Good day
I created a brand new custom OpenFlow environment running in Azure on Ubuntu 22.04LTS.
The OpenFlow portal is working, but as soon as I try to access a NodeRed agent I get the following error:
What is the possible fix for this? The SSL certificate is working for the OpenFlow portal and the DNS records added are as follows:
I also added the yaml file that I used, not sure if the error comes from this file:
version: "3.3"
services:
mongodb:
image: mongo
restart: always
command: "--bind_ip_all --replSet rs0"
environment:
- MONGO_REPLICA_SET_NAME=rs0
volumes:
- mongodb_data:/data/db
mongosetup:
image: mongo
depends_on:
- mongodb
restart: "no"
command: >
mongosh --host mongodb:27017 --eval
'
db = (new Mongo("mongodb:27017")).getDB("openflow");
config = {
"_id" : "rs0",
"members" : [
{
"_id" : 0,
"host" : "mongodb:27017"
}
]
};
rs.initiate(config);
'
traefik:
image: traefik
command:
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.websecure.address=:443"
- "--entrypoints.web.address=:80"
# - "--log.level=DEBUG"
# - --certificatesresolvers.myresolver.acme.dnschallenge.provider=gcloud
# - --certificatesresolvers.myresolver.acme.email=my@domain.com
- --certificatesresolvers.myresolver.acme.dnschallenge.provider=azure
- --certificatesresolvers.myresolver.acme.email=
- --certificatesresolvers.myresolver.acme.dnschallenge.resolvers=1.1.1.1
- --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json
# # middleware redirect
# - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
# # global redirect to https
# - "traefik.http.routers.redirs.rule=hostregexp(`{host:.+}`)"
# - "traefik.http.routers.redirs.entrypoints=web"
# - "traefik.http.routers.redirs.middlewares=redirect-to-https"
environment:
- AZURE_CLIENT_ID=
- AZURE_CLIENT_SECRET=
- AZURE_SUBSCRIPTION_ID=
- AZURE_TENANT_ID=
- AZURE_RESOURCE_GROUP=
- AZURE_POLLING_INTERVAL=5
- AZURE_PROPAGATION_TIMEOUT=120
- AZURE_TTL=30
# - CLOUDFLARE_EMAIL_FILE=/letsencrypt/CF_EMAIL.txt
# - CLOUDFLARE_API_KEY_FILE=/letsencrypt/CF_KEY.txt
# - GCE_PROJECT=apiproject-237214
# - GCE_SERVICE_ACCOUNT_FILE=/letsencrypt/account.json
# - DO_POLLING_INTERVAL=5
# - DO_PROPAGATION_TIMEOUT=120
# - DO_TTL=30
ports:
- "80:80"
- "443:443"
restart: always
volumes:
- "./letsencrypt:/letsencrypt"
- "//var/run/docker.sock:/var/run/docker.sock:ro"
rabbitmq:
labels:
- "traefik.enable=true"
- "traefik.http.routers.rabbitmq.rule=Host(`mq.integrations.mdrdigitals.com`)"
- "traefik.http.routers.rabbitmq.entrypoints=websecure"
- "traefik.http.routers.rabbitmq.tls.certresolver=myresolver"
- "traefik.http.services.rabbitmq.loadbalancer.server.port=15672"
image: rabbitmq:3-management
restart: always
api:
labels:
- "traefik.enable=true"
- "traefik.http.routers.api.rule=Host(`integrations.mdrdigitals.com`)"
- "traefik.http.routers.api.entrypoints=websecure"
- "traefik.http.routers.api.tls.certresolver=myresolver"
- "traefik.http.services.api.loadbalancer.server.port=3000"
- "traefik.frontend.passHostHeader=true"
# - "traefik.http.routers.api.tls.domains[0].main=integrations.mdrdigitals.com"
# - "traefik.http.routers.api.tls.domains[0].sans=*.integrations.mdrdigitals.com"
image: openiap/openflow
deploy:
replicas: 1
pull_policy: always
restart: always
depends_on:
- rabbitmq
- mongodb
volumes:
- "//var/run/docker.sock:/var/run/docker.sock"
environment:
- auto_create_users=false
- auto_create_domains=
- domain=integrations.mdrdigitals.com
- protocol=https
- agent_oidc_userinfo_endpoint=http://api:3000/oidc/me
- agent_oidc_issuer=https://integrations.mdrdigitals.com/oidc
- agent_oidc_authorization_endpoint=https://integrations.mdrdigitals.com/oidc/auth
- agent_oidc_token_endpoint=http://api:3000/oidc/token
- agent_docker_entrypoints=web,websecure
- agent_docker_certresolver=myresolver
# uncomment below 2 lines, if you have set replicas above 1
# - enable_openflow_amqp=true
# - amqp_prefetch=25
# uncomment to add agents to the same docker compose project ( will breake running docker compose up -d if any agents running )
# - agent_docker_use_project=true
- amqp_url=amqp://guest:guest@rabbitmq
- mongodb_url=mongodb://mongodb:27017
- mongodb_db=openrpa
- aes_secret=O1itlrmA47WzxPj95YHD2sZs7IchYaQI25mQ
volumes:
mongodb_data:
driver: local
In the agent logs, I see the following error, not sure if it is related:
Environment running OpenFlow v1.5.9
I’ve just seen that error a few days ago.
The error happens in saveSettings, and the error seems to come from NodeRED calling saveSettings with an empty object, but i am pretty sure when i saw this error, we fixed it by changing something in openflow. Embarrassing
maybe the first error is a hint. So it’s complaining issuer does not match, but it matches what you have in the environment variables ( and it matches the real value from https://integrations.mdrdigitals.com/oidc/.well-known/openid-configuration )
I will just quickly try and do a fresh install my self and see if I can reproduce this.
i purged my local system ( releasing >300 gb disk space, so that was nice )
I then started a small debian vm in google cloud, added dns for the ephemeral IP and updated docker-compose-letsencrypt.yml to match
I will investigate and write again, when i found a solution to this.
ok, i see the error comes both in my local and cloud deployment, and it’s not important, nodered is still working without any issues. The error is due to the fact there are no nodes/modules installed when it initially starts up, and I forgot to check for settings.nodes being null ( it used to always be an array ) i will get that fixed
could you go to the package monitoring package
Hi @Allan_Zimmermann
Thanks for the responses.
Here is the output of the above:
I saw I made a mistake yesterday - there is the correct yaml file that I am using (it is exactly the same as the one above - it is just a different URL):
version: "3.3"
services:
mongodb:
image: mongo
restart: always
command: "--bind_ip_all --replSet rs0"
environment:
- MONGO_REPLICA_SET_NAME=rs0
volumes:
- mongodb_data:/data/db
mongosetup:
image: mongo
depends_on:
- mongodb
restart: "no"
command: >
mongosh --host mongodb:27017 --eval
'
db = (new Mongo("mongodb:27017")).getDB("openflow");
config = {
"_id" : "rs0",
"members" : [
{
"_id" : 0,
"host" : "mongodb:27017"
}
]
};
rs.initiate(config);
'
traefik:
image: traefik
command:
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.websecure.address=:443"
- "--entrypoints.web.address=:80"
# - "--log.level=DEBUG"
# - --certificatesresolvers.myresolver.acme.dnschallenge.provider=gcloud
# - --certificatesresolvers.myresolver.acme.email=my@domain.com
- --certificatesresolvers.myresolver.acme.dnschallenge.provider=azure
- --certificatesresolvers.myresolver.acme.email=
- --certificatesresolvers.myresolver.acme.dnschallenge.resolvers=1.1.1.1
- --certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json
# # middleware redirect
# - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
# # global redirect to https
# - "traefik.http.routers.redirs.rule=hostregexp(`{host:.+}`)"
# - "traefik.http.routers.redirs.entrypoints=web"
# - "traefik.http.routers.redirs.middlewares=redirect-to-https"
environment:
- AZURE_CLIENT_ID=
- AZURE_CLIENT_SECRET=
- AZURE_SUBSCRIPTION_ID=
- AZURE_TENANT_ID=
- AZURE_RESOURCE_GROUP=
- AZURE_POLLING_INTERVAL=5
- AZURE_PROPAGATION_TIMEOUT=120
- AZURE_TTL=30
# - CLOUDFLARE_EMAIL_FILE=/letsencrypt/CF_EMAIL.txt
# - CLOUDFLARE_API_KEY_FILE=/letsencrypt/CF_KEY.txt
# - GCE_PROJECT=apiproject-237214
# - GCE_SERVICE_ACCOUNT_FILE=/letsencrypt/account.json
# - DO_POLLING_INTERVAL=5
# - DO_PROPAGATION_TIMEOUT=120
# - DO_TTL=30
ports:
- "80:80"
- "443:443"
restart: always
volumes:
- "./letsencrypt:/letsencrypt"
- "//var/run/docker.sock:/var/run/docker.sock:ro"
rabbitmq:
labels:
- "traefik.enable=true"
- "traefik.http.routers.rabbitmq.rule=Host(`mq.integrator.mdrdigitals.com`)"
- "traefik.http.routers.rabbitmq.entrypoints=websecure"
- "traefik.http.routers.rabbitmq.tls.certresolver=myresolver"
- "traefik.http.services.rabbitmq.loadbalancer.server.port=15672"
image: rabbitmq:3-management
restart: always
api:
labels:
- "traefik.enable=true"
- "traefik.http.routers.api.rule=Host(`integrator.mdrdigitals.com`)"
- "traefik.http.routers.api.entrypoints=websecure"
- "traefik.http.routers.api.tls.certresolver=myresolver"
- "traefik.http.services.api.loadbalancer.server.port=3000"
- "traefik.frontend.passHostHeader=true"
# - "traefik.http.routers.api.tls.domains[0].main=integrator.mdrdigitals.com"
# - "traefik.http.routers.api.tls.domains[0].sans=*.integrator.mdrdigitals.com"
image: openiap/openflow
deploy:
replicas: 1
pull_policy: always
restart: always
depends_on:
- rabbitmq
- mongodb
volumes:
- "//var/run/docker.sock:/var/run/docker.sock"
environment:
- auto_create_users=false
- auto_create_domains=
- domain=integrator.mdrdigitals.com
- protocol=https
- agent_oidc_userinfo_endpoint=http://api:3000/oidc/me
- agent_oidc_issuer=https://integrator.mdrdigitals.com/oidc
- agent_oidc_authorization_endpoint=https://integrator.mdrdigitals.com/oidc/auth
- agent_oidc_token_endpoint=http://api:3000/oidc/token
- agent_docker_entrypoints=web,websecure
- agent_docker_certresolver=myresolver
# uncomment below 2 lines, if you have set replicas above 1
# - enable_openflow_amqp=true
# - amqp_prefetch=25
# uncomment to add agents to the same docker compose project ( will breake running docker compose up -d if any agents running )
# - agent_docker_use_project=true
- amqp_url=amqp://guest:guest@rabbitmq
- mongodb_url=mongodb://mongodb:27017
- mongodb_db=openrpa
- aes_secret=O1itlrmA47WzxPj95YHD2sZs7IchYaQI25mQ
volumes:
mongodb_data:
driver: local
There are no errors in that output.
I need an error in order to troubleshoot it. or a way to reproduce it ( or acess to the envoriment )
Hi @Allan_Zimmermann
I sent you a personal message.
system
May 29, 2024, 8:38am
9
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.
