Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Major
Fix Version/s: 7.1.0
Affects Version/s: 7.1.0
Component/s: ns_server
Labels:
- functional-test
Environment:
CB EE 7.1.0-1565

Triage:
Untriaged
Operating System:
Centos 64-bit
Link to Log File, atop/blg, CBCollectInfo, Core dump:

Hide
http://supportal.couchbase.com/snapshot/a379bbcff83d971b266080e2432cf25e::0
s3://cb-customers-secure/deletion_ca_with_n2n/2021-10-25/collectinfo-2021-10-25t171708-ns_1@172.23.105.215.zip
s3://cb-customers-secure/deletion_ca_with_n2n/2021-10-25/collectinfo-2021-10-25t171708-ns_1@172.23.105.219.zip
s3://cb-customers-secure/deletion_ca_with_n2n/2021-10-25/collectinfo-2021-10-25t171708-ns_1@172.23.106.237.zip

Show
http://supportal.couchbase.com/snapshot/a379bbcff83d971b266080e2432cf25e::0 s3://cb-customers-secure/deletion_ca_with_n2n/2021-10-25/collectinfo-2021-10-25t171708-ns_1@172.23.105.215.zip s3://cb-customers-secure/deletion_ca_with_n2n/2021-10-25/collectinfo-2021-10-25t171708-ns_1@172.23.105.219.zip s3://cb-customers-secure/deletion_ca_with_n2n/2021-10-25/collectinfo-2021-10-25t171708-ns_1@172.23.106.237.zip
Story Points:
1
Is this a Regression?:
No

Description

This is a negative test. I originally expected that uploading trusted CAs would fail when n2n encryption is enabled. But I think that is not the case.
However, deletion of CAs when n2n encryption is enabled fails sometimes and works sometimes.

Steps to Reproduce:
1. Create a 3 node kv cluster (2.15, .219, .237)
2. Enable n2n encryption to control
3. Upload multiple CAs - worked fine
4. Regenerate certificates and delete unused trusted CAs (from each node) as part of teardown of the cluster
Deletion intermittently failed with unexpected server error

2021-10-25 10:10:10 | ERROR | MainProcess | test_thread | [rest_client._http_request] DELETE http://172.23.105.219:8091//pools/default/trustedCAs/1 body:  headers: {'Content-Type': 'application/x-www-form-urlencoded', 'Authorization': 'Basic QWRtaW5pc3RyYXRvcjpwYXNzd29yZA==', 'Accept': '*/*'} error: 500 reason: unknown b'["Unexpected server error, request logged."]' auth: Administrator:password

Seeing error.log of .219, it looks the call timed out

[ns_server:error,2021-10-25T10:10:10.676-07:00,ns_1@172.23.105.219:<0.9356.0>:menelaus_util:reply_server_error:209]Server error during processing: ["web request failed",

                                 {path,"/pools/default/trustedCAs/1"},

                                 {method,'DELETE'},

                                 {type,exit},

                                 {what,timeout},

                                 {trace,

                                  [{chronicle_rsm,leader_request,3,

                                    [{file,"src/chronicle_rsm.erl"},

                                     {line,152}]},

                                   {chronicle_kv,submit_command,3,

                                    [{file,"src/chronicle_kv.erl"},

                                     {line,640}]},

                                   {chronicle_kv,txn_loop_commit,8,

                                    [{file,"src/chronicle_kv.erl"},

                                     {line,277}]},

                                   {ns_server_cert,remove_CA,1,

                                    [{file,"src/ns_server_cert.erl"},

                                     {line,913}]},

                                   {menelaus_web_cert,

                                    handle_delete_trustedCA,2,

                                    [{file,"src/menelaus_web_cert.erl"},

                                     {line,56}]},

                                   {request_tracker,request,2,

                                    [{file,"src/request_tracker.erl"},

                                     {line,40}]},

                                   {menelaus_util,handle_request,2,

                                    [{file,"src/menelaus_util.erl"},

                                     {line,220}]},

                                   {mochiweb_http,headers,6,

                                    [{file,

                                      "/home/couchbase/jenkins/workspace/couchbase-server-unix/couchdb/src/mochiweb/mochiweb_http.erl"},

                                     {line,150}]}]}]

Note that:
1. It happens only when n2n encryption is enabled
2. Sometimes this call fails with /regenerateCertificate call

Attachments

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Timofey Barmin

Reporter:: Sumedh Basarkod (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 25/Oct/21 12:15 PM

Updated:: 26/Nov/21 12:48 AM

Resolved:: 10/Nov/21 10:37 AM

Gerrit Reviews

There are no open Gerrit changes

Show There are 4 closed Gerrit changes

Hide There are 4 closed Gerrit changes

MB-49138: Make terminate timeout smaller: Gerrit Review:

MB-49138: Correctly handle "accept" messages from acceptors...: Gerrit Review:

MB-48047:[BP] Make terminate timeout smaller: Gerrit Review:

MB-49138: [cb_dist] Mark connections as 'shutdown' when...: Gerrit Review:

Unexpected server error during deletion of trusted CA

Details

Description

Attachments

Gerrit Reviews

Activity

People

Dates

Gerrit Reviews

PagerDuty