Closed xiaoyan-huang-bhc3 closed 4 years ago
ayasuda2OO3
commented
4 years ago Thanks for raising the issue in the kb. @crysxyh
This document is outdated. Please refer to the internal agent repo for the usage.
Beginning the #203 release, the -hst has become mandatory in the gateway mode. (Refer to the example here) Please update the gateway flags and see if it works for you. Thank you.
xiaoyan-huang-bhc3
commented
4 years ago Thanks @ayasuda2003 ! I have followed the examples you provided. Looks like the group id is missing in both client and server. I added it by myself. However, still have the same error.
Gateway Script
./ecagent_linux_var -mod gateway -gpt ${PORT} -zon <ec-zone-id> -sst https://<ec-zone-id>.run.aws-usw02-pr.ice.predix.io -dbg -tkn <admin-token> = -hst wss://gateway-<ec-zone-id>.run.aws-usw02-pr.ice.predix.io/agentServer Script
./ecagent_linux_var -mod server -aid vzLQ3I -grp <ec-zone-id> -hst wss://gateway-<ec-zone-id>.run.aws-usw02-pr.ice.predix.io/agent -rht <postgres-url> -rpt 5432 -cid <uaa-client-id> -csc <uaa-client-secret> -oa2 <uaa-oa2-url> -dur 300 -dbg -hca ${PORT} -zon <ec-zone-id> -sst https://<ec-zone-id>.run.aws-usw02-pr.ice.predix.ioClient Script
./ecagent_linux_var -mod client -aid 5Igjns -grp <ec-zone-id> -hst wss://gateway-<ec-zone-id>.run.aws-usw02-pr.ice.predix.io/agent -lpt 15524 -tid vzLQ3I -oa2 <uaa-oa2-url> -cid <uaa-client-id> -csc <uaa-client-secret> -dur 300 -dbgERROR
GC02SRJ0RGTFME:client xiaoyan$ ./ec.sh
[
▄▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄▄
▐░░░░░░░░░░░▌▐░░░░░░░░░░░
▐░█▀▀▀▀▀▀▀▀▀ ▐░█▀▀▀▀▀▀▀▀▀
▐░▌ ▐░▌
▐░█▄▄▄▄▄▄▄▄▄ ▐░▌
▐░░░░░░░░░░░▌▐░▌
▐░█▀▀▀▀▀▀▀▀▀ ▐░▌
▐░▌ ▐░▌
▐░█▄▄▄▄▄▄▄▄▄ ▐░█▄▄▄▄▄▄▄▄▄
▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌
▀▀▀▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀▀▀▀ @Digital Connect
]
[EC Debug] 2019/12/03 22:24:29 []interface {}=>[logging level is set to debug mode; log files will be generated as /Users/xiaoyan/.ec/connectivity.log /Users/xiaoyan/.ec/plugin.log]
[EC Client] 2019/12/03 22:24:29 [Rev: v1.hokkaido.212]
[EC Client] 2019/12/03 22:24:29 [Agent websocket compression is being negotiated at level 0]
[EC Client] 2019/12/03 22:24:29 [refresh duration is specified. Token auto-refresh is set.]
[EC Client] 2019/12/03 22:24:29 [Fetching new token..]
[EC Debug] 2019/12/03 22:24:29 []interface {}=>[eyJhbGciOiJSUzI1NiIsImtpZCI6IkJqZEtGIiwidHlwIjoiSldUIn0.eyJqdGkiOiI3N2FlYjNkODllOGY0ZmY0YThjYTM3OWIwYjU1MGI2OSIsInN1YiI6ImNpY19jbGllbnRfZGV2Iiwic2NvcGUiOlsiZW50ZXJwcmlzZS1jb25uZWN0LnpvbmVzLmNkNGFhZTdjLTU0MzctNDk1ZS1iZTg5LTA2OTNmMTViODA1MS51c2VyIiwidGltZXNlcmllcy56b25lcy4zNjk5YzllMy0yMGQyLTQwN2QtODk0NC1mMWNhYTQxNDVmNTcudXNlciIsInByZWRpeC1hc3NldC56b25lcy5iYTI4Njg2OC03ZTM2LTQ5NjQtODJjZC01NjM1YTFiZDAzNGEudXNlciIsInNjaW0ubWUiLCJ1YWEucmVzb3VyY2UiLCJ0aW1lc2VyaWVzLnpvbmVzLjM2OTljOWUzLTIwZDItNDA3ZC04OTQ0LWYxY2FhNDE0NWY1Ny5pbmdlc3QiLCJvcGVuaWQiLCJ0aW1lc2VyaWVzLnpvbmVzLmE0YmI4ODgwLTE2YTItNGVmMi1hMzc2LTJmOTJmZGI2ZWY0NC5pbmdlc3QiLCJ0aW1lc2VyaWVzLnpvbmVzLjM2OTljOWUzLTIwZDItNDA3ZC04OTQ0LWYxY2FhNDE0NWY1Ny5xdWVyeSIsInRpbWVzZXJpZXMuem9uZXMuM2FlMmE4NjAtMzg5ZS00MDI5LTkwNzctZWIxMTY3N2FhMjIwLnVzZXIiLCJ0aW1lc2VyaWVzLnpvbmVzLmE0YmI4ODgwLTE2YTItNGVmMi1hMzc2LTJmOTJmZGI2ZWY0NC51c2VyIiwidGltZXNlcmllcy56b25lcy5hNGJiODg4MC0xNmEyLTRlZjItYTM3Ni0yZjkyZmRiNmVmNDQucXVlcnkiLCJhbmFseXRpY3Muem9uZXMuYmI1NDAwNjgtNDU2My00Zjc3LWI5MWYtOGJmM2FiYTdkNWZlLnVzZXIiLCJ0aW1lc2VyaWVzLnpvbmVzLjNhZTJhODYwLTM4OWUtNDAyOS05MDc3LWViMTE2NzdhYTIyMC5pbmdlc3QiLCJ0aW1lc2VyaWVzLnpvbmVzLjNhZTJhODYwLTM4OWUtNDAyOS05MDc3LWViMTE2NzdhYTIyMC5xdWVyeSJdLCJjbGllbnRfaWQiOiJjaWNfY2xpZW50X2RldiIsImNpZCI6ImNpY19jbGllbnRfZGV2IiwiYXpwIjoiY2ljX2NsaWVudF9kZXYiLCJncmFudF90eXBlIjoiY2xpZW50X2NyZWRlbnRpYWxzIiwicmV2X3NpZyI6ImRjYmYwODAxIiwiaWF0IjoxNTc1NDM3MDY5LCJleHAiOjE1NzU1MjEwNjksImlzcyI6Imh0dHBzOi8vMDc1YjA0MGEtMjc3Ni00MmE1LWE0ZTAtZmY3MzZlYzZhM2U2LnByZWRpeC11YWEucnVuLmF3cy11c3cwMi1wci5pY2UucHJlZGl4LmlvL29hdXRoL3Rva2VuIiwiemlkIjoiMDc1YjA0MGEtMjc3Ni00MmE1LWE0ZTAtZmY3MzZlYzZhM2U2IiwiYXVkIjpbInNjaW0iLCJhbmFseXRpY3Muem9uZXMuYmI1NDAwNjgtNDU2My00Zjc3LWI5MWYtOGJmM2FiYTdkNWZlIiwidWFhIiwicHJlZGl4LWFzc2V0LnpvbmVzLmJhMjg2ODY4LTdlMzYtNDk2NC04MmNkLTU2MzVhMWJkMDM0YSIsIm9wZW5pZCIsImVudGVycHJpc2UtY29ubmVjdC56b25lcy5jZDRhYWU3Yy01NDM3LTQ5NWUtYmU4OS0wNjkzZjE1YjgwNTEiLCJ0aW1lc2VyaWVzLnpvbmVzLjM2OTljOWUzLTIwZDItNDA3ZC04OTQ0LWYxY2FhNDE0NWY1NyIsInRpbWVzZXJpZXMuem9uZXMuM2FlMmE4NjAtMzg5ZS00MDI5LTkwNzctZWIxMTY3N2FhMjIwIiwiY2ljX2NsaWVudF9kZXYiLCJ0aW1lc2VyaWVzLnpvbmVzLmE0YmI4ODgwLTE2YTItNGVmMi1hMzc2LTJmOTJmZGI2ZWY0NCJdfQ.U7fttCKb6OZve9aQf93gXfBlq0IEB9lxLohrRVw1TdQPAJMmyTb0FLYJmv_O3depN0-rkRi_y362KdDck_bbHyEyljFPom3n3BD2nfDfsy3us-RvhUAGaKTxxapgFrUiXdxbocJjEQDJxMbEinH95UN9_nFo8sMSXZ8DqXko-71nywXoDp14-gR3dveT68QI6utPtKB-8s4TQlqvCPSLweumO7YxSrYKtrXb_fUr7x_oPEkd6xp_9gRxdjcTfxEaQU9Bu4C_QqrgFxdjANwTXgduGHTjaafIthxc9-WeuoCu-4Jwgew75Wqyxuf60zv-C1bg5xjTuOOgvS0nhzzz4Q]
[EC Client] 2019/12/03 22:24:29 [Token refreshed. The token will be expired in 1399 minutes. Approx. 5 minutes to the next auto-refresh.]
[EC Debug] 2019/12/03 22:24:29 []interface {}=>[[ 15524]]
[EC Client] 2019/12/03 22:24:29 [[VLAN] client is listening on port# 15524]
[EC Debug] 2019/12/03 22:24:45 []interface {}=>[127.0.0.1:15524]
[EC Client] 2019/12/03 22:24:45 [error while adding the client inst.]
[EC Client] 2019/12/03 22:24:45 [github.build.ge.com/212359746/wzcore.(*Client).Hire.func6.2.1 websocket: bad handshake]
[EC Client] 2019/12/03 22:29:29 [Triggering token Auto-Refresh..]
[EC Debug] 2019/12/03 22:29:30 []interface {}=>[eyJhbGciOiJSUzI1NiIsImtpZCI6IkJqZEtGIiwidHlwIjoiSldUIn0.eyJqdGkiOiJlNjBhNzNhOTA4ODc0MDkzODZjODlmYmExMzcxNmM2NSIsInN1YiI6ImNpY19jbGllbnRfZGV2Iiwic2NvcGUiOlsiZW50ZXJwcmlzZS1jb25uZWN0LnpvbmVzLmNkNGFhZTdjLTU0MzctNDk1ZS1iZTg5LTA2OTNmMTViODA1MS51c2VyIiwidGltZXNlcmllcy56b25lcy4zNjk5YzllMy0yMGQyLTQwN2QtODk0NC1mMWNhYTQxNDVmNTcudXNlciIsInByZWRpeC1hc3NldC56b25lcy5iYTI4Njg2OC03ZTM2LTQ5NjQtODJjZC01NjM1YTFiZDAzNGEudXNlciIsInNjaW0ubWUiLCJ1YWEucmVzb3VyY2UiLCJ0aW1lc2VyaWVzLnpvbmVzLjM2OTljOWUzLTIwZDItNDA3ZC04OTQ0LWYxY2FhNDE0NWY1Ny5pbmdlc3QiLCJvcGVuaWQiLCJ0aW1lc2VyaWVzLnpvbmVzLmE0YmI4ODgwLTE2YTItNGVmMi1hMzc2LTJmOTJmZGI2ZWY0NC5pbmdlc3QiLCJ0aW1lc2VyaWVzLnpvbmVzLjM2OTljOWUzLTIwZDItNDA3ZC04OTQ0LWYxY2FhNDE0NWY1Ny5xdWVyeSIsInRpbWVzZXJpZXMuem9uZXMuM2FlMmE4NjAtMzg5ZS00MDI5LTkwNzctZWIxMTY3N2FhMjIwLnVzZXIiLCJ0aW1lc2VyaWVzLnpvbmVzLmE0YmI4ODgwLTE2YTItNGVmMi1hMzc2LTJmOTJmZGI2ZWY0NC51c2VyIiwidGltZXNlcmllcy56b25lcy5hNGJiODg4MC0xNmEyLTRlZjItYTM3Ni0yZjkyZmRiNmVmNDQucXVlcnkiLCJhbmFseXRpY3Muem9uZXMuYmI1NDAwNjgtNDU2My00Zjc3LWI5MWYtOGJmM2FiYTdkNWZlLnVzZXIiLCJ0aW1lc2VyaWVzLnpvbmVzLjNhZTJhODYwLTM4OWUtNDAyOS05MDc3LWViMTE2NzdhYTIyMC5pbmdlc3QiLCJ0aW1lc2VyaWVzLnpvbmVzLjNhZTJhODYwLTM4OWUtNDAyOS05MDc3LWViMTE2NzdhYTIyMC5xdWVyeSJdLCJjbGllbnRfaWQiOiJjaWNfY2xpZW50X2RldiIsImNpZCI6ImNpY19jbGllbnRfZGV2IiwiYXpwIjoiY2ljX2NsaWVudF9kZXYiLCJncmFudF90eXBlIjoiY2xpZW50X2NyZWRlbnRpYWxzIiwicmV2X3NpZyI6ImRjYmYwODAxIiwiaWF0IjoxNTc1NDM3MzcwLCJleHAiOjE1NzU1MjEzNzAsImlzcyI6Imh0dHBzOi8vMDc1YjA0MGEtMjc3Ni00MmE1LWE0ZTAtZmY3MzZlYzZhM2U2LnByZWRpeC11YWEucnVuLmF3cy11c3cwMi1wci5pY2UucHJlZGl4LmlvL29hdXRoL3Rva2VuIiwiemlkIjoiMDc1YjA0MGEtMjc3Ni00MmE1LWE0ZTAtZmY3MzZlYzZhM2U2IiwiYXVkIjpbInNjaW0iLCJhbmFseXRpY3Muem9uZXMuYmI1NDAwNjgtNDU2My00Zjc3LWI5MWYtOGJmM2FiYTdkNWZlIiwidWFhIiwicHJlZGl4LWFzc2V0LnpvbmVzLmJhMjg2ODY4LTdlMzYtNDk2NC04MmNkLTU2MzVhMWJkMDM0YSIsIm9wZW5pZCIsImVudGVycHJpc2UtY29ubmVjdC56b25lcy5jZDRhYWU3Yy01NDM3LTQ5NWUtYmU4OS0wNjkzZjE1YjgwNTEiLCJ0aW1lc2VyaWVzLnpvbmVzLjM2OTljOWUzLTIwZDItNDA3ZC04OTQ0LWYxY2FhNDE0NWY1NyIsInRpbWVzZXJpZXMuem9uZXMuM2FlMmE4NjAtMzg5ZS00MDI5LTkwNzctZWIxMTY3N2FhMjIwIiwiY2ljX2NsaWVudF9kZXYiLCJ0aW1lc2VyaWVzLnpvbmVzLmE0YmI4ODgwLTE2YTItNGVmMi1hMzc2LTJmOTJmZGI2ZWY0NCJdfQ.b91Gdo9buqzrjZyLOpDsqWuRq4Q7Z11GsjBr1vCli71iWUL660AALezezBQC-QKMaTHtO3K79i0jSH1ONZPLySUNlxHOfcGWn7gFZLjcDK8pnGmab6muwiDNv_kqJdewsjbhGEWVKBvTq5wZylIdy5BKwzckfrj8ka4rSDFsTOyUHczeQ5PUo8EZrwl88o5j8vg3RVdGel6tPgAVQKxYU5UoyZOjKmPopnpluOBM8RZmERA0Vs760xEXqiuBTyn9VagHjoPTvsOVMoclFitVK8uq0z_7trDQ8JVlzIjavRimM4zbXcGmoOoD7G6V4H0vAiK4rUPj8SLLNyCf-y6I4w]
[EC Client] 2019/12/03 22:29:30 [Token refreshed. The token will be expired in 1399 minutes. Approx. 5 minutes to the next auto-refresh.]
[EC Debug] 2019/12/03 22:31:17 []interface {}=>[127.0.0.1:15524]
[EC Client] 2019/12/03 22:31:17 [error while adding the client inst.]
[EC Client] 2019/12/03 22:31:17 [github.build.ge.com/212359746/wzcore.(*Client).Hire.func6.2.1 websocket: bad handshake]
Gayatri212
commented
4 years ago @crysxyh Looks like you are using zone-id for -grp flag. Please change it with the group_id from service VCAP and let us know.
xiaoyan-huang-bhc3
commented
4 years ago @Gayatri212 , thanks for your help! If you don't mind, can you also update the docs? It doesn't have grp in the server and client examples. Also, I have a quick question on the two Enterprise Connect Services we have. They don't have the same VCAP. Are they different versions of Services? We tried to copy the same configuration from the existing EC. However, one works, the other one fails.
ayasuda2OO3
commented
4 years ago @Gayatri212 , thanks for your help! If you don't mind, can you also update the docs? It doesn't have grp in the server and client examples. Also, I have a quick question on the two Enterprise Connect Services we have. They don't have the same VCAP. Are they different versions of Services? We tried to copy the same configuration from the existing EC. However, one works, the other one fails.
@crysxyh Thanks for the feedback. Please use this internal document for now as we are to publish with a format in the future. This is WIP.
The services/subscriptions in Cloud Foundry follow the Single-Tenant model, meaning the settings cannot be re-used across different services. Sorry for the confusion and hope this makes sense. Please let us know if this resolves/clarify the concerns.
xiaoyan-huang-bhc3
commented
4 years ago @ayasuda2003 , I total understood the Single-Tenant mode. I mean the same configuration format doesn't work for the new EC service. I noticed the messages after starting client are different. Just want to confirm if the EC services are different versions.
This is the EC client starting message of project 1, which indicates the version is Rev: v1.hokkaido.206.
[
▄▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄▄
▐░░░░░░░░░░░▌▐░░░░░░░░░░░
▐░█▀▀▀▀▀▀▀▀▀ ▐░█▀▀▀▀▀▀▀▀▀
▐░▌ ▐░▌
▐░█▄▄▄▄▄▄▄▄▄ ▐░▌
▐░░░░░░░░░░░▌▐░▌
▐░█▀▀▀▀▀▀▀▀▀ ▐░▌
▐░▌ ▐░▌
▐░█▄▄▄▄▄▄▄▄▄ ▐░█▄▄▄▄▄▄▄▄▄
▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌
▀▀▀▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀▀▀▀ @Digital Connect
]
[EC Debug] 2019/12/04 09:45:55 []interface {}=>[logging level is set to debug mode; log files will be generated as /Users/xiaoyan/.ec/connectivity.log /Users/xiaoyan/.ec/plugin.log]
[EC Client] 2019/12/04 09:45:55 [Rev: v1.hokkaido.206]
[EC Client] 2019/12/04 09:45:55 [Agent websocket compression is being negotiated at level 0]
[EC Client] 2019/12/04 09:45:55 [refresh duration is specified. Token auto-refresh is set.]
[EC Client] 2019/12/04 09:45:55 [Fetching new token..]This is for project 2. The version is Rev: v1.hokkaido.212.
[
▄▄▄▄▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄▄▄▄▄
▐░░░░░░░░░░░▌▐░░░░░░░░░░░
▐░█▀▀▀▀▀▀▀▀▀ ▐░█▀▀▀▀▀▀▀▀▀
▐░▌ ▐░▌
▐░█▄▄▄▄▄▄▄▄▄ ▐░▌
▐░░░░░░░░░░░▌▐░▌
▐░█▀▀▀▀▀▀▀▀▀ ▐░▌
▐░▌ ▐░▌
▐░█▄▄▄▄▄▄▄▄▄ ▐░█▄▄▄▄▄▄▄▄▄
▐░░░░░░░░░░░▌▐░░░░░░░░░░░▌
▀▀▀▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀▀▀▀ @Digital Connect
]
[EC Debug] 2019/12/04 09:11:10 []interface {}=>[logging level is set to debug mode; log files will be generated as /Users/xiaoyan/.ec/connectivity.log /Users/xiaoyan/.ec/plugin.log]
[EC Client] 2019/12/04 09:11:10 [Rev: v1.hokkaido.212]
[EC Client] 2019/12/04 09:11:10 [Agent websocket compression is being negotiated at level 0]
[EC Client] 2019/12/04 09:11:10 [refresh duration is specified. Token auto-refresh is set.]
[EC Client] 2019/12/04 09:11:10 [Fetching new token..]We would like to avoid any potential risks on older version used by project 1. Please let us know if we need to take any actions. Thanks!
ayasuda2OO3
commented
4 years ago @ayasuda2003 , I total understood the Single-Tenant mode. I mean the same configuration format doesn't work for the new EC service. I noticed the messages after starting client are different. Just want to confirm if the EC services are different versions.
@crysxyh Yes you are absolutely correct. There was an enhancement in the CF broker side. The enhancement was to address a security setback in the CF service by randomising the default grouping information in the VCAP, previously known as zone-id. Thus, it made the group id relevant only to the subscriber.and harder to compromise by an attacker. The agent usage should be compatible with binaries beyond #203
The agent release #212 is proven to be most stable and recommended by the Internal Ops/Support team. We may plan patch releases (v1) upon needs but the usage/flags would likely stay unchanged. Hope this helps.
ayasuda2OO3
commented
4 years ago Close the issue. Thanks for the feedback and please re-open it if needed. @crysxyh
@Gayatri212 All well documented thanks for the findings.
Hi Support Team,
We tried to configure the gateway, server and client for a new Enterprise Connect service. We have followed the latest documentations (https://enterprise-connect.github.io/documentation/docs/agents.html).
Here is the configuration with quotes.
Gateway Script
Server Script
Client Script
Predix support suggests us to try configurations without quotes but it still doesn't work.
Gateway Script
Server Script
Client Script
Here is the error when we start the client.
Any help would be really appreciated! Xiaoyan