When attempting to install a cluster, I am getting this error:
Cluster manifest validation failed with exception System.ArgumentException: NodeType.Certificates is req
uired if section Security parameter ServerAuthCredentialType is set to X509
I am attempting to install this configuration:
.\CreateServiceFabricCluster.ps1 -ClusterConfigFilePath .\ClusterConfig.X509.DevCluster.json
Getting the following error:
Running Best Practices Analyzer... Best Practices Analyzer completed successfully. Creating Service Fabric Cluster... Processing and validating cluster config. Configuring nodes. Default installation directory chosen based on system drive of machine 'localhost'. Copying installer to all machines. Configuring machine 'localhost'. System.Fabric.FabricDeployer.ClusterManifestValidationException: Cluster manifest validation failed with exception System.ArgumentException: NodeType.Certificates is req uired if section Security parameter ServerAuthCredentialType is set to X509
at System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.VerifyCertificates(String[] source, String[] destination, ClusterManifestTypeNodeType nodeT ype)
at System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.VerifyDependencies() at System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.ValidateSettings() at System.Fabric.Management.WindowsFabricValidator.FabricValidator.Validate() at System.Fabric.FabricDeployer.FabricValidatorWrapper.ValidateAndEnsureDefaultImageStore() at System.Fabric.FabricDeployer.FabricValidatorWrapper.ValidateAndEnsureDefaultImageStore() at System.Fabric.FabricDeployer.ConfigureOperation.OnExecuteOperation(DeploymentParameters parameters, ClusterManifestType clusterManifest, Infrastructure infrastruct ure) at System.Fabric.FabricDeployer.DeploymentOperation.ExecuteOperationPrivate(DeploymentParameters parameters) at System.Fabric.FabricDeployer.DeploymentOperation.ExecuteOperation(DeploymentParameters parameters, Boolean disableFileTrace) at System.Fabric.FabricDeployer.ConfigurationDeployer.NewNodeConfigurationInner(String clusterManifestPath, String infrastructureManifestPath, String jsonClusterConfi gPath, String fabricDataRoot, String fabricLogRoot, String fabricHostCredentialUser, SecureString fabricHostCredentialPassword, Boolean runFabricHostServiceAsManual, Boo lean removeExistingConfiguration, FabricPackageType fabricPackageType, String fabricPackageRoot, String machineName, String bootstrapPackagePath) System.Fabric.FabricDeployer.ClusterManifestValidationException: Cluster manifest validation failed with exception System.ArgumentException: NodeType.Certificates is req uired if section Security parameter ServerAuthCredentialType is set to X509
at System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.VerifyCertificates(String[] source, String[] destination, ClusterManifestTypeNodeType nodeT ype)
at System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.VerifyDependencies() at System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.ValidateSettings() at System.Fabric.Management.WindowsFabricValidator.FabricValidator.Validate() at System.Fabric.FabricDeployer.FabricValidatorWrapper.ValidateAndEnsureDefaultImageStore() at System.Fabric.FabricDeployer.FabricValidatorWrapper.ValidateAndEnsureDefaultImageStore() at System.Fabric.FabricDeployer.ConfigureOperation.OnExecuteOperation(DeploymentParameters parameters, ClusterManifestType clusterManifest, Infrastructure infrastruct ure) at System.Fabric.FabricDeployer.DeploymentOperation.ExecuteOperationPrivate(DeploymentParameters parameters) at System.Fabric.FabricDeployer.DeploymentOperation.ExecuteOperation(DeploymentParameters parameters, Boolean disableFileTrace) at System.Fabric.FabricDeployer.ConfigurationDeployer.NewNodeConfigurationInner(String clusterManifestPath, String infrastructureManifestPath, String jsonClusterConfi gPath, String fabricDataRoot, String fabricLogRoot, String fabricHostCredentialUser, SecureString fabricHostCredentialPassword, Boolean runFabricHostServiceAsManual, Boo lean removeExistingConfiguration, FabricPackageType fabricPackageType, String fabricPackageRoot, String machineName, String bootstrapPackagePath) at System.Fabric.FabricDeployer.ConfigurationDeployer.NewNodeConfiguration(String clusterManifestPath, String infrastructureManifestPath, String jsonClusterConfigPath , String fabricDataRoot, String fabricLogRoot, String fabricHostCredentialUser, SecureString fabricHostCredentialPassword, Boolean runFabricHostServiceAsManual, Boolean removeExistingConfiguration, FabricPackageType fabricPackageType, String fabricPackageRoot, String machineName, String bootstrapPackagePath) CreateCluster Error: System.AggregateException: One or more errors occurred. ---> System.Fabric.FabricDeployer.ClusterManifestValidationException: Cluster manifest valid ation failed with exception System.ArgumentException: NodeType.Certificates is required if section Security parameter ServerAuthCredentialType is set to X509 at System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.VerifyCertificates(String[] source, String[] destination, ClusterManifestTypeNodeType nodeT ype)
at System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.VerifyDependencies() at System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.ValidateSettings() at System.Fabric.Management.WindowsFabricValidator.FabricValidator.Validate() at System.Fabric.FabricDeployer.FabricValidatorWrapper.ValidateAndEnsureDefaultImageStore() at System.Fabric.FabricDeployer.FabricValidatorWrapper.ValidateAndEnsureDefaultImageStore() at System.Fabric.FabricDeployer.ConfigureOperation.OnExecuteOperation(DeploymentParameters parameters, ClusterManifestType clusterManifest, Infrastructure infrastruct ure) at System.Fabric.FabricDeployer.DeploymentOperation.ExecuteOperationPrivate(DeploymentParameters parameters) at System.Fabric.FabricDeployer.DeploymentOperation.ExecuteOperation(DeploymentParameters parameters, Boolean disableFileTrace) at System.Fabric.FabricDeployer.ConfigurationDeployer.NewNodeConfigurationInner(String clusterManifestPath, String infrastructureManifestPath, String jsonClusterConfi gPath, String fabricDataRoot, String fabricLogRoot, String fabricHostCredentialUser, SecureString fabricHostCredentialPassword, Boolean runFabricHostServiceAsManual, Boo lean removeExistingConfiguration, FabricPackageType fabricPackageType, String fabricPackageRoot, String machineName, String bootstrapPackagePath) at System.Fabric.FabricDeployer.ConfigurationDeployer.NewNodeConfiguration(String clusterManifestPath, String infrastructureManifestPath, String jsonClusterConfigPath , String fabricDataRoot, String fabricLogRoot, String fabricHostCredentialUser, SecureString fabricHostCredentialPassword, Boolean runFabricHostServiceAsManual, Boolean removeExistingConfiguration, FabricPackageType fabricPackageType, String fabricPackageRoot, String machineName, String bootstrapPackagePath) at Microsoft.ServiceFabric.DeploymentManager.DeploymentManagerInternal.<>c__DisplayClass14_0.b__1(String machineName) at System.Threading.Tasks.Parallel.<>c__DisplayClass17_01.<ForWorker>b__1() at System.Threading.Tasks.Task.InnerInvokeWithArg(Task childTask)1 body, Action
at System.Threading.Tasks.Task.<>c__DisplayClass176_0.<ExecuteSelfReplicating>b__0(Object ) --- End of inner exception stack trace --- at System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions) at System.Threading.Tasks.Task.Wait(Int32 millisecondsTimeout, CancellationToken cancellationToken) at System.Threading.Tasks.Parallel.ForWorker[TLocal](Int32 fromInclusive, Int32 toExclusive, ParallelOptions parallelOptions, Action2 bodyWithState, F unc4 bodyWithLocal, Func1 localInit, Action1 localFinally) at System.Threading.Tasks.Parallel.ForEachWorker[TSource,TLocal](IEnumerable1 source, ParallelOptions parallelOptions, Action1 body, Action2 bodyWithState, Action3 bodyWithStateAndIndex, Func4 bodyWithStateAndLocal, Func5 bodyWithEverything, Func1 localInit, Action1 localFinally) at System.Threading.Tasks.Parallel.ForEach[TSource](IEnumerable1 source, Action1 body) at Microsoft.ServiceFabric.DeploymentManager.DeploymentManagerInternal.<>c__DisplayClass14_0.b__0() at System.Threading.Tasks.Task.Execute() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.ServiceFabric.DeploymentManager.DeploymentManagerInternal.d__1.MoveNext() ---> (Inner Exception #0) System.Fabric.FabricDeployer.ClusterManifestValidationException: Cluster manifest validation failed with exception System.ArgumentException: No deType.Certificates is required if section Security parameter ServerAuthCredentialType is set to X509
at System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.VerifyCertificates(String[] source, String[] destination, ClusterManifestTypeNodeType nodeT ype)
at System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.VerifyDependencies() at System.Fabric.Management.WindowsFabricValidator.FabricSettingsValidator.ValidateSettings() at System.Fabric.Management.WindowsFabricValidator.FabricValidator.Validate() at System.Fabric.FabricDeployer.FabricValidatorWrapper.ValidateAndEnsureDefaultImageStore() at System.Fabric.FabricDeployer.FabricValidatorWrapper.ValidateAndEnsureDefaultImageStore() at System.Fabric.FabricDeployer.ConfigureOperation.OnExecuteOperation(DeploymentParameters parameters, ClusterManifestType clusterManifest, Infrastructure infrastruct ure) at System.Fabric.FabricDeployer.DeploymentOperation.ExecuteOperationPrivate(DeploymentParameters parameters) at System.Fabric.FabricDeployer.DeploymentOperation.ExecuteOperation(DeploymentParameters parameters, Boolean disableFileTrace) at System.Fabric.FabricDeployer.ConfigurationDeployer.NewNodeConfigurationInner(String clusterManifestPath, String infrastructureManifestPath, String jsonClusterConfi gPath, String fabricDataRoot, String fabricLogRoot, String fabricHostCredentialUser, SecureString fabricHostCredentialPassword, Boolean runFabricHostServiceAsManual, Boo lean removeExistingConfiguration, FabricPackageType fabricPackageType, String fabricPackageRoot, String machineName, String bootstrapPackagePath) at System.Fabric.FabricDeployer.ConfigurationDeployer.NewNodeConfiguration(String clusterManifestPath, String infrastructureManifestPath, String jsonClusterConfigPath , String fabricDataRoot, String fabricLogRoot, String fabricHostCredentialUser, SecureString fabricHostCredentialPassword, Boolean runFabricHostServiceAsManual, Boolean removeExistingConfiguration, FabricPackageType fabricPackageType, String fabricPackageRoot, String machineName, String bootstrapPackagePath) at Microsoft.ServiceFabric.DeploymentManager.DeploymentManagerInternal.<>c__DisplayClass14_0.b__1(String machineName) at System.Threading.Tasks.Parallel.<>c__DisplayClass17_0`1.b__1() at System.Threading.Tasks.Task.InnerInvokeWithArg(Task childTask)
at System.Threading.Tasks.Task.<>c__DisplayClass176_0.b__0(Object )<---Trace folder already exists. Traces will be written to existing trace folder: C:\ooo360\5.7.220\DeploymentTraces Cleaning up faulted installation. FabricRoot not found in registry of target machine localhost. Create Cluster failed. For more information please look at traces in FabricLogRoot. Create Cluster failed with exception: System.AggregateException: One or more errors occurred. ---> System.AggregateException: One or more errors occurred. at Microsoft.ServiceFabric.DeploymentManager.DeploymentManagerInternal.d__1.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.ServiceFabric.DeploymentManager.DeploymentManager.d__2.MoveNext() --- End of inner exception stack trace --- at System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions) at System.Threading.Tasks.Task.Wait(Int32 millisecondsTimeout, CancellationToken cancellationToken) at Microsoft.ServiceFabric.Powershell.ClusterCmdletBase.NewCluster(String clusterConfigurationFilePath, String fabricPackageSourcePath, Boolean noCleanupOnFailure, Bo olean force) ---> (Inner Exception #0) System.AggregateException: One or more errors occurred. at Microsoft.ServiceFabric.DeploymentManager.DeploymentManagerInternal.d__1.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.ServiceFabric.DeploymentManager.DeploymentManager.d__2.MoveNext()<---
Create Cluster failed with exception: System.AggregateException: One or more errors occurred. ---> System.AggregateException: One or more errors occurred. at Microsoft.ServiceFabric.DeploymentManager.DeploymentManagerInternal.d__1.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.ServiceFabric.DeploymentManager.DeploymentManager.d__2.MoveNext() --- End of inner exception stack trace --- at System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions) at System.Threading.Tasks.Task.Wait(Int32 millisecondsTimeout, CancellationToken cancellationToken) at Microsoft.ServiceFabric.Powershell.ClusterCmdletBase.NewCluster(String clusterConfigurationFilePath, String fabricPackageSourcePath, Boolean noCleanupOnFailure, Boo lean force) ---> (Inner Exception #0) System.AggregateException: One or more errors occurred. at Microsoft.ServiceFabric.DeploymentManager.DeploymentManagerInternal.d__1.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.ServiceFabric.DeploymentManager.DeploymentManager.d__2.MoveNext()<---
Here's my configuration file:
{
"name": "SampleCluster",
"clusterConfigurationVersion": "1.0.0",
"apiVersion": "04-2017",
"nodes": [
{
"nodeName": "vm0",
"iPAddress": "localhost",
"nodeTypeRef": "NodeType0",
"faultDomain": "fd:/dc1/r0",
"upgradeDomain": "UD0"
},
{
"nodeName": "vm1",
"iPAddress": "localhost",
"nodeTypeRef": "NodeType1",
"faultDomain": "fd:/dc1/r1",
"upgradeDomain": "UD1"
},
{
"nodeName": "vm2",
"iPAddress": "localhost",
"nodeTypeRef": "NodeType2",
"faultDomain": "fd:/dc1/r2",
"upgradeDomain": "UD2"
}
],
"properties": {
"diagnosticsStore":
{
"metadata": "Please replace the diagnostics file share with an actual file share accessible from all cluster machines.",
"dataDeletionAgeInDays": "7",
"storeType": "FileShare",
"connectionstring": "c:\\ProgramData\\SF\\DiagnosticsStore"
},
"security": {
"metadata": "The Credential type X509 indicates this is cluster is secured using X509 Certificates. The thumbprint format is - d5 ec 42 3b 79 cb e5 07 fd 83 59 3c 56 b9 d5 31 24 25 42 64.",
"ClusterCredentialType": "X509",
"ServerCredentialType": "X509",
"CertificateInformation": {
"ClusterCertificateCommonNames": {
"CommonNames": [
{
"CertificateCommonName": "ooo-WS-Ashort.ccc.int"
}
],
"X509StoreName": "My"
},
"ServerCertificate": {
"Thumbprint": "719ECFD3F5xxxxxxxxx21C69CC36514126",
"X509StoreName": "My"
},
"ServerCertificateCommonNames": {
"CommonNames": [
{
"CertificateCommonName": "ooo-WS-Ashort.ccc.int"
}
],
"X509StoreName": "My"
},
"ClientCertificateThumbprints": [{
"CertificateThumbprint": "719ECFD3F55xxxxxxx69CC36514126",
"IsAdmin": false
}, {
"CertificateThumbprint": "39C52B527B6xxxxxxxxxxDD115274CBE9A",
"IsAdmin": true
}]
}
},
"nodeTypes": [
{
"name": "NodeType0",
"clientConnectionEndpointPort": "19000",
"clusterConnectionEndpointPort": "19001",
"leaseDriverEndpointPort": "19002",
"serviceConnectionEndpointPort": "19003",
"httpGatewayEndpointPort": "19080",
"reverseProxyEndpointPort": "19081",
"applicationPorts": {
"startPort": "20001",
"endPort": "20031"
},
"isPrimary": true
},
{
"name": "NodeType1",
"clientConnectionEndpointPort": "19004",
"clusterConnectionEndpointPort": "19005",
"leaseDriverEndpointPort": "19006",
"serviceConnectionEndpointPort": "19007",
"httpGatewayEndpointPort": "19082",
"reverseProxyEndpointPort": "19083",
"applicationPorts": {
"startPort": "20288",
"endPort": "20318"
},
"isPrimary": true
},
{
"name": "NodeType2",
"clientConnectionEndpointPort": "19008",
"clusterConnectionEndpointPort": "19009",
"leaseDriverEndpointPort": "19010",
"serviceConnectionEndpointPort": "19011",
"httpGatewayEndpointPort": "19084",
"reverseProxyEndpointPort": "19085",
"applicationPorts": {
"startPort": "20575",
"endPort": "20605"
},
"isPrimary": false
}
],
"fabricSettings": [
{
"name": "Setup",
"parameters": [
{
"name": "FabricDataRoot",
"value": "C:\\ProgramData\\SF"
},
{
"name": "FabricLogRoot",
"value": "C:\\ProgramData\\SF\\Log"
}
]
}
]
}
}
What am I doing wrong? How do I specify the NodeTypes.Certificates value?
I bet your clusterManifest.xml is missing Certificates property within NodeTypes definition. Since this file gets generated automatically, did you alter manifest manually? If so, you need to get Certificates section back with all the required certificates(Cluster, Server, Client).
Next, you should verify the certificates you have in the config are properly installed, and you have correct thumbprints(do not forget about a special hidden character at the beginning of the thumbprint).
Finally, your SF installation might be corrupted or something, so you could reinstall all the SF artifacts.