I am new to Kuma and am trying to set up Multi-Zone deployment mode after experimenting with standalone mode. Currently, I have managed to setup the Global Control Plane on an Azure VM and it seems to be working well.
My problem lies in setting up the Zone Control Planes. I have tried setting up on both Docker, WSL and a VirtualBox Ubuntu VM but I am receiving the same error again and again. It should be noted that I am attempting to set this up using Universal mode, as described on Kuma docs, and have tried both versions 1.4.1 and 1.2.3. The error in question is as below:
ERROR kds-zone.kds-mux-client component terminated with an error (“generationID”: 6, “error”: “rpc error; code = Unavailable desc = connection error: desc = “transport: authentication handshake failed: tls: first record does not look like a TLS handshake””}
I have tried googling this problem, but can’t seem to find any similar problems relating to Kuma, and have also tried experimenting in the kuma.conf.yml file but to no avail.
Thank you in advance to anyone who may have any advice on how to solve this.
Regards,
Daniel
Related
I'm trying to use nginx-ingress to create secure connection but i'm getting this error:
I'm using helm chart stable/nginx-ingress version 1.34.2.
I've been searching for this kind of error, I've already config ssl-ciphers and ssl-protocols, add more ciphers suite in order to have more common ciphers between client and server. But i'm still getting this error.
The service i'm trying to build following this flow:
Hope some one can solve this out, or having any suggestion for my problem.
I'm having problems enabling TLS in Elasticsearch 7.1.1 running on Windows 7.
I have a single node with certificates created as
elasticsearch-certutil ca
elasticsearch-certutil cert --ca elastic-stack-ca.p12
The elasticsearch.yml file has the following settings
node.name: node1
discovery.type: single-node
xpack.security.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: 'C:\elasticsearch-7.1.1\config\certs\elastic-certificates.p12'
xpack.security.transport.ssl.truststore.path: 'C:\elasticsearch-7.1.1\config\certs\elastic-certificates.p12'
This works fine but when I add the below
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: 'C:\elasticsearch-7.1.1\config\certs\elastic-certificates.p12'
xpack.security.http.ssl.truststore.path: 'C:\elasticsearch-7.1.1\config\certs\elastic-certificates.p12'
and start up elasticsearch I see the following error
[2019-06-25T07:34:19,659][WARN ][o.e.h.AbstractHttpServerTransport]
[node1] caught exception while handling client http traffic, closing
connection Netty4HttpChannel{localAddress=0.0.0.0/0.0.0.0:9200,
remoteAddress=/127.0.0.1:6757}
io.netty.handler.codec.DecoderException:
io.netty.handler.ssl.NotSslRecordException: not an SSL/TLS record:
This is repeated every 10-15 seconds.
https is enabled though and I can access the node using https://localhost:9200
I don't know why I receive the above error though as nothing else is running and accessing elasticsearch.
Any help would be much appreciated.
Thanks heaps
It was pointed out to me, on the elastic forum, that the above is a warning and not an error. I still couldn't understand what was causing it as I wasn't running any service or anything else that could be causing it but eventually found something called heartbeat that was running. This was obviously setup in an earlier version/previous installation of Kibana and this was still running, making a call using http and thus causing the above error (this is used for creating dummy data to use for/by to demo Kibana).
I came across this problem too. And IF you have previously installed Elastic Search then high chance you got some residual indices with "red" status, which makes the process of enabling TLS unsuccessful.
Try this command to verify your indices and their statuses
curl -XGET https://localhost:9200/_cat/indices
then delete those with red status.
I'm kinda at a loss here.
Trying to set up proton with SSL / TLS access, but after creating the certificates with the (modified) shell scripts
supplied by the AppDev-Pack and linking the keyring and everything in notes.ini, I always seem to get
the error "Handshake failed with fatal error SSL_ERROR_SSL: error: 100000f7:SSL routines:OPENSSL_internal:
WRONG_VERSION_NUMBER".
Tried both a windows and linux server, as well as using the accessing node.js app with and without
certificates - but with no success.
Also tried the troubleshoot section of https://doc.cwpcollaboration.com/appdevpack/docs/en/proton-admin.html and it connected just fine,
but won't if i connect with node.js.
Looks like the error is thrown before a certificate is even checked?
In this example the error is thrown after trying to get a document by UNID.
notes.ini (proton parts)
gRPC Client Error
If someone has an idea how to fix that issue or where to start - that would really help me.
Thanks in advance.
It appears that the client side does not have the secure flag set. At least I get a similar stack when I try to connect without TLS when the server expects TLS.
See the secure attribute when calling useServer() function, and you'll also need to provide the credentials attributes.
I am trying to add Apache Nifi in ambari but continuously failing with error Error occured during stack advisor command invocation:
Unable to delete directory /var/run/ambari-server/stack-recommendations/1.
There is a similar thread with the same error in hortonworks community, I have tried everything mentioned in that thread but unable to fix it. My sandbox is installed in vmware workstation 12 player. I also tried to create and remove directory manually but it is failing with the error invalid argument. Created a thread for this error also on stackexchange. Please help!!!
Here is a link to Hortonworks forum thread. And it seems like sandbox is just broken:
This is due to a docker issue in this 2.5 sandbox build. It will be
fixed in next revision of the sandbox.
There are also some workarounds described (like use older HDP 2.4 or establishing own cluser based on the HDP 2.5 docker image)
Updated sandbox arrived: http://hortonworks.com/downloads
Trust me, active member of community see your posts in multiple locations. In a good, no Big Brother ways :) but cross-posting is an old as world ... Well, you got it.
Did you see a notice for this service in Ambari? Telling it's been deprecated? Same note in the github. There's a good reason for that, it's now been implemented properly by the dev team and with many more features. I.e. all the action is there now.
I think I replied a similar question, though not sure it was yours, take a look in HCC.
I have tried for days now trying to find the right version of red5phone, but to no avail. Also, I need red5 and asterisk to be on different servers. I have followed all instructions described in the various tutorials on web, but nothing helps. I have downloaded 2 different versions of red5phone: sip1, sip_47 from the red5phone google code site, but none of them worked!
When I use:
a) sip1 - shows the correct parameters being passed on the red5 server console, but connection is stuck up with the console displaying the following error:
[NioProcessor-1] ERROR o.r.server.service.ServiceInvoker - Method login with parameters [<sip user>, <sip user>,<sip user>,<sip user pwd>, <asterisk server i/p>, <asterisk server i/p>] not found in org.red5.server.webapp.sip.Application#2d0c94a7
b) sip47 - when I type in the values in the flex interface and check the red5 server console, I see all parameters correct(the ones I passed) except for asterisk server ip that i m trying to connect. Instead, it shows 127.0.0.1 by default and completely ignores the passed ip and regsitration fails.
I am using:
red5 server version: 0.9.1, centos: 4.8(final), red5phone used: sip_47 (tried sip1 as well)
As a desperate measure I tried debugging the source code for red5phone (java and flex files) myself. but when I try to create the environment on my local system, I get several compile errors for missing java packages such as javax.media, org.slf4j, org.red5, etc. really confused and desperate for some guidance. Any tips highly appreciated.
Sunil, I'm also new to this, I would try red5-voicebridge installed in your red5 server.
red5-voicebridge Please let me know if you got it to work.