These are chat archives for fanout/pushpin

27th
Jun 2017
Daniel Baskaran
@danielpradeep
Jun 27 2017 08:20
Hi @all
I have been trying to setup SSL certificate in Pushpin, but haven’t had success
I then checked the version I have, it seems like its 1.6.0-dev, bit older
And the document at Github has verion 1.15.0-dev
Will this version change has anything to do with the SSL installation procedure?
FYI, I have a bundle certificate purchased from GoDaddy
Any help would be appreciated!
Justin Karneges
@jkarneges
Jun 27 2017 16:57
@danielpradeep I think the setup is the same. what is the problem? did you split the godaddy cert into the two files?
Daniel Baskaran
@danielpradeep
Jun 27 2017 17:07
@jkarneges The files are already text based PEM files and I downloaded a bundle that does not have the root certificate and used a private key for .key file
The file names were default_443.crt and default_443.key, but the port used was 4443
Justin Karneges
@jkarneges
Jun 27 2017 17:08
what happens if you make the number in the file names match the port?
Daniel Baskaran
@danielpradeep
Jun 27 2017 17:08
I will try that…
Tried that, but still it isn’t picking up the certs
Justin Karneges
@jkarneges
Jun 27 2017 17:14
what does error_4443.log say?
Daniel Baskaran
@danielpradeep
Jun 27 2017 17:17
I think this will help, here is the log for 443
Tue, 27 Jun 2017 08:14:39 GMT [INFO] (src/server.c:450) Starting 0MQ with 1 threads.
Tue, 27 Jun 2017 08:14:39 GMT [INFO] (src/request.c:58) MAX limits.header_count=1280
Tue, 27 Jun 2017 08:14:39 GMT [INFO] (src/connection.c:1176) MAX limits.content_length=20480, limits.buffer_size=4096, limits.connection_stack_size=32768, limits.client_read_retries=5
Tue, 27 Jun 2017 08:14:39 GMT [INFO] (src/connection.c:1182) MAX limits.proxy_read_retries=100, limits.proxy_read_retry_warn=10
Tue, 27 Jun 2017 08:14:39 GMT [INFO] (src/task/fd.c:153) MAX limits.fdtask_stack=102400
Tue, 27 Jun 2017 08:14:39 GMT [INFO] (src/handler.c:274) MAX allowing limits.handler_targets=128
Tue, 27 Jun 2017 08:14:39 GMT [INFO] (src/handler.c:360) Binding handler PUSH socket ipc://runner/run/pushpin-m2-out-443 with identity: pushpin-m2-443
Tue, 27 Jun 2017 08:14:39 GMT [INFO] (src/handler.c:386) Binding listener SUB socket ipc://runner/run/pushpin-m2-in-443 subscribed to: pushpin-m2-443 
Tue, 27 Jun 2017 08:14:39 GMT [INFO] (src/control.c:437) Setting up control socket in at ipc://runner/run/pushpin-m2-control-443
Tue, 27 Jun 2017 08:14:39 GMT [INFO] (src/mongrel2.c:301) -- Mongrel2/1.9.2 Running. Copyright (C) Zed A. Shaw. Licensed BSD.
Justin Karneges
@jkarneges
Jun 27 2017 17:19
don't see an error. does pushpin appear to be running?
Daniel Baskaran
@danielpradeep
Jun 27 2017 17:20
I think so, but the https endpoint does not get through
The routes has * localhost:9000
So, that shouldn’t be a problem, right?
Justin Karneges
@jkarneges
Jun 27 2017 17:21
what is the output of running pushpin? it will say the various processes it is starting
Daniel Baskaran
@danielpradeep
Jun 27 2017 17:21
Here is it
starting...
starting mongrel2 (http:80)
starting mongrel2 (https:443)
starting m2adapter
starting zurl
starting pushpin-proxy
starting pushpin-handler
started
Traceback (most recent call last):
  File "./pushpin", line 60, in <module>
    runner.run(exedir, config_file, verbose)
  File "/pushpin/runner/runner.py", line 113, in run
    p.wait()
  File "/pushpin/runner/processmanager.py", line 90, in wait
    p.check()
  File "/pushpin/runner/processmanager.py", line 41, in check
    raise RuntimeError("process exited unexpectedly: %s" % self.name)
RuntimeError: process exited unexpectedly: mongrel2 (http:80)
However, the port 80 based endpoints seem to work
Justin Karneges
@jkarneges
Jun 27 2017 17:23
that doesn't look good
Daniel Baskaran
@danielpradeep
Jun 27 2017 17:23
Yes…
I also have another question apart from this
Justin Karneges
@jkarneges
Jun 27 2017 17:24
if mongrel2 port 80 exited, I don't see how requests to port 80 would work. are you sure you're not serving your endpoints with something else on that port?
Daniel Baskaran
@danielpradeep
Jun 27 2017 17:24
AWS offers Application Load Balancer in addition to Classic Load Balancer
Yes, I am sure. All the responses are routed from the workers
Justin Karneges
@jkarneges
Jun 27 2017 17:26
you make a request to port 80 and you see it logged in pushpin-proxy.log?
Daniel Baskaran
@danielpradeep
Jun 27 2017 17:28
I think so
[INFO] 2017-06-27 13:21:13.499 IN id=pushpin-m2-80_29_0, OPTIONS http://xxxxxx.net/xxxxxxx
[INFO] 2017-06-27 13:21:14.649 IN id=pushpin-m2-80_29_1, GET http://xxxxxx.net/xxxxxxx
Justin Karneges
@jkarneges
Jun 27 2017 17:28
wow that's crazy
Daniel Baskaran
@danielpradeep
Jun 27 2017 17:29
Perhaps there’s confusion between the ports
I mean there are lot of workers and apache containers running in the same box
Justin Karneges
@jkarneges
Jun 27 2017 17:29
what does error_80.log say?
Daniel Baskaran
@danielpradeep
Jun 27 2017 17:29
And I am in the process of tearing down this server and setup Load Balancer to evaluate it with WebSockets
There are no errors today in there… after enabling the SSL
in error_80
Justin Karneges
@jkarneges
Jun 27 2017 17:34
how many mongrel2 processes are running?
Daniel Baskaran
@danielpradeep
Jun 27 2017 17:34
Can I get the latest version of Pushpin while I resetup the server? will there be a lot of testing required?
Justin Karneges
@jkarneges
Jun 27 2017 17:36
sure. I recommend upgrading if you can. the config is backwards compatible so it should just work
Daniel Baskaran
@danielpradeep
Jun 27 2017 17:36
Ok… I used a Dockerfile to setup this instance, do we have a Dockerfile for the latest version?
Daniel Baskaran
@danielpradeep
Jun 27 2017 17:37
Ok, great.
Have you tried using AWS Load Balancer with Pushpin?
The new documentation says that now it support WebSockets too
Justin Karneges
@jkarneges
Jun 27 2017 17:39
I've not, except maybe CLB a long time ago. try it and let us know :)
Daniel Baskaran
@danielpradeep
Jun 27 2017 17:40
Sure…
Could this setup work with WebSockets?
Apache in Host Machine ----> Pushpin & Apache in Docker (that handles all the requests)
All the requests for the API proxies from the host apache to pushin and handed over to the workers from there
Justin Karneges
@jkarneges
Jun 27 2017 17:42
historically, Apache has not been efficient at handling lots of concurrent connections. so having Apache in front proxying WebSocket connections is a possible concern
Daniel Baskaran
@danielpradeep
Jun 27 2017 17:43
Oh ok…
Justin Karneges
@jkarneges
Jun 27 2017 17:43
this could be a solved problem by now though, now that Apache has an event driven engine. so maybe it's fine but you should research some
(and make sure you use mpm_event or whatever)
Daniel Baskaran
@danielpradeep
Jun 27 2017 17:44
Ok… thanks for the insights.
I will come back with more questions and results, thanks @jkarneges!
Justin Karneges
@jkarneges
Jun 27 2017 17:45
sure thing, good luck!
Daniel Baskaran
@danielpradeep
Jun 27 2017 20:15
Hi @jkarneges I have an issue with the latest Dockerfile
The following packages have unmet dependencies:                                                                                         
   pushpin : Depends: zurl (>= 1.3.0-2) but it is not going to be installed
Justin Karneges
@jkarneges
Jun 27 2017 21:33
weird. try apt-get install zurl ?