search

GluuFederation / cloud-native-edition

Cloud Native Edition repository
https://gluu.org/docs/gluu-server/latest/installation-guide/install-kubernetes/
Apache License 2.0
33 stars 25 forks source link

Openbanking distribution not working on microk8s on Azure VM ubuntu 20 x86_64 x86_64 x86_64 GNU/Linux #346

Closed moabu closed 3 years ago

moabu commented 3 years ago

Describe the bug Openbanking distribution is being reported as not working on microk8s on Azure VM ubuntu 20 x86_64 x86_64 x86_64 GNU/Linux due to an issue in calling the ssl of the domain provided

Error from server (NotFound): pods “gluu-auth-server-f46ff9568-sfpsl” not found
root@jans20:/home/azureuser# microk8s kubectl logs -f gluu-auth-server-f46ff9568-sfpsl -n gluu
INFO - jans.pycloudlib.wait - 2021-07-07 11:34:38,297 - Config is ready
INFO - jans.pycloudlib.wait - 2021-07-07 11:34:38,316 - Secret is ready
INFO - jans.pycloudlib.wait - 2021-07-07 11:34:38,469 - SQL is ready
Traceback (most recent call last):
File “/app/scripts/bootstrap.py”, line 257, in
main()
File “/app/scripts/bootstrap.py”, line 175, in main
get_server_certificate(
File “/src/jans-pycloudlib/jans/pycloudlib/utils.py”, line 194, in get_server_certificate
with socket.create_connection((host, port)) as conn:
File “/usr/lib/python3.8/socket.py”, line 787, in create_connection
for res in getaddrinfo(host, port, 0, SOCK_STREAM):
File “/usr/lib/python3.8/socket.py”, line 918, in getaddrinfo
for res in _socket.getaddrinfo(host, port, family, type, proto, flags):
socket.gaierror: [Errno -3] Try again

To Reproduce Steps to reproduce the behavior:

  1. Create Azure VM arch amd64
  2. Run the Quickstart demo

Expected behavior Installation should succeed.

Additional context Function reporting error:

def get_server_certificate(
    host: str, port: int, filepath: str, server_hostname: str = ""
) -> str:
    """Get PEM-formatted certificate of a given address.
    :param host: Hostname of a server.
    :param port: Port of SSL-secured server.
    :param filepath: Path to save the downloaded certificate.
    :param server_hostname: Optional hostname of the server.
    :return: Certificate text.
    """
    server_hostname = server_hostname or host

    with socket.create_connection((host, port)) as conn:
        # use the default ``PROTOCOL_TLS`` constant
        context = ssl.SSLContext(ssl.PROTOCOL_TLS)

        # by default, ``SSLContext.options`` only excludes insecure protocols
        # SSLv2 and SSLv3; hence we need to exclude TLSv1 as well
        context.options |= ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1

        with context.wrap_socket(conn, server_hostname=server_hostname) as sock:
            der = sock.getpeercert(True)
            cert = ssl.DER_cert_to_PEM_cert(der)
            pathlib.Path(filepath).write_text(cert)
            return cert
moabu commented 3 years ago

Issue is not replicable or present. 

NAME                                READY   STATUS      RESTARTS   AGE
gluu-config-pmj4m                   0/1     Completed   0          6m32s
my-release-mysql-0                  1/1     Running     0          6m32s
gluu-persistence-njbc4              0/1     Completed   0          6m32s
gluu-auth-server-5b8f6d7785-nlnlj   1/1     Running     2          6m32s
gluu-config-api-78c567d98f-cs6nb    1/1     Running     2          6m32s
root@testdemo:~# uname -a
Linux testdemo 5.8.0-1036-azure #38~20.04.1-Ubuntu SMP Thu Jun 17 14:14:18 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux