search

cloudfoundry / bosh

Cloud Foundry BOSH is an open source tool chain for release engineering, deployment and lifecycle management of large scale distributed services.
https://bosh.io
Apache License 2.0
2.03k stars 657 forks source link

Cannot connect to Bosh Director #2503

Open bespokeeagle opened 5 months ago

bespokeeagle commented 5 months ago

Hello i have a bosh director running on a fips stemcell and i am currently unable to communicate with it

I have a feeling it might be a tls issue, when i check the logs i see the following

SSL_do_handshake() failed (SSL: error:1C800073:Provider routines::invalid data error:0A0C0103:SSL routines::internal error

i generated the certificates using the bosh interpolate command and also tried generating with openssl both produce this same error

any ideas???

beyhan commented 5 months ago

What is the version of the BOSH Director and stemcell do you use? The BOSH Director version https://github.com/cloudfoundry/bosh/releases/tag/v280.0.15 is required an also, the BOSH CLI version you require is at least 7.4.1.

bespokeeagle commented 5 months ago

What is the version of the BOSH Director and stemcell do you use? The BOSH Director version https://github.com/cloudfoundry/bosh/releases/tag/v280.0.15 is required an also, the BOSH CLI version you require is at least 7.4.1.

Ah okay, let me update these then

bespokeeagle commented 5 months ago

@beyhan i have updated the bosh director and i have switched back to the latest jammy stemcell and now i am not able to create a release, it fails because it times out trying to reach compilation vms during compilation

jpalermo commented 5 months ago

Probably a network or certificate problem. You'll need to pull the agent logs from the compilation VM to see what's wrong.

https://bosh.io/docs/tips/#unresponsive-vm-logs

Compilation VMs are often tricky because they get destroyed. You might instead try creating a deployment with just a single VM and no jobs so it's easier to grab the agent logs.

bespokeeagle commented 5 months ago

@jpalermo yes getting the logs from the compilation vms was a bit tricky but i was able to, turns it was a nats authentication problem, apparently there are some breaking changes between my old bosh director release and the latest one

Probably a network or certificate problem. You'll need to pull the agent logs from the compilation VM to see what's wrong.

https://bosh.io/docs/tips/#unresponsive-vm-logs

Compilation VMs are often tricky because they get destroyed. You might instead try creating a deployment with just a single VM and no jobs so it's easier to grab the agent logs.

@jpalermo yes getting the logs from the compilation vms was a bit tricky but i was able to, turns it was a nats authentication problem, apparently there are some breaking changes between my old bosh director release and the latest one