[MESOS-10218] Mesos slave fails to connect after enabling ssl - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Not A Bug
Affects Version/s: 1.9.0
Fix Version/s: None
Component/s: agent
Labels:
None

Target Version/s:

1.9.0

Description

Mesos agent fails to connect to the master after setting the following variables:
LIBPROCESS_SSL_ENABLED=1
LIBPROCESS_SSL_KEY_FILE=/etc/mesos/conf/ssl/server.key
LIBPROCESS_SSL_CERT_FILE=/etc/mesos/conf/ssl/server.pem
LIBPROCESS_SSL_REQUIRE_CERT=false
LIBPROCESS_SSL_VERIFY_SERVER_CERT=false
LIBPROCESS_SSL_REQUIRE_CLIENT_CERT=false
LIBPROCESS_SSL_HOSTNAME_VALIDATION_SCHEME=openssl
LIBPROCESS_SSL_VERIFY_CERT=false
LIBPROCESS_SSL_CA_DIR=/etc/mesos/conf/ssl
LIBPROCESS_SSL_CA_FILE=/etc/mesos/conf/ssl/ca.pem
LIBPROCESS_SSL_SUPPORT_DOWNGRADE=false
LIBPROCESS_SSL_VERIFY_IPADD=false
#LIBPROCESS_SSL_ENABLE_TLS_V1_2=true

Error in logs:
Failed to accept socket: Failed accept: connection error: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request

Connectivity works after setting:

LIBPROCESS_SSL_SUPPORT_DOWNGRADE=true

But then the sandbox fails to open in the web UI:

Potential reasons:

The agent is not accessible
The agent timed out or went offline

With the following error in the logs:

Failed to recv on socket 38 to peer 'unknown': Failed recv, connection error: Connection reset by peer

Attachments

Issue Links

duplicates

MESOS-10217 Mesos slave fails to connect after enabling ssl

Resolved

Activity

People

Assignee:: Andreas Peters

Reporter:: prasadkulkarni0711

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 03/Apr/21 02:52

Updated:: 20/May/21 10:05

Resolved:: 20/May/21 10:05