ElasticSearch: Https не работает внутри контейнера - PullRequest
Новая
       13

ElasticSearch: Https не работает внутри контейнера

0 голосов
/ 08 июля 2019

Я реализовал ElasticSearch для одного из моих приложений (Net core 2.1).

С локального или развернутого на любой обычный сервер (внутри нашей компании) все работает отлично. Журналы успешно зарегистрированы.

Проблема начинается, когда я развертываю свое приложение внутри контейнера Docker. Это исключение. Исходя из моих выводов, это связано с тем, что ElasticSearch Url является https и имеет сертификат.

Файл Docker: 

FROM mcr.microsoft.com/dotnet/core/runtime:2.1
WORKDIR /app
ADD test/bin/Release/netcoreapp2.1/linux-x64/* /app/
ENTRYPOINT ["dotnet", "test.dll", "--console"]

Создать файл: 

services: 

  app: # service definition: Mandatory - PRINCIPLE # 2

    # Mandatory - PRINCIPLE # 9 - images in DTR to use the assigned org name for the project context.
    # project org name is 'om-cockpit'
    image: __IMAGE__


    # Mandatory - PRINCIPLE # 5
    deploy:
        replicas: 1
        restart_policy:
            condition: on-failure

        # Mandatory - PRINCIPLE # 3
        resources:
            limits:
                #cpus: "0.1" # Not supported on Windows platforms
                memory: 256M

        # Mandatory - PRINCIPLE # 4
        placement:
            constraints:
                - node.role == worker
                - node.labels.test== true

        # Mandatory - PRINCIPLE # 11
        labels:
            com.docker.ucp.access.label: /Shared/test/ops

    environment:
    # We'll use the entrypoint and a command param to specify which ports the app should to listen on
    #    ASPNETCORE_URLS: http://+:8080 # This env var is overridden by hosting.json, so use the --urls cmd param
        ASPNETCORE_ENVIRONMENT: Dev
        ASPNETCORE_URLS: http://+:8110

    # Override/define the entrypoint for the image
    entrypoint: /app/O.WP.Work --console --urls=http://*:8110 --environment=Dev


    # Defines port mapping on the host to the container port
    # Service ports should be exposed only if it's necessary to reach the application from external resource
    # PRINCIPLE # 7
    ports:
        #   - "8050:8050"
        - target: 8110 #container
          published: 12111 #public port
          protocol: tcp

Я получаю это исключение 

Elastic Search : 2019-07-07T08:02:32.3113052Z Caught exception while preforming bulk operation to Elasticsearch: Elasticsearch.Net.ElasticsearchClientException: The SSL connection could not be established, see inner exception. ---> System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.

   at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception)

   at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)

   at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)

   at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)

   at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)

   at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)

   at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)

   at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)

   at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)

   at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)

   at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest)

--- End of stack trace from previous location where exception was thrown ---

   at System.Net.Security.SslState.ThrowIfExceptional()

   at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult)

   at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result)

   at System.Net.Security.SslStream.EndAuthenticateAsClient(IAsyncResult asyncResult)

   at System.Net.Security.SslStream.<>c.<AuthenticateAsClientAsync>b__47_1(IAsyncResult iar)

   at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)

--- End of stack trace from previous location where exception was thrown ---

   at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)

   --- End of inner exception stack trace ---

   at System.Net.Http.ConnectHelper.EstablishSslConnectionAsyncCore(Stream stream, SslClientAuthenticationOptions sslOptions, CancellationToken cancellationToken)

   at System.Threading.Tasks.ValueTask`1.get_Result()

   at System.Net.Http.HttpConnectionPool.CreateConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)

   at System.Threading.Tasks.ValueTask`1.get_Result()

   at System.Net.Http.HttpConnectionPool.WaitForCreatedConnectionAsync(ValueTask`1 creationTask)

   at System.Threading.Tasks.ValueTask`1.get_Result()

   at System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, Boolean doRequestAuth, CancellationToken cancellationToken)

   at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)

   at System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task`1 sendTask, HttpRequestMessage request, CancellationTokenSource cts, Boolean disposeCts)

   at Elasticsearch.Net.HttpConnection.Request[TResponse](RequestData requestData) in c:\Projects\elastic\net-master\src\Elasticsearch.Net\Connection\HttpConnection-CoreFx.cs:line 73

   --- End of inner exception stack trace ---

   at Elasticsearch.Net.Transport`1.HandleElasticsearchClientException(RequestData data, Exception clientException, IElasticsearchResponse response) in c:\Projects\elastic\net-master\src\Elasticsearch.Net\Transport\Transport.cs:line 196

   at Elasticsearch.Net.Transport`1.FinalizeResponse[TResponse](RequestData requestData, IRequestPipeline pipeline, List`1 seenExceptions, TResponse response) in c:\Projects\elastic\net-master\src\Elasticsearch.Net\Transport\Transport.cs:line 180

   at Elasticsearch.Net.Transport`1.Request[TResponse](HttpMethod method, String path, PostData data, IRequestParameters requestParameters) in c:\Projects\elastic\net-master\src\Elasticsearch.Net\Transport\Transport.cs:line 97

   at Serilog.Sinks.Elasticsearch.ElasticsearchSink.EmitBatchChecked[T](IEnumerable`1 events)

   at Serilog.Sinks.Elasticsearch.ElasticsearchSink.EmitBatch(IEnumerable`1 events)
Добро пожаловать на сайт PullRequest, где вы можете задавать вопросы и получать ответы от других членов сообщества.

Нет похожих вопросов

...