Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

服务端开启tls,集群服务间grpc通信报错:UNAVAILABLE: Network closed for unknown reason #11456

Closed
HUWEIWEI0105 opened this issue Dec 1, 2023 · 3 comments
Closed

服务端开启tls,集群服务间grpc通信报错:UNAVAILABLE: Network closed for unknown reason #11456

HUWEIWEI0105 opened this issue Dec 1, 2023 · 3 comments
Assignees
@stone-98
Labels
kind/feature type/feature

Comments

@HUWEIWEI0105
Copy link

问题描述

服务端开启tls后,若nacos.remote.server.rpc.tls.compatibility=true无问题;若nacos.remote.server.rpc.tls.compatibility=false,集群服务间grpc通信9849端口报错,详细堆栈如下:

2023-11-30 23:59:56,080 ERROR Server check fail, please check server xxx ,port 9849 is available , error ={}

java.util.concurrent.ExecutionException: io.grpc.StatusRuntimeException: UNAVAILABLE: Network closed for unknown reason
        at com.google.common.util.concurrent.AbstractFuture.getDoneValue(AbstractFuture.java:566)
        at com.google.common.util.concurrent.AbstractFuture.get(AbstractFuture.java:445)
        at com.alibaba.nacos.common.remote.client.grpc.GrpcClient.serverCheck(GrpcClient.java:218)
        at com.alibaba.nacos.common.remote.client.grpc.GrpcClient.connectToServer(GrpcClient.java:329)
        at com.alibaba.nacos.common.remote.client.RpcClient.reconnect(RpcClient.java:502)
        at com.alibaba.nacos.common.remote.client.RpcClient.lambda$start$2(RpcClient.java:343)
        at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
        at java.base/java.util.concurrent.FutureTask.run(Unknown Source)
        at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(Unknown Source)
        at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
        at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
        at java.base/java.lang.Thread.run(Unknown Source)
Caused by: io.grpc.StatusRuntimeException: UNAVAILABLE: Network closed for unknown reason
        at io.grpc.Status.asRuntimeException(Status.java:537)
        at io.grpc.stub.ClientCalls$UnaryStreamToFuture.onClose(ClientCalls.java:548)
        at io.grpc.internal.DelayedClientCall$DelayedListener$3.run(DelayedClientCall.java:489)
        at io.grpc.internal.DelayedClientCall$DelayedListener.delayOrExecute(DelayedClientCall.java:453)
        at io.grpc.internal.DelayedClientCall$DelayedListener.onClose(DelayedClientCall.java:486)
        at io.grpc.internal.ClientCallImpl.closeObserver(ClientCallImpl.java:567)
        at io.grpc.internal.ClientCallImpl.access$300(ClientCallImpl.java:71)
        at io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl$1StreamClosed.runInternal(ClientCallImpl.java:735)
        at io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl$1StreamClosed.runInContext(ClientCallImpl.java:716)
        at io.grpc.internal.ContextRunnable.run(ContextRunnable.java:37)
        at io.grpc.internal.SerializingExecutor.run(SerializingExecutor.java:133)
        ... 3 common frames omitted

复现步骤

application.properties中增加配置
nacos.remote.server.rpc.tls.enableTls=true
nacos.remote.server.rpc.tls.compatibility=false
nacos.remote.server.rpc.tls.certChainFile=...
nacos.remote.server.rpc.tls.certPrivateKey=...
nacos.remote.server.rpc.tls.certPrivateKeyPassword=...

原因定位

集群服务间grpc通信client通过ClusterRpcClientProxy创建,在创建RpcClient时RpcClientTlsConfig为null,而此时服务器开启了tls,因此通信时报错。这里Rpc Client是不是应该根据配置传入TlsConfig。
ClusterRpcClientProxy
image
RpcClientFactory
image
@KomachiSion
Copy link
Collaborator

目前仅支持客户端和服务端之间的tls(即9848端口)

@KomachiSion KomachiSion added the kind/feature type/feature label Dec 4, 2023
@stone-98
Copy link
Contributor

stone-98 commented Dec 4, 2023

@i will solve it@

@stone-98
Copy link
Contributor

I've been a bit busy lately, so I'll submit the PR before next week.

stone-98 added a commit to stone-98/nacos that referenced this issue Dec 20, 2023
@stone-98
[ISSUE alibaba#11456]Add RpcClusterClientTlsConfig.java.
c4a030d
stone-98 added a commit to stone-98/nacos that referenced this issue Dec 20, 2023
@stone-98
[ISSUE alibaba#11456]Add cluster rpc tls config.
284c315
stone-98 added a commit to stone-98/nacos that referenced this issue Dec 20, 2023
@stone-98
[ISSUE alibaba#11456]Add RpcClusterClientTlsConfig UT.
7ded5ba
stone-98 added a commit to stone-98/nacos that referenced this issue Dec 23, 2023
@stone-98
[ISSUE alibaba#11456]Add cluster server tls.
57f9d40
stone-98 added a commit to stone-98/nacos that referenced this issue Dec 24, 2023
@stone-98
[ISSUE alibaba#11456]Remove supportCommunicationTypes.
0eb0159
stone-98 added a commit to stone-98/nacos that referenced this issue Dec 24, 2023
@stone-98
[ISSUE alibaba#11456]Fix unit testing and indentation handling
e1a755d
stone-98 added a commit to stone-98/nacos that referenced this issue Dec 24, 2023
@stone-98
[ISSUE alibaba#11456]Indentation handling
2498821
stone-98 added a commit to stone-98/nacos that referenced this issue Dec 24, 2023
@stone-98
[ISSUE alibaba#11456]Fix unit test and rpc constants.
153ad0a
stone-98 added a commit to stone-98/nacos that referenced this issue Dec 24, 2023
@stone-98
[ISSUE alibaba#11456]Fix unit test.
3851794
stone-98 added a commit to stone-98/nacos that referenced this issue Dec 25, 2023
@stone-98
[ISSUE alibaba#11456]Optimize code.
51801ee
stone-98 added a commit to stone-98/nacos that referenced this issue Dec 25, 2023
@stone-98
[ISSUE alibaba#11456]Fix check style.
b189613
stone-98 added a commit to stone-98/nacos that referenced this issue Dec 25, 2023
@stone-98
[ISSUE alibaba#11456]Add unit test.
0e2532b
stone-98 added a commit to stone-98/nacos that referenced this issue Dec 25, 2023
@stone-98
[ISSUE alibaba#11456]Fix check style.
76b48ff
stone-98 added a commit to stone-98/nacos that referenced this issue Dec 25, 2023
@stone-98
[ISSUE alibaba#11456]Update unit test.
898cb40
stone-98 added a commit to stone-98/nacos that referenced this issue Dec 30, 2023
@stone-98
[ISSUE alibaba#11456]Fix unit test.
be40ccd
stone-98 added a commit to stone-98/nacos that referenced this issue Dec 30, 2023
@stone-98
[ISSUE alibaba#11456]Add License.
6ff0122
stone-98 added a commit to stone-98/nacos that referenced this issue Dec 30, 2023
@stone-98
[ISSUE alibaba#11456]Fix unit test.
7329b6c
stone-98 added a commit to stone-98/nacos that referenced this issue Dec 30, 2023
@stone-98
[ISSUE alibaba#11456]Fix unit test.
4a31a7a
stone-98 added a commit to stone-98/nacos that referenced this issue Dec 30, 2023
@stone-98
[ISSUE alibaba#11456]Rename class.
24a43f6
stone-98 added a commit to stone-98/nacos that referenced this issue Jan 7, 2024
@stone-98
[ISSUE alibaba#11456]Optimize code.
911f81e
stone-98 added a commit to stone-98/nacos that referenced this issue Jan 8, 2024
@stone-98
[ISSUE alibaba#11456]Handling indentation issues.
14134c1
stone-98 added a commit to stone-98/nacos that referenced this issue Jan 8, 2024
@stone-98
[ISSUE alibaba#11456]Handling indentation issues.
962ad7d
stone-98 added a commit to stone-98/nacos that referenced this issue Jan 8, 2024
@stone-98
[ISSUE alibaba#11456]Handling indentation issues.
fac7255
stone-98 added a commit to stone-98/nacos that referenced this issue Jan 10, 2024
@stone-98
[ISSUE alibaba#11456]Optimize code.
f26156f
stone-98 added a commit to stone-98/nacos that referenced this issue Jan 10, 2024
@stone-98
[ISSUE alibaba#11456]Fix unit test.
2c74341
stone-98 added a commit to stone-98/nacos that referenced this issue Jan 10, 2024
@stone-98
[ISSUE alibaba#11456]Fix unit testing and compatibility handling.
162abb7
stone-98 added a commit to stone-98/nacos that referenced this issue Jan 22, 2024
@stone-98
[ISSUE alibaba#11456]Support TLS GRPC communication between clusters.
664f9e0
stone-98 added a commit to stone-98/nacos that referenced this issue Jan 22, 2024
@stone-98
[ISSUE alibaba#11456] Fix bugs.
34d63bd
stone-98 added a commit to stone-98/nacos that referenced this issue Jan 24, 2024
@stone-98
[ISSUE alibaba#11456]Fix bugs.
c84a635
stone-98 added a commit to stone-98/nacos that referenced this issue Feb 2, 2024
@stone-98
[ISSUE alibaba#11456]Adjusting parameter names (compatibility conside…
f64503a 
…rations).
stone-98 added a commit to stone-98/nacos that referenced this issue Feb 8, 2024
@stone-98
[ISSUE alibaba#11456]Resolve conflict.
9f02f4e
stone-98 added a commit to stone-98/nacos that referenced this issue Feb 21, 2024
@stone-98
[ISSUE alibaba#11456]Remove ProtocolNegotiatorBuilderManager and abst…
b5971a7 
…ract ProtocolNegotiatorBuilderSingleton.
stone-98 added a commit to stone-98/nacos that referenced this issue Mar 12, 2024
@stone-98
[ISSUE alibaba#11456]Remove CommunicationType.java.
5a0c9d7
stone-98 added a commit to stone-98/nacos that referenced this issue Mar 12, 2024
@stone-98
[ISSUE alibaba#11456]Optimize code.
ae72fbc
stone-98 added a commit to stone-98/nacos that referenced this issue Mar 12, 2024
@stone-98
[ISSUE alibaba#11456]Revert author.
072f350
This was referenced May 15, 2024
Merged
Closed
KomachiSion pushed a commit that referenced this issue May 15, 2024
@stone-98
Support TLS Grpc communication between clusters. (#11549)
5169f06 
* Fix exception code error.(#10925)

* [ISSUE #11456]Add RpcClusterClientTlsConfig.java.

* [ISSUE #11456]Add cluster rpc tls config.

* [ISSUE #11456]Add RpcClusterClientTlsConfig UT.

* [ISSUE #11456]Add cluster server tls.

* [ISSUE #11456]Remove supportCommunicationTypes.

* [ISSUE #11456]Fix unit testing and indentation handling

* [ISSUE #11456]Indentation handling

* [ISSUE #11456]Fix unit test and rpc constants.

* [ISSUE #11456]Fix unit test.

* [ISSUE #11456]Optimize code.

* [ISSUE #11456]Fix check style.

* [ISSUE #11456]Add unit test.

* [ISSUE #11456]Fix check style.

* [ISSUE #11456]Update unit test.

* [ISSUE #11456]Fix unit test.

* [ISSUE #11456]Add License.

* [ISSUE #11456]Fix unit test.

* [ISSUE #11456]Fix unit test.

* [ISSUE #11456]Rename class.

* [ISSUE #11456]Optimize code.

* [ISSUE #11456]Handling indentation issues.

* [ISSUE #11456]Handling indentation issues.

* [ISSUE #11456]Handling indentation issues.

* [ISSUE #11456]Optimize code.

* [ISSUE #11456]Fix unit test.

* [ISSUE #11456]Fix unit testing and compatibility handling.

* [ISSUE #11456]Support TLS GRPC communication between clusters.

* [ISSUE #11456] Fix bugs.

* [ISSUE #11456]Fix bugs.

* [ISSUE #11456]Adjusting parameter names (compatibility considerations).

* [ISSUE #11456]Resolve conflict.

* [ISSUE #11456]Remove ProtocolNegotiatorBuilderManager and abstract ProtocolNegotiatorBuilderSingleton.

* [ISSUE #11456]Remove CommunicationType.java.

* [ISSUE #11456]Optimize code.

* [ISSUE #11456]Revert author.

* Splitting RpcTlsConfigFactory.

* Split RpcConstants.

* Divided RpcTlsConfigFactory, adjusted cluster parameters to "nacos.remote.peer.rpc.tls".

* check style.

* check style.

* unit test.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@stone-98 stone-98

Labels
kind/feature type/feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@HUWEIWEI0105 @stone-98 @KomachiSion