Hi, On Wed, Aug 19, 2015 at 5:36 PM, Anuruddha Premalal <[email protected]> wrote:
> Hi All, > > I raised the issue in jenkins dev mailing list and still waiting for a > response. Standalone jenkins use jetty servelet container [1]. However it's > still using winstone[2] for java command line argument parsing which I > couldn't find a way to configure SSL clientAuthentication. > > One workaround is to call stratos services using the stratos admin. The > other option is to use a signedJWT token athenticator. > > Using stratos admin for application(stratos) creation might incur > metering or appfactory wall related concerns in-future. > IMO if the MutualAuth doesn't work with current jenkins deployment it's > better to go for SignedJWT Authenticator. > +1 for SignedJWTAuthenticator and invoking the service as the tenant admin (and this means -1 doing it as super tenant admin). On the side(not related to this conversation) Is SignedJWTAuthenticator operating without Mutual SSL now? thanks, dimuthu > > Appreciate your feedback on this regard. > > [1] > https://wiki.jenkins-ci.org/display/JENKINS/Starting+and+Accessing+Jenkins > [2] http://winstone.sourceforge.net/#configFile > > On Wed, Aug 19, 2015 at 12:20 PM, Anuruddha Premalal <[email protected]> > wrote: > >> Hi All, >> >> I've completed the following flow for single tenant cartridge. >> >> * Creating S2 git repo for app creation. >> * Creating and deploying the app in stratos and bringing up the cartridge. >> * Preparing the tomcat cartridge. >> * Creating s2 repo for app versioning >> * Cleaning application resources(stratos & s2 repos) on deletion. >> >> There's an issue in talking to stratos on application versioning. >> >> On versioning stratos rest calls(to create app) goes through jenkins, we >> are using MutualSSL for communication between stratos and deployers bundle. >> For this to work stratos expect "javax.servlet.request.X509Certificate" >> attribute to be set with the certificate object, this attribute is not >> getting set when the call goes through jenkins. Because of this stratos is >> unable to authenticate the application creation request. >> >> Also there's an error log[1] in jenkins before sending the rest call. >> This might be the reason for the failure of setting certificate object. FYI >> client truststore and the keystores are identical in jenkins and stratos >> side. >> >> has anyone encountered a similar issue before? >> >> [1] org.apache.commons.httpclient.HttpMethodDirector >> processAuthenticationResponse >> SEVERE: Invalid challenge: Basic >> org.apache.commons.httpclient.auth.MalformedChallengeException: Invalid >> challenge: Basic >> at >> org.apache.commons.httpclient.auth.AuthChallengeParser.extractParams(AuthChallengeParser.java:98) >> at >> org.apache.commons.httpclient.auth.RFC2617Scheme.processChallenge(RFC2617Scheme.java:94) >> at >> org.apache.commons.httpclient.auth.BasicScheme.processChallenge(BasicScheme.java:112) >> at >> org.apache.commons.httpclient.auth.AuthChallengeProcessor.processChallenge(AuthChallengeProcessor.java:162) >> at >> org.apache.commons.httpclient.HttpMethodDirector.processWWWAuthChallenge(HttpMethodDirector.java:694) >> at >> org.apache.commons.httpclient.HttpMethodDirector.processAuthenticationResponse(HttpMethodDirector.java:668) >> at >> org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:193) >> at >> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) >> at >> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323) >> at >> org.wso2.carbon.appfactory.s4.integration.StratosRestService.doPost(StratosRestService.java:301) >> at >> org.wso2.carbon.appfactory.s4.integration.StratosRestService.deployApplication(StratosRestService.java:134) >> at >> org.wso2.carbon.appfactory.deployers.StratosApplicationHandler.createAndDeployStratosApplication(StratosApplicationHandler.java:60) >> at >> org.wso2.carbon.appfactory.deployers.AbstractStratosDeployer.addToGitRepo(AbstractStratosDeployer.java:114) >> at >> org.wso2.carbon.appfactory.deployers.AbstractStratosDeployer.deploy(AbstractStratosDeployer.java:72) >> at >> org.wso2.carbon.appfactory.deployers.AbstractDeployer.deployLatestSuccessArtifact(AbstractDeployer.java:123) >> at >> org.wso2.carbon.appfactory.jenkins.deploy.JenkinsArtifactDeployer.deployLatestSuccessArtifact(JenkinsArtifactDeployer.java:84) >> at >> org.wso2.carbon.appfactory.jenkins.artifact.storage.AppfactoryArtifactStoragePlugin.doDynamic(AppfactoryArtifactStoragePlugin.java:92) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >> at java.lang.reflect.Method.invoke(Method.java:606) >> at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:298) >> at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:161) >> at >> org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:96) >> at org.kohsuke.stapler.MetaClass$12.dispatch(MetaClass.java:391) >> at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746) >> at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) >> at org.kohsuke.stapler.MetaClass$6.doDispatch(MetaClass.java:249) >> at >> org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53) >> at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746) >> at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) >> at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649) >> at org.kohsuke.stapler.Stapler.service(Stapler.java:238) >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) >> at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:686) >> at >> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1494) >> at >> hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:123) >> at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:114) >> at >> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) >> at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:48) >> at >> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) >> at >> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84) >> at >> hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51) >> at >> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) >> at >> jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117) >> at >> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) >> at >> org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125) >> at >> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) >> at >> org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142) >> at >> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) >> at >> org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271) >> at >> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) >> at >> jenkins.security.BasicHeaderProcessor.success(BasicHeaderProcessor.java:140) >> at >> jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:82) >> at >> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) >> at >> org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249) >> at >> hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67) >> at >> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) >> at >> hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) >> at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:168) >> at >> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) >> at >> org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49) >> at >> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) >> at >> hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) >> at >> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) >> at >> org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30) >> at >> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474) >> at >> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499) >> at >> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137) >> at >> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533) >> at >> org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231) >> at >> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086) >> at >> org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428) >> at >> org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193) >> at >> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020) >> at >> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) >> at >> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) >> at org.eclipse.jetty.server.Server.handle(Server.java:370) >> at >> org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) >> at >> org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:949) >> at >> org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1011) >> at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644) >> at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235) >> at >> org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) >> at org.eclipse.jetty.io.nio.SslConnection.handle(SslConnection.java:196) >> at >> org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668) >> at >> org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) >> at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) >> at >> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) >> at java.lang.Thread.run(Thread.java:744) >> >> Aug 19, 2015 11:31:51 AM org.apache.commons.httpclient.HttpMethodBase >> getResponseBody >> WARNING: Going to buffer response body of large or unknown size. Using >> getResponseBodyAsStream instead is recommended. >> Aug 19, 2015 11:31:51 AM >> org.wso2.carbon.appfactory.s4.integration.StratosRestService >> deployApplication >> SEVERE: Authorization failed when subsctibing to cartridge >> >> >> Regards, >> Anuruddha >> >> On Mon, Aug 3, 2015 at 4:00 PM, Anuruddha Premalal <[email protected]> >> wrote: >> >>> Hi Raj, >>> >>> Yes adding -Dstratos.component.startup.synchronizer.enabled=true to >>> stratos.sh fixed the issue. We missed updating stratos.sh file while doing >>> the migration from 4.0.0 to 4.1.0 >>> >>> >>> >>> On Mon, Aug 3, 2015 at 1:44 PM, Rajkumar Rajaratnam <[email protected]> >>> wrote: >>> >>>> Hi Anuruddha, >>>> >>>> I guess we have already fixed this issue sometimes back. I went though >>>> the log again and found that you haven't enabled Component startup >>>> synchronizer. If you enable it, it will ensure that CompleteTopologyEvent >>>> will be published only after SM is activated (SM will be activated only >>>> after AS). >>>> >>>> In your logs, have a look at line number 402 : "Component startup >>>> synchronizer enabled: false" >>>> >>>> Please check whether your bin/stratos.sh have >>>> "-Dstratos.component.startup.synchronizer.enabled=true". If not, add it. >>>> Please let us know whether it resolves your issue. >>>> >>>> Thanks, >>>> Raj. >>>> >>>> >>>> >>>> On Mon, Aug 3, 2015 at 12:59 PM, Anuruddha Premalal <[email protected] >>>> > wrote: >>>> >>>>> Hi Raj, >>>>> >>>>> Thanks for the support given in finding the issue.I couldn't find a >>>>> public stratos jira for this so I've raised jira[1] to track this. >>>>> >>>>> [1] https://issues.apache.org/jira/browse/STRATOS-1487 >>>>> >>>>> >>>>> >>>>> On Mon, Aug 3, 2015 at 12:43 PM, Rajkumar Rajaratnam < >>>>> [email protected]> wrote: >>>>> >>>>>> Monitors were not created because CompleteTopologyEvent was published >>>>>> before AutoscalerComponent was activated. In the attached logs, >>>>>> >>>>>> Line number 478 - CompleteTopologyEvent was received by AS >>>>>> Line number 501 - AutoscalerComponent was activated >>>>>> >>>>>> When AS received CompleteTopologyEvent, it didn't load the >>>>>> application context from registry. Hence it just logged "The application >>>>>> is >>>>>> not yet deployed for this [application] asdevelopment" (Line number 482) >>>>>> and ignored the CompleteTopologyEvent. And CompleteTopologyEvent is >>>>>> published only once (until topology is initialized) - so there is no way >>>>>> that the monitors will be created. >>>>>> >>>>>> It needs to be fixed. >>>>>> >>>>>> Thanks, >>>>>> Raj. >>>>>> >>>>>> On Mon, Aug 3, 2015 at 12:06 PM, Anuruddha Premalal < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> HI Raj, >>>>>>> >>>>>>> i'm attaching the carbon log file herewith. >>>>>>> >>>>>>> On Mon, Aug 3, 2015 at 11:52 AM, Rajkumar Rajaratnam < >>>>>>> [email protected]> wrote: >>>>>>> >>>>>>>> Hi Anuruddha, >>>>>>>> >>>>>>>> Cluster monitor can be created in two situations. >>>>>>>> >>>>>>>> 1) when a cluster is created for the first time (application >>>>>>>> deployment time) >>>>>>>> 2) when stratos is restarted >>>>>>>> >>>>>>>> If cluster monitor creation failed, it would log enough information >>>>>>>> about it (some error logs like "Monitor creation failed, even after >>>>>>>> retrying for 5 times") . You can trace back the logs and see the >>>>>>>> reason for >>>>>>>> it. I don't think scenario 1) is the reason for the above behaviour, >>>>>>>> because the members will not be created if the cluster monitor creation >>>>>>>> failed. Scenario 2) can be one reason for this behaviour. If it is the >>>>>>>> reason, then you should be able to see some error logs regarding >>>>>>>> cluster >>>>>>>> monitor creation failed. Have you restarted stratos? >>>>>>>> >>>>>>>> Further, "*A cluster monitor is not found in autoscaler context" *error >>>>>>>> doesn't necessarily mean that cluster monitor creation failed. It >>>>>>>> can be because cluster is undeployed and the monitor is removed before >>>>>>>> getting this event from CEP. >>>>>>>> >>>>>>>> If you could attach the complete log, we will be able to point out >>>>>>>> the issue. >>>>>>>> >>>>>>>> Thanks, >>>>>>>> Raj. >>>>>>>> >>>>>>>> On Mon, Aug 3, 2015 at 11:32 AM, Anuruddha Premalal < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>>> Also this setup use kubernetes as the IaaS >>>>>>>>> >>>>>>>>> On Mon, Aug 3, 2015 at 11:31 AM, Anuruddha Premalal < >>>>>>>>> [email protected]> wrote: >>>>>>>>> >>>>>>>>>> Hi, >>>>>>>>>> >>>>>>>>>> I am working on $subject. >>>>>>>>>> >>>>>>>>>> In the current appfactory setup we have a single JVM Stratos >>>>>>>>>> 4.1.0 deployment. I am trying to get the autoscaling working since >>>>>>>>>> resetting the SM node each time of failure consumes time. Once a >>>>>>>>>> member >>>>>>>>>> fault event received to AS receives it but unable to continue with >>>>>>>>>> the >>>>>>>>>> following log. When will the cluster monitor get initiated? What >>>>>>>>>> would are >>>>>>>>>> the possibilities for failing the initialization of the cluster >>>>>>>>>> monitor? >>>>>>>>>> >>>>>>>>>> *INFO >>>>>>>>>> {org.apache.stratos.cep.extension.FaultHandlingWindowProcessor} - >>>>>>>>>> Faulty >>>>>>>>>> member detected [member-id] >>>>>>>>>> asdevelopment.anuasdevelopment.anuasdevelopment.domain38d5a847-d16a-4891-bbc0-6582cd9b9988 >>>>>>>>>> with [last time-stamp] 1438580270973 [time-out] 60000 milliseconds* >>>>>>>>>> *TID: [0] [SCC] [2015-08-03 11:26:38,956] INFO >>>>>>>>>> {org.apache.stratos.cep.extension.FaultHandlingWindowProcessor} - >>>>>>>>>> Publishing member fault event for [member-id] >>>>>>>>>> asdevelopment.anuasdevelopment.anuasdevelopment.domain38d5a847-d16a-4891-bbc0-6582cd9b9988* >>>>>>>>>> *TID: [0] [SCC] [2015-08-03 11:26:38,969] DEBUG >>>>>>>>>> {org.apache.stratos.autoscaler.event.receiver.health.AutoscalerHealthStatEventReceiver} >>>>>>>>>> - Member fault event received: [member] >>>>>>>>>> asdevelopment.anuasdevelopment.anuasdevelopment.domain38d5a847-d16a-4891-bbc0-6582cd9b9988 >>>>>>>>>> * >>>>>>>>>> *TID: [0] [SCC] [2015-08-03 11:26:38,969] DEBUG >>>>>>>>>> {org.apache.stratos.autoscaler.event.receiver.health.AutoscalerHealthStatEventReceiver} >>>>>>>>>> - A cluster monitor is not found in autoscaler context [cluster] >>>>>>>>>> asdevelopment.anuasdevelopment.anuasdevelopment.domain* >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Thanks & Regards, >>>>>>>>>> -- >>>>>>>>>> *Anuruddha Premalal* >>>>>>>>>> Software Eng. | WSO2 Inc. >>>>>>>>>> Mobile : +94710461070 >>>>>>>>>> Web site : www.regilandvalley.com >>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> *Anuruddha Premalal* >>>>>>>>> Software Eng. | WSO2 Inc. >>>>>>>>> Mobile : +94710461070 >>>>>>>>> Web site : www.regilandvalley.com >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> Rajkumar Rajaratnam >>>>>>>> Committer & PMC Member, Apache Stratos >>>>>>>> Software Engineer, WSO2 >>>>>>>> >>>>>>>> Mobile : +94777568639 >>>>>>>> Blog : rajkumarr.com >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> *Anuruddha Premalal* >>>>>>> Software Eng. | WSO2 Inc. >>>>>>> Mobile : +94710461070 >>>>>>> Web site : www.regilandvalley.com >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Rajkumar Rajaratnam >>>>>> Committer & PMC Member, Apache Stratos >>>>>> Software Engineer, WSO2 >>>>>> >>>>>> Mobile : +94777568639 >>>>>> Blog : rajkumarr.com >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> *Anuruddha Premalal* >>>>> Software Eng. | WSO2 Inc. >>>>> Mobile : +94710461070 >>>>> Web site : www.regilandvalley.com >>>>> >>>>> >>>> >>>> >>>> -- >>>> Rajkumar Rajaratnam >>>> Committer & PMC Member, Apache Stratos >>>> Software Engineer, WSO2 >>>> >>>> Mobile : +94777568639 >>>> Blog : rajkumarr.com >>>> >>> >>> >>> >>> -- >>> *Anuruddha Premalal* >>> Software Eng. | WSO2 Inc. >>> Mobile : +94710461070 >>> Web site : www.regilandvalley.com >>> >>> >> >> >> -- >> *Anuruddha Premalal* >> Software Eng. | WSO2 Inc. >> Mobile : +94710461070 >> Web site : www.regilandvalley.com >> >> > > > -- > *Anuruddha Premalal* > Software Eng. | WSO2 Inc. > Mobile : +94710461070 > Web site : www.regilandvalley.com > > -- Dimuthu Leelarathne Director & Product Lead of App Factory WSO2, Inc. (http://wso2.com) email: [email protected] Mobile : 0773661935 Lean . Enterprise . Middleware
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
