...

This section describes some information that could become relevant during the operation of a cloud BYOL VE license server and the corresponding Charon -SSP emulator products.

Contents

Sentinel/Gemalto

...

Tools not Applicable to the

...

VE License Server

The Charon-SSP version, Any Sentinel/Gemalto-specific license tools are available when installing the management packages for the BYOL-capable Charon-SSP emulator packages. These tools are in particular the following:provided with the emulator installation are not applicable to the VE license server configuration.

Sentinel/Gemalto-specific tools and configuration options in Charon emulator kits:

In Charon emulator kits, the Sentinel/Gemalto-specific license tools and configuration options are available when installing the complete emulator packages. These tools and options are in particular the following:

• Charon-SSP:
  • HASP Viewer, HASP Updater, and HASP Manager in the Tools > HASP Tools menu of the Charon Manager
  • The Regular and Backup License parameter in the emulator license configuration section
  • The command-line tools in /opt/charon-agent/ssp-agent/utils/license

The above tools cannot be used for managing Charon-SSP BYOL licenses. Please ignore them if you have a BYOL license.

Actions that can Invalidate a Cloud BYOL License

...

Starting and Stopping the License Server

...

• Charon-PAR:
  • The command-line tools in /opt/charon/bin (including the update tool hasp_update, and the license viewer and C2V creation tool hasp_srm_view)
    
  • The license_id configuration parameter is not supported. To choose a specific product section, the passphrase of the section is used.

The above tools and commands cannot be used for managing VE licenses. Please ignore them if you have a VE license.

Actions that Can Invalidate a VE License

Starting and Stopping the License Server

Please note: In versions before 1.0.17, the license server can only be started if a valid license is installed.

...

• Starting the license server:     # systemctl start licensed
• Stopping the license server:   # systemctl stop licensed
• Restarting the license server: # systemctl restart licensed

The licensed service logs information to its log file in /opt/license-server/log/license.log and to journalctl.

Primary and Backup License Server / Peer Servers

General Information

Charon -SSP emulators for BYOL VE licenses support a backup license server to ensure service continuity should the primary backup license server become temporarily unavailable. Backup The primary/backup servers in general VE license mode operate differently from the peer servers of AutoVE mode:

• For general VE license mode, backup licenses are typically limited to a certain number of emulator runtime hours.

...

The example below shows the output of such a license:

# /opt/license-server/license_viewer 
<<License Viewer>> Current license:
KEYSEC
K_FINGER=123db1ec91a1526c40da028b9e68e5abaadc70c62719af0f6ef1f2cfd2c85bba
K_LICENSE_ID=01.00000001.002.045
K_TYPE=COUNTDOWN
K_EXPIRED=100
K_CUSTOMER=Stromasys/Testing
K_PLATFORM=amazon.aws
K_R_DATE=1593308906
K_INTERVAL=60
KEYEND
PRODSEC
P_NAME=Charon-SSP/4U,Charon-SSP/4U+,Charon-SSP/4V,Charon-SSP/4V+
P_CODE=test
P_MAJV=4
P_MINV=2
P_CPU_NUM=4
P_MAX_MEM=4096MB
P_INSTANCE=4
PRODEND
PRODSEC
P_NAME=Charon-SSP/4M
P_CODE=test
P_MAJV=4
P_MINV=2
P_CPU_NUM=4
P_MAX_MEM=512MB
P_INSTANCE=4
PRODEND

Note the parameters K_TYPE=COUNTDOWN and K_EXPIRED=100. They indicate that this is a backup license with 100 hours of emulator runtime.

Backup License Server Operation

Should the primary license server become unavailable, the emulator tries to connect to the backup license server. If this succeeds, the emulator continues to run without interruption. If no connection to a valid license can be established within 2 hours, the emulator will stop.

Please note: If you do not have a valid backup license and the primary license server is unavailable for more than 2 hours, make sure to shut down the Solaris guest operating system cleanly before the end of the grace period. Failure to do so may cause data loss or corruption.

If the primary license server becomes available again after the emulator has switched to the backup server, the emulator will automatically switch back to the primary server to avoid unnecessary depletion of the backup license runtime hours.

Log Files

Log files provide important information about the operation of the license server and the Charon-SSP software. In case of problems, this is the first place to check.

License Server Log File

Log File Location

The license server log file is stored under /opt/license-server/license_log

The log file is called license.log. At every license server start, a new version of the log file is created and the previous file is rotated to license.log.1. Other existing versions are rotated accordingly.

Log File Samples

Normal startup:

...

...

• The backup license server is only used for failover if the primary license server fails in order not to deplete the available runtime hours unnecessarily.
• For AutoVE mode, the two license servers act as peers between which the client database is synchronized. The total number of instances available on both servers determines the number of Charon host cloud instances that can be licensed from the license server pair. Each instance can connect to either of the two servers. However, if one of the peers fails and there are not enough available instances on the second peer, there is no backup for an instance trying to fail over to the second  peer due to failure of its primary server - and the emulators running on this instance will fail. The license on the server designated as backup server can be a countdown license (specified number of runtime hours) or a normal license.

The example below shows the output of a time-limited license:

# /opt/license-server/license_viewer 
<<License Viewer>> Current license:
License fingerprint: 07792211fc8ce3fdc085 <truncated>
Customer name: Stromasys
License ID: 01.00000001.002.020
Key type: COUNTDOWN
Expiration date: 100 hour(s)
Platform: amazon.aws
Release date: 2021-06-17 13:08:01
Grace period: 120 minutes
License check interval: 60 minutes

Virtual Hardware: Charon-SSP/4M,Charon-SSP/4U
Product code: Charon-SSP/ALL
Expiration date: 2021-12-22 23:55:00
Major Version: 5
Minor Version: 3
Maximum CPU: 64
Maximum virtual memory: 1048576MB
Instances allowed: 3

The above sample is a backup license with 100 hours of emulator runtime. The remaining hours can be checked via the web interface.

Backup License Server Operation

Should the primary license server become unavailable, the emulator tries to connect to the backup license server. If this succeeds, the emulator continues to run without interruption. If no connection to a valid license can be established within the grace period, after the loss of the license has been detected, the emulator will stop. The grace period is defined on the license. Check the license content for the actual value configured (default for new licenses is 24 hours, but the actual configuration may be different).

Please note: If you do not have a valid backup license and the primary license server is unavailable for more than the grace period, make sure to shut down the guest operating system cleanly before the end of the grace period. Failure to do so may cause data loss or corruption.

If the primary license server becomes available again after the emulator has switched to the backup server, the emulator will automatically switch back to the primary server to avoid unnecessary depletion of the backup license runtime hours in VE license server mode.

Log Files

Log files provide important information about the operation of the license server and the Charon emulator software. In case of problems, this is the first place to check.

License Server Log File

Log File Location

License server log file /opt/license-server/log/license.log

At every license server start, a new version of the log file is created and the previous file is rotated to license.log.1. Other existing versions are rotated accordingly.

Log File Samples

Normal startup:

2020-01-16 09:00:43 INFO    MAIN     Build time: Jan 16 2020 10:54:15
2020-01-16 09:00:44 INFO    MAIN     License server is ready to serve.

No valid license installed:

2020-01-10 12:17:19 INFO     MAIN     License server is ready to serve.

...

MAIN     Build time: Jan 10 2020 17:22:12
2020-01-10 12:17:19 ERROR   License  license is not available.
2020-01-10 12:17:19 INFO    MAIN     The program is terminated.

Client connection log (new in 1.0.28):

2020-10-02 21:46:29 INFO    MAIN     License server is ready to serve.
2020-10-03 01:31:09 INFO    Server   CHARON-SSP/4U v4.1.32 has logged in from 127.0.0.1:40704.
2020-10-03 01:45:21 INFO    Server   CHARON-SSP/4U v4.1.32 from 127.0.0.1:40704 has been disconnected

Charon-SSP Emulator Log Files

Log File Location

The default emulator log file location is /opt/charon-agent/ssp-agent/ssp/<architecture/<vm-name>/.

• <architecture> can be sun-4m, sun-4u, or sun-4v.
• <vm-name> is the name of the emulated SPARC system.

The log file is called <vm-name>.log. At every emulator start, a new version of the log file is created and the previous file is rotated to <vm-name>.log.1. Other existing versions are rotated accordingly. The number of retained files is determined by the log configuration of the emulated SPARC system.

Please note: The log file path can be changed by the user to a non-default value.

Log File Samples

Working license found during emulator start:

2020-07-16 21:25:10 INFO  VE       Trying to login to license server: 127.0.0.1
2020-07-16 21:25:13 INFO  VE       Connected with license server: 127.0.0.1
2020-07-16 21:25:13 INFO  VE       Found available license ID: 01.00000001.002.044.
2020-07-16 21:25:13 INFO  VE       Customer name: Stromasys/Testing.
2020-07-16 21:25:13 INFO  VE       Virtual hardware model Charon-SSP/4M is licensed.
2020-07-16 21:25:13 INFO  VE       Maximum concurrent instances are limited to 4.
2020-07-16 21:25:13 INFO  VE       Maximum allowed virtual CPU(s) are 4.
2020-07-16 21:25:13 INFO  VE       Maximum allowed virtualized memory is 512 MB.
2020-07-16 21:25:13 INFO  VE       Major allowed version number is 4.
2020-07-16 21:25:13 INFO  VE       Minor allowed version number is 2.
2020-07-16 21:25:13 INFO  VE       Expiration UTC time: 2020-12-31 15:55:00.

Connection to license server lost temporarily and then restored:

(License loss detected)

2020-07-16 22:25:56 ERROR VE       Failed to connect with the license server!
2020-07-16 22:25:56 WARN  VE       Charon will be terminated within 2 hours!

(License server connection restored)

2020-07-16 23:26:01 INFO  VE       Connected with license server: 127.0.0.1
2020-07-16 23:26:01 INFO  VE       Found available license ID: 01.00000001.002.044.
2020-07-16 23:26:01 INFO  VE       Customer name: Stromasys/Testing.
2020-07-16 23:26:01 INFO  VE       Virtual hardware model Charon-SSP/4M is licensed.
2020-07-16 23:26:01 INFO  VE       Maximum concurrent instances are limited to 4.
2020-07-16 23:26:01 INFO  VE       Maximum allowed virtual CPU(s) are 4.
2020-07-16 23:26:01 INFO  VE       Maximum allowed virtualized memory is 512 MB.
2020-07-16 23:26:01 INFO  VE       Major allowed version number is 4.
2020-07-16 23:26:01 INFO  VE       Minor allowed version number is 2.
2020-07-16 23:26:01 INFO  VE       Expiration UTC time: 2020-12-31 15:55:00.
2020-07-16 23:26:01 INFO  VE       Local UTC time: 2020-07-16 15:26:01.
2020-07-16 23:26:01 INFO  VE       The license is verified, back to normal operation.

Please note: The output shows a 2 hour grace period. The grace period implementation and defaults changed several times. Since VE version 1.1.12, the grace period is determined by the corresponding license parameter (please check the license content for the value configured on your license). If a valid license has not become available before the end of the grace period, the emulator will be stopped.

Switch to backup license server:

2020-0106-1029 1218:1708:19 INFO25 ERROR VE  MAIN   Failed to Buildconnect time:with Janthe 10 2020 17:22:12license server!
2020-0106-1029 1218:17:19 ERROR08:25 INFO  VE   License  FailedTrying to retrievelogin to license server: 127.0.0.1
2020-0106-1029 1218:1708:1934 INFOERROR VE   MAIN  Failed to connect Thewith programthe is terminated.

Switch to backup license server:

license server!
2020-06-29 18:08:2543 WARN ERROR BYOLVE     FailedCharon towill connectbe withterminated thewithin license2 serverhours!
2020-06-29 1819:08:2557 INFO  BYOLVE     TryingConnected to loginwith to license server: 127172.031.040.162
2020-06-29 1819:08:34 ERROR BYOL57 INFO  VE     Found available  Failed to connect with the license server!
2020-06-29 18:08:43 WARN  BYOL     Charon will be terminated within 2 hours!
2020-06-29 19:08:57 INFO  BYOL     Connected with license server: 172.31.40.62
2020-06-29 19:08:57 INFO  BYOL     Found available license ID: 01.00000001.002.045.

Charon-SSP Emulator Log Files

Log File Location

The default emulator log file location is /opt/charon-agent/ssp-agent/ssp/<architecture/<vm-name>/.

• <architecture> can be sun-4m, sun-4u, or sun-4v.
• <vm-name> is the name of the emulated SPARC system.

The log file is called <vm-name>.log. At every emulator start, a new version of the log file is created and the previous file is rotated to <vm-name>.log.1. Other existing versions are rotated accordingly. The number of retained files is determined by the log configuration of the emulated SPARC system.

...

license ID: 01.00000001.002.045.

License Server version mismatch:

The software checks for compatible protocol versions between license server and emulator software. It logs an error if the versions are not compatible.

The following messages may logged in older versions:

2020-01-16 11:24:38 WARN  VE  Failed to get data from license server!

2021-08-10 17:03:42 FATAL VE       License server is unavailable!

Newer versions have a more descriptive error message:

2021-08-10 17:16:41 ERROR VE       License protocol version is invalid.

Charon-PAR Emulator Log Files

The default location for the Charon-PAR emulator log files is the directory in which the emulator was started. The name and location can be influenced via the configuration file and using a start-up parameter.

By default log file name is charon-par.<YYMMDD>-<timestamp>-<incremental number>.log.

The link charon-par.log points to the current log file.

Log File Samples

Working license found during emulator start:

2020-01-16 11:37:33 INFO  License  Found avaliable license, License ID:01.00000002.001.001.
2020-01-16 11:37:33 INFO  License  Customer name is Cust1.
2020-01-16 11:37:33 INFO  License  Virtual hardware model Charon-SSP/4V is licensed.
2020-01-16 11:37:33 INFO  License  Maximum concurrent instances are limited to 4.
2020-01-16 11:37:33 INFO  License  Maximum allowed virtual CPU(s) are 4.
2020-01-16 11:37:33 INFO  License  Maximum allowed virtualized RAM is 8192 MB.
2020-01-16 11:37:33 INFO  License  Major version number is 4.
2020-01-16 11:37:33 INFO  License  Minor version number is 1.
2020-01-16 11:37:33 INFO  License  Expiration UTC time: 01-May-2020.

Connection to license server lost temporarily and then restored:

(License loss detected)

2020-01-13 22:57:53 ERROR License  Failed to connect with license server!
2020-01-13 22:57:53 WARN  License  Charon will be shutdown within 2 hours!

(License server connection restored)

2020-01-13 23:57:56 INFO  License  Found avaliable license, License ID:01.00000002.001.001.
2020-01-13 23:57:56 INFO  License  Customer name is Cust1.
2020-01-13 23:57:56 INFO  License  Virtual hardware model Charon-SSP/4V is licensed.
2020-01-13 23:57:56 INFO  License  Maximum concurrent instances are limited to 4.
2020-01-13 23:57:56 INFO  License  Maximum allowed virtual CPU(s) are 4.
2020-01-13 23:57:56 INFO  License  Maximum allowed virtualized RAM is 8192 MB.
2020-01-13 23:57:56 INFO  License  Major version number is 4.
2020-01-13 23:57:56 INFO  License  Minor version number is 1.
2020-01-13 23:57:56 INFO  License  Expiration UTC time: 01-May-2020.
2020-01-13 23:57:56 INFO  License  The program runtime environment restored, back to normal operation.

Please note: The output shows a 2 hour grace-period. This is applicable to Charon-SSP versions 4.1.21 and later. In earlier versions the grace-period was 24 hours. This is no longer needed because a backup license server can now be configured (since Charon-SSP version 4.1.19). If a valid license has not become available before the end of the grace period, the emulator will be stopped.

License Server version mismatch:

The following message is logged in older versions. Newer versions may have a more descriptive error message.

2020-01-16 11:24:38 WARN  License  Failed to get data from license server!

Please note: The software checks for for compatible protocol versions between license server and emulator software. It logs an error if the versions are not compatible. Compatible versions are required for the emulator to verify the license and to run.start:

20211213:120216.970965:Trying to login to license server: 127.0.0.1
20211213:120219.975731:License allowed CPUs: 8.
20211213:120219.975746:License allowed memory size: 32768.
20211213:120219.979873:Connected with license server: 127.0.0.1
20211213:120219.979900:Found available license ID: 03.00000003.002.006.
20211213:120219.979908:Customer name: Stromasys
20211213:120219.979915:Grace period is 120 minutes.
20211213:120219.979928:Virtual hardware model Charon-PA9-64-L4 is licensed.
20211213:120219.979937:Maximum concurrent instances are limited to 10.
20211213:120219.979950:Maximum allowed virtual CPU(s) are 8.
20211213:120219.979959:Maximum allowed virtualized memory is 32768 MB.
20211213:120219.979967:Major allowed version number is 3.
20211213:120219.979976:Minor allowed version number is 0.
20211213:120219.979988:Expiration UTC time: 2022-06-08 23:55:00.
20211213:120219.980216:Product Name = Charon-PA9-64-L4 License key ID = 03.00000003.002.006.

License server not found at start:

20211214:193342.307175:VE primary license 192.168.2.2
20211214:193342.307701:There is no VE backup server.
20211214:193342.334171:Trying to login to license server: 192.168.2.2
20211214:193351.337196:warn:Unable to login to server because the license server failed to respond
20211214:193351.337392:err:Failed to connect with the license server.
20211214:193351.337457:err:Failed to connect with the license server.
20211214:193351.337509:err:Exit
20211214:193351.339823:err:Invalid license product name

Charon-AXP/VAX Emulator Log Files

The default location for the Charon-AXP/VAX emulator log files on Linux (Linux is required for VE licensing): if the setting of the template configuration is used, the default is the directory from which the emulator instance was started.

The name and location can be influenced via the configuration file.

By default log file name is <model-name>.log.

Management GUI Web Server Log File

This log file contains errors encountered by the web server providing the management GUI of the VE license server.

Log file location: /opt/license-server/log/webserver.log

Sample content:

$ cat /opt/license-server/log/webserver.log

<attempt to start the license server a second time>
[1636549131] [error] [client ] cannot bind to 80: 98 (Address already in use)
[1636549131] [error] [client ] cannot bind to 8084s: 98 (Address already in use)
[1636549131] [error] [client ] Failed to setup server ports

<restart of the license server>
[1636551531] [error] [client 192.168.2.80] SSL syscall error 104
[1636551532] [error] [client 192.168.2.80] SSL syscall error 104