You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
Whenever I tried to connect to a s3 storage which is ssl configured,the Medusa container is going into a crashloopbackoff state.
Describe the solution you'd like
Adding a patch which gives secure connection using ssl
medusa:
storageProperties:
# Can be either of local, google_storage, azure_blobs, s3, s3_compatible, s3_rgw or ibm_storage
storageProvider: s3_compatible
# Name of the secret containing the credentials file to access the backup storage backend
storageSecretRef:
name: medusa-bucket-key
# Name of the storage bucket
bucketName: cassandra_medusa
# Prefix for this cluster in the storage bucket directory structure, used for multitenancy
prefix: test
# Host to connect to the storage backend (Omitted for GCS, S3, Azure and local).
host: xxxxxxxxxx
# Port to connect to the storage backend (Omitted for GCS, S3, Azure and local).
port: 9021
# Region of the storage bucket
# region: us-east-1
# Whether or not to use SSL to connect to the storage backend
secure: True
[2023-01-25 06:36:21,298] INFO: Found credentials in shared credentials file: /etc/medusa-secrets/credentials
DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): xxxxxxxxx:9021
[2023-01-25 06:36:21,304] DEBUG: Starting new HTTPS connection (1): xxxxxxxxx:9021
Traceback (most recent call last):
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/contrib/pyopenssl.py", line 488, in wrap_socket
cnx.do_handshake()
File "/home/cassandra/.local/lib/python3.6/site-packages/OpenSSL/SSL.py", line 1991, in do_handshake
self._raise_ssl_error(self._ssl, result)
File "/home/cassandra/.local/lib/python3.6/site-packages/OpenSSL/SSL.py", line 1700, in _raise_ssl_error
_raise_current_error()
File "/home/cassandra/.local/lib/python3.6/site-packages/OpenSSL/_util.py", line 55, in exception_from_error_queue
raise exception_type(errors)
OpenSSL.SSL.Error: [('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')]
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 677, in urlopen
chunked=chunked,
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 381, in _make_request
self._validate_conn(conn)
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 978, in validate_conn
conn.connect()
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/connection.py", line 371, in connect
ssl_context=context,
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/util/ssl.py", line 386, in ssl_wrap_socket
return context.wrap_socket(sock, server_hostname=server_hostname)
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/contrib/pyopenssl.py", line 494, in wrap_socket
raise ssl.SSLError("bad handshake: %r" % e)
ssl.SSLError: ("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/cassandra/.local/lib/python3.6/site-packages/requests/adapters.py", line 449, in send
timeout=timeout
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 727, in urlopen
method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2]
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/util/retry.py", line 446, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='xxxxxxxxx', port=9021): Max retries exceeded with url: /cassandra_medusa (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.6/runpy.py", line 193, in _run_module_as_main
"main", mod_spec)
File "/usr/lib/python3.6/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/home/cassandra/medusa/service/grpc/server.py", line 349, in
server.serve()
File "/home/cassandra/medusa/service/grpc/server.py", line 65, in serve
medusa_pb2_grpc.add_MedusaServicer_to_server(MedusaService(config), self.grpc_server)
File "/home/cassandra/medusa/service/grpc/server.py", line 104, in init
self.storage = Storage(config=self.config.storage)
File "/home/cassandra/medusa/storage/init.py", line 75, in init
self.storage_driver = self._connect_storage()
File "/home/cassandra/medusa/storage/init.py", line 93, in _connect_storage
s3_storage = S3BaseStorage(self._config)
File "/home/cassandra/medusa/storage/s3_base_storage.py", line 67, in init
super().init(config)
File "/home/cassandra/medusa/storage/abstract_storage.py", line 40, in init
self.bucket = self.driver.get_container(container_name=config.bucket_name)
File "/home/cassandra/.local/lib/python3.6/site-packages/libcloud/storage/drivers/s3.py", line 357, in get_container
method='HEAD')
File "/home/cassandra/.local/lib/python3.6/site-packages/libcloud/common/base.py", line 623, in request
headers=headers, stream=stream)
File "/home/cassandra/.local/lib/python3.6/site-packages/libcloud/http.py", line 232, in request
verify=self.verification
File "/home/cassandra/.local/lib/python3.6/site-packages/requests/sessions.py", line 533, in request
resp = self.send(prep, **send_kwargs)
File "/home/cassandra/.local/lib/python3.6/site-packages/requests/sessions.py", line 646, in send
r = adapter.send(request, **kwargs)
File "/home/cassandra/.local/lib/python3.6/site-packages/requests/adapters.py", line 514, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='xxxxxxxxx', port=9021): Max retries exceeded with url: /cassandra_medusa (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
Whenever I tried to connect to a s3 storage which is ssl configured,the Medusa container is going into a crashloopbackoff state.
Describe the solution you'd like
Adding a patch which gives secure connection using ssl
**********************************************************#
k8ssandracluster.yaml
*********************************************************#
medusa:
storageProperties:
# Can be either of local, google_storage, azure_blobs, s3, s3_compatible, s3_rgw or ibm_storage
storageProvider: s3_compatible
# Name of the secret containing the credentials file to access the backup storage backend
storageSecretRef:
name: medusa-bucket-key
# Name of the storage bucket
bucketName: cassandra_medusa
# Prefix for this cluster in the storage bucket directory structure, used for multitenancy
prefix: test
# Host to connect to the storage backend (Omitted for GCS, S3, Azure and local).
host: xxxxxxxxxx
# Port to connect to the storage backend (Omitted for GCS, S3, Azure and local).
port: 9021
# Region of the storage bucket
# region: us-east-1
################################################################
medusa container logs:
################################################################
[2023-01-25 06:36:21,298] INFO: Found credentials in shared credentials file: /etc/medusa-secrets/credentials
DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): xxxxxxxxx:9021
[2023-01-25 06:36:21,304] DEBUG: Starting new HTTPS connection (1): xxxxxxxxx:9021
Traceback (most recent call last):
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/contrib/pyopenssl.py", line 488, in wrap_socket
cnx.do_handshake()
File "/home/cassandra/.local/lib/python3.6/site-packages/OpenSSL/SSL.py", line 1991, in do_handshake
self._raise_ssl_error(self._ssl, result)
File "/home/cassandra/.local/lib/python3.6/site-packages/OpenSSL/SSL.py", line 1700, in _raise_ssl_error
_raise_current_error()
File "/home/cassandra/.local/lib/python3.6/site-packages/OpenSSL/_util.py", line 55, in exception_from_error_queue
raise exception_type(errors)
OpenSSL.SSL.Error: [('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')]
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 677, in urlopen
chunked=chunked,
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 381, in _make_request
self._validate_conn(conn)
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 978, in validate_conn
conn.connect()
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/connection.py", line 371, in connect
ssl_context=context,
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/util/ssl.py", line 386, in ssl_wrap_socket
return context.wrap_socket(sock, server_hostname=server_hostname)
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/contrib/pyopenssl.py", line 494, in wrap_socket
raise ssl.SSLError("bad handshake: %r" % e)
ssl.SSLError: ("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/cassandra/.local/lib/python3.6/site-packages/requests/adapters.py", line 449, in send
timeout=timeout
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 727, in urlopen
method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2]
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/util/retry.py", line 446, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='xxxxxxxxx', port=9021): Max retries exceeded with url: /cassandra_medusa (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.6/runpy.py", line 193, in _run_module_as_main
"main", mod_spec)
File "/usr/lib/python3.6/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/home/cassandra/medusa/service/grpc/server.py", line 349, in
server.serve()
File "/home/cassandra/medusa/service/grpc/server.py", line 65, in serve
medusa_pb2_grpc.add_MedusaServicer_to_server(MedusaService(config), self.grpc_server)
File "/home/cassandra/medusa/service/grpc/server.py", line 104, in init
self.storage = Storage(config=self.config.storage)
File "/home/cassandra/medusa/storage/init.py", line 75, in init
self.storage_driver = self._connect_storage()
File "/home/cassandra/medusa/storage/init.py", line 93, in _connect_storage
s3_storage = S3BaseStorage(self._config)
File "/home/cassandra/medusa/storage/s3_base_storage.py", line 67, in init
super().init(config)
File "/home/cassandra/medusa/storage/abstract_storage.py", line 40, in init
self.bucket = self.driver.get_container(container_name=config.bucket_name)
File "/home/cassandra/.local/lib/python3.6/site-packages/libcloud/storage/drivers/s3.py", line 357, in get_container
method='HEAD')
File "/home/cassandra/.local/lib/python3.6/site-packages/libcloud/common/base.py", line 623, in request
headers=headers, stream=stream)
File "/home/cassandra/.local/lib/python3.6/site-packages/libcloud/http.py", line 232, in request
verify=self.verification
File "/home/cassandra/.local/lib/python3.6/site-packages/requests/sessions.py", line 533, in request
resp = self.send(prep, **send_kwargs)
File "/home/cassandra/.local/lib/python3.6/site-packages/requests/sessions.py", line 646, in send
r = adapter.send(request, **kwargs)
File "/home/cassandra/.local/lib/python3.6/site-packages/requests/adapters.py", line 514, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='xxxxxxxxx', port=9021): Max retries exceeded with url: /cassandra_medusa (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))
The text was updated successfully, but these errors were encountered: