Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

restic operations hang with Backblaze B2 backend #58

Closed
Fysac opened this issue Jan 29, 2022 · 1 comment
Closed

restic operations hang with Backblaze B2 backend #58

Fysac opened this issue Jan 29, 2022 · 1 comment

Comments

@Fysac
Copy link

Fysac commented Jan 29, 2022

Yesterday, I noticed that no backup to B2 had taken place, and I wasn't seeing any output for the backups container in the logs.

After investigating further, I realized the container was stuck at running restic snapshots because the command was hanging indefinitely, with no output. Other commands like restic check hung, too.

I suspect this is a TLS-related issue (system certificates?) because of the following output when I connect to the B2 API using curl:

$ docker exec -i backups /bin/bash -i
bash: cannot set terminal process group (-1): Not a tty
bash: no job control in this shell
bash-5.1# curl -vvv https://api.backblazeb2.com
curl -vvv https://api.backblazeb2.com
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 206.190.215.15:443...
* Connected to api.backblazeb2.com (206.190.215.15) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: none
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [161 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [155 bytes data]
  0     0    0     0    0     0      0      0 --:--:--  0:03:23 --:--:--     0* OpenSSL SSL_connect: Connection reset by peer in connection to api.backblazeb2.com:443
  0     0    0     0    0     0      0      0 --:--:--  0:03:24 --:--:--     0
* Closing connection 0
curl: (35) OpenSSL SSL_connect: Connection reset by peer in connection to api.backblazeb2.com:443

There isn't any custom network configuration for the container, and the request above goes through successfully outside of the container. Requests to other sites (e.g., https://google.com) go through fine within the container.
@Fysac
Copy link
Author

Fysac commented Feb 1, 2022

Never mind, this was a PEBCAK. There was an MTU difference between the wg0 and docker0 interfaces that I resolved using this method: https://web.archive.org/web/20220201233148/https://mlohr.com/docker-mtu/

@Fysac Fysac closed this as completed Feb 1, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Fysac