DEVHIDE
Login Or Sign up

Using spring config server with git causing security group issue

1.3k Views Asked by At

I am now trying to set up using spring config server / spring config client and eureka server to do service discovery together. when I was using local file system to save configuration, everything is fine, but as soon as I change to gitHub to save configuration, I can not start spring config client, and I got this error message:

com.netflix.discovery.DiscoveryClient : Can't get a response from http://user:{cipher}AQBdTe9vjgOqANyfi+Ke5HYmhFJnuvsGJ+8FOqLgdMdFInJkVRzy9XngylNp9KlX2lwPI13jT7ceDjBs9w4B6A15akQTHHP1q9rWwMcLtVCCKGFgvXSgQF+WWIItxBmIDGG4bSgDYZ6XQWl66T84PxjTBygErpmAjn+X2BWdtWtVmjXzpMQMaHGpiyLPoGIQYF4j9ZGpl16Jx79+j6et6LStksrT3WxQuanhZwIkqZ827+2mlUB3kd5ocW7R0vC3JMGVZlGNfqYQwJIhSJ19lrq4gxm/zbGroYonW3QSHTiRlhlvOdovEua/0dCl6+s0iEHYZCBllr7jikEWmS5Px7U2TG8/eQkjR8pUbSN6OE+OI2ZZUCNOT+mi75ZeeN1OtdQ=@localhost:8761/eureka/null

Can't contact any eureka nodes - possibly a security group issue?

java.lang.IllegalArgumentException: Illegal character in authority at index 7: http://user:{cipher}AQBdTe9vjgOqANyfi+Ke5HYmhFJnuvsGJ+8FOqLgdMdFInJkVRzy9XngylNp9KlX2lwPI13jT7ceDjBs9w4B6A15akQTHHP1q9rWwMcLtVCCKGFgvXSgQF+WWIItxBmIDGG4bSgDYZ6XQWl66T84PxjTBygErpmAjn+X2BWdtWtVmjXzpMQMaHGpiyLPoGIQYF4j9ZGpl16Jx79+j6et6LStksrT3WxQuanhZwIkqZ827+2mlUB3kd5ocW7R0vC3JMGVZlGNfqYQwJIhSJ19lrq4gxm/zbGroYonW3QSHTiRlhlvOdovEua/0dCl6+s0iEHYZCBllr7jikEWmS5Px7U2TG8/eQkjR8pUbSN6OE+OI2ZZUCNOT+mi75ZeeN1OtdQ=@localhost:8761/eureka/ at java.net.URI.create(URI.java:852)

This is what I have:

  1. In cofig server application.yml:
 spring:
      application:
        name: spirent-config-server
      cloud:
        config:
          server:
            git:
              uri:  https://github.com/spring-cloud-samples/config-repo
              #searchPaths: foo,bar*

    server:
      port: 8888
  1. in config client:

bootstrap.properties:

spring.application.name= foo
spring.profiles.active= development
spring.cloud.config.uri= http://localhost:8888

and application.yml

eureka:
  instance:
    hostname: ${host.instance.name:frank1}
    nonSecurePort: ${host.instance.port:8080}
    metadataMap:
      instanceId: ${host.instance.instanceid:frank_123}
  client:
    serviceUrl:
      defaultZone: http://localhost:8761/eureka/

server:
  port: ${host.instance.port:8080}
  1. Eureka Server:

application.yml

server:
  port: 8761

eureka:
  client:
    registerWithEureka: false
    fetchRegistry: false
  server:
    waitTimeInMsWhenSyncEmpty: 0

bootstrap.yml:

spring:
  application:
    name: eureka
  cloud:
    config:
      uri: ${CONFIG_SERVER_URL:http://localhost:8888}

From the exception, it seemed it is because discoverClient is not working, anything special for the configuration? But if I change from gitHub to local file storage for configuration, everything is fine.

Thanks for your suggestion in advance.

Based on the spring cloud document, I am doing like this:

In application.yml of config server:

spring:
  application:
    name: spirent-config-server
  cloud:
    config:
      server:
        git:
          uri:  https://github.com/spring-cloud-samples/config-repo
          #searchPaths: foo,bar*
encrypt:
  key: abc

server:
  port: 8888

In application.yml of Eureka Server:

server:
  port: 8761

eureka:
  instance:
    hostname: localhost
  client:
    registerWithEureka: false
    fetchRegistry: false
    serviceUrl:
      defaultZone: http://${eureka.instance.hostname}:${server.port}/eureka/

  server:
    waitTimeInMsWhenSyncEmpty: 0

encrypt:
  key: abc

And in application.yml of config client:

eureka:
  instance:
    hostname: ${host.instance.name:frank1}
    nonSecurePort: ${host.instance.port:8080}
    leaseRenewalIntervalInSeconds: 5 #default is 30, recommended to keep default
    metadataMap:
      #instanceId: ${host.instance.instanceid:frank_123}
      instanceId: ${spring.application.name}:${spring.application.instance_id:${random.value}}
  client:
    serviceUrl:
      defaultZone: http://localhost:8761/eureka/

server:
  port: ${host.instance.port:8080}

encrypt:
  key: abc

But, the problem is after I started Eureka an config server, it is fine, no exception, but after I started config client, I got this same exception:

Can't contact any eureka nodes - possibly a security group issue?

java.lang.IllegalArgumentException: Illegal character in authority at index 7: http://user:{cipher}AQBdTe9vjgOqANyfi+Ke5HYmhFJnuvsGJ+8FOqLgdMdFInJkVRzy9XngylNp9KlX2lwPI13jT7ceDjBs9w4B6A15akQTHHP1q9rWwMcLtVCCKGFgvXSgQF+WWIItxBmIDGG4bSgDYZ6XQWl66T84PxjTBygErpmAjn+X2BWdtWtVmjXzpMQMaHGpiyLPoGIQYF4j9ZGpl16Jx79+j6et6LStksrT3WxQuanhZwIkqZ827+2mlUB3kd5ocW7R0vC3JMGVZlGNfqYQwJIhSJ19lrq4gxm/zbGroYonW3QSHTiRlhlvOdovEua/0dCl6+s0iEHYZCBllr7jikEWmS5Px7U2TG8/eQkjR8pUbSN6OE+OI2ZZUCNOT+mi75ZeeN1OtdQ=@localhost:8761/eureka/
    at java.net.URI.create(URI.java:852)
    at com.sun.jersey.api.client.Client.resource(Client.java:433)
    at com.netflix.discovery.DiscoveryClient.makeRemoteCall(DiscoveryClient.java:1091)
    at com.netflix.discovery.DiscoveryClient.makeRemoteCall(DiscoveryClient.java:1060)
    at com.netflix.discovery.DiscoveryClient.getAndStoreFullRegistry(DiscoveryClient.java:835)

Can anyone tell me where is my error? This only happened in using GIT as config server data source, but in local file data source, no error happened.

Thanks

These are my steps to try to resolve the key issues, but failed again:

  1. download the "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files" from Oracle, and follow instructions for installation (essentially replace the 2 policy files in the JRE lib/security directory with the ones that you downloaded).

  2. Now if I run spring encrypt mysecret --key foo, it is successful, this means the JCE is installed correctly;

  3. Creating a Key Store for Testing: using this: https://github.com/spring-cloud/spring-cloud-config/blob/master/docs/src/main/asciidoc/spring-cloud-config.adoc#creating-a-key-store-for-testing

  4. after updating the application.yml in my config server, the application.yml is this:

spring:
  application:
    name: spirent-config-server
  cloud:
    config:
      server:
        git:
          uri:  https://github.com/spring-cloud-samples/config-repo
          #searchPaths: foo,bar*
encrypt:
  keyStore:
    location: classpath:/server.jks
    password: letmein
    alias: abc
    secret: changeme
  key: abc

server:
  port: 8888

  1. adding this to both eureka server and config client application.yml:

    encrypt: key: abc

  2. Run everything: Result is same nasty error

So what is wrong is my testing? Thanks for your help

It is my fault: Changing application.yml to this:

spring:
  application:
    name: configserver
encrypt:
  failOnError: false
  keyStore:
    #location: classpath:keystore.jks
    #password: ${KEYSTORE_PASSWORD:foobar} # don't use a default in production
    #alias: test
    location: classpath:server.jks
    password: letmein
    alias: mytestkey
    secret: changeme

And then using this command to generate the file resolving the issue completely:

keytool -genkeypair -alias mytestkey -keyalg RSA \ -dname "CN=Web Server,OU=Unit,O=Organization,L=City,S=State,C=US" \ -keypass changeme -keystore server.jks -storepass letmein

Thanks

spring-cloud netflix-eureka spring-cloud-connectors
Original Q&A
0

There are 0 best solutions below

Related Questions in SPRING-CLOUD

Related Questions in NETFLIX-EUREKA

Related Questions in SPRING-CLOUD-CONNECTORS

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.