search

gravitl / netclient

Apache License 2.0
66 stars 31 forks source link

NetClient failing to connect to broker (MQTT) #566

Closed ErliReci-lab closed 11 months ago

ErliReci-lab commented 1 year ago

Hi, I am running a netclient using docker and I keep getting the same error. If I try connecting to the broker using this tool or a C# sample I am able to have a successful connection and I can subscribe and send messages.

{"time":"2023-09-02T20:30:50.669546749Z","level":"ERROR","source":"daemon.go 195}","msg":"unable to connect to broker","server":"","error":"status can only transition to connecting from disconnected"}
[netclient] 2023-09-02 20:31:50 could not connect to broker at wss://broker.netmaker.xxxxx.com 
[netclient] 2023-09-02 20:31:50 error publishing checkin connection timeout

I am running NetMaker in docker:

version: "3.4"

services:
  netmaker:
    container_name: netmaker
    image: gravitl/netmaker:v0.20.6
    cap_add: 
      - NET_ADMIN
      - NET_RAW
      - SYS_MODULE
    sysctls:
      - net.ipv4.ip_forward=1
      - net.ipv4.conf.all.src_valid_mark=1
      - net.ipv6.conf.all.disable_ipv6=0
      - net.ipv6.conf.all.forwarding=1
    restart: always
    volumes:
      - dnsconfig:/root/config/dnsconfig
      - sqldata:/root/data
    environment:
      SERVER_NAME: "wss://broker.netmaker.xxxxx.com"
      SERVER_HOST: "xxx.xxx.xxx.xxx"
      SERVER_API_CONN_STRING: "api.netmaker.xxxxx.com:443"
      COREDNS_ADDR: "xxx.xxx.xxx.xxx"
      DNS_MODE: "on"
      SERVER_HTTP_HOST: "api.netmaker.xxxx.com"
      API_PORT: "8081"
      CLIENT_MODE: "on"
      RCE: "on"      
      MASTER_KEY: "xxxxx"
      CORS_ALLOWED_ORIGIN: "*"
      DISPLAY_KEYS: "on"
      DATABASE: "sqlite"
      NODE_ID: "netmaker-server-1"
      TELEMETRY: "off"      
      MQ_HOST: "xxx.xxx.xxx"
      MQ_PORT: "1883"
      HOST_NETWORK: "off"
      VERBOSITY: "4"
      MANAGE_IPTABLES: "on"
      PORT_FORWARD_SERVICES: "dns"
    ports:
      - "51821-51830:51821-51830/udp"
      - 4481:8081
  ......
  mq:
    container_name: mq
    image: eclipse-mosquitto:2.0.11-openssl
    depends_on:
      - netmaker
    restart: unless-stopped
    volumes:
      - ./mosquitto/data/:/mosquitto/data
      - ./mosquitto/logs/:/mosquitto/log
      - ./mosquitto/conf/:/mosquitto/config/
    ports:
      - "1883:1883"
      - "8883:8883"
      - "8885:8885"

This is the mosquitto config

per_listener_settings true

listener 8885 <--- Broker traffic is being rerouted to this port
allow_anonymous true
protocol websockets
require_certificate false
use_identity_as_username true

listener 8883
allow_anonymous false
require_certificate true
use_identity_as_username true
certfile /mosquitto/config/sslCert.cert
keyfile /mosquitto/config/privkey.pem

listener 1883 
allow_anonymous true
mattkasun commented 1 year ago

you are missing wait.sh from your mosquitto mounts: volumes