Open jakoberpf opened 1 year ago
I am also facing the exact same issue but the difference is I am running in a binary install mode(non-docker).
I have checked that the required ports are open. Due to this the connection is unstable and get disconnected too frequently.
netclient[3749339]: [netclient] 2023-04-09 16:49:32 [mqpublish.go-252] publish(): could not connect to broker at <public-ip-here>:8883
netclient[3749339]: [netclient] 2023-04-09 16:49:32 [localport.go-47] UpdateLocalListenPort(): could not publish local port change connection timeout
netclient[3749339]: [netclient] 2023-04-09 16:50:02 [mqpublish.go-252] publish(): could not connect to broker at <public-ip-here>:8883
netclient[3749339]: [netclient] 2023-04-09 16:50:02 [mqpublish.go-149] Hello(): Network: network1 error publishing ping, connection timeout
Hey netmaker people,
I am trying to deploy netmaker (0.17.1), but want to use istio as ingress, because in my case everything uses it. UI and API work fine, but I have issue with the MQTT connections.
When I create a new access key and let a client connect via the
netclient join ...
command it goes into a loop ofIn this case I had istio listening on port
8883
without tls, but I also tried it on port443
with tls. After thinking that istio in itself could be the issue I decided to test using a NodePort for the8883
port instead withAnd this work only sort of. When I set
allow_anonymous true
I can connect with a mqtt client from my machine via the dns recordbroker.netmaker.<masked>.de
. Also when Iallow_anonymous false
I can attempt a connection with a mqtt client from my machine and get anUnauthorized
(since I don't have an login credentials). So far so good, I would believe connectivity is possible.But in all scenarios the actual
netclient
is not able to connect to the broker, neither withallow_anonymous true
orfalse
.One question would be, as this is NodePort from the service and therefore is no TLS on the connection, is this even supposed to work or do I need TLS anyway?
Any hint or tips would be greatly appreciated... :-)