Closed AndrewCopeland closed 3 years ago
Hi @AndrewCopeland Are you building this with latest? Do you know when this started? Thanks
This started a couple of weeks ago. Not sure exactly. This works from a datacenter server, but not my laptop, which is a change, because I regularly use summon to troubleshoot customer's secrets.yml files.
FYI...I am using 0.5.3 of summon-conjur
Could this be related to a Proxy or a Load balancer?
I have conjur init'ed
to the fqdn of the master, so it should not be going through a load balancer. Still getting a timeout right at 10 seconds when using summon-conjur, but not conjur-cli.
On Tuesday, February 9, 2021, 04:04:07 PM EST, Andrew Copeland notifications@github.com wrote:
Could this be related to a Proxy or a Load balancer?
— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or unsubscribe.
😓 I totally remember adding the 10 second timeout years ago, which was somewhat arbitrary but better than no timeout. It should really be configurable now, I'll add an issue to the API. Perhaps the connection to the server in this instance needs more than 10s ? How long does the conjur-cli take to retrieve a secret ?
The strange thing is that conjur-cli only takes ~8.5 seconds.
Sorry folks. This seems to be a name resolution issue with my VPN client. It's not adding a corporate nameserver to /etc/resolv.conf. When I do this manually, summon-conjur and cybr-cli work fine. Not sure why conjur-cli and curl behave differently (they always worked).
Added corporate nameserver to /etc/resolv.conf:
[clb10@C02QX3NQFVH5MBP ~]# time /usr/local/Cellar/summon-conjur/0.5.3/lib/summon/summon-conjur -v QA-CyberArkVault/Jenkins/DAP_Automation/dap_automation-cyberark/username ChrisB real 0m0.219s user 0m0.015s sys 0m0.033s
@AndrewCopeland Can we close this issue?
Summary
When using the
summon-provider
executable aClient.Timeout exceed while awaiting headers
is being returned.Steps to Reproduce
The timeout is happening right after 10 seconds so I think it is related to the
conjur-api-go
library.https://github.com/cyberark/conjur-api-go/blob/master/conjurapi/client.go#L227
Expected Results
To retrieve the secret value
Actual Results (including error logs, if applicable)
Reproducible
Additional Information
This issue was raised on my own repo but it also relates to the
summon-conjur
repo so I though I would cross reference.The original issue can be found here: https://github.com/infamousjoeg/cybr-cli/issues/69
As mentioned in the original issue the user can use
curl
andconjur-cli
to retrieve the secrets but cannot usesummon-conjur