Backup cassandra data to a s3 device which is ssl enabled #1568
Labels
enhancement
New feature or request
Comments
|
You need to provide the certificates that Medusa will use and provide a link to the file through an env variable. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
Whenever I tried to connect to a s3 storage which is ssl configured,the Medusa container is going into a crashloopbackoff state.
Describe the solution you'd like
Adding a patch which gives secure connection using ssl
**********************************************************#
k8ssandracluster.yaml
*********************************************************#
medusa:
storageProperties:
# Can be either of local, google_storage, azure_blobs, s3, s3_compatible, s3_rgw or ibm_storage
storageProvider: s3_compatible
# Name of the secret containing the credentials file to access the backup storage backend
storageSecretRef:
name: medusa-bucket-key
# Name of the storage bucket
bucketName: cassandra_medusa
# Prefix for this cluster in the storage bucket directory structure, used for multitenancy
prefix: test
# Host to connect to the storage backend (Omitted for GCS, S3, Azure and local).
host: xxxxxxxxxx
# Port to connect to the storage backend (Omitted for GCS, S3, Azure and local).
port: 9021
# Region of the storage bucket
# region: us-east-1
################################################################
medusa container logs:
################################################################
[2023-01-25 06:36:21,298] INFO: Found credentials in shared credentials file: /etc/medusa-secrets/credentials
DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): xxxxxxxxx:9021
[2023-01-25 06:36:21,304] DEBUG: Starting new HTTPS connection (1): xxxxxxxxx:9021
Traceback (most recent call last):
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/contrib/pyopenssl.py", line 488, in wrap_socket
cnx.do_handshake()
File "/home/cassandra/.local/lib/python3.6/site-packages/OpenSSL/SSL.py", line 1991, in do_handshake
self._raise_ssl_error(self._ssl, result)
File "/home/cassandra/.local/lib/python3.6/site-packages/OpenSSL/SSL.py", line 1700, in _raise_ssl_error
_raise_current_error()
File "/home/cassandra/.local/lib/python3.6/site-packages/OpenSSL/_util.py", line 55, in exception_from_error_queue
raise exception_type(errors)
OpenSSL.SSL.Error: [('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')]
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 677, in urlopen
chunked=chunked,
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 381, in _make_request
self._validate_conn(conn)
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 978, in validate_conn
conn.connect()
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/connection.py", line 371, in connect
ssl_context=context,
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/util/ssl.py", line 386, in ssl_wrap_socket
return context.wrap_socket(sock, server_hostname=server_hostname)
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/contrib/pyopenssl.py", line 494, in wrap_socket
raise ssl.SSLError("bad handshake: %r" % e)
ssl.SSLError: ("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/cassandra/.local/lib/python3.6/site-packages/requests/adapters.py", line 449, in send
timeout=timeout
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/connectionpool.py", line 727, in urlopen
method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2]
File "/home/cassandra/.local/lib/python3.6/site-packages/urllib3/util/retry.py", line 446, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='xxxxxxxxx', port=9021): Max retries exceeded with url: /cassandra_medusa (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.6/runpy.py", line 193, in _run_module_as_main
"main", mod_spec)
File "/usr/lib/python3.6/runpy.py", line 85, in _run_code
exec(code, run_globals)
File "/home/cassandra/medusa/service/grpc/server.py", line 349, in
server.serve()
File "/home/cassandra/medusa/service/grpc/server.py", line 65, in serve
medusa_pb2_grpc.add_MedusaServicer_to_server(MedusaService(config), self.grpc_server)
File "/home/cassandra/medusa/service/grpc/server.py", line 104, in init
self.storage = Storage(config=self.config.storage)
File "/home/cassandra/medusa/storage/init.py", line 75, in init
self.storage_driver = self._connect_storage()
File "/home/cassandra/medusa/storage/init.py", line 93, in _connect_storage
s3_storage = S3BaseStorage(self._config)
File "/home/cassandra/medusa/storage/s3_base_storage.py", line 67, in init
super().init(config)
File "/home/cassandra/medusa/storage/abstract_storage.py", line 40, in init
self.bucket = self.driver.get_container(container_name=config.bucket_name)
File "/home/cassandra/.local/lib/python3.6/site-packages/libcloud/storage/drivers/s3.py", line 357, in get_container
method='HEAD')
File "/home/cassandra/.local/lib/python3.6/site-packages/libcloud/common/base.py", line 623, in request
headers=headers, stream=stream)
File "/home/cassandra/.local/lib/python3.6/site-packages/libcloud/http.py", line 232, in request
verify=self.verification
File "/home/cassandra/.local/lib/python3.6/site-packages/requests/sessions.py", line 533, in request
resp = self.send(prep, **send_kwargs)
File "/home/cassandra/.local/lib/python3.6/site-packages/requests/sessions.py", line 646, in send
r = adapter.send(request, **kwargs)
File "/home/cassandra/.local/lib/python3.6/site-packages/requests/adapters.py", line 514, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='xxxxxxxxx', port=9021): Max retries exceeded with url: /cassandra_medusa (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls_process_server_certificate', 'certificate verify failed')],)",),))
The text was updated successfully, but these errors were encountered: