Uploaded image for project: 'Spring XD'
  1. Spring XD
  2. XD-3704

Gemfire modules fail to deploy when SSL enabled

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: In Progress
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 1.2.1
    • Fix Version/s: None
    • Component/s: Stream Module
    • Labels:
      None
    • Story Points:
      8
    • Rank (Obsolete):
      9223372036854775807

      Description

      See the attatched log (xd.out) showing :
      {{
      Caused by: java.lang.IllegalStateException: A connection to a distributed system already exists in this VM. It has the following configuration:
      ack-severe-alert-threshold="0"
      ack-wait-threshold="15"
      archive-disk-space-limit="0"
      archive-file-size-limit="0"
      async-distribution-timeout="0"
      async-max-queue-size="8"
      async-queue-timeout="60000"
      bind-address=""
      cache-xml-file="cache.xml"
      cluster-ssl-ciphers="any"
      cluster-ssl-enabled="true"
      cluster-ssl-keystore="/Users/dturanski/trusted.keystore"
      cluster-ssl-keystore-password="password"
      cluster-ssl-keystore-type="jks"
      cluster-ssl-protocols="any"
      cluster-ssl-require-authentication="true"
      cluster-ssl-truststore="/Users/dturanski/trusted.keystore"
      cluster-ssl-truststore-password="password"
      ...
      }}

      Steps to reproduce:

      Refer to: http://gemfire.docs.pivotal.io/latest/managing/security/ssl_example.html

      1) Install the the attached keystore
      2) Install attached gemfire.properties in $XD_INSTALL/xd/config
      3) Install a copy of gemfire.properties in the server path, e.g., if using the gemfire server app installed with the distribution, $XD_INSTALL/gemfire, and run bin/gemfire
      4) Start the gemfire server
      5) Start xd singlenode
      6) Start the shell and deploy a stream using a gemfire module (this was reported with gemfire-json-server sink, but in theory it will affect any since it occurs during client cache creation).

      Note: I verified this SSL configuration works with a simple SDG client against the XD server. (Use SDG 1.6.2, and gemfire 8.0.0). Also, the gemfire-json-server example in the XD reference works as expected without the SSL configuration.

      This may to be related to the module using a its own class loader. `java.lang.IllegalStateException: A connection to a distributed system already exists in this VM` happens because there are 2 instances of DistributedSystem created (one for each class loader?). This happens even when all the module jars are moved to xd/lib to force all gemfire classes to be loaded in the parent class loader.

        Attachments

        1. gemfire.properties
          0.3 kB
        2. StreamDeployedNoSSL.png
          StreamDeployedNoSSL.png
          84 kB
        3. StreamDeployedWithSSL.png
          StreamDeployedWithSSL.png
          125 kB
        4. trusted.keystore
          1 kB
        5. xd.out
          126 kB

          Activity

            People

            Assignee:
            Unassigned
            Reporter:
            dturanski David Turanski
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated: