search

redis / lettuce

Advanced Java Redis client for thread-safe sync, async, and reactive usage. Supports Cluster, Sentinel, Pipelining, and codecs.
https://lettuce.io
MIT License
5.3k stars 949 forks source link

Seeing Warning Logs :: Cannot refresh Redis Cluster topology in 6.2.6.RELEASE #2843

Open subrajitdhal opened 2 months ago

subrajitdhal commented 2 months ago

Bug Report

Current Behavior

I've found that the WARN log message is "Cannot refresh Redis Cluster topology", after AWS Elasticache instance reboot. Although the log was printed every topology refresh period, all requests was fine.NO connection issue though.it just print warning logs.

Unable to connect to [xxxxxxx:port]: PKIX path validation failed: java.security.cert.CertPathValidatorException: Unable to determine revocation status due to network error

Stack trace ```java i.l.c.c.t.DefaultClusterTopologyRefresh$CannotRetrieveClusterPartitions: Cannot retrieve cluster partitions from [rediss://********************@xxxxxx:port] Details: [rediss://********************@xxxxx:port]: PKIX path validation failed: java.security.cert.CertPathValidatorException: Unable to determine revocation status due to network error Suppressed: java.io.EOFException: not enough content at sun.security.util.DerValue.(DerValue.java:425) at sun.security.util.DerValue.(DerValue.java:340) at s.s.provider.certpath.OCSPResponse.(OCSPResponse.java:200) at sun.security.provider.certpath.OCSP.check(OCSP.java:196) at s.s.provider.certpath.RevocationChecker.checkOCSP(RevocationChecker.java:785) at s.s.provider.certpath.RevocationChecker.check(RevocationChecker.java:369) ```

Input Code

Input Code ```java private val topologyRefreshOptions: ClusterTopologyRefreshOptions = ClusterTopologyRefreshOptions .builder() .enablePeriodicRefresh(RedisClusterTopologyRefreshInterval) .enableAllAdaptiveRefreshTriggers() .dynamicRefreshSources(true) .build() ```

Expected behavior/code

"Cannot refresh Redis Cluster topology" log should no longer be printed.

Environment

Possible Solution

Additional context

tishun commented 1 month ago

Hey @subrajitdhal ,

How do you verify that "all requests are fine. NO connection issue though."?

From the code I see in Lettuce the WARN message you are seeing is indicating that the topology refresh has failed. The indicated issue is that the revocation status of the certificate could not be established due to network error.

Have in mind that a topology refresh failing would not stop the driver from operating and using the topology it already has from previous attempts, but the topology information would not be updated until the network issue is resolved.

subrajitdhal commented 1 month ago

Hi @tishun , Thanks for checking it. This error we are seeing suddenly though there is no change from application.We have also tried use correct java trust store location.Any pointer would be greatly help.

tishun commented 1 month ago

I am afraid I do not have enough information to help diagnose the issue.

The only pointer I have is that, the Lettuce driver, while attempting to refresh the topology by connecting to rediss://********************@xxxxx:port fails to establish a connection because there is some network connectivity issue.

If otherwise the driver is able to connect to the same instance then I have no clue why this specific network connection fails.

subrajitdhal commented 4 weeks ago

Hi @tishun , Up on further checking we see this warning logs are more frequent in app which are using AWS based Correto Java 17 base images.Where as app which are using Alepine java 11 this warning logs are very very less