Hi All, I raised the issue in jenkins dev mailing list and still waiting for a response. Standalone jenkins use jetty servelet container [1]. However it's still using winstone[2] for java command line argument parsing which I couldn't find a way to configure SSL clientAuthentication.
One workaround is to call stratos services using the stratos admin. The other option is to use a signedJWT token athenticator. Using stratos admin for application(stratos) creation might incur metering or appfactory wall related concerns in-future. IMO if the MutualAuth doesn't work with current jenkins deployment it's better to go for SignedJWT Authenticator. Appreciate your feedback on this regard. [1] https://wiki.jenkins-ci.org/display/JENKINS/Starting+and+Accessing+Jenkins [2] http://winstone.sourceforge.net/#configFile On Wed, Aug 19, 2015 at 12:20 PM, Anuruddha Premalal <anurud...@wso2.com> wrote: > Hi All, > > I've completed the following flow for single tenant cartridge. > > * Creating S2 git repo for app creation. > * Creating and deploying the app in stratos and bringing up the cartridge. > * Preparing the tomcat cartridge. > * Creating s2 repo for app versioning > * Cleaning application resources(stratos & s2 repos) on deletion. > > There's an issue in talking to stratos on application versioning. > > On versioning stratos rest calls(to create app) goes through jenkins, we > are using MutualSSL for communication between stratos and deployers bundle. > For this to work stratos expect "javax.servlet.request.X509Certificate" > attribute to be set with the certificate object, this attribute is not > getting set when the call goes through jenkins. Because of this stratos is > unable to authenticate the application creation request. > > Also there's an error log[1] in jenkins before sending the rest call. > This might be the reason for the failure of setting certificate object. FYI > client truststore and the keystores are identical in jenkins and stratos > side. > > has anyone encountered a similar issue before? > > [1] org.apache.commons.httpclient.HttpMethodDirector > processAuthenticationResponse > SEVERE: Invalid challenge: Basic > org.apache.commons.httpclient.auth.MalformedChallengeException: Invalid > challenge: Basic > at > org.apache.commons.httpclient.auth.AuthChallengeParser.extractParams(AuthChallengeParser.java:98) > at > org.apache.commons.httpclient.auth.RFC2617Scheme.processChallenge(RFC2617Scheme.java:94) > at > org.apache.commons.httpclient.auth.BasicScheme.processChallenge(BasicScheme.java:112) > at > org.apache.commons.httpclient.auth.AuthChallengeProcessor.processChallenge(AuthChallengeProcessor.java:162) > at > org.apache.commons.httpclient.HttpMethodDirector.processWWWAuthChallenge(HttpMethodDirector.java:694) > at > org.apache.commons.httpclient.HttpMethodDirector.processAuthenticationResponse(HttpMethodDirector.java:668) > at > org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:193) > at > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) > at > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323) > at > org.wso2.carbon.appfactory.s4.integration.StratosRestService.doPost(StratosRestService.java:301) > at > org.wso2.carbon.appfactory.s4.integration.StratosRestService.deployApplication(StratosRestService.java:134) > at > org.wso2.carbon.appfactory.deployers.StratosApplicationHandler.createAndDeployStratosApplication(StratosApplicationHandler.java:60) > at > org.wso2.carbon.appfactory.deployers.AbstractStratosDeployer.addToGitRepo(AbstractStratosDeployer.java:114) > at > org.wso2.carbon.appfactory.deployers.AbstractStratosDeployer.deploy(AbstractStratosDeployer.java:72) > at > org.wso2.carbon.appfactory.deployers.AbstractDeployer.deployLatestSuccessArtifact(AbstractDeployer.java:123) > at > org.wso2.carbon.appfactory.jenkins.deploy.JenkinsArtifactDeployer.deployLatestSuccessArtifact(JenkinsArtifactDeployer.java:84) > at > org.wso2.carbon.appfactory.jenkins.artifact.storage.AppfactoryArtifactStoragePlugin.doDynamic(AppfactoryArtifactStoragePlugin.java:92) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:298) > at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:161) > at > org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:96) > at org.kohsuke.stapler.MetaClass$12.dispatch(MetaClass.java:391) > at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746) > at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) > at org.kohsuke.stapler.MetaClass$6.doDispatch(MetaClass.java:249) > at > org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53) > at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746) > at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) > at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649) > at org.kohsuke.stapler.Stapler.service(Stapler.java:238) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) > at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:686) > at > org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1494) > at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:123) > at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:114) > at > org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) > at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:48) > at > org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) > at > hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84) > at > hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51) > at > hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) > at > jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117) > at > hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) > at > org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125) > at > hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) > at > org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142) > at > hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) > at > org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271) > at > hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) > at > jenkins.security.BasicHeaderProcessor.success(BasicHeaderProcessor.java:140) > at > jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:82) > at > hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) > at > org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249) > at > hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67) > at > hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) > at > hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) > at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:168) > at > org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) > at > org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49) > at > org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) > at > hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) > at > org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) > at > org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30) > at > org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474) > at > org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499) > at > org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137) > at > org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533) > at > org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231) > at > org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086) > at > org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428) > at > org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193) > at > org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020) > at > org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) > at > org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) > at org.eclipse.jetty.server.Server.handle(Server.java:370) > at > org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) > at > org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:949) > at > org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1011) > at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644) > at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235) > at > org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) > at org.eclipse.jetty.io.nio.SslConnection.handle(SslConnection.java:196) > at > org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668) > at > org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) > at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) > at java.lang.Thread.run(Thread.java:744) > > Aug 19, 2015 11:31:51 AM org.apache.commons.httpclient.HttpMethodBase > getResponseBody > WARNING: Going to buffer response body of large or unknown size. Using > getResponseBodyAsStream instead is recommended. > Aug 19, 2015 11:31:51 AM > org.wso2.carbon.appfactory.s4.integration.StratosRestService > deployApplication > SEVERE: Authorization failed when subsctibing to cartridge > > > Regards, > Anuruddha > > On Mon, Aug 3, 2015 at 4:00 PM, Anuruddha Premalal <anurud...@wso2.com> > wrote: > >> Hi Raj, >> >> Yes adding -Dstratos.component.startup.synchronizer.enabled=true to >> stratos.sh fixed the issue. We missed updating stratos.sh file while doing >> the migration from 4.0.0 to 4.1.0 >> >> >> >> On Mon, Aug 3, 2015 at 1:44 PM, Rajkumar Rajaratnam <rajkum...@wso2.com> >> wrote: >> >>> Hi Anuruddha, >>> >>> I guess we have already fixed this issue sometimes back. I went though >>> the log again and found that you haven't enabled Component startup >>> synchronizer. If you enable it, it will ensure that CompleteTopologyEvent >>> will be published only after SM is activated (SM will be activated only >>> after AS). >>> >>> In your logs, have a look at line number 402 : "Component startup >>> synchronizer enabled: false" >>> >>> Please check whether your bin/stratos.sh have >>> "-Dstratos.component.startup.synchronizer.enabled=true". If not, add it. >>> Please let us know whether it resolves your issue. >>> >>> Thanks, >>> Raj. >>> >>> >>> >>> On Mon, Aug 3, 2015 at 12:59 PM, Anuruddha Premalal <anurud...@wso2.com> >>> wrote: >>> >>>> Hi Raj, >>>> >>>> Thanks for the support given in finding the issue.I couldn't find a >>>> public stratos jira for this so I've raised jira[1] to track this. >>>> >>>> [1] https://issues.apache.org/jira/browse/STRATOS-1487 >>>> >>>> >>>> >>>> On Mon, Aug 3, 2015 at 12:43 PM, Rajkumar Rajaratnam < >>>> rajkum...@wso2.com> wrote: >>>> >>>>> Monitors were not created because CompleteTopologyEvent was published >>>>> before AutoscalerComponent was activated. In the attached logs, >>>>> >>>>> Line number 478 - CompleteTopologyEvent was received by AS >>>>> Line number 501 - AutoscalerComponent was activated >>>>> >>>>> When AS received CompleteTopologyEvent, it didn't load the application >>>>> context from registry. Hence it just logged "The application is not yet >>>>> deployed for this [application] asdevelopment" (Line number 482) and >>>>> ignored the CompleteTopologyEvent. And CompleteTopologyEvent is published >>>>> only once (until topology is initialized) - so there is no way that the >>>>> monitors will be created. >>>>> >>>>> It needs to be fixed. >>>>> >>>>> Thanks, >>>>> Raj. >>>>> >>>>> On Mon, Aug 3, 2015 at 12:06 PM, Anuruddha Premalal < >>>>> anurud...@wso2.com> wrote: >>>>> >>>>>> HI Raj, >>>>>> >>>>>> i'm attaching the carbon log file herewith. >>>>>> >>>>>> On Mon, Aug 3, 2015 at 11:52 AM, Rajkumar Rajaratnam < >>>>>> rajkum...@wso2.com> wrote: >>>>>> >>>>>>> Hi Anuruddha, >>>>>>> >>>>>>> Cluster monitor can be created in two situations. >>>>>>> >>>>>>> 1) when a cluster is created for the first time (application >>>>>>> deployment time) >>>>>>> 2) when stratos is restarted >>>>>>> >>>>>>> If cluster monitor creation failed, it would log enough information >>>>>>> about it (some error logs like "Monitor creation failed, even after >>>>>>> retrying for 5 times") . You can trace back the logs and see the reason >>>>>>> for >>>>>>> it. I don't think scenario 1) is the reason for the above behaviour, >>>>>>> because the members will not be created if the cluster monitor creation >>>>>>> failed. Scenario 2) can be one reason for this behaviour. If it is the >>>>>>> reason, then you should be able to see some error logs regarding cluster >>>>>>> monitor creation failed. Have you restarted stratos? >>>>>>> >>>>>>> Further, "*A cluster monitor is not found in autoscaler context" *error >>>>>>> doesn't necessarily mean that cluster monitor creation failed. It >>>>>>> can be because cluster is undeployed and the monitor is removed before >>>>>>> getting this event from CEP. >>>>>>> >>>>>>> If you could attach the complete log, we will be able to point out >>>>>>> the issue. >>>>>>> >>>>>>> Thanks, >>>>>>> Raj. >>>>>>> >>>>>>> On Mon, Aug 3, 2015 at 11:32 AM, Anuruddha Premalal < >>>>>>> anurud...@wso2.com> wrote: >>>>>>> >>>>>>>> Also this setup use kubernetes as the IaaS >>>>>>>> >>>>>>>> On Mon, Aug 3, 2015 at 11:31 AM, Anuruddha Premalal < >>>>>>>> anurud...@wso2.com> wrote: >>>>>>>> >>>>>>>>> Hi, >>>>>>>>> >>>>>>>>> I am working on $subject. >>>>>>>>> >>>>>>>>> In the current appfactory setup we have a single JVM Stratos 4.1.0 >>>>>>>>> deployment. I am trying to get the autoscaling working since >>>>>>>>> resetting the >>>>>>>>> SM node each time of failure consumes time. Once a member fault event >>>>>>>>> received to AS receives it but unable to continue with the following >>>>>>>>> log. >>>>>>>>> When will the cluster monitor get initiated? What would are the >>>>>>>>> possibilities for failing the initialization of the cluster monitor? >>>>>>>>> >>>>>>>>> *INFO >>>>>>>>> {org.apache.stratos.cep.extension.FaultHandlingWindowProcessor} - >>>>>>>>> Faulty >>>>>>>>> member detected [member-id] >>>>>>>>> asdevelopment.anuasdevelopment.anuasdevelopment.domain38d5a847-d16a-4891-bbc0-6582cd9b9988 >>>>>>>>> with [last time-stamp] 1438580270973 [time-out] 60000 milliseconds* >>>>>>>>> *TID: [0] [SCC] [2015-08-03 11:26:38,956] INFO >>>>>>>>> {org.apache.stratos.cep.extension.FaultHandlingWindowProcessor} - >>>>>>>>> Publishing member fault event for [member-id] >>>>>>>>> asdevelopment.anuasdevelopment.anuasdevelopment.domain38d5a847-d16a-4891-bbc0-6582cd9b9988* >>>>>>>>> *TID: [0] [SCC] [2015-08-03 11:26:38,969] DEBUG >>>>>>>>> {org.apache.stratos.autoscaler.event.receiver.health.AutoscalerHealthStatEventReceiver} >>>>>>>>> - Member fault event received: [member] >>>>>>>>> asdevelopment.anuasdevelopment.anuasdevelopment.domain38d5a847-d16a-4891-bbc0-6582cd9b9988 >>>>>>>>> * >>>>>>>>> *TID: [0] [SCC] [2015-08-03 11:26:38,969] DEBUG >>>>>>>>> {org.apache.stratos.autoscaler.event.receiver.health.AutoscalerHealthStatEventReceiver} >>>>>>>>> - A cluster monitor is not found in autoscaler context [cluster] >>>>>>>>> asdevelopment.anuasdevelopment.anuasdevelopment.domain* >>>>>>>>> >>>>>>>>> >>>>>>>>> Thanks & Regards, >>>>>>>>> -- >>>>>>>>> *Anuruddha Premalal* >>>>>>>>> Software Eng. | WSO2 Inc. >>>>>>>>> Mobile : +94710461070 >>>>>>>>> Web site : www.regilandvalley.com >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> *Anuruddha Premalal* >>>>>>>> Software Eng. | WSO2 Inc. >>>>>>>> Mobile : +94710461070 >>>>>>>> Web site : www.regilandvalley.com >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Rajkumar Rajaratnam >>>>>>> Committer & PMC Member, Apache Stratos >>>>>>> Software Engineer, WSO2 >>>>>>> >>>>>>> Mobile : +94777568639 >>>>>>> Blog : rajkumarr.com >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> *Anuruddha Premalal* >>>>>> Software Eng. | WSO2 Inc. >>>>>> Mobile : +94710461070 >>>>>> Web site : www.regilandvalley.com >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Rajkumar Rajaratnam >>>>> Committer & PMC Member, Apache Stratos >>>>> Software Engineer, WSO2 >>>>> >>>>> Mobile : +94777568639 >>>>> Blog : rajkumarr.com >>>>> >>>> >>>> >>>> >>>> -- >>>> *Anuruddha Premalal* >>>> Software Eng. | WSO2 Inc. >>>> Mobile : +94710461070 >>>> Web site : www.regilandvalley.com >>>> >>>> >>> >>> >>> -- >>> Rajkumar Rajaratnam >>> Committer & PMC Member, Apache Stratos >>> Software Engineer, WSO2 >>> >>> Mobile : +94777568639 >>> Blog : rajkumarr.com >>> >> >> >> >> -- >> *Anuruddha Premalal* >> Software Eng. | WSO2 Inc. >> Mobile : +94710461070 >> Web site : www.regilandvalley.com >> >> > > > -- > *Anuruddha Premalal* > Software Eng. | WSO2 Inc. > Mobile : +94710461070 > Web site : www.regilandvalley.com > > -- *Anuruddha Premalal* Software Eng. | WSO2 Inc. Mobile : +94710461070 Web site : www.regilandvalley.com
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev