search

sshipway / rancher-catalogue

Catalogue for Rancher (test)
GNU General Public License v2.0
21 stars 6 forks source link

Cannot use https to access portus web interface #5

Open Beanking77 opened 8 years ago

Beanking77 commented 8 years ago

Hi, I'm recently trying to build up private registry from your nice work. :) I follow the step and set default value except:

everything looks good (all active) and I try to visit following url: image

but with no luck :( got ERR_CONNECTION_REFUSED please give me some hints. Thank you.

UPDATE Looks like there some issues when link between dockers. nginx logs:

2016/02/03 04:01:22 [emerg] 1#1: host not found in upstream "portus" in /etc/nginx/conf.d/portus.conf:9
nginx: [emerg] host not found in upstream "portus" in /etc/nginx/conf.d/portus.conf:9

Portus logs:

Making sure database is ready
WARNING: Nokogiri was built against LibXML version 2.9.1, but has dynamically loaded 2.8.0
Access denied for user 'portus'@'[docker ip]' (using password: YES)Please provide the root password for your MySQL installation

mysql logs: [Note] Access denied for user 'portus'@'[docker ip]' (using password: YES)

livehybrid commented 8 years ago

Hi, I also had an issue with the connection from nginx to portus: 2/23/2016 1:27:37 PM2016/02/23 13:27:37 [emerg] 1#1: host not found in upstream "portus" in /etc/nginx/conf.d/portus.conf:9 2/23/2016 1:27:37 PMnginx: [emerg] host not found in upstream "portus" in /etc/nginx/conf.d/portus.conf:9 Debugging at the moment...

sshipway commented 8 years ago

@livehybrid - did you remember to start the portus container first, and set the --link portus:portus on the nginx container to link to it?

sshipway commented 8 years ago

The FQDN is supposed to be the FQDN of your registry host (and also the portus host of course). This is used to create a certificate as well as to set up the notification URLs in the setup.

The problem may be that you do not have the load balancer instance. The template will create a load balancer on all hosts with the label LB=1; if there are none, then no load balancers start, and it is not possible to access.

Try setting label LB=1 on at least one of your hosts, and then use the IP/FQDN of that host to access the service. Probably, I should have made the test negative rather than positive.

sshipway commented 8 years ago

Might be necessary to set up a scheduling affinity rule to get them onto the same host.

shobull commented 8 years ago

It looks more likely to be the same bug as describred here https://github.com/rancher/community-catalog/issues/40

sshipway commented 8 years ago

The OP was trying to connect on port 433 (which wont work as the template listens on port 443); also the original template would schedule the load balancer on hosts with label LB=1. Since there were no matching hosts, there were no instances of the load balancer container, and so it was impossible to connect.