search

Netflix / Hystrix

Hystrix is a latency and fault tolerance library designed to isolate points of access to remote systems, services and 3rd party libraries, stop cascading failure and enable resilience in complex distributed systems where failure is inevitable.
24.13k stars 4.71k forks source link

How to monitor a stream with HTTPS in dashboard? #1506

Open pauloricardopr opened 7 years ago

pauloricardopr commented 7 years ago

Hi all,

Thank you in advance for this library!

I'm starting to use Hystrixin my project, so I have implemented my Commands and tested the dashboard addressing the stream at http://localhost:8080/path-to-the.stream ... That's OK!

When I deploy the same app in my test environment, which responds ONLY https, the same dashboard fails.

I'm running the dashboard in my machine via Gradle. I didn't change anything int the code.

Inferred project: hystrix, version: 1.6.0-SNAPSHOT
Publication nebula not found in project :.
:hystrix-dashboard:prepareInplaceWebAppFolder UP-TO-DATE
:hystrix-dashboard:createInplaceWebAppFolder UP-TO-DATE
:hystrix-dashboard:compileJava UP-TO-DATE
:hystrix-dashboard:processResources UP-TO-DATE
:hystrix-dashboard:classes UP-TO-DATE
:hystrix-dashboard:prepareInplaceWebAppClasses UP-TO-DATE
:hystrix-dashboard:prepareInplaceWebApp UP-TO-DATE
:hystrix-dashboard:jettyRun
14:44:52 INFO  Jetty 9.2.15.v20160210 started and listening on port 7979
14:44:52 INFO  hystrix-dashboard runs at:
14:44:52 INFO    http://localhost:7979/hystrix-dashboard
Press any key to stop the server.

The problem occurs when I try to add a stream https://myserver.dev.mydomain/same-path-as-localhost.stream and then the page loads the dashboard empty with "Unable to connect to Command Metric Stream." in red into Circuits section and "Loading..." below in "Thread Pools" section.

The console logs:

2017-03-20 15:00:16 ERROR  com.netflix.hystrix.dashboard.stream.ProxyStreamServlet:138 [ProxyStreamServlet] [doGet]: Error proxying request: **https://myserver.dev.mydomain/same-path-as-localhost.stream**
_javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated_
        at sun.security.ssl.SSLSessionImpl.getPeerCertificates(SSLSessionImpl.java:431)
        at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
        at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:572)
        at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)
        at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:294)
        at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:640)
        at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:479)
        at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906)
        at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:805)
        at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:784)
        at com.netflix.hystrix.dashboard.stream.ProxyStreamServlet.doGet(ProxyStreamServlet.java:100)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:687)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
        at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:812)
        at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:587)
        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
        at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:577)
        at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223)
        at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127)
        at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)
        at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
        at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061)
        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
        at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:215)
        at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)
        at org.eclipse.jetty.server.Server.handle(Server.java:499)
        at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311)
        at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257)
        at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:544)
        at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)
        at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)
        at java.lang.Thread.run(Thread.java:745)

I don't konw about client certificates/SSL configuration. Can anyone help me, and maybe add something in the docs ??

Thank you all,

Paulo Mac OS X 10.11.6 java version "1.8.0_112"

mattrjacobs commented 7 years ago

Thanks for the report @pauloricardopr . I'm very unknowledgable in front-end work. Any members of the community have hints on how to proceed?

leonbu commented 4 years ago

I have the same issue. any update on how to fix it?