You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Thanos, Prometheus and Golang version used:
Thanos - 0.26.0,0.27.0 and 0.28.1
Object Storage Provider:
azure container storage
What happened:
In my setup I am using azure cache for redis with 6380 (TLS 1.2). When store is trying to connect to azure cache over 6380, store errors out with connection reset by peer mostly. Whereas it works like a charm on 6379 port when tls is disabled. During investigation we found out that , messages are in plain text instead of being encrypted and because of that azure redis is sending reset signal to close down the connection.
What you expected to happen:
Store should connect to azure redis cache over 6380 with tls 1.2 enabled
How to reproduce it (as minimally and precisely as possible):
Get store configured with azure cache redis over non sls port with tls 1.2 on.
Full logs to relevant components:
thanos-store-out1m-0 thanos-store-out1m {"caller":"redis_client.go:236","err":"read: connection reset by peer","items":0,"level":"warn","msg":"failed to mget items from redis","ts":"2022-10-20T22:56:51.626987079Z"}
Anything else we need to know:
Store configuration:
Input:
I tried to get tcpdump from thanos store, I observed that message is not encrypted, it is a plain text sending to remote azure redis cache instance, remote instance is expecting to receive it in encrypted so redis is closing down connection. If you observe thanos store is sending plain text redis key to auth Please take a look at ss
Thanos, Prometheus and Golang version used:
Thanos - 0.26.0,0.27.0 and 0.28.1
Object Storage Provider:
azure container storage
What happened:
In my setup I am using azure cache for redis with 6380 (TLS 1.2). When store is trying to connect to azure cache over 6380, store errors out with
connection reset by peer
mostly. Whereas it works like a charm on 6379 port when tls is disabled. During investigation we found out that , messages are in plain text instead of being encrypted and because of that azure redis is sending reset signal to close down the connection.What you expected to happen:
Store should connect to azure redis cache over 6380 with tls 1.2 enabled
How to reproduce it (as minimally and precisely as possible):
Get store configured with azure cache redis over non sls port with tls 1.2 on.
Full logs to relevant components:
Anything else we need to know:
Store configuration:
The text was updated successfully, but these errors were encountered: