Mailing List Archive

Hi!

I don't know why you think that the satellite listens on port 3377?
Here are the default port bindings:

/*
* Default ports
*/
public static final int DFLT_CTRL_PORT_SSL = 3377;
public static final int DFLT_CTRL_PORT_PLAIN = 3376;
public static final int DFLT_STLT_PORT_SSL = 3367;
public static final int DFLT_STLT_PORT_PLAIN = 3366;

It wouldn't make much sense to have a combined node, where you only can run
either a controller or satellite...
We have multiple setups where Controller and Satellite run on the same node.

Best regards
Rene

On Thu, Jul 2, 2020 at 7:02 AM Chad William Seys <cwseys@physics.wisc.edu>
wrote:

> Hi,
> I have a "Combined" controller/satellite node which I'm trying to set
> up SSL on.
> It appears that the controller binds port 3377 by default. This is
> also the port the satellite listens to by default. When the node is
> Combined, this causes problems connecting to the satellite daemon.
> My hope was to have the controller bind to a non-3377 port so that
> one would not have to specify a non-default port when creating a node.
> However, I haven't been able to get the controller daemon to bind to
> anything but 3377.
> E.g. This does not work:
> # cat /etc/linstor/linstor_controller.toml
> [netcom]
> type="ssl"
> port=3388
> server_certificate="/etc/linstor/ssl/keystore.jks"
> trusted_certificates="/etc/linstor/ssl/certificates.jks"
> key_password="linstor"
> keystore_password="linstor"
> truststore_password="linstor"
> ssl_protocol="TLSv1.2"
>
>
> Thanks!
> Chad.
> _______________________________________________
> Star us on GITHUB: https://github.com/LINBIT
> drbd-user mailing list
> drbd-user@lists.linbit.com
> https://lists.linbit.com/mailman/listinfo/drbd-user
>

Hmm, OK. After looking at things again, it looks like the actual
problem is that 'linstor create' without -p sets the port to 3377 for
the Satellite:

# linstor node create --communication-type SSL vms20 --node-type Combined
SUCCESS:
Description:
New node 'vms20' registered.
Details:
Node 'vms20' UUID is: af9198db-512a-4cf3-ad31-a1e79d416596
ERROR:
Description:
(Node: 'vms20') The requested function call cannot be executed.
Cause:
Common causes of this error are:
- The function call name specified by the caller
(client side) is incorrect
- The requested function call was not loaded into
the system (server side)
Details:
The requested function call name was 'Auth'.
Node: vms20
Show reports:
linstor error-reports show 5EFDF10B-00000-000001
root@vms20:~# linstor n l
???????????????????????????????????????????????????????????
? Node ? NodeType ? Addresses ? State ?
???????????????????????????????????????????????????????????
? vms20 ? COMBINED ? 128.104.164.119:3377 (SSL) ? OFFLINE ?
???????????????????????????????????????????????????????????


# with -p 3367:

# linstor node create -p 3367 --communication-type SSL vms20 --node-type
Combined
SUCCESS:
Description:
New node 'vms20' registered.
Details:
Node 'vms20' UUID is: f5887821-3415-48bc-8d33-1cc4ac19efe3
SUCCESS:
Description:
Node 'vms20' authenticated
Details:
Supported storage providers: [diskless, lvm, lvm_thin, file,
file_thin, openflex_target]
Supported resource layers : [writecache, cache, openflex, storage]
Unsupported storage providers:
ZFS: 'cat /sys/module/zfs/version' returned with exit code 1
ZFS_THIN: 'cat /sys/module/zfs/version' returned with exit code 1
SPDK: IO exception occured when running 'rpc.py
get_spdk_version': Cannot run program "rpc.py": error=2, No such file or
directory

Unsupported resource layers:
DRBD: DRBD version has to be >= 9. Current DRBD version: 8.4.10
LUKS: IO exception occured when running 'cryptsetup --version':
Cannot run program "cryptsetup": error=2, No such file or directory
NVME: IO exception occured when running 'nvme version': Cannot
run program "nvme": error=2, No such file or directory
INFO:
Linstor node name 'vms20' and hostname 'vms20.physics.wisc.edu'
doesn't match.
root@vms20:~# systemctl start linstor-satellite.service ^C
root@vms20:~# linstor n l
??????????????????????????????????????????????????????????
? Node ? NodeType ? Addresses ? State ?
??????????????????????????????????????????????????????????
? vms20 ? COMBINED ? 128.104.164.119:3367 (SSL) ? Online ?
??????????????????????????????????????????????????????????

Thanks!
Chad.


On 7/2/20 5:00 AM, drbd-user-request@lists.linbit.com wrote:
> Send drbd-user mailing list submissions to
> drbd-user@lists.linbit.com
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://lists.linbit.com/mailman/listinfo/drbd-user
> or, via email, send a message with subject or body 'help' to
> drbd-user-request@lists.linbit.com
>
> You can reach the person managing the list at
> drbd-user-owner@lists.linbit.com
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of drbd-user digest..."
>
>
> Today's Topics:
>
> 1. Re: satellite daemon must non-3377 port for SSL? (Rene Peinthor)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Thu, 2 Jul 2020 07:10:10 +0200
> From: Rene Peinthor <rene.peinthor@linbit.com>
> Subject: Re: [DRBD-user] satellite daemon must non-3377 port for SSL?
> To: Chad William Seys <cwseys@physics.wisc.edu>
> Cc: drbd-user <drbd-user@lists.linbit.com>
> Message-ID:
> <CAHmn2DPLAKteM=3veZbri3-NtWUkg-0vQt=bHq36Cir2YdZDhQ@mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> Hi!
>
> I don't know why you think that the satellite listens on port 3377?
> Here are the default port bindings:
>
> /*
> * Default ports
> */
> public static final int DFLT_CTRL_PORT_SSL = 3377;
> public static final int DFLT_CTRL_PORT_PLAIN = 3376;
> public static final int DFLT_STLT_PORT_SSL = 3367;
> public static final int DFLT_STLT_PORT_PLAIN = 3366;
>
> It wouldn't make much sense to have a combined node, where you only can run
> either a controller or satellite...
> We have multiple setups where Controller and Satellite run on the same node.
>
> Best regards
> Rene
>
> On Thu, Jul 2, 2020 at 7:02 AM Chad William Seys <cwseys@physics.wisc.edu>
> wrote:
>
>> Hi,
>> I have a "Combined" controller/satellite node which I'm trying to set
>> up SSL on.
>> It appears that the controller binds port 3377 by default. This is
>> also the port the satellite listens to by default. When the node is
>> Combined, this causes problems connecting to the satellite daemon.
>> My hope was to have the controller bind to a non-3377 port so that
>> one would not have to specify a non-default port when creating a node.
>> However, I haven't been able to get the controller daemon to bind to
>> anything but 3377.
>> E.g. This does not work:
>> # cat /etc/linstor/linstor_controller.toml
>> [netcom]
>> type="ssl"
>> port=3388
>> server_certificate="/etc/linstor/ssl/keystore.jks"
>> trusted_certificates="/etc/linstor/ssl/certificates.jks"
>> key_password="linstor"
>> keystore_password="linstor"
>> truststore_password="linstor"
>> ssl_protocol="TLSv1.2"
>>
>>
>> Thanks!
>> Chad.
>> _______________________________________________
>> Star us on GITHUB: https://github.com/LINBIT
>> drbd-user mailing list
>> drbd-user@lists.linbit.com
>> https://lists.linbit.com/mailman/listinfo/drbd-user
>>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://lists.linbit.com/pipermail/drbd-user/attachments/20200702/2157c8ef/attachment.html>
>
> ------------------------------
>
> _______________________________________________
> Star us on GITHUB: https://github.com/LINBIT
> drbd-user mailing list
> drbd-user@lists.linbit.com
> https://lists.linbit.com/mailman/listinfo/drbd-user
>
>
> End of drbd-user Digest, Vol 192, Issue 2
> *****************************************
>
_______________________________________________
Star us on GITHUB: https://github.com/LINBIT
drbd-user mailing list
drbd-user@lists.linbit.com
https://lists.linbit.com/mailman/listinfo/drbd-user

> On 25 Jun 2020, at 23:03, Chad William Seys <cwseys@physics.wisc.edu> wrote:
>
> Hi,
> I have a "Combined" controller/satellite node which I'm trying to set
> up SSL on.
> It appears that the controller binds port 3377 by default. This is also the port the satellite listens to by default. When the node is Combined, this causes problems connecting to the satellite daemon.

As Rene already quoted from the source code, by default, the controller listens on 3376 (plain) and 3377 (ssl), while the satellite listens on 3366 (plain) and 3367 (ssl).

The controller’s so-called connectors are configured in its database as property values, in netcom/<ConnectorName>. Each connector has a port property that can be changed.
Either use the LINSTOR client to change that property, e.g. netcom/SslConnector/port for the SSL connector that is configured by default, or if that does not work for whatever reason, start the controller interactively with the debug console (-D) and enter:
SetCfgVal namespace(netcom) key(SslConnector/port) value(xxx)
where xxx is the port number you want to set.
Then restart the controller (enter ShtDwn and restart as usual with Pacemaker/systemctl/start script/etc.)

Anyhow, that should not be necessary, because the controller and satellite modules were designed to run on the same node without causing TCP port collisions.

br,
Robert

_______________________________________________
Star us on GITHUB: https://github.com/LINBIT
drbd-user mailing list
drbd-user@lists.linbit.com
https://lists.linbit.com/mailman/listinfo/drbd-user