getsockopt: connection timed out #24
Comments
|
Hello! Thanks for filing your report. To verify a couple things:
Let me know once you've tried those two things and we'll continue from there. Thanks! |
|
Dear Adam, I did what you commented, I think that it didn't work out well.
Thank you and best regards, |
|
Dear Adam, WhenI run the "curl -k option", the output was "{"version": ["1.0", "1.1", "1.2", "1.3", "1.4", "1.5", "1.6", "1.7", "1.8", "1.9", "1.10", "1.11", "1.12", "1.13", "1.14", "1.15", "1.16", "1.17", "2.0"]}" Thank you and regards, |
|
@Pure-AdamuKaapan , do you have any further advice on what @joonmoonlee responded? Thanks in advance |
|
Hi, I am suffering the same issue as described before, also I have tried the same steps to troubleshoot with ping command and curl and I obtained the same results: ping works perfectly and with curl I have to use -k option to avoid certificate verification checks. Seems that there is a problem with certificates, but I don't know how to troubleshoot this issue. May someone assists us? thanks in advance. |
|
Sorry, my apologies for the delay; it would indeed seem to be a certificate-related issue. We have some self-signed certs in use on our testing server today, so it's odd that they aren't working here. What may be useful for debugging on my end is a log dump. Could both of you (@joonmoonlee , @ibernaldo ) run If you feel the need to go through and censor any of the files produced here, feel free to do so. |
|
Dear Adam,
I have sent my collected logs directly to you.
Let us know your findings.
Thanks and regards,
…--
IBÁN BERNALDO DE QUIRÓS MÁRQUEZ // Systems Engineer | Pure Storage, Inc.
+34 647 52 31 40<tel:+34%20647%2052%2031%2040> | [email protected]<mailto:[email protected]>
De: Adam Krpan <[email protected]>
Responder a: PureStorage-OpenConnect/pure1-unplugged <[email protected]>
Fecha: miércoles, 8 de enero de 2020, 19:39
Para: PureStorage-OpenConnect/pure1-unplugged <[email protected]>
CC: ibernaldo <[email protected]>, Mention <[email protected]>
Asunto: Re: [PureStorage-OpenConnect/pure1-unplugged] getsockopt: connection timed out (#24)
Sorry, my apologies for the delay; it would indeed seem to be a certificate-related issue. We have some self-signed certs in use on our testing server today, so it's odd that they aren't working here.
What may be useful for debugging on my end is a log dump. Could both of you (@joonmoonlee<https://github.com/joonmoonlee> , @ibernaldo<https://github.com/ibernaldo> ) run puctl infra packlogs and then send me the .tar.gz file that it creates? (It should look something like pure1-unplugged-logs-2020-01-08-18:36:36.tar.gz). Once that's done, please send it to me at [email protected]<mailto:[email protected]> and I can take a closer look.
If you feel the need to go through and censor any of the files produced here, feel free to do so.
Thank you!
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<#24?email_source=notifications&email_token=AOHFVPVSPWWAYQAWHFDU65LQ4YMU7A5CNFSM4KCA2AV2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEINRNGI#issuecomment-572200601>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AOHFVPUZFJB4UECGINLRR23Q4YMU7ANCNFSM4KCA2AVQ>.
|
|
Thanks @ibernaldo , I don't see much different in the logs unfortunately. I'm currently wondering if there's a firewall rule or something outside of the VM. Could you try the same Basically, the conclusion I'm coming to so far is that everything else about this situation is essentially identical to our testing server (self-signed certs, device REST server working correctly, ping works, etc.), so my suspicion is now on some external factors. |
|
Thanks for your quick response...! Maybe the problem is the OS version that I have used and iptables is active... need to check.
I have used the iso file to install Pure1-unplugged not the OVA.
I think I have tested the curl command inside the VM to the array... but need to review.
One question to get a result from the curl command I have to use the -K option to avoid the certificate check...
If I were supposed to remove the warning/error I received do I have to left certificates of the array that I want to monitor in a specific path in the VM?
Will let you know further input tomorrow.
Thanks and regards,
Iban.-
…Sent from my iPhone
On 9 Jan 2020, at 00:07, Adam Krpan ***@***.***> wrote:
Thanks @ibernaldo , I don't see much different in the logs unfortunately. I'm currently wondering if there's a firewall rule or something outside of the VM. Could you try the same curl command but inside the Unplugged VM? I found through experimenting with iptables that blocking port 443 produces the same "connection timed out" error.
Basically, the conclusion I'm coming to so far is that everything else about this situation is essentially identical to our testing server (self-signed certs, device REST server working correctly, ping works, etc.), so my suspicion is now on some external factors.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or unsubscribe.
|
|
Hi @Pure-AdamuKaapan , I have sent you a log file directly on behalf of @joonmoonlee who will come online shortly. Let us know if there are anything you want from the VM By the way, here is the output of curl output in the VM [root@localhost ~]# curl -k https://192.168.0.110/api/api_version |
|
@ibernaldo the OS version should be the same no matter what, since the Honestly, since the VM can reach the API server just fine, I'll need to start doing some digging to figure out what in Kubernetes specifically might be breaking this, which could take a while (especially because I'm spread pretty thin right now). If you're so inclined, a reinstall can't hurt, and could help ensure it's a reproducible issue. |
|
Dear Adam, Jinnam, @ibernaldo If I commented about firewalls about Pure Storage Korea Lab, there is "No FireWall" and it is only connecting to a dummy L2 network switch. Thank you and best regards, |
|
Dear all,
I have tried curl from the VM to the array with -k and this is the output:
[root@localhost log]# curl https://192.168.10.10/api/api_version --insecure
{"version": ["1.0", "1.1", "1.2", "1.3", "1.4", "1.5", "1.6", "1.7", "1.8", "1.9", "1.10", "1.11", "1.12", "1.13", "1.14", "1.15", "1.16"]}
[root@localhost log]#
So curl its working fine from VM to the array…
Nonetheless after registering the array this is what I get after 30 seconds….
[cid:[email protected]]
Ping is working between array and pure1-unplugged.
Also I have added rules to iptables for https. Also if I look at firewallID – https service is open… I also added http just in case. No success.
I telnet from the array to the VM to port 443, and connection is good.
No errors are seeing when I review the status of services. All seems to be correct and there’s no connectivity issues.
Adam, I can offer you a zoom session just in case, maybe it is something that it’s easy to catch for you. It’s a lab environment, so we can modify whatever we want with no issues.
Let me know.
Thanks and regards,
…--
IBÁN BERNALDO DE QUIRÓS MÁRQUEZ // Systems Engineer | Pure Storage, Inc.
+34 647 52 31 40<tel:+34%20647%2052%2031%2040> | [email protected]<mailto:[email protected]>
De: joonmoonlee <[email protected]>
Responder a: PureStorage-OpenConnect/pure1-unplugged <[email protected]>
Fecha: jueves, 9 de enero de 2020, 8:05
Para: PureStorage-OpenConnect/pure1-unplugged <[email protected]>
CC: ibernaldo <[email protected]>, Mention <[email protected]>
Asunto: Re: [PureStorage-OpenConnect/pure1-unplugged] getsockopt: connection timed out (#24)
Dear Adam, Jinnam, @ibernaldo<https://github.com/ibernaldo>
If I commented about firewalls about Pure Storage Korea Lab, there is "No FireWall" and it is only connecting to a dummy L2 network switch.
Also, I succeeded in the PureELK in the same environments two weeks ago.
I will check the IP Tables at CLI, but I think that I was inactive once I was testing.
By the way, if you want to access remotely, I'm willing to open Pure Storage Korea Lab.
Thank you and best regards,
Joonmoon Lee
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub<#24?email_source=notifications&email_token=AOHFVPSREKWE7MYYOR777K3Q43EE5A5CNFSM4KCA2AV2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEIPHOZI#issuecomment-572421989>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AOHFVPSW3MSUUPYXNOHGIXTQ43EE5ANCNFSM4KCA2AVQ>.
|
|
Hello Adam, I double-checked the iptabes and firewalld, and then I stopped again and disable the services permanently. [root@localhost ~]# systemctl stop iptables Thanks, |
|
Hello Adam, I can open the lab's gears to you in the Korea office whenever you want. Thank you and best regards, |
|
Hello again @joonmoonlee and @ibernaldo , thanks for all your information. I have some debugging ideas that I can do but will probably have to wait until tomorrow. If you wanted to get the connection available to me at least I can start poking around tomorrow morning. Feel free to either send an email or Slack message to me with instructions on how to connect and we can go from there. Thanks! |
|
Hello Team, I tested Unplugged Pure1 on VMware 6.7 included the following detail environment.
Thank you and best regards, |
|
@joonmoonlee The issue was due to similar 198.168.x.x network used by podCIDR. I remotely access your lab, then fixed the problem accordingly. This change should be added into up-to-date installation guide for future Pure1_Unplugged installation. |
Dear Team,
I completed successfully, but I couldn't add an array of the following message.
"Unable to connect. Error: Get https://192.168.0.110/api/api_version: dial tcp 192.168.0.110:443: getsockopt: connection timed out"
When I click "the array name" at "Add New Array" page during connecting the array, I was able to access the array, so I thought that the network was no problem.
A ping test from array to Pure1-Unplugged VM host was fine.
Thank you and regards,
Joonmoon Lee
The text was updated successfully, but these errors were encountered: