Uploaded image for project: 'Mesos'
  1. Mesos
  2. MESOS-10217

Mesos slave fails to connect after enabling ssl

Attach filesAttach ScreenshotVotersWatch issueWatchersLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Critical
    • Resolution: Duplicate
    • 1.9.0
    • None
    • agent
    • None

    Description

      Version:
      mesos 1.9.0-2.0.1.ubuntu1604

      After enabling ssl on master and slave by setting the following variables:
      LIBPROCESS_SSL_ENABLED=1
      LIBPROCESS_SSL_KEY_FILE=/etc/mesos/conf/ssl/server.key
      LIBPROCESS_SSL_CERT_FILE=/etc/mesos/conf/ssl/server.pem
      LIBPROCESS_SSL_REQUIRE_CERT=false
      LIBPROCESS_SSL_VERIFY_SERVER_CERT=false
      LIBPROCESS_SSL_REQUIRE_CLIENT_CERT=false
      LIBPROCESS_SSL_HOSTNAME_VALIDATION_SCHEME=openssl
      LIBPROCESS_SSL_VERIFY_CERT=false
      LIBPROCESS_SSL_CA_DIR=/etc/mesos/conf/ssl
      LIBPROCESS_SSL_CA_FILE=/etc/mesos/conf/ssl/ca.pem
      LIBPROCESS_SSL_SUPPORT_DOWNGRADE=false
      LIBPROCESS_SSL_VERIFY_IPADD=false

      The slave fails to connect to the master. Error in logs:
      Failed to accept socket: Failed accept: connection error: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request

      The connectivity works after setting:
      LIBPROCESS_SSL_SUPPORT_DOWNGRADE=true

      But then on the mesos UI the sandbox for the task fails to open with following error:
      Potential reasons:

      • The agent is not accessible
      • The agent timed out or went offline

      Attachments

        Issue Links

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            Unassigned Unassigned
            prasadkulkarni0711 prasadkulkarni0711
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment