Replies: 1 comment
-
|
Full nats container log: |
Beta Was this translation helpful? Give feedback.
{{ message }}
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hello,
we are deploying a NATS cluster with helm charts, activating jetstream.
When activating tls for nats core and nats cluster, disabling jetstream, no issue, nats starts successfully.
When activating tls for nats core but not for nats cluster, enabling jetstream, no issue
But when activating tls for nats core and nats cluster, enabling jetstream I got this error log:
[7] 2023/10/06 07:46:36.372749 [INF] Listening for route connections on 0.0.0.0:6222 [7] 2023/10/06 07:46:36.381822 [ERR] 10.225.38.34:6222 - rid:10 - TLS route handshake error: tls: first record does not look like a TLS handshake [7] 2023/10/06 07:46:36.381847 [INF] 10.225.38.34:6222 - rid:10 - Router connection closed: TLS Handshake Failure [7] 2023/10/06 07:46:36.384664 [ERR] 10.225.18.28:6222 - rid:11 - TLS route handshake error: tls: first record does not look like a TLS handshake [7] 2023/10/06 07:46:36.384685 [INF] 10.225.18.28:6222 - rid:11 - Router connection closed: TLS Handshake Failure [7] 2023/10/06 07:46:36.473993 [WRN] Waiting for routing to be established...Here is the /etc/nats-config/nats.conf:
`
NATS Clients Port
port: 4222
PID file shared with configuration reloader.
pid_file: "/var/run/nats/nats.pid"
###############
Monitoring
###############
http: 8222
server_name:$POD_NAME
#####################
TLS Configuration
#####################
tls {
cert_file: /etc/nats-certs/clients/nats-server-tls-cert/tls.crt
key_file: /etc/nats-certs/clients/nats-server-tls-cert/tls.key
ca_file: /etc/nats-certs/clients/nats-server-tls-cert/ca.crt
verify_and_map: true
}
###################################
NATS JetStream
###################################
jetstream {
max_mem: 1Gi
store_dir: /data/
max_file:1Gi
}
###################################
NATS Full Mesh Clustering Setup
###################################
cluster {
port: 6222
name: js-nats-cluster-instant-nats-dev
tls {
cert_file: /etc/nats-certs/cluster/nats-cluster-tls-cert/tls.crt
key_file: /etc/nats-certs/cluster/nats-cluster-tls-cert/tls.key
ca_file: /etc/nats-certs/cluster/nats-cluster-tls-cert/ca.crt
}
authorization {
user: *****
password: *********
timeout: 0.5
}
routes = [
nats://:@instant-nats-dev-0.instant-nats-dev.instant-nats-dev.svc.cluster.local:6222,nats://:@instant-nats-dev-1.instant-nats-dev.instant-nats-dev.svc.cluster.local:6222,nats://*:@instant-nats-dev-2.instant-nats-dev.instant-nats-dev.svc.cluster.local:6222,
]
cluster_advertise: $CLUSTER_ADVERTISE
connect_retries: 120
}
#################
NATS Gateways
#################
gateway {
name: js-nats-cluster-instant-nats-dev
port: 7522
Gateways array here
gateways: [
{
name: js-nats-cluster-instant-nats-dev
url: "nats://instant-nats-dev.instant-nats-dev.svc.cluster.local:7522"
},
]
}
max_connections: 5000
lame_duck_grace_period: 10s
lame_duck_duration: 30s
##################
Authorization
##################
system_account: "SYS"
authorization {
}
accounts:{"SYS":{"users":[{"pass":"","user":""}]}}
`
Could you please help?
Thanks
Guillaume
Beta Was this translation helpful? Give feedback.
All reactions