You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@couchdb.apache.org by Miles Fidelman <mf...@meetinghouse.net> on 2021/10/14 17:03:42 UTC

documentation of couchdb internals?

Hi Folks,

Can anybody point me at a good presentation on the internals of couchdb?

I'm really interested in how couch makes use of erlang's actor model.

I've done a lot of googling, and can't seem to find a "theory of 
operations" or architectural overview.  Perhaps someone here knows of one?

Thanks very much,

Miles Fidelman

-- 
In theory, there is no difference between theory and practice.
In practice, there is.  .... Yogi Berra

Theory is when you know everything but nothing works.
Practice is when everything works but no one knows why.
In our lab, theory and practice are combined:
nothing works and no one knows why.  ... unknown

Re: documentation of couchdb internals?

Posted by Garren Smith <ga...@apache.org>.

Hi Miles,

CouchDB's internals are pretty complex for an example of how the Erlang
actor model works.
CouchDB follows the typical erlang design of using `gen_servers`, ETS and
other parts of OTP manage this all correctly.
So a simple start is to search the code base for `gen_server`. Each
gen_server will have a lot going on internally
as they are often managing multiple processes, file pointers etc. So it
doesn't always make for easy reading.

Other contributors can correct me on this, but I feel the way we use the
core erlang actor model is pretty generic to how
most erlang codebases would work. It's the distributed database management
on top of that which is more complex.

Oh, another thing to look at is the fabric layer. In 3.x this is the layer
that receives a user request and then connects
the nodes that can handle the request.

Cheers
Garren

On Thu, Oct 14, 2021 at 7:03 PM Miles Fidelman <mf...@meetinghouse.net>
wrote:

> Hi Folks,
>
> Can anybody point me at a good presentation on the internals of couchdb?
>
> I'm really interested in how couch makes use of erlang's actor model.
>
> I've done a lot of googling, and can't seem to find a "theory of
> operations" or architectural overview.  Perhaps someone here knows of one?
>
> Thanks very much,
>
> Miles Fidelman
>
> --
> In theory, there is no difference between theory and practice.
> In practice, there is.  .... Yogi Berra
>
> Theory is when you know everything but nothing works.
> Practice is when everything works but no one knows why.
> In our lab, theory and practice are combined:
> nothing works and no one knows why.  ... unknown
>
>

Re: invalid certs

Posted by William Edney <be...@technicalpursuit.com>.

Rick -

Based on this SO question:
https://stackoverflow.com/questions/20082893/unable-to-verify-leaf-signature

setting NODE_TLS_REJECT_UNAUTHORIZED might fix your problem.

If you don't have access to the code, you can set a shell variable and
restart Node:

 export NODE_TLS_REJECT_UNAUTHORIZED=0

CAUTION: This should only be used as a TEMPORARY fix until you can get your
certs updated. It opens you up to attacks.

Cheers,

- Bill

On Mon, Oct 18, 2021 at 3:44 PM Rick Jarvis <ri...@magicmail.mooo.com> wrote:

> Can anyone tell me (urgently lol) how to ignore invalid certificates with
> nano?
>
> My backups haven’t been running and I’m desperate.
>
> I’ll then need to figure out why, despite having updated all the routes
> etc (due to R3 expiry) it’s still not working!
>
> Error: unable to verify the first certificate
>     at TLSSocket.onConnectSecure (node:_tls_wrap:1530:34)
>     at TLSSocket.emit (node:events:390:28)
>     at TLSSocket._finishInit (node:_tls_wrap:944:8)
>     at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:725:12) {
>   scope: 'socket',
>   errid: 'request',
>   code: 'UNABLE_TO_VERIFY_LEAF_SIGNATURE',
>   description: 'unable to verify the first certificate',
>   stacktrace: [
>     'Error: unable to verify the first certificate',
>     '    at TLSSocket.onConnectSecure (node:_tls_wrap:1530:34)',
>     '    at TLSSocket.emit (node:events:390:28)',
>     '    at TLSSocket._finishInit (node:_tls_wrap:944:8)',
>     '    at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:725:12)'
>   ]
> }
>
> --
> Rick Jarvis

Re: invalid certs

Posted by Rick Jarvis <ri...@magicmail.mooo.com>.

Thanks Bill that’s a great help, has worked for all but one of them for some reason. The final one errors with:

session_request_unauthorized

-- 
Rick Jarvis

On 18 October 2021 at 23:35:06, William Edney (bedney@technicalpursuit.com) wrote:

Rick -  

Based on this SO question:  
https://stackoverflow.com/questions/20082893/unable-to-verify-leaf-signature  

setting NODE_TLS_REJECT_UNAUTHORIZED might fix your problem.  

If you don't have access to the code, you can set a shell variable and  
restart Node:  

export NODE_TLS_REJECT_UNAUTHORIZED=0  

CAUTION: This should only be used as a TEMPORARY fix until you can get your  
certs updated. It opens you up to attacks.  

Cheers,  

- Bill  

On Mon, Oct 18, 2021 at 3:44 PM Rick Jarvis <ri...@magicmail.mooo.com> wrote:  

> Can anyone tell me (urgently lol) how to ignore invalid certificates with  
> nano?  
>  
> My backups haven’t been running and I’m desperate.  
>  
> I’ll then need to figure out why, despite having updated all the routes  
> etc (due to R3 expiry) it’s still not working!  
>  
> Error: unable to verify the first certificate  
> at TLSSocket.onConnectSecure (node:_tls_wrap:1530:34)  
> at TLSSocket.emit (node:events:390:28)  
> at TLSSocket._finishInit (node:_tls_wrap:944:8)  
> at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:725:12) {  
> scope: 'socket',  
> errid: 'request',  
> code: 'UNABLE_TO_VERIFY_LEAF_SIGNATURE',  
> description: 'unable to verify the first certificate',  
> stacktrace: [  
> 'Error: unable to verify the first certificate',  
> ' at TLSSocket.onConnectSecure (node:_tls_wrap:1530:34)',  
> ' at TLSSocket.emit (node:events:390:28)',  
> ' at TLSSocket._finishInit (node:_tls_wrap:944:8)',  
> ' at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:725:12)'  
> ]  
> }  
>  
> --  
> Rick Jarvis

Re: invalid certs

Posted by Rick Jarvis <ri...@magicmail.mooo.com>.

Oh ignore me, it’s late, that’s a simple auth issue, I’ve been trying old config files! I need bed…

Just need to work out why it’s not picking up the new ca now...

-- 
Rick Jarvis

On 19 October 2021 at 00:08:55, Rick Jarvis (rick@magicmail.mooo.com) wrote:

Thanks Bill that’s a great help, has worked for all but one of them for some reason. The final one errors with:  

session_request_unauthorized  

--   
Rick Jarvis  

On 18 October 2021 at 23:35:06, William Edney (bedney@technicalpursuit.com) wrote:  

Rick -  

Based on this SO question:  
https://stackoverflow.com/questions/20082893/unable-to-verify-leaf-signature  

setting NODE_TLS_REJECT_UNAUTHORIZED might fix your problem.  

If you don't have access to the code, you can set a shell variable and  
restart Node:  

export NODE_TLS_REJECT_UNAUTHORIZED=0  

CAUTION: This should only be used as a TEMPORARY fix until you can get your  
certs updated. It opens you up to attacks.  

Cheers,  

- Bill  

On Mon, Oct 18, 2021 at 3:44 PM Rick Jarvis <ri...@magicmail.mooo.com> wrote:  

> Can anyone tell me (urgently lol) how to ignore invalid certificates with  
> nano?  
>  
> My backups haven’t been running and I’m desperate.  
>  
> I’ll then need to figure out why, despite having updated all the routes  
> etc (due to R3 expiry) it’s still not working!  
>  
> Error: unable to verify the first certificate  
> at TLSSocket.onConnectSecure (node:_tls_wrap:1530:34)  
> at TLSSocket.emit (node:events:390:28)  
> at TLSSocket._finishInit (node:_tls_wrap:944:8)  
> at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:725:12) {  
> scope: 'socket',  
> errid: 'request',  
> code: 'UNABLE_TO_VERIFY_LEAF_SIGNATURE',  
> description: 'unable to verify the first certificate',  
> stacktrace: [  
> 'Error: unable to verify the first certificate',  
> ' at TLSSocket.onConnectSecure (node:_tls_wrap:1530:34)',  
> ' at TLSSocket.emit (node:events:390:28)',  
> ' at TLSSocket._finishInit (node:_tls_wrap:944:8)',  
> ' at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:725:12)'  
> ]  
> }  
>  
> --  
> Rick Jarvis

invalid certs

Posted by Rick Jarvis <ri...@magicmail.mooo.com>.

Can anyone tell me (urgently lol) how to ignore invalid certificates with nano?

My backups haven’t been running and I’m desperate.

I’ll then need to figure out why, despite having updated all the routes etc (due to R3 expiry) it’s still not working!

Error: unable to verify the first certificate
    at TLSSocket.onConnectSecure (node:_tls_wrap:1530:34)
    at TLSSocket.emit (node:events:390:28)
    at TLSSocket._finishInit (node:_tls_wrap:944:8)
    at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:725:12) {
  scope: 'socket',
  errid: 'request',
  code: 'UNABLE_TO_VERIFY_LEAF_SIGNATURE',
  description: 'unable to verify the first certificate',
  stacktrace: [
    'Error: unable to verify the first certificate',
    '    at TLSSocket.onConnectSecure (node:_tls_wrap:1530:34)',
    '    at TLSSocket.emit (node:events:390:28)',
    '    at TLSSocket._finishInit (node:_tls_wrap:944:8)',
    '    at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:725:12)'
  ]
}

-- 
Rick Jarvis