You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@couchdb.apache.org by GitBox <gi...@apache.org> on 2020/05/07 15:50:19 UTC
[GitHub] [couchdb] natcohen opened a new issue #2876: Can't replicate between single node and cluster
natcohen opened a new issue #2876:
URL: https://github.com/apache/couchdb/issues/2876
[NOTE]: # ( ^^ Provide a general summary of the issue in the title above. ^^ )
## Description
[NOTE]: # ( Describe the problem you're encountering. )
[TIP]: # ( Do NOT give us access or passwords to your actual CouchDB! )
I have two systems in two different platforms.
One is a single node with an nginx reverse proxy (configured like [in the doc](https://docs.couchdb.org/en/master/best-practices/reverse-proxies.html#reverse-proxying-with-nginx)). The other one is a cluster configured with the [helm chart](https://github.com/apache/couchdb-helm) and deployed using the following command:
``` .sh
helm install mycouch \
--namespace couchdb \
--set clusterSize=3 \
--set ingress.enabled=true \
--set ingress.hosts={db-cluster.address.com} \
--set ingress.tls[0].hosts[0]=db-cluster.address.com \
--set ingress.tls[0].secretName=db-cluster-address-com-tls \
--set ingress.annotations.'kubernetes\.io/ingress\.class'=nginx \
--set ingress.annotations.'cert-manager\.io/issuer'=couchdb-issuer \
--set ingress.annotations.'nginx\.ingress\.kubernetes\.io/ssl-redirect'=true \
--set image.tag=latest \
--set enableSearch=true \
--set searchImage.tag=latest \
--set persistentVolume.enabled=true \
--set persistentVolume.size=20Gi \
--set couchdbConfig.cors.credentials=true \
--set 'couchdbConfig.cors.headers=accept\,authorization\,content-type\,origin\,referer' \
--set 'couchdbConfig.cors.methods=GET\,PUT\,POST\,HEAD\,DELETE' \
--set couchdbConfig.cors.origins=* \
--set couchdbConfig.couch_httpd_auth.cookie_domain=address.com \
--set couchdbConfig.couch_httpd_auth.iterations=1000 \
--set couchdbConfig.couch_httpd_auth.timeout=604800 \
--set couchdbConfig.couchdb.uuid=$(curl https://www.uuidgenerator.net/api/version4 2>/dev/null | tr -d -) \
couchdb/couchdb
```
Beside that, both systems have the same config (custom cookie_domain and CORS enabled).
I can login on both servers and they both pass the installation verifications.
When I create a replicate document to replicate a database from the single to the cluster, it fails.
``` json
{
"_id": "c55b80f9dd127b0711e37dd478000d32",
"_rev": "1-11b18d016aa27056c381ec4f8f6dcf0f",
"user_ctx": {
"name": "admin",
"roles": [
"_admin",
"_reader",
"_writer"
]
},
"source": {
"url": "https://db-single.address.com/mydb",
"headers": {
"Authorization": "Basic AUTH_TOKEN"
}
},
"target": {
"url": "https://db-cluster.address.com/mydb",
"headers": {
"Authorization": "Basic AUTH_TOKEN"
}
},
"create_target": false,
"continuous": false,
"owner": "admin"
}
```
I tried replicate from both servers (local to remote & remote to local) and they both fail with "The replication job will be tried at increasing intervals"
## Steps to Reproduce
[NOTE]: # ( Include commands to reproduce, if possible. curl is preferred. )
Set up the two systems (one single, one cluster) and try to replicate.
## Expected Behaviour
[NOTE]: # ( Tell us what you expected to happen. )
Replicate without error
## Your Environment
[TIP]: # ( Include as many relevant details about your environment as possible. )
[TIP]: # ( You can paste the output of curl http://YOUR-COUCHDB:5984/ here. )
* CouchDB version used: 3.1.0
* Browser name and version: Chrome
* Operating system and version: ContainerOS (cluster) and Centos 8 (single)
## Additional Context
[TIP]: # ( Add any other context about the problem here. )
I don't know if it has anything to do with the fact that it's between a cluster and a single node...Also, beside following the instructions to deploy the helm chart (as shown above), I didn't do anything with the nginx-controller. There was no additional instructions.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [couchdb] borigas commented on issue #2876: Can't replicate between single node and cluster
Posted by GitBox <gi...@apache.org>.
borigas commented on issue #2876:
URL: https://github.com/apache/couchdb/issues/2876#issuecomment-639644504
Thanks @natcohen. `ssl-redirect` turned out to be a red herring. My issue was inconsistent password salts in the cluster in combination with cookie auth.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [couchdb] wohali commented on issue #2876: Can't replicate between single node and cluster
Posted by GitBox <gi...@apache.org>.
wohali commented on issue #2876:
URL: https://github.com/apache/couchdb/issues/2876#issuecomment-625353203
Hi there @natcohen ,
This is not a CouchDB bug - it's definitely a setup problem. If CouchDB didn't replicate between a single node and a cluster, we'd fail our regression testing.
If you are looking for general support with using CouchDB, please try one of these other options:
* The user mailing list. Signup instructions are [here](http://couchdb.apache.org/#mailing-lists)
* The Slack/IRC chat room. Joining instructions are [here](http://couchdb.apache.org/#chat)
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [couchdb] natcohen commented on issue #2876: Can't replicate between single node and cluster
Posted by GitBox <gi...@apache.org>.
natcohen commented on issue #2876:
URL: https://github.com/apache/couchdb/issues/2876#issuecomment-637371545
@borigas My DNS is Cloudflare and I was using Cloudflare's proxy. Deactivating the proxy in the DNS solved my issue... hope that helps
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [couchdb] borigas commented on issue #2876: Can't replicate between single node and cluster
Posted by GitBox <gi...@apache.org>.
borigas commented on issue #2876:
URL: https://github.com/apache/couchdb/issues/2876#issuecomment-637191920
@natcohen did you figure out what the issue was? I think I'm hitting something similar. When `nginx.ingress.kubernetes.io/ssl-redirect: true`, replication fails with `unauthorized: unauthorized to access or create database https://[db]`. Setting to `false` stops the problem even though I'm still using ssl, just not forcing a redirect to ssl.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org