Re: Start node in remote server which needs authentication
Hi Val, I was able to fix SSL issue by adding key and certs into Java security folder and using keystore file in config. But I am not able to get my remote node join the cluster as it throws below error - "[14:47:35,087][WARNING][main][TcpDiscoverySpi] Node has not been connected to topology and will repeat join process. Check remote nodes logs for possible error messages. Note that large topology may require significant time to start. Increase 'TcpDiscoverySpi.networkTimeout' configuration property if getting this message on the starting nodes [networkTimeout=5000]" I have checked if required ports are opened and increased TcpDiscoverySpi.networkTimeout and verified. But issue still persists. -- View this message in context: http://apache-ignite-users.70518.x6.nabble.com/Start-node-in-remote-server-which-needs-authentication-tp6668p6855.html Sent from the Apache Ignite Users mailing list archive at Nabble.com.
Re: Start node in remote server which needs authentication
You can generate new certificate using keytool [1]. If you want to extract ssh certificate and insert it to JKS, look to the article [2]. [1] https://www.sslshopper.com/article-most-common-java-keytool-keystore-commands.html [2] http://stackoverflow.com/questions/31385944/how-to-add-ssh-identity-file-keypair-to-jks-keystore On Fri, Aug 5, 2016 at 2:48 PM, chevywrote: > That is the issue I am facing. I am not able to load my key in pem file to > jks as it expects certificate along with it. Anyway I can get this working? > > > > -- > View this message in context: http://apache-ignite-users. > 70518.x6.nabble.com/Start-node-in-remote-server-which- > needs-authentication-tp6668p6796.html > Sent from the Apache Ignite Users mailing list archive at Nabble.com. >
Re: Start node in remote server which needs authentication
That is the issue I am facing. I am not able to load my key in pem file to jks as it expects certificate along with it. Anyway I can get this working? -- View this message in context: http://apache-ignite-users.70518.x6.nabble.com/Start-node-in-remote-server-which-needs-authentication-tp6668p6796.html Sent from the Apache Ignite Users mailing list archive at Nabble.com.
Re: Start node in remote server which needs authentication
That is the issue I am facing. I am not able to load my key in pem file to jks as it expects certificate along with it. Anyway I can get this working? -- Regards, Chetan. From: Vladislav Pyatkov <vldpyat...@gmail.com<mailto:vldpyat...@gmail.com>> Reply-To: "user@ignite.apache.org<mailto:user@ignite.apache.org>" <user@ignite.apache.org<mailto:user@ignite.apache.org>> Date: Friday, August 5, 2016 at 4:28 PM To: "user@ignite.apache.org<mailto:user@ignite.apache.org>" <user@ignite.apache.org<mailto:user@ignite.apache.org>> Subject: Re: Start node in remote server which needs authentication 1) If your configuration is not contains IgniteConfiguration (not abstract) then ignite start will fail. 2) You must to put the key into JKS. I recommend use JAVA_HMOE/bin/keytool for creation JKS and generate key. The links keyStoreFilePath, trustStoreFilePath must point to jks. On Fri, Aug 5, 2016 at 1:35 PM, chevy <chetan.v.ya...@target.com<mailto:chetan.v.ya...@target.com>> wrote: Let me add more clarity on current issue - 1. I have a question - How does (abstract=true) affect this config? 2. I want to connect node running in my local with the one running in my remote machine but the connection is secure. When I tried to create keystore file (to be used with SslContextFactory) using .pem file it was failing as there was no certificate available for it. pem file just contains auth details and no certs. So, can I use just .pem file to get connected to remote (like I do in terminal using command "ssh -i ~/.ssh/goku.pem ubuntu@ipAddress”) through my Java code? -- Regards, Chetan. From: "vdpyatkov [via Apache Ignite Users]" <[hidden email]<http:///user/SendEmail.jtp?type=node=6789=0>> Date: Friday, August 5, 2016 at 3:03 PM To: "Chetan.V.Yadav" <[hidden email]<http:///user/SendEmail.jtp?type=node=6789=1>> Subject: Re: Start node in remote server which needs authentication Are you sure, which start Ignite with the configuration. The configuration contains only abstract Spring bean (abstract="true"). Please provide full configuration and log file (How are you start node in terminal? What are you seen in command line?). About this: Is this the right way to get nodes attached to cluster? If, yes I am not able to get that remote machine identified due to firewall issue. I use .pem file to ssh into that remote machine so it expects to be authenticated. How can I implement this process and get the remote node attached to the one I am running in my local? Yea it is correct configuration IpFinder. How do you relate discoverySPI with .pem file? You can use ssh for start remoute node only (or you can do it any other way on other machine). After nodes have been started, they will joining to cluster using discoverySPI[1] (over ports 7500..47509), further they will useing communicationSPI[2] for data processing. If you want all data stream between nodes will by secure, you can use SslContextFactory [3] [1] http://apacheignite.readme.io/v1.6/docs/cluster-config#static-ip-based-discovery [2] http:/apacheignite.readme.io/docs/network-config#tcpcommunicationspi<http://apacheignite.readme.io/docs/network-config#tcpcommunicationspi> [3] http://apacheignite.readme.io/docs/ssltls On Fri, Aug 5, 2016 at 9:30 AM, chevy <[hidden email]<http:///user/SendEmail.jtp?type=node=6787=0>> wrote: I have started node in my remote machine using below config -
Re: Start node in remote server which needs authentication
1) If your configuration is not contains IgniteConfiguration (not abstract) then ignite start will fail. 2) You must to put the key into JKS. I recommend use JAVA_HMOE/bin/keytool for creation JKS and generate key. The links keyStoreFilePath, trustStoreFilePath must point to jks. On Fri, Aug 5, 2016 at 1:35 PM, chevy <chetan.v.ya...@target.com> wrote: > Let me add more clarity on current issue - > > >1. I have a question - How does (abstract=true) affect this config? >2. I want to connect node running in my local with the one running in >my remote machine but the connection is secure. When I tried to create >keystore file (to be used with SslContextFactory) using .pem file it was >failing as there was no certificate available for it. pem file just >contains auth details and no certs. So, can I use just .pem file to get >connected to remote (like I do in terminal using command "ssh -i >~/.ssh/goku.pem ubuntu@ipAddress”) through my Java code? > > -- > Regards, > Chetan. > > From: "vdpyatkov [via Apache Ignite Users]" <[hidden email] > <http:///user/SendEmail.jtp?type=node=6789=0>> > Date: Friday, August 5, 2016 at 3:03 PM > To: "Chetan.V.Yadav" <[hidden email] > <http:///user/SendEmail.jtp?type=node=6789=1>> > Subject: Re: Start node in remote server which needs authentication > > Are you sure, which start Ignite with the configuration. The configuration > contains only abstract Spring bean (abstract="true"). > > Please provide full configuration and log file (How are you start node in > terminal? What are you seen in command line?). > > About this: > Is this the right way to get nodes attached to cluster? If, yes I am not > able to get that remote machine identified due to firewall issue. I use > .pem file to ssh into that remote machine so it expects to be > authenticated. How can I implement this process and get the remote node > attached to the one I am running in my local? > > Yea it is correct configuration IpFinder. > How do you relate discoverySPI with .pem file? You can use ssh for start > remoute node only (or you can do it any other way on other machine). After > nodes have been started, they will joining to cluster using discoverySPI[1] > (over ports 7500..47509), further they will useing communicationSPI[2] for > data processing. > > If you want all data stream between nodes will by secure, you can use > SslContextFactory [3] > > [1] http://apacheignite.readme.io/v1.6/docs/cluster-config# > static-ip-based-discovery > [2] http:/apacheignite.readme.io/docs/network-config#tcpcommunicationspi > [3] http://apacheignite.readme.io/docs/ssltls > > On Fri, Aug 5, 2016 at 9:30 AM, chevy <[hidden email] > <http:///user/SendEmail.jtp?type=node=6787=0>> wrote: > >> I have started node in my remote machine using below config - >> >> >> >> >>
Re: Start node in remote server which needs authentication
Are you sure, which start Ignite with the configuration. The configuration contains only abstract Spring bean (abstract="true"). Please provide full configuration and log file (How are you start node in terminal? What are you seen in command line?). About this: Is this the right way to get nodes attached to cluster? If, yes I am not able to get that remote machine identified due to firewall issue. I use .pem file to ssh into that remote machine so it expects to be authenticated. How can I implement this process and get the remote node attached to the one I am running in my local? Yea it is correct configuration IpFinder. How do you relate discoverySPI with .pem file? You can use ssh for start remoute node only (or you can do it any other way on other machine). After nodes have been started, they will joining to cluster using discoverySPI[1] (over ports 7500..47509), further they will useing communicationSPI[2] for data processing. If you want all data stream between nodes will by secure, you can use SslContextFactory [3] [1] http://apacheignite.readme.io/v1.6/docs/cluster-config#static-ip-based-discovery [2] http:/apacheignite.readme.io/docs/network-config#tcpcommunicationspi [3] http://apacheignite.readme.io/docs/ssltls On Fri, Aug 5, 2016 at 9:30 AM, chevy <chetan.v.ya...@target.com> wrote: > I have started node in my remote machine using below config - > > > > > http://www.springframework.org/schema/beans; > >xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance; > >xmlns:util="http://www.springframework.org/schema/util; > >xsi:schemaLocation=" > > http://www.springframework.org/schema/beans > > http://www.springframework.org/schema/beans/spring-beans.xsd > > http://www.springframework.org/schema/util > > http://www.springframework.org/schema/util/spring-util.xsd;> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > 127.0.0.1:47500..47509 > > > > > > > > > > > > > > > > > > > -- > > And I am using same config to run my code which loads data to cache except > I am adding IP address of my remote node where I have started it externally > as shown below - > > > > > > > >127.0.0.1:47500..47509 > > 10.63.78.112:47500..47509 > > > > > > > > > Is this the right way to get nodes attached to cluster? If, yes I am not > able to get that remote machine identified due to firewall issue. I use > .pem file to ssh into that remote machine so it expects to be > authenticated. How can I implement this process and get the remote node > attached to the one I am running in my local? > -- > Regards, > Chetan. > > From: "vdpyatkov [via Apache Ignite Users]" <[hidden email] > <http:///user/SendEmail.jtp?type=node=6777=0>> > Date: Friday, August 5, 2016 at 11:33 AM > To: "Chetan.V.Yadav" <[hidden email] > <http:///user/SendEmail.jtp?type=node=6777=1>> > Subject: Re: Start node in remote server which needs authentication > > Hello, > > I don't think, which it is OS issue. > Difficult understand to me where are you problem, without any > demonstration. > > Can you please provide code example or full configuration file and logs > from cluster nodes? > > On Thu, Aug 4, 2016 at 8:14 PM, chevy <[hidden email] > <http:///user/SendEmail.jtp?type=node=6775=0>> wrote: > >> So, what do you think that is going wrong. Should I change from Ubuntu to >> something else or config? >> >> Also, can I use just .pem file and implement SSLContextFactory to connect >> to >> remote server? >> >> >> >> -- >> View this message in context: http://apache-ignite-users.705 >> 18.x6.nabble.com/Start-node-in-remote-server-which-needs- >> authentication-tp6668p6770.html >> Sent from the Apache Ignite Users mailing list archive at Nabble.com. >> > > > > -- > Vladislav Pyatkov > > > -- > If you reply to this email, your message will be added to the discussion > below: > http://apache-ignite-users.70518.x6.nabble.com/Start- > node-in-remote-server-which-needs-authentication-tp6668p6775.html > To unsubscribe
Re: Start node in remote server which needs authentication
I have started node in my remote machine using below config - http://www.springframework.org/schema/beans; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance; xmlns:util="http://www.springframework.org/schema/util; xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd;> 127.0.0.1:47500..47509 -- And I am using same config to run my code which loads data to cache except I am adding IP address of my remote node where I have started it externally as shown below - 127.0.0.1:47500..47509 10.63.78.112:47500..47509 Is this the right way to get nodes attached to cluster? If, yes I am not able to get that remote machine identified due to firewall issue. I use .pem file to ssh into that remote machine so it expects to be authenticated. How can I implement this process and get the remote node attached to the one I am running in my local? -- Regards, Chetan. From: "vdpyatkov [via Apache Ignite Users]" <ml-node+s70518n6775...@n6.nabble.com<mailto:ml-node+s70518n6775...@n6.nabble.com>> Date: Friday, August 5, 2016 at 11:33 AM To: "Chetan.V.Yadav" <chetan.v.ya...@target.com<mailto:chetan.v.ya...@target.com>> Subject: Re: Start node in remote server which needs authentication Hello, I don't think, which it is OS issue. Difficult understand to me where are you problem, without any demonstration. Can you please provide code example or full configuration file and logs from cluster nodes? On Thu, Aug 4, 2016 at 8:14 PM, chevy <[hidden email]> wrote: So, what do you think that is going wrong. Should I change from Ubuntu to something else or config? Also, can I use just .pem file and implement SSLContextFactory to connect to remote server? -- View this message in context: http://apache-ignite-users.70518.x6.nabble.com/Start-node-in-remote-server-which-needs-authentication-tp6668p6770.html Sent from the Apache Ignite Users mailing list archive at Nabble.com. -- Vladislav Pyatkov If you reply to this email, your message will be added to the discussion below: http://apache-ignite-users.70518.x6.nabble.com/Start-node-in-remote-server-which-needs-authentication-tp6668p6775.html To unsubscribe from Start node in remote server which needs authentication, click here<http://apache-ignite-users.70518.x6.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code=6668=Y2hldGFuLnYueWFkYXZAdGFyZ2V0LmNvbXw2NjY4fC02OTIwMTYzODA=>. NAML<http://apache-ignite-users.70518.x6.nabble.com/template/NamlServlet.jtp?macro=macro_viewer=instant_html%21nabble%3Aemail.naml=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml> -- View this message in context: http://apache-ignite-users.70518.x6.nabble.com/Start-node-in-remote-server-which-needs-authentication-tp6668p6777.html Sent from the Apache Ignite Users mailing list archive at Nabble.com.
Re: Start node in remote server which needs authentication
Hello, I don't think, which it is OS issue. Difficult understand to me where are you problem, without any demonstration. Can you please provide code example or full configuration file and logs from cluster nodes? On Thu, Aug 4, 2016 at 8:14 PM, chevywrote: > So, what do you think that is going wrong. Should I change from Ubuntu to > something else or config? > > Also, can I use just .pem file and implement SSLContextFactory to connect > to > remote server? > > > > -- > View this message in context: http://apache-ignite-users. > 70518.x6.nabble.com/Start-node-in-remote-server-which- > needs-authentication-tp6668p6770.html > Sent from the Apache Ignite Users mailing list archive at Nabble.com. > -- Vladislav Pyatkov
Re: Start node in remote server which needs authentication
So, what do you think that is going wrong. Should I change from Ubuntu to something else or config? Also, can I use just .pem file and implement SSLContextFactory to connect to remote server? -- View this message in context: http://apache-ignite-users.70518.x6.nabble.com/Start-node-in-remote-server-which-needs-authentication-tp6668p6770.html Sent from the Apache Ignite Users mailing list archive at Nabble.com.
Re: Start node in remote server which needs authentication
The row is not necessary 127.0.0.1:47500..47509 but in general it is right. Also, I stronly recoment using TcpDiscoveryVmIpFinder instead of TcpDiscoveryMulticastIpFinder, because multicast is often be disabled on practice. On Thu, Aug 4, 2016 at 4:07 PM, chevywrote: > 1. I have done both of those steps. > 2. Also, please look into below config. Is this the right way to add remote > machines which forms cluster? > >class="org.apache.ignite.spi.discovery.tcp.ipfinder.multicast. > TcpDiscoveryMulticastIpFinder"> > > >127.0.0.1:47500..47509 >10.63.78.112:47500..47509 > > > > > > > -- > View this message in context: http://apache-ignite-users. > 70518.x6.nabble.com/Start-node-in-remote-server-which- > needs-authentication-tp6668p6762.html > Sent from the Apache Ignite Users mailing list archive at Nabble.com. > -- Vladislav Pyatkov
Re: Start node in remote server which needs authentication
1. I have done both of those steps. 2. Also, please look into below config. Is this the right way to add remote machines which forms cluster? 127.0.0.1:47500..47509 10.63.78.112:47500..47509 -- View this message in context: http://apache-ignite-users.70518.x6.nabble.com/Start-node-in-remote-server-which-needs-authentication-tp6668p6762.html Sent from the Apache Ignite Users mailing list archive at Nabble.com.
Re: Start node in remote server which needs authentication
Hello, 1) You need to configure DiscoverySPI. Look here [1] 2) Please set IGNITE_HOME where *Ignite* will be unpacked. [1]: http://apacheignite.gridgain.org/docs/cluster-config On Thu, Aug 4, 2016 at 3:28 PM, chevywrote: > What are the things I need to include that will make nodes in different > remote machines join the same cluster. > > Also, I am getting below error when I try to start Ignite node in ubuntu > server. I have set both JAVA_HOME and IGNITE_HOME in /etc/environment. I am > able to start in my local MAC machine with the config I have used. > > bin/ignite.sh: 36: bin/ignite.sh: source: not found > bin/ignite.sh: 41: bin/ignite.sh: checkJava: not found > bin/ignite.sh: 46: bin/ignite.sh: setIgniteHome: not found > bin/ignite.sh: 48: [: unexpected operator > bin/ignite.sh: 65: [: > /opt/ignite/apache-ignite-fabric-1.6.0-bin/libs/ignite-indexing: > unexpected > operator > bin/ignite.sh: 65: [: > /opt/ignite/apache-ignite-fabric-1.6.0-bin/libs/ignite-spring: unexpected > operator > bin/ignite.sh: 65: [: > /opt/ignite/apache-ignite-fabric-1.6.0-bin/libs/licenses: unexpected > operator > bin/ignite.sh: 65: [: > /opt/ignite/apache-ignite-fabric-1.6.0-bin/libs/optional: unexpected > operator > bin/ignite.sh: 74: [: unexpected operator > bin/ignite.sh: 64: bin/ignite.sh: : Permission denied > bin/ignite.sh: 76: [: 0: unexpected operator > bin/ignite.sh: 83: [: unexpected operator > bin/ignite.sh: 93: bin/ignite.sh: [[: not found > bin/ignite.sh: 147: [: 0: unexpected operator > bin/ignite.sh: 168: bin/ignite.sh: : Permission denied > > > > -- > View this message in context: http://apache-ignite-users. > 70518.x6.nabble.com/Start-node-in-remote-server-which- > needs-authentication-tp6668p6760.html > Sent from the Apache Ignite Users mailing list archive at Nabble.com. > -- Vladislav Pyatkov
Re: Start node in remote server which needs authentication
What are the things I need to include that will make nodes in different remote machines join the same cluster. Also, I am getting below error when I try to start Ignite node in ubuntu server. I have set both JAVA_HOME and IGNITE_HOME in /etc/environment. I am able to start in my local MAC machine with the config I have used. bin/ignite.sh: 36: bin/ignite.sh: source: not found bin/ignite.sh: 41: bin/ignite.sh: checkJava: not found bin/ignite.sh: 46: bin/ignite.sh: setIgniteHome: not found bin/ignite.sh: 48: [: unexpected operator bin/ignite.sh: 65: [: /opt/ignite/apache-ignite-fabric-1.6.0-bin/libs/ignite-indexing: unexpected operator bin/ignite.sh: 65: [: /opt/ignite/apache-ignite-fabric-1.6.0-bin/libs/ignite-spring: unexpected operator bin/ignite.sh: 65: [: /opt/ignite/apache-ignite-fabric-1.6.0-bin/libs/licenses: unexpected operator bin/ignite.sh: 65: [: /opt/ignite/apache-ignite-fabric-1.6.0-bin/libs/optional: unexpected operator bin/ignite.sh: 74: [: unexpected operator bin/ignite.sh: 64: bin/ignite.sh: : Permission denied bin/ignite.sh: 76: [: 0: unexpected operator bin/ignite.sh: 83: [: unexpected operator bin/ignite.sh: 93: bin/ignite.sh: [[: not found bin/ignite.sh: 147: [: 0: unexpected operator bin/ignite.sh: 168: bin/ignite.sh: : Permission denied -- View this message in context: http://apache-ignite-users.70518.x6.nabble.com/Start-node-in-remote-server-which-needs-authentication-tp6668p6760.html Sent from the Apache Ignite Users mailing list archive at Nabble.com.
Re: Start node in remote server which needs authentication
One more point to add - Consider this scenario: my code is running in one machine with config file set with all remote addresses that has to start nodes. 1. Should I externally start ignite node in each of these remote machines? 2. If yes, will the data be replicated automatically in these nodes as soon as I start it? -- View this message in context: http://apache-ignite-users.70518.x6.nabble.com/Start-node-in-remote-server-which-needs-authentication-tp6668p6704.html Sent from the Apache Ignite Users mailing list archive at Nabble.com.
Re: Start node in remote server which needs authentication
I have set up rest jetty config and other settings in my local. When I deploy my code in a server I need to access that remote machine to start the node in that machine through my code. To achieve this, can you provide me config changes I need to make in my config files as well as my code that starts the node. I do not want to ssh through my terminal and everything needs to be programmatically driven just like how I do it from my local. -- View this message in context: http://apache-ignite-users.70518.x6.nabble.com/Start-node-in-remote-server-which-needs-authentication-tp6668p6695.html Sent from the Apache Ignite Users mailing list archive at Nabble.com.
Re: Start node in remote server which needs authentication
Hi, You can use ssh and run ignite.sh script on a remote machine to start a node. Is that what you're looking for? REST support HTTPS. You can configure the underlying Jetty server in any way you like by providing the path to a configuration file: See this page for Jetty SSL-related documentation: http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html -Val -- View this message in context: http://apache-ignite-users.70518.x6.nabble.com/Start-node-in-remote-server-which-needs-authentication-tp6668p6681.html Sent from the Apache Ignite Users mailing list archive at Nabble.com.