetAllDomains(gad) [-v]

ModifyDomain(md) {domain|id} [attr1 value1 [attr2 value2...]]
CreateCos(cc) {name} [attr1 value1 [attr2 value2...]]

DeleteCos(dc) {name|id}

GetCos(gc) {name|id}

GetAllCos(gac) [-v]

ModifyCos(mc) {name|id} [attr1 value1 [attr2 value2...]]

RenameCos(rc) {name|id} {newName}
CreateServer(cs) {name} [attr1 value1 [attr2 value2...]]

DeleteServer(ds) {name|id}

GetServer(gs) {name|id}

GetAllServers(gas) [-v]

ModifyServer(ms) {name|id} [attr1 value1 [attr2 value2...]]
GetAllConfig(gacf)

GetConfig(gcf) {name}

ModifyConfig(mcf) attr1 value1 [attr2 value2...]
CreateDistributionList(cdl) {list@domain}

GetAllDistributionLists(gadl) [-v]

GetDistributionList(gdl) {list@domain|id}

DeleteDistributionList(ddl) {list@domain|id}

AddDistributionListMember(adlm) {list@domain|id} {member@domain}

RemoveDistributionListMember(rdlm) {list@domain|id} {member@domain}
exit (quit)

help (?)
COMMAND: /opt/zimbra/libexec/zmmtainit area51.panotto.org

COMMAND: zmlocalconfig -e av_notify_user=notify@area51.panotto.org

COMMAND: zmlocalconfig -e av_notify_domain=area51.panotto.org

COMMAND: zmlocalconfig -e snmp_notify=0

COMMAND: zmlocalconfig -e smtp_notify=0

COMMAND: zmlocalconfig -e snmp_trap_host=localhost.localdomain

COMMAND: zmlocalconfig -e smtp_source=none

COMMAND: zmlocalconfig -e smtp_destination=none

COMMAND: zmsnmpinit

creating /opt/zimbra/conf/swatchrc

COMMAND: zmprov ms area51.panotto.org zimbraServiceInstalled ldap zimbraServiceInstalled mailbox zimbraServiceInstalled mta zimbraServiceInstalled antivirus zimbraServiceInstalled antispam zimbraServiceInstalled snmp

ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.CommunicationException area51.panotto.org:389)

COMMAND: zmprov ms area51.panotto.org zimbraServiceEnabled ldap zimbraServiceEnabled mailbox zimbraServiceEnabled mta zimbraServiceEnabled antivirus zimbraServiceEnabled antispam zimbraServiceEnabled snmp

ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.CommunicationException area51.panotto.org:389)

COMMAND: zmlocalconfig -e zimbra_services="ldap mailbox mta antivirus antispam snmp"

COMMAND: zmcreatecert

** Creating CA private key
Generating a 1024 bit RSA private key

....................................................++++++

..............................++++++

writing new private key to '/opt/zimbra/ssl/ssl/ca/ca.key'

-----

** Creating CA cert
Signature ok

subject=/C=US/ST=N/A/L=N/A/O=Zimbra Collaboration Suite/CN=localhost.localdomain

Getting Private key

** Importing CA
Certificate was added to keystore

keytool error: java.io.FileNotFoundException: /opt/zimbra/java/jre/lib/security/cacerts (Permission denied)

** Creating keystore
** Creating server cert request
** Signing cert request
Signature ok

subject=/C=US/ST=NA/L=NA/O=Zimbra/OU=Zimbra/CN=localhost.localdomain

Getting CA Private Key

Signature ok

subject=/C=US/ST=NA/L=NA/O=Zimbra/OU=Zimbra/CN=localhost.localdomain

Getting Private key

COMMAND: zmcertinstall mailbox

** Importing server cert
keytool error: java.lang.Exception: Failed to establish chain from reply

COMMAND: zmtlsctl mixed

ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.CommunicationException area51.panotto.org:389)

COMMAND: zmcertinstall mta /opt/zimbra/ssl/ssl/server/smtpd.crt /opt/zimbra/ssl/ssl/ca/ca.key

** Importing server cert
COMMAND: zmlocalconfig -e ssl_allow_untrusted_certs=true

COMMAND: zmcontrol startup

Calling startup (area51.panotto.org)
perl /opt/zimbra/bin/zmmon &
RESPONSE: (Zimbra::Mon::serviceInfo)

host

ip 127.0.0.1

name area51.panotto.org

COMMAND: zmlocalconfig -s > .localconfig.save.2306

COMMAND: zmprov gs area51.panotto.org > .zmprov.area51.panotto.org.save.2306

ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.CommunicationException area51.panotto.org:389)

COMMAND: zmprov gacf area51.panotto.org > .zmprov.gacf.save.2306

ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.CommunicationException area51.panotto.org:389)

[root@area51 zcs]#
14319KevinH
Ambassador
Ambassador
Posts: 4558
Joined: Fri Sep 12, 2014 9:52 pm

Installation on FC3 under Xen

Post by 14319KevinH »

Not sure if anyone has got this working with Xen. At least I don't remember seeing any reports. Your /etc/hosts is wrong. You need to have two lines like:
[root@area51 zcs]# cat /etc/hosts

# Do not remove the following line, or various programs

# that require network functionality will fail.

127.0.0.1 localhost.localdomain localhost

area51.panotto.org area51


There is a problem with iptables. Try to re-run it:
zmiptables -u
zmiptables -i
This may not be working due to Xen.
andreground
Posts: 6
Joined: Fri Sep 12, 2014 10:00 pm

Installation on FC3 under Xen

Post by andreground »

[quote user="14319KevinH"]Not sure if anyone has got this working with Xen. At least I don't remember seeing any reports. Your /etc/hosts is wrong. You need to have two lines like:
[root@area51 zcs]# cat /etc/hosts

# Do not remove the following line, or various programs

# that require network functionality will fail.

127.0.0.1 localhost.localdomain localhost

area51.panotto.org area51


There is a problem with iptables. Try to re-run it:
zmiptables -u
zmiptables -i
This may not be working due to Xen.[/QUOTE]
First of all...thanks!
I'm just trying ... will let you know :)
andreground
Posts: 6
Joined: Fri Sep 12, 2014 10:00 pm

Installation on FC3 under Xen

Post by andreground »

Same result... :(
Is iptables mandatory for zimbra installation?
Thanks in advance!
vogon1
Posts: 37
Joined: Fri Sep 12, 2014 9:58 pm

Installation on FC3 under Xen

Post by vogon1 »

Hi,
I am running Zimbra in a Xen machine in FC4 without any problems (except for the known issues when installing Zimbra on FC4).
Sietse.
andreground
Posts: 6
Joined: Fri Sep 12, 2014 10:00 pm

Installation on FC3 under Xen

Post by andreground »

[quote user="vogon1"]Hi,
I am running Zimbra in a Xen machine in FC4 without any problems (except for the known issues when installing Zimbra on FC4).
Sietse.[/QUOTE]
Thank you.
I'll try to move my Xen DomU to FC4.
Do you know if iptables is mandatory?
Thanks in advance.
andreground
Posts: 6
Joined: Fri Sep 12, 2014 10:00 pm

Installation on FC3 under Xen

Post by andreground »

:(
Tried with FC4 under Xen following the how-to...
Same result!
I think that the LDAP service doesn't go up!
Any idea?
Pleeeease!
Thanks in advance!
andreground
Posts: 6
Joined: Fri Sep 12, 2014 10:00 pm

Installation on FC3 under Xen

Post by andreground »

No help for me? :(
babytux
Posts: 4
Joined: Fri Sep 12, 2014 9:59 pm

Installation on FC3 under Xen

Post by babytux »

How did you setup the Xen kernel. Looks like you dont have nat support in your kernel. You can check by doing a
# modprobe -l|grep iptable_nat
The default config requires iptables to do the port mapping since zimbra is installed as a non privillaged user and so uses ports > 1024
14319KevinH
Ambassador
Ambassador
Posts: 4558
Joined: Fri Sep 12, 2014 9:52 pm

Installation on FC3 under Xen

Post by 14319KevinH »

Yes in the current release you must use iptables. However in the next release iptables is not needed. So if you can wait a little then you should just try to install our upcoming release.
Post Reply