Ran into two snags, the first which I was able to workaround, and the second of which I cannot...
1. The file export in 1.6.3 does not use https,so it broke the srcnat rule I had been using for the VM. It took a while to understand why it wasn't letting me actually download, but I found I could use the raw IP address of the server to get around it and download the file.
2. The SHA256 hash is not compatible with ESXi 5.5, and I can't seem to install the OVF tool (both 32-bit and 64-bit just fail during install) to try to fix this on my system. Any chance Cambium can release a version of this new OVA using an SHA1 hash in the mf file so we don't have to jump through hoops of fire to install it?
(according to at least one site, this can be done by running a "--shaAlgorithm=sha1" command in the CLI before generating the OVA file)
I am also running XEN 6.5. Same issue with Ubuntu booting into Emergency Mode. I have been running cnMaestro on this same platform for a long time now. Upgrade to 1.6.3-r39 went smoothly. But spinning up the 2.1.0-r21 OVA is being troublesome.
Another customer was facing the same issue and he is using Esxi 4.0 with vSphere C# client to upload the ovf file and it was throwing the manifest checksum error, the workaround is to download the below ovftool version 4.2
And you can import the 2.1 OVA from the command line by passing --shaAlgorithm=sha1
ovftool.exe --shaAlgorithm=sha1 --datastore=datastore1 --network="<name of the network>" C:\Users\xxxx\Downloads\cnmaestro-on-premises_2.1.0-r21_amd64.ova vi://root@x.x.x.x
From a security standpoint, this is a positive change by VMWare as SHA1 is no longer considered a secure hashing algorithm and a stronger version should be used. It also turns out that the vSphere C# Client can only support SHA1.
I'm also running ESXi 5.5 on this box and I ran the ovftool and the new vm imported fine. I don't think cambium should change the file from SHA256. We need to keep our boxes more updated.
Hi Sean -- we are hesitant to replace the current OVA with one leveraging SHA-1 digests, because SHA-1 is no longer considered secure (it was dropped by VMware for good reason). Instead, I am including a script written for Linux, but also tested on Mac command line, which converts the SHA-256 OVA digests to SHA-1. Just run the code as an executable (chmod +x <filename>), and point it to your downloaded OVA file (cnmaestro_sha_convert <OVA file>). If this really doesn't work for you, then ping Rupam or I by private message, and we can look at providing access to the file generated by the script below.
#!/bin/bash -e # Script to convert a cnMaestro OVA to SHA-1 digests
SOURCE=${1} TMPDIR=cnmaestro_tmp
if [[ -z ${SOURCE} ]]; then echo "Usage: ${0} <OVA file>" exit 1 elif [[ ! -f ${SOURCE} ]]; then echo "OVA file does not exist: ${SOURCE}" exit 1 fi
thank you for the script, that worked and the virtual machine now boots up.
however, i can't get my backup to restore. it acts like it is restoring and then stops around 62% and the web screen pauses and says the connection has been lost.
i tried several times and rebooted inbetween etc. with no luck.
Par for the course on this ridiculously arcane and complex mess of a procedure, the backup file does not import. I'm beyond being surprised by this nightmare - not one single step has gone the way Cambium has said it should. I generated two backups using different configs of 1.6.3-r19, and neither one will complete the import on this system. I started by trying to use the GUI, but after that failed the exact same way Sean reported, I managed to get the backup files onto the local machine, and ran the CLI procedure Rupam suggests, which finished with the above failure screen. During the process itself, I see tons of "No such file or directory" and "Command failed" errors, plus a few spelling errors.
Since I really do want to have cnMaestro running on my network, I'm going back to the 1.6.3-r19 version. I may try again if the bugs ever get worked out...
