For whatever reason my pod install (in a React Native project) times out when installing OpenSSL-Universal. Error below:
[!] Error installing OpenSSL-Universal [!] /usr/bin/curl -f -L -o
/var/folders/yd/zkc7ycnn5j1dxrtlj8ccyhb80000gq/T/d20230217-64413-w1dwn8/file.zip
https://github.com/krzyzanowskim/OpenSSL/archive/1.1.1100.zip
--create-dirs --netrc-optional --retry 2 -A 'CocoaPods/1.11.3 cocoapods-downloader/1.6.3'
% Total % Received % Xferd Average Speed Time Time Time
Current
Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- 0:04:59
--:--:-- 0 curl: (28) SSL connection timeout Warning: Problem : timeout. Will retry in 1 seconds. 2 retries left. 0 0 0 0
0 0 0 0 --:--:-- 0:04:59 --:--:-- 0 curl: (28) SSL
connection timeout Warning: Problem : timeout. Will retry in 2
seconds. 1 retries left. 0 0 0 0 0 0 0 0
--:--:-- 0:04:59 --:--:-- 0 curl: (28) SSL connection timeout
I have no idea why this is, and the pod install works fine for other pods, such as Okta, Firebase, Flipper, etc. Presumably it is because the source is Github.
I'm also able to download the source file from Github directly just fine, but I assume there is some bundling process to load it into a pod. If I'm not able to pod install the pod, is there a way I could load the files downloaded from the same source?
Related
First time trying EKS Anywhere docker provider deployment as given in below link
https://anywhere.eks.amazonaws.com/docs/getting-started/local-environment/
It gets stuck at 'waiting for cert-manager' . Working on CentOS 7 .System is behind proxy.
Installing cert-manager Version="v1.5.3+66e1acc"
Using Override="cert-manager.yaml" Provider="cert-manager" Version="v1.5.3+66e1acc"
Waiting for cert-manager to be available...
Error: timed out waiting for the condition
Only cert-manager pods are not able to pull images
NAMESPACE NAME READY STATUS RESTARTS AGE
cert-manager cert-manager-7988d4fb6c-bjhsv 0/1 ImagePullBackOff 0 5m54s
cert-manager cert-manager-cainjector-6bc8dcdb64-hvdx5 0/1 ImagePullBackOff 0 5m55s
cert-manager cert-manager-webhook-68979bfb95-q8ttt 0/1 ImagePullBackOff 0 5m54s
kube-system coredns-745c7986c7-2wrx5 1/1 Running 0 5m57s
kube-system coredns-745c7986c7-kx594 1/1 Running 0 5m57s
kube-system etcd-dev-cluster-eks-a-cluster-control-plane 1/1 Running 0 5m52s
kube-system kindnet-4jcvt 1/1 Running 0 5m57s
kube-system kube-apiserver-dev-cluster-eks-a-cluster-control-plane 1/1 Running 0 5m52s
kube-system kube-controller-manager-dev-cluster-eks-a-cluster-control-plane 1/1 Running 0 5m52s
kube-system kube-proxy-4dk2r 1/1 Running 0 5m57s
kube-system kube-scheduler-dev-cluster-eks-a-cluster-control-plane 1/1 Running 0 5m52s
local-path-storage local-path-provisioner-666bfc797f-nkhqf 1/1 Running 0 5m57s
same images are getting pulled using docker pull
public.ecr.aws/eks-anywhere/jetstack/cert-manager-webhook v1.5.3-eks-a-6 194bcfda671e 3 months ago 46MB
public.ecr.aws/eks-anywhere/jetstack/cert-manager-controller v1.5.3-eks-a-6 1e6749016508 3 months ago 61.3MB
public.ecr.aws/eks-anywhere/jetstack/cert-manager-cainjector v1.5.3-eks-a-6 45723d794a88 3 months ago 42.4MB
kubectl describe gives below (i/o timeout) error as well as 'server misbehaving' error
Failed to pull image "public.ecr.aws/eks-anywhere/jetstack/cert-manager-controller:v1.5.3-eks-a-6": rpc error: code = Unknown desc = failed to pull and unpack image "public.ecr.aws/eks-anywhere/jetstack/cert-manager-controller:v1.5.3-eks-a-6": failed to resolve reference "public.ecr.aws/eks-anywhere/jetstack/cert-manager-controller:v1.5.3-eks-a-6": failed to do request: Head "https://public.ecr.aws/v2/eks-anywhere/jetstack/cert-manager-controller/manifests/v1.5.3-eks-a-6": dial tcp: lookup public.ecr.aws on 172.19.0.1:53: read udp 172.19.0.2:38941->172.19.0.1:53: i/o timeout
It was a proxy related issue. Resolved by adding proxy config in containerd service of docker container of node and restarting containerd service.
docker exec -it <container name> bash
Inside container
cd /etc/systemd/system/
mkdir containerd.service.d
touch http-proxy.conf
cat <<EOF >/etc/systemd/system/containerd.service.d/http-proxy.conf
[Service]
Environment="HTTP_PROXY=http://proxy ip:proxy port"
Environment="HTTPS_PROXY=http://proxy ip:proxy port"
Environment="NO_PROXY=${NO_PROXY:-localhost},${LOCAL_NETWORK}"
EOF
systemctl daemon-reload
systemctl restart containerd
I am following Kubernetes documentation to Install kubectl on Linux on my RHEL 7 server but I see an
curl: (35) SSL connect error
error while running the following command:
curl -kLO https://storage.googleapis.com/kubernetes-release/release/v1.7.0/bin/windows/amd64/kubectl
Any pointers to fix this issue will be very helpful for me to move forward.
I have just checked it and it appeared that the https://storage.googleapis.com/kubernetes-release/release/v1.7.0/bin/windows/amd64/kubectl doesn't exist . It looks like it is needed to add ".exe" at the end of the URL.
<Error>
<Code>NoSuchKey</Code>
<Message>The specified key does not exist.</Message>
<Details>
No such object: kubernetes-release/release/v1.7.0/bin/windows/amd64/kubectl
</Details>
</Error>
The official documentation on how to install kubectl on Linux asks to download the latest release _for_linux_ with the following command:
curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl
curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 44.5M 100 44.5M 0 0 15.8M 0 0:00:02 0:00:02 --:--:-- 15.8M
Additionally with the URL you have provided you are trying to download kubectl for windows on RHEL... (/bin/windows/amd64/kubectl in your url)
So, it is merely needed to add .exe in the end of kubectl if you need downloading it for Windows or replace windows with linux in URL :)
I checked all over, there are many answers to this issue, but none worked.
I am following this tutorial:
https://www.digitalocean.com/community/tutorials/how-to-install-nagios-4-and-monitor-your-servers-on-ubuntu-16-04
The Nagios host is ubuntu 16.04, the client is ubuntu 18.04
NagiosĀ® Coreā¢ 4.3.4
The Nagios server and web is running ok, I can see the localhost status us 'up' in the dashboard.
Something very weird: I installed NRPE 3.2.1 on both the host and the client, but for some reason on the host is 2.15
Host:
root#nagios-1:/tmp/nrpe-nrpe-3.2.1# /usr/local/nagios/libexec/check_nrpe -H 10.142.0.50
NRPE v2.15
Client:
$ /usr/local/nagios/libexec/check_nrpe -H 127.0.0.1
NRPE v3.2.1
Just to make sure, when running check_nrpe from client to server I am using '-2' option to force v2 packets, but I am still getting to error
I added the client ip to the nrpe.cnf (on server), and to be sure also the server ip to the client nrpe.cfg file.
I enabled debug to see the messages in the syslog. this is the response:
Dec 4 00:35:47 nagios-1 check_nrpe: Remote 10.142.0.50 accepted a Version 2 Packet
Dec 4 00:35:51 nagios-1 nrpe[9953]: Connection from 10.142.0.11 port 49889
Dec 4 00:35:51 nagios-1 nrpe[9953]: Host address is in allowed_hosts
Dec 4 00:35:51 nagios-1 nrpe[9953]: Handling the connection...
Dec 4 00:35:51 nagios-1 nrpe[9953]: Error: Could not complete SSL handshake. 1
Dec 4 00:35:51 nagios-1 nrpe[9953]: Connection from closed.
On the host, port 5666 is open and listening
# netstat -at | grep nrpe
tcp 0 0 *:nrpe *:* LISTEN
tcp6 0 0 [::]:nrpe [::]:* LISTEN
I compiled nrpe with --
I am not using xinetd. I use the daemon
# ps aux | grep nrpe
nagios 9866 0.0 0.1 23960 2680 ? Ss 00:35 0:00 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
Host nrpe conf file:
# grep -o '^[^#]*' /etc/nagios/nrpe.cfg
log_facility=daemon
pid_file=/var/run/nagios/nrpe.pid
server_port=5666
nrpe_user=nagios
nrpe_group=nagios
allowed_hosts=127.0.0.1, 10.142.0.50, 10.142.0.0/20,10.142.0.11
dont_blame_nrpe=1
allow_bash_command_substitution=0
debug=1
command_timeout=60
connection_timeout=300
command[check_users]=/usr/lib/nagios/plugins/check_users -w 5 -c 10
command[check_load]=/usr/lib/nagios/plugins/check_load -w 15,10,5 -c 30,25,20
command[check_hda1]=/usr/lib/nagios/plugins/check_disk -w 20% -c 10% -p /dev/hda1
command[check_zombie_procs]=/usr/lib/nagios/plugins/check_procs -w 5 -c 10 -s Z
command[check_total_procs]=/usr/lib/nagios/plugins/check_procs -w 150 -c 200
include=/etc/nagios/nrpe_local.cfg
include_dir=/etc/nagios/nrpe.d/
If you need more info let me know and I will add it.
I found the answer!
I had two versions of NRPE on the host. The deamon was running 2.15. I had to kill this version, and I manually run the 3.2.1 version from its other location
/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -f
After that I was able to get a response in the client
I'm developing tests with Selenium. Currently I'm using official selenium/standalone-chrome:3.11.0 image. I'm running only Selenium inside Docker-container. The project itself is compiled on the host machine (tests connect to the container's exposed port):
$ docker run -p 4444:4444 selenium/standalone-chrome:3.11.0
$ curl -v localhost:4444
* Rebuilt URL to: localhost:4444/
* Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 4444 (#0)
> GET / HTTP/1.1
> Host: localhost:4444
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 200 OK
...
But I would like to compile and test the project entirely inside Docker-container. So I created my own image upon selenium/standalone-chrome:3.11.0. My (simplified) Dockerfile looks like this:
FROM selenium/standalone-chrome:3.11.0
RUN sudo apt-get --assume-yes --quiet update
RUN sudo apt-get --assume-yes --quiet install curl
CMD ["curl", "-v", "localhost:4444"]
As can be seen from the file, I'm trying to connect to port 4444 within container. When I run the image, e.g.:
docker build -t test . && docker run test
I get:
* Rebuilt URL to: localhost:4444/
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 127.0.0.1...
* connect to 127.0.0.1 port 4444 failed: Connection refused
* Trying ::1...
* Immediate connect fail for ::1: Cannot assign requested address
* Trying ::1...
* Immediate connect fail for ::1: Cannot assign requested address
* Failed to connect to localhost port 4444: Connection refused
* Closing connection 0
curl: (7) Failed to connect to localhost port 4444: Connection refused
Why I'm not able to connect to Selenium which is ran inside container from the same container?
I've found the solution at last (sorry for my stupidity).
Building an image upon selenium/standalone-chrome:3.11.0 is not sufficient. You need to start Selenium explicitly.
The Dockerfile:
FROM selenium/standalone-chrome:3.11.0
WORKDIR /app
COPY . /app
RUN sudo apt-get --assume-yes --quiet update
RUN sudo apt-get --assume-yes --quiet install curl
CMD ["./acceptance.sh"]
The acceptance.sh wrapper script:
#!/bin/bash
set -x
set -e
/opt/bin/entry_point.sh &
# It will be better to look into log and wait for
# record 'Selenium Server is up and running on port 4444'.
# But in this script simplified approach is used, just for
# the sake of brevity.
sleep 30
curl -v localhost:4444
The result:
...
+ set -e
+ sleep 30
+ /opt/bin/entry_point.sh
07:51:35.092 INFO [GridLauncherV3.launch] - Selenium build info: version: '3.11.0', revision: 'e59cfb3'
07:51:35.095 INFO [GridLauncherV3$1.launch] - Launching a standalone Selenium Server on port 4444
2018-05-15 07:51:35.661:INFO::main: Logging initialized #2436ms to org.seleniumhq.jetty9.util.log.StdErrLog
07:51:36.448 INFO [SeleniumServer.boot] - Welcome to Selenium for Workgroups....
07:51:36.450 INFO [SeleniumServer.boot] - Selenium Server is up and running on port 4444
^[[23;5~^[[23;5~+ curl -v localhost:4444
* Rebuilt URL to: localhost:4444/
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 4444 (#0)
> GET / HTTP/1.1
> Host: localhost:4444
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 200 OK
...
Cheers!
I have a Dockerized service so theoretically they should be exactly the same across my two servers. The only difference is production is running on Digital Ocean with CoreOS stable (835.9.0) and the dev is running from my home server under Archlinux.
Problem I noticed that when my API returns a lot of results, on production the request seems to be cut short resulting in the infamous net::ERR_INCOMPLETE_CHUNKED_ENCODING in the browser. I can reproduce this issue like so:
curl -i 'http://greptweet.com/u/kaihendry/grep.php?q=http' >/dev/null
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 41274 0 41274 0 0 17846 0 --:--:-- 0:00:02 --:--:-- 17852
curl: (18) transfer closed with outstanding read data remaining
However is works fine on my home server:
curl -i 'http://gt.dabase.com/u/kaihendry/grep.php?q=http' >/dev/null
I am waiting to hear back from Digital Ocean. Is there anything else I might have missed? Content length? Compression?
The answer was actually in my error log if I cared to look closely:
[crit] 14#0: *3888 open() "/var/lib/nginx/tmp/fastcgi/2/03/0000000032" failed (13: Permission denied) while reading upstream, client:...
The fix was chmod -R 755 /var/lib/nginx.
This serverfault question is also related.