Dotnet core S2i build error ssl connection reset - .net-core

I am trying to build my solution and create docker image using OpenShift S2i pattern.
Using the below command to build the repository
oc new-app dotnet:3.1~http://azureserver.abc.com:8080/tfs/_git/Emp-WebServices --name employeewebservice
I am able to pull the repository but during the build it fails with below error log
/opt/rh/rh-dotnet31/root/usr/lib64/dotnet/sdk/3.1.111/NuGet.targets(123,5):
error : Unable to load the service index for source https://api.nuget.org/v3/index.json.
[/opt/app-root/src/Employee.WebServices/Employee.WebServices.csproj]
/opt/rh/rh-dotnet31/root/usr/lib64/dotnet/sdk/3.1.111/NuGet.targets(123,5):
error : The SSL connection could not be established, see inner exception.
[/opt/app-root/src/Employee.WebServices/Employee.WebServices.csproj] /opt/rh/rh-dotnet31/root/usr/lib64/dotnet/sdk/3.1.111/NuGet.targets(123,5):
error : Unable to read data from the transport connection: Connection reset by peer.
[/opt/app-root/src/Employee.WebServices/Employee.WebServices.csproj] /opt/rh/rh-dotnet31/root/usr/lib64/dotnet/sdk/3.1.111/NuGet.targets(123,5):
error : Connection reset by peer [/opt/app-root/src/employee.WebServices/Employee.WebServices.csproj] error: build error:
error building at STEP "RUN /tmp/scripts/assemble": error while running runtime: exit status 1
Below is the environment file that I created in the root of my repository
ASPNETCORE_ENVIRONMENT=Production
DOTNET_STARTUP_PROJECT=emp.WebServices/emp.WebServices.csproj
DOTNET_RESTORE_CONFIGFILE=Nuget/NuGet.Config
DOTNET_CONFIGURATION=Release
HTTP_PROXY=http://proxy-web.abc.com:80
HTTPS_PROXY=https://proxy-web.abc.com:80
NO_PROXY=.abc.com
DOTNET_SSL_DIRS=certificates
Have the certificates folder with .p7b file

Related

Add SSL certificate to docker container with ASP .NET app to connect cosmosDB simulator in host machine

I am adding a cosmosdb simulator certificate in a linux docker container with my app ASP .NET. I want connect my app on a container with my windows 10 host machine. I have the next issue:
project-cosmos-container | Initializing repository: database KeyDatabase, collection KeyConatiner
project-cosmos-container |
project-cosmos-container | Unhandled Exception: System.AggregateException: One or more errors occurred. (The SSL connection could not be established, see inner exception.) ---> System.Net.Http.HttpRequestException:
The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
So I edit my dockerfile to copy my certificate that I export previusly following these steps https://learn.microsoft.com/es-es/azure/cosmos-db/local-emulator-export-ssl-certificates#certification-rotation.
FROM microsoft/dotnet:2.2-aspnetcore-runtime
# We create the folder inside the container
WORKDIR /local-project
# We are coping all project executables that we created with dotnet build and dotnet publish
COPY ./bin/Release/netcoreapp2.2/publish/* ./
COPY ./wwwroot/cer/*.cer /etc/ssl/certs/
EXPOSE 80 433
RUN update-ca-certificates
# We indicate to execute the program in the executable of the project
ENTRYPOINT ["dotnet", "Local.Proyect.Core.dll"]
And I have the following logs of docker:
Step 1/7 : FROM microsoft/dotnet:2.2-aspnetcore-runtime
---> ccf4063f0898
Step 2/7 : WORKDIR /local-project
---> Using cache
---> 4bafaaa39da1
Step 3/7 : COPY ./bin/Release/netcoreapp2.2/publish/* ./
---> b641fbfe771e
Step 4/7 : COPY ./wwwroot/cer/documentdbemulatorcert.cer /etc/ssl/certs/
---> 003052fba9ff
Step 5/7 : EXPOSE 80 433
---> Running in 88619ba67f33
Removing intermediate container 88619ba67f33
---> d5b467fa7820
Step 6/7 : RUN update-ca-certificates
---> Running in 890e73a506f4
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
Removing intermediate container 890e73a506f4
---> 8cfcd85a8252
Step 7/7 : ENTRYPOINT ["dotnet", "Local.Proyect.Core.dll"]
---> Running in d21b2ba72d9b
Removing intermediate container d21b2ba72d9b
---> 7c7d08afdca2
Successfully built 7c7d08afdca2
But I haven't solved the problem yet. I am copying the certificate in a wrong directory inside container? And what is the correct directory to copy or what I am doing wrong. If someone have already had the same problem please let me know how to fix.

Issue with connecting Golang application on Cloud Run with Firestore

I try to get all Documents from Firestore using the below function.
The credentials are stored in an encrypted file in a GCP Cloud Source repository.
I decrypted the configuration in the Cloud Build trigger and set the ENV in the Dockerfile pointing to the file. I see the content by RUN ls /app/credentials.json.
The error I get in the application log:
rpc error: code = Unavailable desc = all SubConns are in TransientFailure, latest connection error: connection error: desc = "transport: authentication handshake failed: x509: certificate signed by unknown authority"
The credentials are stored in an encrypted file in a GCP Cloud Source repository.
I decrypted the configuration in the Cloud Build trigger and set the ENV in the Dockerfile pointing to the file. I see the content by RUN ls /app/credentials.json.
The error I get in the application log:
rpc error: code = Unavailable desc = all SubConns are in TransientFailure, latest connection error: connection error: desc = "transport: authentication handshake failed: x509: certificate signed by unknown authority"
This error is the result of an HTTPS failure where the certificate cannot be verified. The Alpine base image is missing a package that provides root certificates. Currently the Cloud Run quickstart is missing this for at least the Go language.
Assuming this is your problem, add the following to the final stage of your Dockerfile:
RUN apk add --no-cache ca-certificates

Not able to setup Splash for R using Docker

Error in highlighted command
I installed docker toolbox to use splashr package in R and followed steps to install splash. But, I am getting an error saying "C:\Program Files\Docker Toolbox\docker.exe: Error response from daemon: driver failed programming external connectivity on endpoint"
Error which I am getting in R is --
"render_png(url = "https://analytics.usa.gov/", wait = 5)
Error in curl::curl_fetch_memory(url, handle = handle) :
Failed to connect to localhost port 8050: Connection refused"
Can anybody help me out on this please?

SFTP from Travis CI build fails with host key verification error and connection reset error

I am attempting to use after_success in a Travis CI build to deploy files to a remote server using SFTP. However, I am getting errors that prevent the upload from succeeding.
SFTP command and resulting error message:
$ sftp -b upload_sftp -i upload_key -P 2222 $sftp_user
Host key verification failed.
Couldn't read packet: Connection reset by peer
The SFTP batch file upload_sftp contains various put commands.
As the "Host key verification failed" message hints, you need to add your server's keys to the known_hosts file, as documented in the Travis CI Documentation.
Adding the following to .travis.yml uses ssh-keyscan:
addons:
ssh_known_hosts: git.example.com
Alternately, known_hosts can be appended to directly using
install:
- echo 'KEY' >> $HOME/.ssh/known_hosts

openstack: Failed to launch instance from the glance

We have setup OpenStack using conjure-up on a (Ubuntu LTS server 16.04.3) single machine. All are services are up and running, and successfully I am able to upload images to the glance.
We wanted to save these glance images created by "glance image-create" in remote machine which have nfs server. So we have configured glance-api.conf file as below.
My glance-api.conf looks like this:
[glance_store]
filesystem_store_datadir = /var/lib/glance/images
default_store = file
And in glance controller node, I have mounted
remote machine Ip/home/glance/images/ in this directory path
/var/lib/glance/images
and have mentioned the same mounted directory path inside the glance-api.conf file.
I have created the two sample private network with some ip (192.168.1.0 and 10.221.50.0) but have not created a public network as at this moment I don't want to access this VM instance from outside.
When I am trying to launch the instance from dashboard UI as well as through CLI, I am getting below error.
Error: Failed to perform requested operation on instance "Ubuntu_Hawkbit", the instance has an error status: Please try again later [Error: No valid host was found. There are not enough hosts available.].
Note: I have tried by associating Instance with different private network ,thinking that it may be network IP address issue but facing the same error.
When I check /var/log/nova/nova-compute.log logs, I see below error.
ERROR nova.image.glance [req-1459f1b2-491c-46a2-b803-6ff621a79d30 6ebc7996240c4ce688234f544c9d0116 07427c9d49704357a049b24193ee0a28 - -
-] Error contacting glance server 'http://10.206.193.159:9292' for 'data', done trying.
ERROR nova.image.glance CommunicationError:
Error finding address for
http://10.206.193.159:9292/v1/images/6c30e2ab-1078-45ad-bed2-3e3a75f6af8c:
('Connection aborted.', BadStatusLine("''",))
ERROR
nova_lxd.nova.virt.lxd.image
[req-1459f1b2-491c-46a2-b803-6ff621a79d30
6ebc7996240c4ce688234f544c9d0116 07427c9d49704357a049b24193ee0a28 - -
-] [instance: eedc008d-ef34-498d-8774-b3813ce032f4] Failed to upload 6c30e2ab-1078-45ad-bed2-3e3a75f6af8c to LXD: Connection to glance
ERROR nova_lxd.nova.virt.lxd.operations
[req-1459f1b2-491c-46a2-b803-6ff621a79d30
6ebc7996240c4ce688234f544c9d0116 07427c9d49704357a049b24193ee0a28 - -
-] [instance: eedc008d-ef34-498d-8774-b3813ce032f4] Faild to start container instance-00000020: Connection to glance host
http://10.206.193.159:9292 failed: Error finding address for
http://10.206.193.159:9292/v1/images/6c30e2ab-1078-45ad-bed2-3e3a75f6af8c:
('Connection aborted.', BadStatusLine("''",))
ERROR nova.compute.manager [req-1459f1b2-491c-46a2-b803-6ff621a79d30
6ebc7996240c4ce688234f544c9d0116 07427c9d49704357a049b24193ee0a28 - -
-] [instance: eedc008d-ef34-498d-8774-b3813ce032f4] Instance failed to spawn

Resources