brooklyn-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (BROOKLYN-509) "winrm.useHttps" usage fails inside provisioning.properties: uses http port
Date Tue, 30 May 2017 08:58:04 GMT

    [ https://issues.apache.org/jira/browse/BROOKLYN-509?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16029187#comment-16029187
] 

ASF GitHub Bot commented on BROOKLYN-509:
-----------------------------------------

Github user aledsage commented on the issue:

    https://github.com/apache/brooklyn-server/pull/708
  
    This fixes https://issues.apache.org/jira/browse/BROOKLYN-509. Merging.


> "winrm.useHttps" usage fails inside provisioning.properties: uses http port
> ---------------------------------------------------------------------------
>
>                 Key: BROOKLYN-509
>                 URL: https://issues.apache.org/jira/browse/BROOKLYN-509
>             Project: Brooklyn
>          Issue Type: Bug
>    Affects Versions: 0.11.0
>            Reporter: Aled Sage
>
> As Yavor observed, if you use {{winrm.useHttps: true}} inside an entity's {{provisioning.properties}}
rather than in the location's config, then Brooklyn will incorrectly choose the loginPort
5985 (instead of 5986). However, {{winrm.useHttps}} is correctly passed through to winrm4j.
> This leads to a subsequent error like:
> {noformat}
> Caused by: javax.net.ssl.SSLException: SSLException invoking https://52.174.190.96:5985/wsman:
Unrecognized SSL message, plaintext connection?
>         at sun.reflect.GeneratedConstructorAccessor163.newInstance(Unknown Source) ~[na:na]
>         at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
~[na:1.8.0_121]
>         at java.lang.reflect.Constructor.newInstance(Unknown Source) ~[na:1.8.0_121]
>         at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.mapException(HTTPConduit.java:1385)
~[cxf-rt-transports-http-3.1.10.jar:3.1.10]
>         at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1369)
~[cxf-rt-transports-http-3.1.10.jar:3.1.10]
>         at org.apache.cxf.transport.http.asyncclient.AsyncHTTPConduit$AsyncWrappedOutputStream.close(AsyncHTTPConduit.java:415)
~[cxf-rt-transports-http-hc-3.1.10.jar:3.1.10]
> {noformat}
> All subsequent attempts to use WinRM with the VM fail because it's using the http port,
expecting it to be https!
> The workaround is to put the {{winrm.useHttps: true}} inside the location's configuration,
rather than in the entity's provisioning.properties.
> ----
> An example blueprint is:
> {noformat}
> location:
>   jclouds:azurecompute-arm:
>       identity: xxxxxxxx
>       credential: xxxxxxxx
>       endpoint: https://management.azure.com/subscriptions/xxxxxxxx
>       oauth.endpoint: https://login.microsoftonline.com/xxxxxxxx/oauth2/token
>       jclouds.azurecompute.arm.publishers: MicrosoftWindowsServer
>       jclouds.azurecompute.operation.timeout: 120000
>       jclouds.compute.resourcename-prefix: xxxx
>       osFamily: windows 
>       imageId: westeurope/MicrosoftWindowsServer/WindowsServer/2008-R2-SP1
>       region: westeurope
>       vmNameMaxLength: 15
>       useJcloudsSshInit: false
>       destroyOnFailure: false
>       templateOptions:
>         overrideLoginUser: azureuser
>         overrideLoginPassword: "aiji39fjD3jidRwe3&43"
>         secrets:
>         - sourceVault:
>             id: /subscriptions/xxxxxxxx/resourceGroups/jclouds-westeurope/providers/Microsoft.KeyVault/vaults/xxxxKV1
>           vaultCertificates:
>           - certificateUrl: "https://xxxxkv1.vault.azure.net/secrets/XxxxCert/xxxxxxxx"
>             certificateStore: My         
>         windowsConfiguration:
>           provisionVMAgent: true
>           winRM:
>             listeners:
>             - protocol: http
>             - protocol: https
>               certificateUrl: https://xxxxv1.vault.azure.net/secrets/XxxxCert/xxxxxxxx
>           additionalUnattendContent: null
> services:
> - type: org.apache.brooklyn.entity.software.base.VanillaWindowsProcess
>   brooklyn.config:
>     install.command: echo true
>     launch.command: echo true
>     stop.command: echo true
>     checkRunning.command: echo true
>     provisioning.properties:
>       winrm.useHttps: true
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message