Completely broken system

rubenc · April 24, 2018, 5:10pm

Hi,

One of our customers is running an unattended (the company that was doing the maintenance left time ago) installation of VyOS 1.1.7.

Everything was working normally, until a few days ago there was an issue with the host hardware (both the RAID card and battery had to be replaced). The system runs under VMWare.

After booting up the vm again, it didn’t configure services as before. In fact, the /config directory appears only with a default skeleton content.

I have no idea about this system (I admit it), and I’m kind of lost. I’ve been able to find the original configuration under /opt/vyatta/etc/config (which as per /etc/init.d/vyatta-router is supposed to be bind-mounted at /config on boot, but that’s not happening).

Copying all of it under /config and running manually the “/etc/init.d/vyatta-router start” script the services (mainly 3 openvpn instances and an ipsec vpn) start correctly (more or less, there’s a problem with library dependencies for openvpn-auth-ldap.so but well, 1st things 1st). But no changes are kept upon reboots and of course things must be started manually after rebooting. Since this system works heavily under those overlay/ro fs, it’s not just a simple Debian host.

After booting, the mounted fs’s are:

# df -ah
Filesystem            Size  Used Avail Use% Mounted on
overlayfs             249M   36M  214M  15% /
tmpfs                 249M     0  249M   0% /lib/init/rw
proc                     0     0     0   -  /proc
sysfs                    0     0     0   -  /sys
udev                  241M  164K  241M   1% /dev
tmpfs                 249M  4.0K  249M   1% /dev/shm
devpts                   0     0     0   -  /dev/pts
/dev/sda1             7.8G  582M  6.8G   8% /live/image
tmpfs                 249M   36M  214M  15% /live/cow
tmpfs                 249M     0  249M   0% /live
tmpfs                 249M     0  249M   0% /tmp
tmpfs                 249M   36M  214M  15% /opt/vyatta/etc/config
fusectl                  0     0     0   -  /sys/fs/fuse/connections
none                  249M  896K  248M   1% /opt/vyatta/config
/live/image/boot/1.1.7
                      7.8G  582M  6.8G   8% /boot
/live/image/boot/grub
                      7.8G  582M  6.8G   8% /boot/grub
none                  249M  896K  248M   1% /opt/vyatta/config
/live/image/boot/1.1.7
                      7.8G  582M  6.8G   8% /boot
/live/image/boot/grub
                      7.8G  582M  6.8G   8% /boot/grub

I can share any other information needed.

Could this system be salvaged? Or it’s not worth the effort?

Thanks,

Rubén.

rubenc · April 26, 2018, 11:08am

I see… no replies…

Don’t worry guys… We’ll just migrate configurations to a normal Linux system.

Good luck with the project

pirateghost · April 26, 2018, 1:03pm

Why not just reinstall the image and import your config?

Please note, this forum is generally just volunteers. If we don’t answer quickly enough, please feel free to reach out on other platforms to discuss your issues. We are not paid to answer questions.

rubenc · April 26, 2018, 5:28pm

Hi,

I’m completely aware of that, and that’s why I waited for a pair of days, apart from seeing other posts being updated and that in the meanwhile I know what community work is since many many years ago and I do it myself on a daily basis, btw. And no, I’m not paid for it neither

Anyway, in a way, I got what I was looking for because since noone bothered in saying anything, that just means it’s a situation not worth to spend time with.

No more trolling around. Regards

pirateghost · April 26, 2018, 5:41pm

Well, by just looking at the little info we have here, it appears it might be booting from the ISO? In that case, it’s mounting the storage disk that contains the saved configs, which is requiring you to load them.

Have you looked at your VM settings to verify it IS indeed booting from the disk and not the ISO?

LinuksGuru · April 26, 2018, 9:06pm

I noticed forum have very low traffic, and project maintained just by few busy people.
Most updates you mention are answer for my own question I found myself, which was VERY time consuming. Many old samples don’t work anymore because of changes in the system.

Old Vyatta docs still available here for download, these are most comprehensive manuals available:
http://docs.huihoo.com/vyatta/6.5/

I also can recommend this book (albeit in German only), called “Der VyOS-Praktiker” (over 400 pages long but still too small even for many relatively small cases), available at Google Play.

I used Shorewall and SuSEfirewall before, now need more advanced solution. Other systems under consideration were ClearOS, OpnSense, pfSense or proprietary boxes like Microtik / Ubiquity.

Although initial experience was close to nightmare, I found VyOS to be programmable in a very smart way. Yet it takes time and effort to understand logic of developers who made this wonderful piece of software.

My VyOS runs on KVM/SuSE host, another VyOS KVM appliance was used to make virtual dual link ISP in order to test failover capabilities. Quite possible I’ll install on same SuSE host 2nd KVM appliance with Snort or Suricata for intrusion detection.