search

snowdrop / istio-java-api

A Java API to generate Istio descriptors, inspired by Fabric8's kubernetes-model.
Apache License 2.0
112 stars 33 forks source link

'Caused by: javax.net.ssl.SSLHandshakeException: Remote host terminated the handshake' and 'java.io.EOFException: SSL peer shut down incorrectly' #72

Closed lianghuiyuan closed 4 years ago

lianghuiyuan commented 4 years ago

I config IstioClient with cluster-admin token, 

    @PostConstruct
    public void SetIstioClient() {
        System.setProperty(Config.KUBERNETES_TRUST_CERT_SYSTEM_PROPERTY, k8s_cluster_trust_cert);
        System.setProperty(Config.KUBERNETES_DISABLE_HOSTNAME_VERIFICATION_SYSTEM_PROPERTY, k8s_cluster_disable_hostname_verification);
        System.setProperty(Config.KUBERNETES_MASTER_SYSTEM_PROPERTY, k8s_cluster_url);
        System.setProperty(Config.KUBERNETES_OAUTH_TOKEN_SYSTEM_PROPERTY, k8s_cluster_serviceaccount_token);
        config = new ConfigBuilder().build();
        istioClient = new DefaultIstioClient(config);
    }

I run my app locally in IDEA spring boot is OK, but when I put it in Kubernetes pod, It come out this problems

[2019-07-31 21:32:40,613][TRACE:http-nio-8080-exec-6][AbstractBeanFactory.java:254] Returning cached instance of singleton bean 'gatewayController'
[2019-07-31 21:32:40,613][TRACE:http-nio-8080-exec-6][AbstractHandlerMapping.java:417] Mapped to public com.authine.lateinos.svc.ResponseResult<me.snowdrop.istio.api.networking.v1alpha3.Gateway> com.authine.lateinos.kube.api.controller.GatewayController.get(java.lang.String,java.lang.String,com.authine.lateinos.kube.api.model.ReqOption)
[2019-07-31 21:32:40,614][TRACE:http-nio-8080-exec-6][LogFormatUtils.java:88] Read "application/json;charset=UTF-8" to [com.authine.lateinos.kube.api.model.ReqOption@4748dedd]
[2019-07-31 21:32:40,614][TRACE:http-nio-8080-exec-6][InvocableHandlerMethod.java:136] Arguments: [istio-bookinfo, bookinfo-gateway, com.authine.lateinos.kube.api.model.ReqOption@4748dedd]
[2019-07-31 21:32:40,624][TRACE:http-nio-8080-exec-6][AbstractBeanFactory.java:254] Returning cached instance of singleton bean 'customControllerAdvice'
[2019-07-31 21:32:40,624][DEBUG:http-nio-8080-exec-6][ExceptionHandlerExceptionResolver.java:403] Using @ExceptionHandler public com.authine.lateinos.svc.ResponseResult<java.lang.Object> com.authine.lateinos.container.handler.CustomControllerAdvice.handle(java.lang.Throwable)
[2019-07-31 21:32:40,625][TRACE:http-nio-8080-exec-6][InvocableHandlerMethod.java:136] Arguments: [io.fabric8.kubernetes.client.KubernetesClientException: Operation: [get]  for kind: [Gateway]  with name: [bookinfo-gateway]  in namespace: [istio-bookinfo]  failed.]
[2019-07-31 21:32:40,625][INFO :http-nio-8080-exec-6][CustomControllerAdvice.java:59] Operation: [get]  for kind: [Gateway]  with name: [bookinfo-gateway]  in namespace: [istio-bookinfo]  failed.
io.fabric8.kubernetes.client.KubernetesClientException: Operation: [get]  for kind: [Gateway]  with name: [bookinfo-gateway]  in namespace: [istio-bookinfo]  failed.
    at io.fabric8.kubernetes.client.KubernetesClientException.launderThrowable(KubernetesClientException.java:64)
    at io.fabric8.kubernetes.client.KubernetesClientException.launderThrowable(KubernetesClientException.java:72)
    at io.fabric8.kubernetes.client.dsl.base.BaseOperation.getMandatory(BaseOperation.java:229)
    at io.fabric8.kubernetes.client.dsl.base.BaseOperation.get(BaseOperation.java:162)
    at com.authine.lateinos.kube.api.service.impl.GatewayCtrl.getGateway(GatewayCtrl.java:29)
    at com.authine.lateinos.kube.api.service.impl.GatewayServiceImpl.getGateway(GatewayServiceImpl.java:23)
    at com.authine.lateinos.kube.api.controller.GatewayController.get(GatewayController.java:65)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
    at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:190)
    at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138)
    at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:104)
    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:892)
    at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:797)
    at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)
    at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1039)
    at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:942)
    at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1005)
    at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:908)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:660)
    at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:882)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:92)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200)
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:200)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
    at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408)
    at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
    at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:836)
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1747)
    at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: javax.net.ssl.SSLHandshakeException: Remote host terminated the handshake
    at java.base/sun.security.ssl.SSLSocketImpl.handleEOF(SSLSocketImpl.java:1321)
    at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1160)
    at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1063)
    at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
    at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.java:319)
    at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.java:283)
    at okhttp3.internal.connection.RealConnection.connect(RealConnection.java:168)
    at okhttp3.internal.connection.StreamAllocation.findConnection(StreamAllocation.java:257)
    at okhttp3.internal.connection.StreamAllocation.findHealthyConnection(StreamAllocation.java:135)
    at okhttp3.internal.connection.StreamAllocation.newStream(StreamAllocation.java:114)
    at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:42)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
    at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:93)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
    at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
    at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:126)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
    at io.fabric8.kubernetes.client.utils.BackwardsCompatibilityInterceptor.intercept(BackwardsCompatibilityInterceptor.java:119)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
    at io.fabric8.kubernetes.client.utils.ImpersonatorInterceptor.intercept(ImpersonatorInterceptor.java:68)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
    at io.fabric8.kubernetes.client.utils.HttpClientUtils.lambda$createHttpClient$1(HttpClientUtils.java:100)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:147)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:121)
    at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:254)
    at okhttp3.RealCall.execute(RealCall.java:92)
    at io.fabric8.kubernetes.client.dsl.base.OperationSupport.handleResponse(OperationSupport.java:404)
    at io.fabric8.kubernetes.client.dsl.base.OperationSupport.handleResponse(OperationSupport.java:365)
    at io.fabric8.kubernetes.client.dsl.base.OperationSupport.handleGet(OperationSupport.java:330)
    at io.fabric8.kubernetes.client.dsl.base.OperationSupport.handleGet(OperationSupport.java:311)
    at io.fabric8.kubernetes.client.dsl.base.BaseOperation.handleGet(BaseOperation.java:810)
    at io.fabric8.kubernetes.client.dsl.base.BaseOperation.getMandatory(BaseOperation.java:218)
    ... 58 more
Caused by: java.io.EOFException: SSL peer shut down incorrectly
    at java.base/sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:167)
    at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:108)
    at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1152)
    ... 94 more
[2019-07-31 21:32:40,631][DEBUG:http-nio-8080-exec-6][AbstractMessageConverterMethodProcessor.java:268] Using 'application/json', given [*/*] and supported [application/json, application/*+json, application/json, application/*+json]
[2019-07-31 21:32:40,631][TRACE:http-nio-8080-exec-6][AbstractBeanFactory.java:254] Returning cached instance of singleton bean 'customControllerAdvice'
lianghuiyuan commented 4 years ago

OK, Fixed. Just use 'kubectl get svc' get the kubernetes svc IP and port 443 for k8s_cluster_url. This problem puzzled me the whole afternoon!