Description
Here is the basic scenario: I have two nodes in a cluster, both with query services. Node 1 has a white list that looks like the following: {"all_access":true,"allowed_urls":null,"disallowed_urls":null}, node2 does not have a n1qlcerts directory or a whitelist.
Now when I run this query on node 1:
/opt/couchbase/bin/cbq -q -u Administrator -p password -s="select curl('http://172.23.106.24:8093/query/service', {'data' : 'statement=select * from default limit 5','user':'Administrator:password'})"
Sometimes I get the correct results and other times I get the following output:
{
"requestID": "962200f4-6963-46a8-a5f4-fdb47e121fd5",
"signature": {
"$1": "object"
},
"results": [
],
"errors": [
{
"code": 5010,
"msg": "Error evaluating projection. - cause: File /opt/couchbase/bin/../var/lib/couchbase/n1qlcerts/curl_whitelist.json does not exist on node172.23.106.25. CURL() end points should be whitelisted."
}
],
"status": "errors",
"metrics": {
"elapsedTime": "3.875091ms",
"executionTime": "3.765462ms",
"resultCount": 0,
"resultSize": 0,
"errorCount": 1
}
}
So there are two things here, one is that the results are not consistent and the other is a question, does every query node need to have a whitelist for any node to run curl? Because my node1 should have full curl access and I am running the query on node1.