question

Upvotes
Accepted
1 1 0 2

Unable to cleanup old datafusion cluster from launchpad- Please help

launchpad-error1.png launchpad-error2.png

Hi,

We are unable to destroy our old DF cluser from launchpad. Our objective to delete the old cluster and provision the newer version.

While trying to delete from launchpad it shows errro "Something went wrong, don’t worry we have been notified and looking into this issue". (attached screenshot). We have deleted all EC2 instances, S3 buckets, VPC and corresponds all resources manually from AWS, but still we receive same above error. Can you please help us delete the old cluster? This cluster was built with Kamran's email "kamran.shams@thomsonreuters.com"

Thanks.

with regards,

Tarun Biswas

data-fusion
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
Accepted
270 2 4 4

Hi Tarun,

As Eric mentioned, the TR-Sandbox environment is not supported by Launchpad.

However, you may be able to use DDS-Test (our test sandbox) for your PoC.

Please contact Brian Rohan about your PoC goals and to get access to the DDS-Test Instance.

Thank you,
Heather

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
116 1 0 2

Hi Tarun,

It looks like the aws keys may have expired that were used to create the instance. I've manually deleted the record now and you should be good to go if you've deleted all the resources in your aws account as well.

Thanks,

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

@Eric.Helgeson

Hi Eric,

Thanks for your reply.

We have tried to provision the new DF cluster from launchpad with new AWS key but its failed with error " We could not validate your AWS credential . Please try again". We have tried again with another set of new AWS key with region us-east-1, its failed with same error(attached). Are we doing any different process? Last time we had provisioned in same way. Please help us.

Thanks.

with regards,

Tarun

@Eric.Helgeson

Hi Eric,

Thanks for your reply.

We have tried to provision the new DF cluster from launchpad with new AWS key but its failed with error " We could not validate your AWS credential . Please try again". We have tried again with another set of new AWS key with region us-east-1, its failed with same error(attached). Are we doing any different process? Last time we had provisioned in same way. Please help us.

Thanks.

with regards,

Tarun

Upvotes
116 1 0 2

Hi Tarun,

This is the raw error, it seems your user does not have permission to do certin actions in AWS. Also, are you using tr-sandbox? That environment is not supported by launchpad.

2017-09-20 06:56:07.529 ERROR --- [io-5000-exec-10] c.t.d.launchpad.ClusterJobService : Failed to validate AWS Keys for 13837c40-9277-4a9e-bdd7-8df29d87772f: User: arn:aws:sts::443862268467:assumed-role/202578-PowerUser/kamran.shams@thomsonreuters.com is not authorized to perform: iam:GetAccountAuthorizationDetails on resource: * (Service: AmazonIdentityManagement; Status Code: 403; Error Code: AccessDenied; Request ID: c6e9357a-9dd0-11e7-a05d-f732bc01275e) 
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
1 1 0 2

@Eric.Helgeson,

Hi Eric,

Thank you for your support. Yes, we are using tr-sandbox to provision the DF because our earlier datafusion cluster was configured on tr-sandbox only. We are in stage of POC so we will not get the prod or non-prod access that needs a cost center id. Is there anyway you can help us to complete this POC? Once again

Once again thank you for your help.

with regards,

Tarun

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
1 1 0 2

@Eric.Helgeson

Hi Eric,

Can you please help me to confirm , If my MGMT account is associated with non-prod environment( NOT tr-sandbox) and have access as 202578-PowerUser, would I be able to provision new DF cluster ? I have asked our management to give cost center to update my account with non-prod access so that I can provision the new DF.

Thank you Eric.

with regards,

Tarun

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
1 1 0 2

Hi Heather,

Thank you for your response.

Our Market development team wants a DF cluster for POC and DEMO purpose for the clients as when require. So we have decided to configure at non-prod environment. Just to confirm , is this non-prod environment supported by launchpad ?

However as advice by you , I will talk to Brian Rohan for our POC goals.

Once again thank you for the guidance and help.

with regards,

Tarun

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
270 2 4 4

Hi Tarun,

In response to the question prior, re: using an AWS environment outside of TR-Sandbox. Below are the AWS permissions you will need to utilize Launchpad.


Create:

Permission,Resource
AllocateAddress,EC2 EIP
AssociateRouteTable,EC2 RouteTable
AttachInternetGateway,EC2 InternetGateway
AuthorizeSecurityGroupEgress,EC2 SecurityGroup
AuthorizeSecurityGroupIngress,EC2 SecurityGroup
CreateInternetGateway,EC2 InternetGateway
CreateNatGateway,EC2 NatGateway
CreateRoute,EC2 RouteTable
CreateRouteTable,EC2 RouteTable
CreateRouteTable,EC2 VPC
CreateSecurityGroup,EC2 SecurityGroup
CreateSecurityGroup,EC2 VPC
CreateSubnet,EC2 Subnet
CreateSubnet,EC2 VPC
CreateTags,
CreateVpc,EC2 VPC
DeleteInternetGateway,EC2 InternetGateway
DeleteKeyPair,EC2 KeyPair
DeleteRouteTable,EC2 RouteTable
DeleteSecurityGroup,EC2 SecurityGroup
DeleteVpc,EC2 VPC
DetachInternetGateway,EC2 InternetGateway
ImportKeyPair,EC2 KeyPair
ModifyInstanceAttribute,EC2 Instance
ModifyVpcAttribute,EC2 VPC
ReleaseAddress,EC2 EIP
RevokeSecurityGroupEgress,EC2 SecurityGroup
RunInstances,EC2 Ami

Destroy

Permission,Resource
DeleteInternetGateway,EC2 InternetGateway
DeleteKeyPair,EC2 KeyPair
DeleteNatGateway,EC2 NatGateway
DeleteRouteTable,EC2 RouteTable
DeleteSecurityGroup,EC2 SecurityGroup
DeleteSubnet,EC2 Subnet
DeleteVpc,EC2 VPC
DetachInternetGateway,EC2 InternetGateway and 1 more
DisassociateRouteTable,EC2 SubnetRouteTableAssociation
ReleaseAddress,EC2 EIP
TerminateInstances,EC2 Instance
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
59 5 1 5

Hi there,

I am trying to delete an instance (54.241.175.235/) previously created using Launchpad and am facing the same issue described here. Would you be able to support in deleting the instance?

Many thanks,

Lucas

@heather.benoit

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
1 0 0 0

Hi, @l.carstens

I've tracked down the issue you're having, and it definitely appears to be an invalid/expired key. I have deleted the record in the Launchpad database, so you should not be able to access this instance anymore. Before creating a new cluster, would you please verify the following steps on your AWS account to ensure the old cluster is destroyed:

  • Note UUID = d0d701c7-145d-4f4d-912c-b45c2dcc6b67
  • Find the instance with the corisponding UUID in the ssh key name.
  • Make note of the vpc id (eg: vpc-123456)
  • Terminate the 3 instances.
  • Delete the VPC - This will delete all networking components
  • Delete the EIP
  • Delete the S3 bucket with the corresponding cluster UUID.

This should ensure you have a clean space for a new cluster.

Thanks,

Tad

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.