Unable to reach Sentry log server: EOF occurred in violation of protocol - nginx

I'm having trouble with setting up Sentry server in HTTPS mode. Every now and then, reasonably often while seemingly random, this error message gets written by Raven (Sentry client) into log files:
Unable to reach Sentry log server: <urlopen error [Errno 8] _ssl.c:504: EOF occurred in violation of protocol> (url: https://$(valid_server)/)
Web UI works fine. Vast majority of the messages from Raven are received fine and Sentry processes them into usable output. However, due to these errors, something gets lost from time to time.
I have tried to figure this one out, but dead ends seem to follow another. Basically it seems a lot like this:
Python Requests requests.exceptions.SSLError: [Errno 8] _ssl.c:504: EOF occurred in violation of protocol
But when testing my Sentry server with similar s_client query using TLS 1.2, it leads to a valid session unlike with the example there.
It's also not about this, since SNI isn't used:
python-requests 2.0.0 - [Errno 8] _ssl.c:504: EOF occurred in violation of protocol
I'm not able to reproduce the error coherently. Raven's tests are passed and nothing is acutely wrong, until an error pops up in the log.
My set up is: Raven 4.2.1 in Python 2.7.5, Nginx 1.6.0 as reverse proxy handling HTTPS, and finally Sentry 6.4.4 with default Gunicorn 0.17.4. Nginx configs are pretty much similar to official documentation (http://sentry.readthedocs.org/en/latest/quickstart/nginx.html) with a few alterations due to HTTPS.

I ran into the same issue and got it fixed by installing the following dependencies:
On Ubuntu:
sudo aptitude install libffi-dev
And then via pip:
pip install pyopenssl ndg-httpsclient pyasn1
The problem seems to be that Python 2.X doesn't support SNI (which is needed for TLS) out of the box as explained here.

Related

Artifactory service fails to start upon Fedora 35 reboot

I have installed on Fedora 35 jfrog-artifactory-oss (v7.31.11-73111900.x86_64) and enabled it as a system service to start at boot. But whenever I boot up my OS, the server never starts properly. I will always need to kill the PID of the active running Artifactory process. If I then do sudo service artifactory restart it will bring up the server cleanly and everything is good. How can I avoid having to do this little dance? Is there something about OS boot up that is causing Artifactory to get thrown off?
I have looked at console.log when the server is not running properly after bootup, I see some logs like:
2022-01-27T08:35:38.383Z [shell] [INFO] [] [artifactoryManage.sh:69] [main] - Artifactory Tomcat already started
2022-01-27T08:35:43.084Z [jfac] [WARN] [d84d2d549b318495] [o.j.c.ExecutionUtils:165] [pool-9-thread-2] - Retry 900 Elapsed 7.56 minutes failed: Registration with router on URL http://localhost:8046 failed with error: UNAVAILABLE: io exception. Trying again
That shows that the server is not running properly, but doesn't give a clear idea of what to try next. Any suggestions?
2 things to check,
How is the artifactory.service file in the systemd directory
Whenever the OS is rebooted, what is the error seen in the logs, check all the logs.
Hint: From the warning shared, it seems that Router service is not able to start when OS is rebooted, so whenever OS is rebooted and issue comes up check the router-service.log for any errors/warnings.

Hiveserver2: could not start ThriftHttpCliService

I'm attempting to enable SSL on hiveserver2.
I can run in the default binary mode fine. http mode works no problem. As soon as I enable SSL through hive-site.xml, i'm faced with the following error.
ERROR [Thread-28] thrift.ThriftCLIService: Error starting HiveServer2: could not start ThriftHttpCLIService
java.net.BindException: Address already in use
There is nothing using any of the ports, prior to starting hiveserver2. Checked with netstat -tupln
Ports i've configured in hive-site.xml are
hive.server2.webui.port 11002
hive.server2.thrift.http.port 11001
hive.server2.thrift.port 11000
and invoking hiveserver2 via the service /opt/hive/bin/hive --service hiveserver2 &
O/S ubuntu (on kubernetes)
Hive version 3.0.0
Any help greatly appreciate. Google search for problems with ThriftHTTPCliService came up short.
For anyone that come across this post.
I upgraded to Hive 3.1.0, along with the metastore schema.
This fixed the issue, although unsure as to the underlying cause.

502 Bad Gateway Nginx & Chef Server

I've upgraded my chef server. Then I ran chef-server-ctl reconfigure successfully.
However, when I ran chef-server-ctl test, I got error:
Encountered an error attempting to create client pedant_admin_client
Response Code was: 502
502 Bad Gateway
nginx/1.4.4
Can anyone help me?
tl;dr
sudo chef-server-ctl upgrade
WARNING: my org was preserved, but your results may vary
I ran into this too. I suspect an unexpected. "apt-get upgrade". For me all checks pass in status.
chef-server-ctl status
but this failed
sudo chef-server-ctl test
I ran this for more details (beware thousands of lines of output ;- )
sudo chef-server-ctl tail
and found this gem: (note the ".." in the path indicating a path misconfig)
2015-08-24_23:00 mkdir: cannot create directory '/opt/opscode/embedded/service/rabbitmq/sbin/../var': Permission denied
I then ran this and it worked
sudo chef-server-ctl upgrade
Ran into the same thing: Here is what I did to solve the problem.
Chef has logs but a lot of services. Check which one is failing
chef-server-ctl status will indicate what is down.
Go look at that log under
/var/log/chef-server/<problem-service>/current
My particular problem was
2014-09-27_17:33:32.41439 FATAL: could not create shared memory segment: Invalid argument
2014-09-27_17:33:32.41441 DETAIL: Failed system call was shmget(key=5432001, size=4050755584, 03600).
2014-09-27_17:33:32.41442 HINT: This error usually means that PostgreSQL's request for a shared memory segment exceeded your kernel's SHMMAX parameter. You can either reduce the request size or reconfigure the kernel with larger SHMMAX. To reduce the request size (currently 4050755584 bytes), reduce PostgreSQL's shared memory usage, perhaps by reducing shared_buffers or max_connections.
Thus all I needed to do was chef-server-ctl reconfigure
problem solved

Arch Linux on VirtualBox network problems

I've installed ArchLinux with VB on MacOS. I have network problems, I cannot resolve addresses. When trying pacman -S htop for example I get the following error :
:: Retrieving packages from extra...
error: failed retrieving file 'htop-1.0-1-x86_64.pkg.tar.xz' from mir1.archlinux.fr : Could not resolve host: mir1.archlinux.fr; Name or service not known
warning: failed to retrieve some files from extra
error: failed to commit transaction (download library error)
Errors occurred, no packages were upgraded.
If I ping mir1.archlinux.fr I get a response. I'm running Network in Nat Mode.
PS: If I run In Bridge Mode I have no problems.
Can someone help me fixing this problem?
Nevermind... disabling ipv6 fixed the problem.!
Check your /etc/resolve.conf or even change for opendns/google DNS.
Then check any domain like:
dig http://stackoverflow.com
finally:
pacman -Syu

Why does Passenger 3.0 with nginx crash on startup(?) then 403s?

On Ubuntu with REE 1.8.7, with nginx 0.8.53 manually compiled with the
Passenger 3 module doc installed as per the docs, I get an error in
the nginx error log when nginx starts:
Unable to start the Phusion Passenger watchdog because it encountered
the following error during startup: Unable to start the Phusion
Passenger logging agent: an error occurred while sending startup
arguments: Broken pipe (32) (-1: Unknown error 18446744073709551615)
I assume this means nginx never starts properly. When I try and view
my site after this, I get a 403.
2010/10/22 00:56:47 [error] 13874#0: *1813942 directory index of "/var/
rails/myapp/current/public/" is forbidden, client: 125.197.115.16,
server: new.myapp.fm, request: "GET / HTTP/1.1", host: "new.myapp.fm"
I expect the first is probably causing the second. I haven't had any
luck googling this. Can anyone provide insight or help me
troubleshoot?
I got this after upgrading to Passenger 3.0.1 as I had not changed the version of Passenger specified by passenger_root in /opt/nginx/conf/nginx.conf. You might need to change the line that looks like this to specify the correct version:
passenger_root /usr/lib/ruby/gems/1.8/gems/passenger-3.0.1;
You get told to do this when you install nginx. Hope that helps.
I ran into this problem too, and it was because passenger couldn't find ruby:
tail -f /var/log/nginx/error.log
2011/12/20 00:54:45 [alert] 30300#0: Unable to start the Phusion Passenger watchdog because it encountered the following error during startup: Unable to start the Phusion Passenger helper agent: it seems to have crashed during startup for an unknown reason, with exit code 1 (-1: Unknown error)
* Passenger ERROR (ext/common/ApplicationPool/../SpawnManager.h:220):
Could not start the spawn server: ruby: No such file or directory (2)
Even though ruby was properly listed within the system PATH, it didn't seem to work right until I added:
passenger_ruby = /usr/local/bin/ruby;
(the location of my ruby executable) into the http section of my nginx config.
The problem was that PassengerLoggingAgent wasn't installed when I did 'gem install passenger'. I installed it as per this discussion (by grabbing it from the standalone zip) and everything is fine now: http://groups.google.com/group/phusion-passenger/browse_thread/thread/323dc1c7b0e5ee11

Resources