Uploaded image for project: 'Couchbase Server'
  1. Couchbase Server
  2. MB-48068

Each Refresh get SSL host/port

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: Neo, 7.0.2
    • Fix Version/s: Neo, 7.0.2
    • Component/s: query
    • Labels:
      None
    • Triage:
      Untriaged
    • Story Points:
      1
    • Is this a Regression?:
      Unknown

      Description

      When SSL enabled the certificates will have actual host name.
      NS server passes cbq-engine local host. But for gocbcore we need to pass actual hostname in the certificates.
      We use to get hostname once at the start use that. Unfortunately that will not work the following case.
      bring single node cluster, hostname is local host
      enable encryption
      use transactions will work
      now add another node. The local hostname is changed to actual ip
      now transactions will not work.

      Solution: Each time certificates refresh get hostname and use that

        Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

          Hide
          build-team Couchbase Build Team added a comment -

          Build couchbase-server-7.0.2-6549 contains query commit 7df75f0 with commit message:
          MB-48068. Each TLS refresh get SSL host/port

          Show
          build-team Couchbase Build Team added a comment - Build couchbase-server-7.0.2-6549 contains query commit 7df75f0 with commit message: MB-48068 . Each TLS refresh get SSL host/port
          Hide
          build-team Couchbase Build Team added a comment -

          Build couchbase-server-7.1.0-1177 contains query commit fffbc5b with commit message:
          MB-48068. Each TLS refresh get SSL host/port

          Show
          build-team Couchbase Build Team added a comment - Build couchbase-server-7.1.0-1177 contains query commit fffbc5b with commit message: MB-48068 . Each TLS refresh get SSL host/port
          Hide
          pierre.regazzoni Pierre Regazzoni added a comment -

          Verified on 7.0.2-6549 and 7.1.0-1177.

          1. Setup single node with strict mode
          2. Run n1ql transaction successfully
          3. Add new node and rebalance
          4. Run n1ql transaction successfully

          Prior to fix would see in step 4:

               "errors": [
                  {
                      "cause": {
                          "cause": {
                              "-": {
                                  "InnerError": {
                                      "InnerError": {},
                                      "Message": "unambiguous timeout"
                                  }
                              },
                              "i": "0x0",
                              "s": "LookupIn",
                              "t": 2501251
                          },
                          "raise": "failed",
                          "retry": true,
                          "rollback": true
                      },
                      "code": 17017,
                      "msg": "Transaction fetch error"
                  }
              ],

           

          Show
          pierre.regazzoni Pierre Regazzoni added a comment - Verified on 7.0.2-6549 and 7.1.0-1177. Setup single node with strict mode Run n1ql transaction successfully Add new node and rebalance Run n1ql transaction successfully Prior to fix would see in step 4:     "errors" : [         {             "cause" : {                 "cause" : {                     "-" : {                         "InnerError" : {                             "InnerError" : {},                             "Message" : "unambiguous timeout"                         }                     },                     "i" : "0x0" ,                     "s" : "LookupIn" ,                     "t" : 2501251                 },                 "raise" : "failed" ,                 "retry" : true ,                 "rollback" : true             },             "code" : 17017 ,             "msg" : "Transaction fetch error"         }     ],  

            People

            Assignee:
            pierre.regazzoni Pierre Regazzoni
            Reporter:
            Sitaram.Vemulapalli Sitaram Vemulapalli
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Gerrit Reviews

                There are no open Gerrit changes

                  PagerDuty