Guacamole closing socket to guacd when I connect - ubuntu-16.04

I have installed Guacamole on Ubuntu 16.04 following these steps: https://www.vultr.com/docs/create-an-html-5-rdp-ssh-frontend-using-guacamole-on-ubuntu-16-04-lts
I have used the latest version of Guacamole etc.
When I access the Guacamole login screen I get the following error:
When i look at the logs
tail -f /var/log/tomcat8/catalina.out
I see the following:
19:56:29.048 [http-nio-8080-exec-4] DEBUG o.a.i.t.jdbc.JdbcTransaction - Opening JDBC Connection
19:56:29.048 [http-nio-8080-exec-4] DEBUG o.a.i.d.pooled.PooledDataSource - Checked out connection 572680346 from pool.
19:56:29.048 [http-nio-8080-exec-4] DEBUG o.a.i.d.pooled.PooledDataSource - Testing connection 572680346 ...
19:56:29.050 [http-nio-8080-exec-4] DEBUG o.a.i.d.pooled.PooledDataSource - Connection 572680346 is GOOD!
19:56:29.050 [http-nio-8080-exec-4] DEBUG o.a.i.t.jdbc.JdbcTransaction - Setting autocommit to false on JDBC Connection [com.mysql.jdbc.JDBC4Connection#2222689a]
19:56:29.051 [http-nio-8080-exec-4] DEBUG o.a.g.a.j.user.UserMapper.selectOne - ==> Preparing: SELECT guacamole_user.user_id, guacamole_entity.entity_id, guacamole_entity.name, password_hash, password_salt, password_date, disabled, expired, access_window_start, access_window_end, valid_from, valid_until, timezone, full_name, email_address, organization, organizational_role, MAX(start_date) AS last_active FROM guacamole_user JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id LEFT JOIN guacamole_user_history ON guacamole_user_history.user_id = guacamole_user.user_id WHERE guacamole_entity.name = ? AND guacamole_entity.type = 'USER' GROUP BY guacamole_user.user_id, guacamole_entity.entity_id; SELECT guacamole_user_attribute.user_id, guacamole_user_attribute.attribute_name, guacamole_user_attribute.attribute_value FROM guacamole_user_attribute JOIN guacamole_user ON guacamole_user.user_id = guacamole_user_attribute.user_id JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id WHERE guacamole_entity.name = ? AND guacamole_entity.type = 'USER'
19:56:29.051 [http-nio-8080-exec-4] DEBUG o.a.g.a.j.user.UserMapper.selectOne - ==> Parameters: service(String), service(String)
19:56:29.052 [http-nio-8080-exec-4] DEBUG o.a.g.a.j.user.UserMapper.selectOne - <== Total: 0
19:56:29.052 [http-nio-8080-exec-4] DEBUG o.a.i.t.jdbc.JdbcTransaction - Resetting autocommit to true on JDBC Connection [com.mysql.jdbc.JDBC4Connection#2222689a]
19:56:29.052 [http-nio-8080-exec-4] DEBUG o.a.i.t.jdbc.JdbcTransaction - Closing JDBC Connection [com.mysql.jdbc.JDBC4Connection#2222689a]
19:56:29.052 [http-nio-8080-exec-4] DEBUG o.a.i.d.pooled.PooledDataSource - Testing connection 572680346 ...
19:56:29.052 [http-nio-8080-exec-4] DEBUG o.a.i.d.pooled.PooledDataSource - Connection 572680346 is GOOD!
19:56:29.052 [http-nio-8080-exec-4] DEBUG o.a.i.d.pooled.PooledDataSource - Returned connection 572680346 to pool.
19:56:29.054 [http-nio-8080-exec-4] INFO o.a.g.r.auth.AuthenticationService - User "service" successfully authenticated from 10.160.108.44.
19:56:29.055 [http-nio-8080-exec-4] DEBUG o.a.i.t.jdbc.JdbcTransaction - Opening JDBC Connection
19:56:29.055 [http-nio-8080-exec-4] DEBUG o.a.i.d.pooled.PooledDataSource - Checked out connection 572680346 from pool.
19:56:29.055 [http-nio-8080-exec-4] DEBUG o.a.i.d.pooled.PooledDataSource - Testing connection 572680346 ...
19:56:29.055 [http-nio-8080-exec-4] DEBUG o.a.i.d.pooled.PooledDataSource - Connection 572680346 is GOOD!
19:56:29.055 [http-nio-8080-exec-4] DEBUG o.a.i.t.jdbc.JdbcTransaction - Setting autocommit to false on JDBC Connection [com.mysql.jdbc.JDBC4Connection#2222689a]
19:56:29.055 [http-nio-8080-exec-4] DEBUG o.a.g.a.j.user.UserMapper.selectOne - ==> Preparing: SELECT guacamole_user.user_id, guacamole_entity.entity_id, guacamole_entity.name, password_hash, password_salt, password_date, disabled, expired, access_window_start, access_window_end, valid_from, valid_until, timezone, full_name, email_address, organization, organizational_role, MAX(start_date) AS last_active FROM guacamole_user JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id LEFT JOIN guacamole_user_history ON guacamole_user_history.user_id = guacamole_user.user_id WHERE guacamole_entity.name = ? AND guacamole_entity.type = 'USER' GROUP BY guacamole_user.user_id, guacamole_entity.entity_id; SELECT guacamole_user_attribute.user_id, guacamole_user_attribute.attribute_name, guacamole_user_attribute.attribute_value FROM guacamole_user_attribute JOIN guacamole_user ON guacamole_user.user_id = guacamole_user_attribute.user_id JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id WHERE guacamole_entity.name = ? AND guacamole_entity.type = 'USER'
19:56:29.055 [http-nio-8080-exec-4] DEBUG o.a.g.a.j.user.UserMapper.selectOne - ==> Parameters: service(String), service(String)
19:56:29.056 [http-nio-8080-exec-4] DEBUG o.a.g.a.j.user.UserMapper.selectOne - <== Total: 0
19:56:29.056 [http-nio-8080-exec-4] DEBUG o.a.i.t.jdbc.JdbcTransaction - Resetting autocommit to true on JDBC Connection [com.mysql.jdbc.JDBC4Connection#2222689a]
19:56:29.056 [http-nio-8080-exec-4] DEBUG o.a.i.t.jdbc.JdbcTransaction - Closing JDBC Connection [com.mysql.jdbc.JDBC4Connection#2222689a]
19:56:29.056 [http-nio-8080-exec-4] DEBUG o.a.i.d.pooled.PooledDataSource - Testing connection 572680346 ...
19:56:29.056 [http-nio-8080-exec-4] DEBUG o.a.i.d.pooled.PooledDataSource - Connection 572680346 is GOOD!
19:56:29.056 [http-nio-8080-exec-4] DEBUG o.a.i.d.pooled.PooledDataSource - Returned connection 572680346 to pool.
19:56:29.058 [http-nio-8080-exec-4] DEBUG o.a.g.r.auth.AuthenticationService - Login was successful for user "service".
19:56:29.092 [http-nio-8080-exec-2] INFO o.a.g.environment.LocalEnvironment - GUACAMOLE_HOME is "/etc/guacamole".
19:56:29.096 [http-nio-8080-exec-2] DEBUG o.a.g.net.InetGuacamoleSocket - Connecting to guacd at localhost:4822.
19:56:29.155 [http-nio-8080-exec-2] INFO o.a.g.tunnel.TunnelRequestService - User "service" connected to connection "DEFAULT".
Exception in thread "Thread-5" java.lang.IllegalStateException: Message will not be sent because the WebSocket session has been closed
at org.apache.tomcat.websocket.WsRemoteEndpointImplBase.writeMessagePart(WsRemoteEndpointImplBase.java:384)
at org.apache.tomcat.websocket.WsRemoteEndpointImplBase.startMessage(WsRemoteEndpointImplBase.java:340)
at org.apache.tomcat.websocket.WsRemoteEndpointImplBase$TextMessageSendHandler.write(WsRemoteEndpointImplBase.java:755)
at org.apache.tomcat.websocket.WsRemoteEndpointImplBase.sendPartialString(WsRemoteEndpointImplBase.java:252)
at org.apache.tomcat.websocket.WsRemoteEndpointImplBase.sendString(WsRemoteEndpointImplBase.java:195)
at org.apache.tomcat.websocket.WsRemoteEndpointBasic.sendText(WsRemoteEndpointBasic.java:37)
at org.apache.guacamole.websocket.GuacamoleWebSocketTunnelEndpoint.sendInstruction(GuacamoleWebSocketTunnelEndpoint.java:152)
at org.apache.guacamole.websocket.GuacamoleWebSocketTunnelEndpoint.access$200(GuacamoleWebSocketTunnelEndpoint.java:53)19:56:29.202 [http-nio-8080-exec-5] INFO o.a.g.tunnel.TunnelRequestService - User "service" disconnected from connection "DEFAULT". Duration: 45 milliseconds
at org.apache.guacamole.websocket.GuacamoleWebSocketTunnelEndpoint$2.run(GuacamoleWebSocketTunnelEndpoint.java:253)
19:56:29.202 [http-nio-8080-exec-5] DEBUG o.a.g.net.InetGuacamoleSocket - Closing socket to guacd.
I read here: https://sourceforge.net/p/guacamole/discussion/1110834/thread/1b380caa/?limit=25 that I need to create softlinks such as:
Create symbolic links within [path to libfreerdp*.so]/freerdp/ to /usr/local/lib/freerdp/guac*.so
But I don't think that is a problem. Here are my libfreerdp directories with existing links.
ls -l /usr/lib/x86_64-linux-gnu/freerdp
-rw-r--r-- 1 root root 14720 Dec 11 11:53 audin-client-alsa.so
-rw-r--r-- 1 root root 14784 Dec 11 11:53 audin-client-pulse.so
-rw-r--r-- 1 root root 14848 Dec 11 11:53 audin-client.so
-rw-r--r-- 1 root root 35240 Dec 11 11:53 drive-client.so
-rw-r--r-- 1 root root 10256 Dec 11 11:53 echo-client.so
lrwxrwxrwx 1 root root 39 Feb 18 19:45 guacai-client.la -> /usr/local/lib/freerdp/guacai-client.la
lrwxrwxrwx 1 root root 39 Feb 18 19:45 guacai-client.so -> /usr/local/lib/freerdp/guacai-client.so
lrwxrwxrwx 1 root root 39 Feb 18 19:45 guacdr-client.la -> /usr/local/lib/freerdp/guacdr-client.la
lrwxrwxrwx 1 root root 39 Feb 18 19:45 guacdr-client.so -> /usr/local/lib/freerdp/guacdr-client.so
lrwxrwxrwx 1 root root 40 Feb 18 19:45 guacsnd-client.la -> /usr/local/lib/freerdp/guacsnd-client.la
lrwxrwxrwx 1 root root 40 Feb 18 19:45 guacsnd-client.so -> /usr/local/lib/freerdp/guacsnd-client.so
lrwxrwxrwx 1 root root 40 Feb 18 19:45 guacsvc-client.la -> /usr/local/lib/freerdp/guacsvc-client.la
lrwxrwxrwx 1 root root 40 Feb 18 19:45 guacsvc-client.so -> /usr/local/lib/freerdp/guacsvc-client.so
-rw-r--r-- 1 root root 14552 Dec 11 11:53 parallel-client.so
-rw-r--r-- 1 root root 14616 Dec 11 11:53 printer-client.so
-rw-r--r-- 1 root root 18648 Dec 11 11:53 rdpei-client.so
-rw-r--r-- 1 root root 18976 Dec 11 11:53 rdpsnd-client-alsa.so
-rw-r--r-- 1 root root 18944 Dec 11 11:53 rdpsnd-client-pulse.so
-rw-r--r-- 1 root root 27032 Dec 11 11:53 serial-client.so
-rw-r--r-- 1 root root 31104 Dec 11 11:53 smartcard-client.so
-rw-r--r-- 1 root root 10472 Dec 11 11:53 tsmf-client-alsa-audio.so
-rw-r--r-- 1 root root 14624 Dec 11 11:53 tsmf-client-pulse-audio.so
-rw-r--r-- 1 root root 39664 Dec 11 11:53 tsmf-client.so
ls -l /usr/local/lib/freerdp/
-rwxr-xr-x 1 root root 1205 Feb 18 11:25 guacai-client.la
-rwxr-xr-x 1 root root 361072 Feb 18 19:44 guacai-client.so
-rwxr-xr-x 1 root root 1205 Feb 18 11:25 guacdr-client.la
-rwxr-xr-x 1 root root 618032 Feb 18 19:44 guacdr-client.so
-rwxr-xr-x 1 root root 1211 Feb 18 11:25 guacsnd-client.la
-rwxr-xr-x 1 root root 274408 Feb 18 19:44 guacsnd-client.so
-rwxr-xr-x 1 root root 1211 Feb 18 11:25 guacsvc-client.la
-rwxr-xr-x 1 root root 273824 Feb 18 19:44 guacsvc-client.so
How can I solve this problem?


For my Debian 11 ("bullseye" version released in 2021) I had to apt-get install these specific libraries for guacamole 1.3.0 to be happy and not disconnect quickly. Maybe the middle one is optional?
freerdp2-dev freerdp2-x11 libwebsockets-dev
Anyhow, Guacamole needs the -dev versions of these packages, as I tried other versions of RDP and libwebsockets with no success, until I found some docs that noted the "-dev" requirement.
After fiddling around with package installs, I got the Library status: section (table shown in the middle of the doc) to be what I needed.
Guacamole doc here:
https://guacamole.apache.org/doc/gug/installing-guacamole.html

Related

Apache Zookeeper: Unable to access data directory

OS: RHEL 8.2
I am trying to create a systemctl service for zookeeper. It fails to access the datadir.
Here is my config for zookeeper,
dataDir=/opt/zookeeper
maxClientCnxns=20
tickTime=2000
dataDir=/var/zookeeper/
initLimit=20
syncLimit=10
server.0=master:2888:3888
clientPort=2181
admin.serverPort=8082
Permission of /opt/zookeeper is set to 777.
[user1#server1 opt]$ ls -lart
total 0
dr-xr-xr-x. 17 root root 244 Jul 3 10:56 ..
drwxr-xr-x 3 root root 27 Jul 10 10:29 rh
drw-r--r-- 2 user2 user2 6 Jul 17 08:48 hsluw_data
drw-r--r-- 2 user2 user2 6 Jul 17 08:58 hsluw_config
drwxr-xr-x. 6 root root 71 Jul 17 08:58 .
drwxrwxrwx 3 user2 user2 23 Jul 17 09:40 zookeeper
If I run the command,
./bin/zookeeper-server-start.sh config/zookeeper.properties
it gives me an error message: Unable to access datadir
[2020-07-30 10:25:50,767] ERROR Invalid configuration, only one server specified (ignoring) (org.apache.zookeeper.server.quorum.QuorumPeerConfig)
[2020-07-30 10:25:50,767] INFO Starting server (org.apache.zookeeper.server.ZooKeeperServerMain)
[2020-07-30 10:25:50,769] INFO zookeeper.snapshot.trust.empty : false (org.apache.zookeeper.server.persistence.FileTxnSnapLog)
[2020-07-30 10:25:50,769] ERROR Unable to access datadir, exiting abnormally (org.apache.zookeeper.server.ZooKeeperServerMain)
org.apache.zookeeper.server.persistence.FileTxnSnapLog$DatadirException: Cannot write to data directory /var/zookeeper/version-2
at org.apache.zookeeper.server.persistence.FileTxnSnapLog.<init>(FileTxnSnapLog.java:132)
at org.apache.zookeeper.server.ZooKeeperServerMain.runFromConfig(ZooKeeperServerMain.java:124)
at org.apache.zookeeper.server.ZooKeeperServerMain.initializeAndRun(ZooKeeperServerMain.java:106)
at org.apache.zookeeper.server.ZooKeeperServerMain.main(ZooKeeperServerMain.java:64)
at org.apache.zookeeper.server.quorum.QuorumPeerMain.initializeAndRun(QuorumPeerMain.java:128)
at org.apache.zookeeper.server.quorum.QuorumPeerMain.main(QuorumPeerMain.java:82)
Unable to access datadir, exiting abnormally
However, sudoing the above command works,
sudo ./bin/zookeeper-server-start.sh config/zookeeper.properties
Now I have created a service in /etc/systemd/system/zookeeper.service
I wrote the service in /etc/systemd/system/zookeeper.service in this way,
[Unit]
Requires=network.target remote-fs.target
After=network.target remote-fs.target
[Service]
Type=simple
User=user2
ExecStart=/home/user2/kafka/bin/zookeeper-server-start.sh /home/user2/kafka/config/zookeeper.properties
ExecStop=/home/user2/kafka/bin/zookeeper-server-stop.sh
Restart=on-abnormal
[Install]
WantedBy=multi-user.target
The SELinux status is disabled.
user2#server1$ sestatus
SELinux status: disabled
Now if I do the following
sudo systemctl daemon-reload
sudo systemctl start zookeeper
sudo systemctl enable zookeeper
I am getting the the same Unable to access the datadir error like the following,
[user2#server1 /]$ systemctl status zookeeper
\u25cf zookeeper.service
Loaded: loaded (/etc/systemd/system/zookeeper.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Thu 2020-07-30 10:13:19 CEST; 24s ago
Main PID: 12911 (code=exited, status=3)
Jul 30 10:13:19 server1.localdomain zookeeper-server-start.sh[12911]: org.apache.zookeeper.server.persistence.FileTxnSnapLog$Data>
Jul 30 10:13:19 server1.localdomain zookeeper-server-start.sh[12911]: at org.apache.zookeeper.server.persistence.FileTxnS>
Jul 30 10:13:19 server1.localdomain zookeeper-server-start.sh[12911]: at org.apache.zookeeper.server.ZooKeeperServerMain.>
Jul 30 10:13:19 server1.localdomain zookeeper-server-start.sh[12911]: at org.apache.zookeeper.server.ZooKeeperServerMain.>
Jul 30 10:13:19 server1.localdomain zookeeper-server-start.sh[12911]: at org.apache.zookeeper.server.ZooKeeperServerMain.>
Jul 30 10:13:19 server1.localdomain zookeeper-server-start.sh[12911]: at org.apache.zookeeper.server.quorum.QuorumPeerMai>
Jul 30 10:13:19 server1.localdomain zookeeper-server-start.sh[12911]: at org.apache.zookeeper.server.quorum.QuorumPeerMai>
Jul 30 10:13:19 server1.localdomain zookeeper-server-start.sh[12911]: Unable to access datadir, exiting abnormally
Jul 30 10:13:19 server1.localdomain systemd[1]: zookeeper.service: Main process exited, code=exited, status=3/NOTIMPLEMENTED
Jul 30 10:13:19 server1.localdomain systemd[1]: zookeeper.service: Failed with result 'exit-code'.
What am I missing here?

In the configuration file, this line
dataDir=/var/zookeeper/
appears twice. Removing that line solves the issue.

Kafka broker shut down even though the log dirs are present

When I saw this error message:
ERROR Shutdown broker because all log dirs in /tmp/kafka-logs have failed (kafka.log.LogManager)
The first thought is "well the /tmp directory probably got cleared out by the O/S (linux) - so I should update the kafka config to point to something permanent. However the directory is present and has not been wiped:
ll /tmp/kafka-logs/
total 20
drwxrwxr-x 2 ec2-user ec2-user 38 Apr 7 16:56 __consumer_offsets-0
drwxrwxr-x 2 ec2-user ec2-user 38 Apr 7 16:56 __consumer_offsets-7
drwxrwxr-x 2 ec2-user ec2-user 38 Apr 7 16:56 __consumer_offsets-42
..
drwxrwxr-x 2 ec2-user ec2-user 38 Apr 7 16:56 __consumer_offsets-32
drwxrwxr-x 2 ec2-user ec2-user 141 Apr 12 02:49 flights_raw-0
drwxrwxr-x 2 ec2-user ec2-user 178 Apr 12 08:25 air2008-0
drwxrwxr-x 2 ec2-user ec2-user 141 Apr 12 13:38 testtopic-0
-rw-rw-r-- 1 ec2-user ec2-user 1244 Apr 17 22:29 recovery-point-offset-checkpoint
-rw-rw-r-- 1 ec2-user ec2-user 4 Apr 17 22:29 log-start-offset-checkpoint
-rw-rw-r-- 1 ec2-user ec2-user 1248 Apr 17 22:30 replication-offset-checkpoint
So then what does this actually mean, why is it happening and what should be done to correct/avoid the error?

In related question best answer suggests to delete log dir both for Kafka /tmp/kafka-logs and Zookeper /tmp/zookeeper.
Probably it's because of Kafka issue which was resolved in August 2018.
Hope this will help.

How to upgrade zookeeper from from 3.4.8 to 3.4.13?

I am trying to upgrade zookeeper from 3.4.8 to 3.4.13.
Before upgrade the content of /usr/lib/zookeeper
drwxr-xr-x 5 root root 4.0K Aug 23 08:39 .
drwxr-xr-x 77 root root 12K Aug 23 08:50 ..
drwxr-xr-x 2 root root 4.0K Aug 23 08:39 bin
lrwxrwxrwx 1 root root 19 May 24 11:25 conf -> /etc/zookeeper/conf
drwxr-xr-x 2 root root 4.0K Aug 23 08:39 lib
-rw-r--r-- 1 root root 12K May 24 11:25 LICENSE.txt
-rw-r--r-- 1 root root 170 May 24 11:25 NOTICE.txt
-rw-r--r-- 1 root root 1.3M Aug 23 08:39 zookeeper-3.4.8.jar
lrwxrwxrwx 1 root root 38 Aug 23 08:39 zookeeper.jar -> /usr/lib/zookeeper/zookeeper-3.4.8.jar
As mentioned in answer I have downloaded the zookeeper from this link and placed the zookeeper-3.4.13.jar in /usr/lib/zookeeper and pointed the symbolic link like below
lrwxrwxrwx 1 root root 39 Aug 30 03:19 zookeeper.jar -> /usr/lib/zookeeper/zookeeper-3.4.13.jar
But on checking the status after resarting zookeeper it is still pointing to 3.4.8
ubuntu#vrni-platform:/etc/zookeeper/conf$ telnet localhost 2181
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
status
Zookeeper version: 3.4.8--1, built on 02/06/2016 03:18 GMT
It appears this is because of the way the jars are loaded from /usr/lib/zookeeper/bin/zkEnv.sh
#release tarball format
for i in "$ZOOBINDIR"/../zookeeper-*.jar
do
CLASSPATH="$i:$CLASSPATH"
done
Can someone let me know is this some known issue is zkEnv.sh? Is this expected?

This has been answered in zookeeper mailing list. We should not have multiple zookeeper-<version>.jar in the CLASSPATH.

varnish 4.1 default.vcl permissions denied

When I'm trying to add magento 2 varnish.vcl file by creating a symbolic link, varnish service stop working with error permission denied, while if I use default varnish configuration file varnish works smooth.
My Stack is ubuntu 16.04, varnish 4.1
ls -al
drwxr-xr-x 2 root root 4096 Mar 21 13:14 .
drwxr-xr-x 96 root root 4096 Mar 21 12:56 ..
lrwxrwxrwx 1 root root 44 Mar 21 13:14 default.vcl -> /var/www/bazaar/varnish.vcl
-rw-r--r-- 1 root root 1225 Aug 22 2017 default.vcl_bak
-rw-r--r-- 1 root root 37 Mar 21 12:56 secret
here is the status for varnish service
● varnish.service - Varnish HTTP accelerator
Loaded: loaded (/lib/systemd/system/varnish.service; enabled; vendor preset: enabled)
Drop-In: /etc/systemd/system/varnish.service.d
└─customexec.conf
Active: failed (Result: exit-code) since Wed 2018-03-21 13:59:08 UTC; 2s ago
Docs: https://www.varnish-cache.org/docs/4.1/
man:varnishd
Process: 3093 ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m (code=exited, status=2)
Main PID: 3093 (code=exited, status=2)
Mar 21 13:59:08 bazaar systemd[1]: Stopped Varnish HTTP accelerator.
Mar 21 13:59:08 bazaar systemd[1]: Started Varnish HTTP accelerator.
Mar 21 13:59:08 bazaar varnishd[3093]: Error: Cannot read -f file (/etc/varnish/default.vcl): Permission denied
Mar 21 13:59:08 bazaar systemd[1]: varnish.service: Main process exited, code=exited, status=2/INVALIDARGUMENT
Mar 21 13:59:08 bazaar systemd[1]: varnish.service: Unit entered failed state.
Mar 21 13:59:08 bazaar systemd[1]: varnish.service: Failed with result 'exit-code'.
my current user for nginx is bazaar
and permissions for varnish.vcl is as follow
-rw-r--r-- 1 bazaar bazaar 7226 Mar 21 13:24 varnish.vcl
Any hint or help will be highly appreciated.
Thanks.

It is likely that the user (vcache) does not have access to read in the parent directory(s) /var/www/bazaar.

Monitor kafka with Prometheus and Grafana

I have followed the below steps to monitor kafka with Prometheus and Grafana.
jmx port not get opened
wget http://ftp.heanet.ie/mirrors/www.apache.org/dist/kafka/0.10.1.0/kafka_2.11-0.10.1.0.tgz
tar -xzf kafka_*.tgz
cd kafka_*
wget https://repo1.maven.org/maven2/io/prometheus/jmx/jmx_prometheus_javaagent/0.6/jmx_prometheus_javaagent-0.6.jar
wget https://raw.githubusercontent.com/prometheus/jmx_exporter/master/example_configs/kafka-0-8-2.yml
./bin/zookeeper-server-start.sh config/zookeeper.properties &
KAFKA_OPTS="$KAFKA_OPTS -javaagent:$PWD/jmx_prometheus_javaagent-0.6.jar=7071:$PWD/kafka-0-8-2.yml"
./bin/kafka-server-start.sh config/server.properties &
Then i have the checked with curl http://localhost:7071/metrics in the terminal
it reports curl: (7) Failed connect to localhost:7071; Connection refused
Currently i have opened all my ports to my network in the server.
while i m checking with netstat -tupln | grep LISTEN
port number 7071 was not listed in the output
The below is the kafka directory's contents:
drwxr-xr-x. 3 root root 4096 Aug 23 12:22 bin
drwxr-xr-x. 2 root root 4096 Oct 15 2016 config
-rw-r--r--. 1 root root 20356 Aug 21 10:50 hs_err_pid1496.log
-rw-r--r--. 1 root root 19432 Aug 21 10:55 hs_err_pid2447.log
-rw-r--r--. 1 root root 1225418 Feb 5 2016 jmx_prometheus_javaagent-0.6.jar
-rw-r--r--. 1 root root 2824 Aug 21 10:48 kafka-0-8-2.yml
drwxr-xr-x. 2 root root 4096 Aug 21 10:48 libs
-rw-r--r--. 1 root root 28824 Oct 5 2016 LICENSE
drwxr-xr-x. 2 root root 4096 Oct 11 15:05 logs
-rw-------. 1 root root 8453 Aug 23 12:08 nohup.out
-rw-r--r--. 1 root root 336 Oct 5 2016 NOTICE
drwxr-xr-x. 2 root root 46 Oct 15 2016 site-docs
kafka is running in 2181 port and zookeeper is also running

If you do not mind opening up the jmx port, you can also do it like this:
export JMX_PORT=9999
export KAFKA_JMX_OPTS=-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.rmi.port=9999'
./bin/kafka-server-start.sh config/server.properties &
java -jar jmx_prometheus_httpserver-0.10-jar-with-dependencies.jar 9300 kafka-0-8-2.yaml &
The jar-with-dependencies you build from the source with mvn package.

I had the same problem when setting KAFKA_OPTS environment variable in the bash. The worse situation is when you add the environment variable to ~/.profile file. The problem with this approach is that the KAFKA_OPTS is used for both kafka-server-start.sh and zookeeper-server-start.sh so when you start Zookeeper, port 7071 will be used by Zookeeper for exporting metrics. Then, when you run Kafka you will receive the "7071 port is in use error".
I solved the problem by setting the environment at systemd service file. I described it at my article last week:
[Unit]
...
[Service]
...
Restart=no
Environment=KAFKA_OPTS=-javaagent:/home/morteza/myworks/jmx_prometheus_javaagent-0.9.jar=7071:/home/morteza/myworks/kafka-2_0_0.yml
[Install]
...