We had tried suggested solution to enable SSL on node and thick client.
used following setting at node and thick client to enable SSL using
certificate and copied to both application directory
<sslContextFactory type="SslContextFactory" protocol="SSL"
keyStoreFilePath="Ignite.pfx" keyStorePassword="P@ssword" />
Node runs fine with message SSL on, when thick client run then it starts
thick client but throws exception when connecting node. Please let me know
if i am missing something or doing wrong configuration.
Few lines of messages at end when Node starts
Security status [authentication=off, tls/ssl=on]
[11:38:57] Started write-ahead log manager in NONE mode, persisted data may
be lost in a case of unexpected node failure. Make sure to deactivate the
cluster before shutdown.
[11:39:03] Started write-ahead log manager in NONE mode, persisted data may
be lost in a case of unexpected node failure. Make sure to deactivate the
cluster before shutdown.
[11:39:03] Performance suggestions for grid (fix if possible)
[11:39:03] To disable, set -DIGNITE_PERFORMANCE_SUGGESTIONS_DISABLED=true
[11:39:03] ^-- Switch to the most recent 1.8 JVM version
[11:39:03] ^-- Specify JVM heap max size (add '-Xmx<size>[g|G|m|M|k|K]' to
JVM options)
[11:39:03] ^-- Set max direct memory size if getting 'OOME: Direct buffer
memory' (add '-XX:MaxDirectMemorySize=<size>[g|G|m|M|k|K]' to JVM options)
[11:39:03] ^-- Disable processing of calls to System.gc() (add
'-XX:+DisableExplicitGC' to JVM options)
[11:39:03] Refer to this page for more performance suggestions:
https://apacheignite.readme.io/docs/jvm-and-system-tuning
[11:39:03]
[11:39:03] To start Console Management & Monitoring run
ignitevisorcmd.{sh|bat}
[11:39:03] Data Regions Configured:
[11:39:03] ^-- defaultRegion [initSize=128.0 MiB, maxSize=4.0 GiB,
persistence=false]
[11:39:03] ^-- SecureRegion [initSize=32.0 MiB, maxSize=512.5 MiB,
persistence=true]
[11:39:03]
[11:39:03] Ignite node started OK (id=061316a9)
[11:39:03] Topology snapshot [ver=1, locNode=061316a9, servers=1, clients=0,
state=INACTIVE, CPUs=8, offheap=4.5GB, heap=4.0GB]
[11:39:03] ^-- Baseline [id=0, size=1, online=1, offline=0]
[11:39:03] ^-- All baseline nodes are online, will start auto-activation
Following message when starting thick client
[11:39:43] Security status [authentication=off, tls/ssl=on]
[11:39:44] REST protocols do not start on client node. To start the
protocols on client node set '-DIGNITE_REST_START_ON_CLIENT=true' system
property.
[11:39:48] Topology snapshot [ver=2, locNode=061316a9, servers=1, clients=1,
state=ACTIVE, CPUs=8, offheap=4.5GB, heap=7.9GB]
[11:39:48] ^-- Baseline [id=0, size=1, online=1, offline=0]
[11:39:50,234][SEVERE][grid-nio-worker-tcp-comm-0-#24][TcpCommunicationSpi]
Failed to process selector key [ses=GridSelectorNioSessionImpl
[worker=DirectNioClientWorker [super=AbstractNioClientWorker [idx=0,
bytesRcvd=1516, bytesSent=0, bytesRcvd0=1516, bytesSent0=0, select=true,
super=GridWorker [name=grid-nio-worker-tcp-comm-0, igniteInstanceName=null,
finished=false, heartbeatTs=1570815589230, hashCode=298351978,
interrupted=false, runner=grid-nio-worker-tcp-comm-0-#24]]],
writeBuf=java.nio.DirectByteBuffer[pos=0 lim=32768 cap=32768],
readBuf=java.nio.DirectByteBuffer[pos=0 lim=32768 cap=32768],
inRecovery=null, outRecovery=null, super=GridNioSessionImpl
[locAddr=/0:0:0:0:0:0:0:1:47100, rmtAddr=/0:0:0:0:0:0:0:1:28223,
createTime=1570815589045, closeTime=0, bytesSent=1487, bytesRcvd=1516,
bytesSent0=1487, bytesRcvd0=1516, sndSchedTime=1570815589045,
lastSndTime=1570815589230, lastRcvTime=1570815589230, readsPaused=false,
filterChain=FilterChain[filters=[GridNioCodecFilter
[parser=o.a.i.i.util.nio.GridDirectParser@17956e51, directMode=true],
GridConnectionBytesVerifyFilter, SSL filter], accepted=true,
markedForClose=false]]]
java.io.IOException: An established connection was aborted by the software
in your host machine
at java.base/sun.nio.ch.SocketDispatcher.read0(Native Method)
at java.base/sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:43)
at java.base/sun.nio.ch.IOUtil.readIntoNativeBuffer(IOUtil.java:276)
at java.base/sun.nio.ch.IOUtil.read(IOUtil.java:233)
at java.base/sun.nio.ch.IOUtil.read(IOUtil.java:223)
at
java.base/sun.nio.ch.SocketChannelImpl.read(SocketChannelImpl.java:358)
at
org.apache.ignite.internal.util.nio.GridNioServer$DirectNioClientWorker.processRead(GridNioServer.java:1282)
at
org.apache.ignite.internal.util.nio.GridNioServer$AbstractNioClientWorker.processSelectedKeysOptimized(GridNioServer.java:2386)
at
org.apache.ignite.internal.util.nio.GridNioServer$AbstractNioClientWorker.bodyInternal(GridNioServer.java:2153)
at
org.apache.ignite.internal.util.nio.GridNioServer$AbstractNioClientWorker.body(GridNioServer.java:1794)
at
org.apache.ignite.internal.util.worker.GridWorker.run(GridWorker.java:120)
at java.base/java.lang.Thread.run(Thread.java:835)
[11:39:50,515][SEVERE][grid-nio-worker-tcp-comm-1-#25][TcpCommunicationSpi]
Failed to process selector key [ses=GridSelectorNioSessionImpl
[worker=DirectNioClientWorker [super=AbstractNioClientWorker [idx=1,
bytesRcvd=1516, bytesSent=0, bytesRcvd0=1516, bytesSent0=0, select=true,
super=GridWorker [name=grid-nio-worker-tcp-comm-1, igniteInstanceName=null,
finished=false, heartbeatTs=1570815589511, hashCode=1488049866,
interrupted=false, runner=grid-nio-worker-tcp-comm-1-#25]]],
writeBuf=java.nio.DirectByteBuffer[pos=0 lim=32768 cap=32768],
readBuf=java.nio.DirectByteBuffer[pos=0 lim=32768 cap=32768],
inRecovery=null, outRecovery=null, super=GridNioSessionImpl
[locAddr=/0:0:0:0:0:0:0:1:47100, rmtAddr=/0:0:0:0:0:0:0:1:28224,
createTime=1570815589428, closeTime=0, bytesSent=1487, bytesRcvd=1516,
bytesSent0=1487, bytesRcvd0=1516, sndSchedTime=1570815589428,
lastSndTime=1570815589511, lastRcvTime=1570815589511, readsPaused=false,
filterChain=FilterChain[filters=[GridNioCodecFilter
[parser=o.a.i.i.util.nio.GridDirectParser@17956e51, directMode=true],
GridConnectionBytesVerifyFilter, SSL filter], accepted=true,
markedForClose=false]]]
java.io.IOException: An existing connection was forcibly closed by the
remote host
at java.base/sun.nio.ch.SocketDispatcher.read0(Native Method)
at java.base/sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:43)
at java.base/sun.nio.ch.IOUtil.readIntoNativeBuffer(IOUtil.java:276)
at java.base/sun.nio.ch.IOUtil.read(IOUtil.java:233)
at java.base/sun.nio.ch.IOUtil.read(IOUtil.java:223)
at
java.base/sun.nio.ch.SocketChannelImpl.read(SocketChannelImpl.java:358)
at
org.apache.ignite.internal.util.nio.GridNioServer$DirectNioClientWorker.processRead(GridNioServer.java:1282)
at
org.apache.ignite.internal.util.nio.GridNioServer$AbstractNioClientWorker.processSelectedKeysOptimized(GridNioServer.java:2386)
at
org.apache.ignite.internal.util.nio.GridNioServer$AbstractNioClientWorker.bodyInternal(GridNioServer.java:2153)
at
org.apache.ignite.internal.util.nio.GridNioServer$AbstractNioClientWorker.body(GridNioServer.java:1794)
at
org.apache.ignite.internal.util.worker.GridWorker.run(GridWorker.java:120)
at java.base/java.lang.Thread.run(Thread.java:835)
[11:39:50,796][SEVERE][grid-nio-worker-tcp-comm-2-#26][TcpCommunicationSpi]
Failed to process selector key [ses=GridSelectorNioSessionImpl
[worker=DirectNioClientWorker [super=AbstractNioClientWorker [idx=2,
bytesRcvd=1516, bytesSent=0, bytesRcvd0=1516, bytesSent0=0, select=true,
super=GridWorker [name=grid-nio-worker-tcp-comm-2, igniteInstanceName=null,
finished=false, heartbeatTs=1570815589785, hashCode=1845492615,
interrupted=false, runner=grid-nio-worker-tcp-comm-2-#26]]],
writeBuf=java.nio.DirectByteBuffer[pos=0 lim=32768 cap=32768],
readBuf=java.nio.DirectByteBuffer[pos=0 lim=32768 cap=32768],
inRecovery=null, outRecovery=null, super=GridNioSessionImpl
[locAddr=/0:0:0:0:0:0:0:1:47100, rmtAddr=/0:0:0:0:0:0:0:1:28225,
createTime=1570815589710, closeTime=0, bytesSent=1460, bytesRcvd=1516,
bytesSent0=1460, bytesRcvd0=1516, sndSchedTime=1570815589710,
lastSndTime=1570815589785, lastRcvTime=1570815589785, readsPaused=false,
filterChain=FilterChain[filters=[GridNioCodecFilter
[parser=o.a.i.i.util.nio.GridDirectParser@17956e51, directMode=true],
GridConnectionBytesVerifyFilter, SSL filter], accepted=true,
markedForClose=false]]]
java.io.IOException: An existing connection was forcibly closed by the
remote host
at java.base/sun.nio.ch.SocketDispatcher.write0(Native Method)
at java.base/sun.nio.ch.SocketDispatcher.write(SocketDispatcher.java:51)
at java.base/sun.nio.ch.IOUtil.writeFromNativeBuffer(IOUtil.java:113)
at java.base/sun.nio.ch.IOUtil.write(IOUtil.java:58)
at java.base/sun.nio.ch.IOUtil.write(IOUtil.java:50)
at
java.base/sun.nio.ch.SocketChannelImpl.write(SocketChannelImpl.java:466)
at
org.apache.ignite.internal.util.nio.GridNioServer$DirectNioClientWorker.writeSslSystem(GridNioServer.java:1543)
at
org.apache.ignite.internal.util.nio.GridNioServer$DirectNioClientWorker.processWriteSsl(GridNioServer.java:1367)
at
org.apache.ignite.internal.util.nio.GridNioServer$DirectNioClientWorker.processWrite(GridNioServer.java:1336)
at
org.apache.ignite.internal.util.nio.GridNioServer$AbstractNioClientWorker.processSelectedKeysOptimized(GridNioServer.java:2389)
at
org.apache.ignite.internal.util.nio.GridNioServer$AbstractNioClientWorker.bodyInternal(GridNioServer.java:2153)
at
org.apache.ignite.internal.util.nio.GridNioServer$AbstractNioClientWorker.body(GridNioServer.java:1794)
at
org.apache.ignite.internal.util.worker.GridWorker.run(GridWorker.java:120)
at java.base/java.lang.Thread.run(Thread.java:835)
[11:39:51,044][SEVERE][grid-nio-worker-tcp-comm-3-#27][TcpCommunicationSpi]
Failed to process selector key [ses=GridSelectorNioSessionImpl
[worker=DirectNioClientWorker [super=AbstractNioClientWorker [idx=3,
bytesRcvd=1516, bytesSent=0, bytesRcvd0=1516, bytesSent0=0, select=true,
super=GridWorker [name=grid-nio-worker-tcp-comm-3, igniteInstanceName=null,
finished=false, heartbeatTs=1570815590036, hashCode=2093600398,
interrupted=false, runner=grid-nio-worker-tcp-comm-3-#27]]],
writeBuf=java.nio.DirectByteBuffer[pos=0 lim=32768 cap=32768],
readBuf=java.nio.DirectByteBuffer[pos=0 lim=32768 cap=32768],
inRecovery=null, outRecovery=null, super=GridNioSessionImpl
[locAddr=/0:0:0:0:0:0:0:1:47100, rmtAddr=/0:0:0:0:0:0:0:1:28228,
createTime=1570815589995, closeTime=0, bytesSent=1460, bytesRcvd=1516,
bytesSent0=1460, bytesRcvd0=1516, sndSchedTime=1570815589995,
lastSndTime=1570815590036, lastRcvTime=1570815590036, readsPaused=false,
filterChain=FilterChain[filters=[GridNioCodecFilter
[parser=o.a.i.i.util.nio.GridDirectParser@17956e51, directMode=true],
GridConnectionBytesVerifyFilter, SSL filter], accepted=true,
markedForClose=false]]]
java.io.IOException: An existing connection was forcibly closed by the
remote host
at java.base/sun.nio.ch.SocketDispatcher.write0(Native Method)
at java.base/sun.nio.ch.SocketDispatcher.write(SocketDispatcher.java:51)
at java.base/sun.nio.ch.IOUtil.writeFromNativeBuffer(IOUtil.java:113)
at java.base/sun.nio.ch.IOUtil.write(IOUtil.java:58)
at java.base/sun.nio.ch.IOUtil.write(IOUtil.java:50)
at
java.base/sun.nio.ch.SocketChannelImpl.write(SocketChannelImpl.java:466)
at
org.apache.ignite.internal.util.nio.GridNioServer$DirectNioClientWorker.writeSslSystem(GridNioServer.java:1543)
at
org.apache.ignite.internal.util.nio.GridNioServer$DirectNioClientWorker.processWriteSsl(GridNioServer.java:1367)
at
org.apache.ignite.internal.util.nio.GridNioServer$DirectNioClientWorker.processWrite(GridNioServer.java:1336)
at
org.apache.ignite.internal.util.nio.GridNioServer$AbstractNioClientWorker.processSelectedKeysOptimized(GridNioServer.java:2389)
at
org.apache.ignite.internal.util.nio.GridNioServer$AbstractNioClientWorker.bodyInternal(GridNioServer.java:2153)
at
org.apache.ignite.internal.util.nio.GridNioServer$AbstractNioClientWorker.body(GridNioServer.java:1794)
at
org.apache.ignite.internal.util.worker.GridWorker.run(GridWorker.java:120)
at java.base/java.lang.Thread.run(Thread.java:835)
[11:39:51,096][SEVERE][exchange-worker-#38][TcpCommunicationSpi] Failed to
send message to remote node [node=TcpDiscoveryNode
[id=061316a9-6196-471b-a1fc-afa522e7d138, addrs=[0:0:0:0:0:0:0:1,
10.83.83.119, 127.0.0.1],
sockAddrs=[YADAVA9-TL2.thcg.net/169.254.230.7:47500, /0:0:0:0:0:0:0:1:47500,
/127.0.0.1:47500, /10.83.83.119:47500], discPort=47500, order=1, intOrder=1,
lastExchangeTime=1570815588667, loc=false, ver=2.7.6#20190911-sha1:21f7ca41,
isClient=false], msg=GridIoMessage [plc=2, topic=TOPIC_CACHE, topicOrd=8,
ordered=false, timeout=0, skipOnTimeout=false,
msg=GridDhtPartitionsSingleMessage [parts=null, partCntrs=null,
partsSizes=null, partHistCntrs=null, err=null, client=true, finishMsg=null,
activeQryTrackers=GridLongList [idx=0, arr=[]],
super=GridDhtPartitionsAbstractMessage [exchId=GridDhtPartitionExchangeId
[topVer=AffinityTopologyVersion [topVer=2, minorTopVer=0],
discoEvt=DiscoveryEvent [evtNode=TcpDiscoveryNode
[id=c864ad65-84e0-4ff9-9b2a-70422dd98408, addrs=[0:0:0:0:0:0:0:1,
10.83.83.119, 127.0.0.1], sockAddrs=[YADAVA9-TL2.thcg.net/169.254.230.7:0,
/0:0:0:0:0:0:0:1:0, /127.0.0.1:0, /10.83.83.119:0], discPort=0, order=2,
intOrder=0, lastExchangeTime=1570815585757, loc=true,
ver=2.7.6#20190911-sha1:21f7ca41, isClient=true], topVer=2,
nodeId8=c864ad65, msg=null, type=NODE_JOINED, tstamp=1570815588793],
nodeId=c864ad65, evt=NODE_JOINED], lastVer=GridCacheVersion [topVer=0,
order=1570815584056, nodeOrder=0], super=GridCacheMessage [msgId=1,
depInfo=null, err=null, skipPrepare=false]]]]]
class org.apache.ignite.IgniteCheckedException: Failed to connect to node
(is node still alive?). Make sure that each ComputeTask and cache
Transaction has a timeout set in order to prevent parties from waiting
forever in case of network issues
[nodeId=061316a9-6196-471b-a1fc-afa522e7d138, addrs=[/0:0:0:0:0:0:0:1:47100,
/127.0.0.1:47100, YADAVA9-TL2.thcg.net/169.254.230.7:47100,
/10.83.83.119:47100]]
at
org.apache.ignite.spi.communication.tcp.TcpCommunicationSpi.createTcpClient(TcpCommunicationSpi.java:3459)
at
org.apache.ignite.spi.communication.tcp.TcpCommunicationSpi.createNioClient(TcpCommunicationSpi.java:2987)
at
org.apache.ignite.spi.communication.tcp.TcpCommunicationSpi.reserveClient(TcpCommunicationSpi.java:2870)
at
org.apache.ignite.spi.communication.tcp.TcpCommunicationSpi.sendMessage0(TcpCommunicationSpi.java:2713)
at
org.apache.ignite.spi.communication.tcp.TcpCommunicationSpi.sendMessage(TcpCommunicationSpi.java:2672)
at
org.apache.ignite.internal.managers.communication.GridIoManager.send(GridIoManager.java:1656)
at
org.apache.ignite.internal.managers.communication.GridIoManager.sendToGridTopic(GridIoManager.java:1731)
at
org.apache.ignite.internal.processors.cache.GridCacheIoManager.send(GridCacheIoManager.java:1170)
at
org.apache.ignite.internal.processors.cache.distributed.dht.preloader.GridDhtPartitionsExchangeFuture.sendLocalPartitions(GridDhtPartitionsExchangeFuture.java:1883)
at
org.apache.ignite.internal.processors.cache.distributed.dht.preloader.GridDhtPartitionsExchangeFuture.clientOnlyExchange(GridDhtPartitionsExchangeFuture.java:1335)
at
org.apache.ignite.internal.processors.cache.distributed.dht.preloader.GridDhtPartitionsExchangeFuture.init(GridDhtPartitionsExchangeFuture.java:818)
at
org.apache.ignite.internal.processors.cache.GridCachePartitionExchangeManager$ExchangeWorker.body0(GridCachePartitionExchangeManager.java:2681)
at
org.apache.ignite.internal.processors.cache.GridCachePartitionExchangeManager$ExchangeWorker.body(GridCachePartitionExchangeManager.java:2553)
at
org.apache.ignite.internal.util.worker.GridWorker.run(GridWorker.java:120)
at java.base/java.lang.Thread.run(Thread.java:835)
Suppressed: class org.apache.ignite.IgniteCheckedException: Failed to
connect to address [addr=/0:0:0:0:0:0:0:1:47100, err=Remote node ID is not
as expected [expected=061316a9-6196-471b-a1fc-afa522e7d138, rcvd=null]]
at
org.apache.ignite.spi.communication.tcp.TcpCommunicationSpi.createTcpClient(TcpCommunicationSpi.java:3462)
... 14 more
Caused by: class
org.apache.ignite.spi.communication.tcp.TcpCommunicationSpi$HandshakeException:
Remote node ID is not as expected
[expected=061316a9-6196-471b-a1fc-afa522e7d138, rcvd=null]
at
org.apache.ignite.spi.communication.tcp.TcpCommunicationSpi.safeTcpHandshake(TcpCommunicationSpi.java:3678)
at
org.apache.ignite.spi.communication.tcp.TcpCommunicationSpi.createTcpClient(TcpCommunicationSpi.java:3313)
... 14 more
Suppressed: class org.apache.ignite.IgniteCheckedException: Failed to
connect to address [addr=/0:0:0:0:0:0:0:1:47100, err=Remote node ID is not
as expected [expected=061316a9-6196-471b-a1fc-afa522e7d138, rcvd=null]]
at
org.apache.ignite.spi.communication.tcp.TcpCommunicationSpi.createTcpClient(TcpCommunicationSpi.java:3462)
... 14 more
Caused by: class
org.apache.ignite.spi.communication.tcp.TcpCommunicationSpi$HandshakeException:
Remote node ID is not as expected
[expected=061316a9-6196-471b-a1fc-afa522e7d138, rcvd=null]
at
org.apache.ignite.spi.communication.tcp.TcpCommunicationSpi.safeTcpHandshake(TcpCommunicationSpi.java:3678)
at
org.apache.ignite.spi.communication.tcp.TcpCommunicationSpi.createTcpClient(TcpCommunicationSpi.java:3313)
... 14 more
--
Sent from: http://apache-ignite-users.70518.x6.nabble.com/
