mirror of
https://github.com/trailofbits/algo.git
synced 2025-09-03 02:23:39 +02:00
Dan Guido
parent
a97b210ee8
commit
6c1bd7a943
1 changed files with 35 additions and 0 deletions
|
|
@ -8,6 +8,8 @@
|
|||
* [Error: "ansible-playbook: command not found"](#error-ansible-playbook-command-not-found)
|
||||
* [Bad owner or permissions on .ssh](#bad-owner-or-permissions-on-ssh)
|
||||
* [The region you want is not available](#the-region-you-want-is-not-available)
|
||||
* [AWS: SSH permission denied with an ECDSA key](#aws-ssh-permission-denied-with-an-ecdsa-key)
|
||||
* [AWS: "Deploy the template" fails with CREATE_FAILED](#aws-deploy-the-template-fails-with-create_failed)
|
||||
* [Connection Problems](#connection-problems)
|
||||
* [I'm blocked or get CAPTCHAs when I access certain websites](#im-blocked-or-get-captchas-when-i-access-certain-websites)
|
||||
* [I want to change the list of trusted Wifi networks on my Apple device](#i-want-to-change-the-list-of-trusted-wifi-networks-on-my-apple-device)
|
||||
|
|
@ -126,6 +128,39 @@ You need to reset the permissions on your `.ssh` directory. Run `chmod 700 /home
|
|||
|
||||
You want to install Algo to a specific region in a cloud provider, but that region is not available in the list given by the installer. In that case, you should [file an issue](https://github.com/trailofbits/algo/issues/new). Cloud providers add new regions on a regular basis and we don't always keep up. File an issue and give us information about what region is missing and we'll add it.
|
||||
|
||||
### AWS: SSH permission denied with an ECDSA key
|
||||
|
||||
You tried to deploy Algo to AWS and you received an error like this one:
|
||||
|
||||
```
|
||||
TASK [Copy the algo ssh key to the local ssh directory] ************************
|
||||
ok: [localhost -> localhost]
|
||||
|
||||
PLAY [Configure the server and install required software] **********************
|
||||
|
||||
TASK [Check the system] ********************************************************
|
||||
fatal: [X.X.X.X]: UNREACHABLE! => {"changed": false, "msg": "Failed to connect to the host via ssh: Warning: Permanently added 'X.X.X.X' (ECDSA) to the list of known hosts.\r\nPermission denied (publickey).\r\n", "unreachable": true}
|
||||
```
|
||||
|
||||
You previously deployed Algo to a hosting provider other than AWS, and Algo created an ECDSA keypair at that time. You are now deploying to AWS which [does not support ECDSA keys](https://aws.amazon.com/certificate-manager/faqs/) via their API. As a result, the deploy has failed.
|
||||
|
||||
In order to fix this issue, delete the `algo.pem` and `algo.pem.pub` keys from your `configs` directory and run the deploy again. If AWS is selected, Algo will now generate new RSA ssh keys which are compatible with the AWS API.
|
||||
|
||||
### AWS: Deploy the template fails with CREATE_FAILED
|
||||
|
||||
You tried to deploy to Algo to AWS and you received an error like this one:
|
||||
|
||||
```
|
||||
TASK [cloud-ec2 : Make a cloudformation template] ******************************
|
||||
changed: [localhost]
|
||||
|
||||
TASK [cloud-ec2 : Deploy the template] *****************************************
|
||||
fatal: [localhost]: FAILED! => {"changed": true, "events": ["StackEvent AWS::CloudFormation::Stack algopvpn1 ROLLBACK_COMPLETE", "StackEvent AWS::EC2::VPC VPC DELETE_COMPLETE", "StackEvent AWS::EC2::InternetGateway InternetGateway DELETE_COMPLETE", "StackEvent AWS::CloudFormation::Stack algopvpn1 ROLLBACK_IN_PROGRESS", "StackEvent AWS::EC2::VPC VPC CREATE_FAILED", "StackEvent AWS::EC2::VPC VPC CREATE_IN_PROGRESS", "StackEvent AWS::EC2::InternetGateway InternetGateway CREATE_FAILED", "StackEvent AWS::EC2::InternetGateway InternetGateway CREATE_IN_PROGRESS", "StackEvent AWS::CloudFormation::Stack algopvpn1 CREATE_IN_PROGRESS"], "failed": true, "output": "Problem with CREATE. Rollback complete", "stack_outputs": {}, "stack_resources": [{"last_updated_time": null, "logical_resource_id": "InternetGateway", "physical_resource_id": null, "resource_type": "AWS::EC2::InternetGateway", "status": "DELETE_COMPLETE", "status_reason": null}, {"last_updated_time": null, "logical_resource_id": "VPC", "physical_resource_id": null, "resource_type": "AWS::EC2::VPC", "status": "DELETE_COMPLETE", "status_reason": null}]}
|
||||
```
|
||||
|
||||
Algo builds a Cloudformation template to deploy to AWS. You can find the entire contents of the Cloudformation template in `configs/algo.yml`. In order to troubleshoot this issue, login to the AWS console, go to the Cloudformation service, find the failed deployment, click the events tab, and find the corresponding "CREATE_FAILED" events. Note that all AWS resources created by Algo are tagged with `Environment => Algo` for easy identification.
|
||||
|
||||
In many cases, failed deployments are the result of [service limits](http://docs.aws.amazon.com/general/latest/gr/aws_service_limits.html) being reached, such as "CREATE_FAILED AWS::EC2::VPC VPC The maximum number of VPCs has been reached." In these cases, you must [contact AWS support](https://console.aws.amazon.com/support/home?region=us-east-1#/case/create?issueType=service-limit-increase&limitType=service-code-direct-connect) to increase the limits on your account.
|
||||
|
||||
## Connection Problems
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue