These are chat archives for spring-cloud/spring-cloud

30th
Oct 2017
orenw1
@orenw1
Oct 30 2017 05:29
@dsyer thanks!
Tommy Ludwig
@shakuzen
Oct 30 2017 05:48

I’m trying out the latest Finchley snapshots of Spring Cloud Config, and I’m trying to setup basic auth. The documentation mentions the following:

The default is a username of "user" and a randomly generated password, which isn’t going to be very useful in practice, so we recommend you configure the password (via security.user.password) and encrypt it (see below for instructions on how to do that).

It suggests to encrypt it, but I’m not seeing an encrypted property decrypted for the config server itself.
That is, the property is still {cipher}… when a property of a ConfigurationProperties class or just when injected via @Value
Dave Syer
@dsyer
Oct 30 2017 07:05
Is it in a local config file or in a git repo?
The former should work OOTB as long as you have the encryption keys configured
The latter would probably require spring.cloud.config.server.bootstrap=true
Dave Syer
@dsyer
Oct 30 2017 07:25
@sushant91265_twitter is that sample repo private?
Tommy Ludwig
@shakuzen
Oct 30 2017 07:53
@dsyer I’m trying to make a minimal project that reproduces the issue, but I can’t even get the config server endpoints to register in a newly generated project using Spring Boot 2.0.0.M5 and Finchley snapshots with the spring-cloud-config-server dependency.
Dave Syer
@dsyer
Oct 30 2017 07:58
That’s odd
Unless master of cloud config has already moved past boot 2.0.0.M5 (which is possible)
Tommy Ludwig
@shakuzen
Oct 30 2017 07:59
I’ll try with boot snapshots
Dave Syer
@dsyer
Oct 30 2017 08:01
What’s the symptom of not registering?
Tommy Ludwig
@shakuzen
Oct 30 2017 08:02
Oh… I just forgot the @EnableConfigServer *sigh*
tankdeper
@tankdeper
Oct 30 2017 08:04
does anyone know how to get free HTTPS certs?
Tommy Ludwig
@shakuzen
Oct 30 2017 08:05
@tankdeper that’s not related to Spring Cloud, but: https://letsencrypt.org/
tankdeper
@tankdeper
Oct 30 2017 08:06
@shakuzen ok, thanks. I want to get https certs for my clusters
Tommy Ludwig
@shakuzen
Oct 30 2017 08:30
@dsyer I made a repro project for the config server’s properties not getting decrypted, in case you have a chance to take a look at it. if not, shall I open an issue? https://github.com/shakuzen/demo-config-server-encrypt

To answer your previous question:

Is it in a local config file or in a git repo?

Local config file

Dave Syer
@dsyer
Oct 30 2017 08:55
Seems to work with Boot 1.5.8 and Dalston.
So I guess it's a bug.
It's nothing to do with the config srever though
These are spring-cloud-commons features
Sushant Borse
@sushant91265_twitter
Oct 30 2017 09:02
@dsyer no, the sample repo is not private
Other people might be interested.
Or be able to help if I'm not around.
I can't see anything wrong with the code. So I expect you have some infrastructure issues.
Hard to say really without a way to reproduce the problem
Tommy Ludwig
@shakuzen
Oct 30 2017 09:37
I opened up spring-cloud/spring-cloud-commons#269 for my issue
Sushant Borse
@sushant91265_twitter
Oct 30 2017 09:39
@dsyer ok but still what can be possibilities for this exception 'Root name 'timestamp' does not match expected ('instance') for type [simple type, class com.netflix.appinfo.InstanceInfo]' ?
Dave Syer
@dsyer
Oct 30 2017 09:46
You are seeing an error response from the eureka server
You might be able to tell from the server what that is (e.g. from logs or /trace endpoint)
It looks like a Spring Boot error response.
If there are any proxies or anything in between the client and the server, they might also have logs (or be monkeying with the traffic)
Sushant Borse
@sushant91265_twitter
Oct 30 2017 11:06
thanks
Mark Corkery
@KramKroc
Oct 30 2017 11:32
Hi folks, using spring sleuth with Spring Cloud and using basic zip http push. I’ve set up zipkin server as eureka discoverable service and each service has spring.zipkin.baseUrl defined for that eureka service name. However I see in the logs that it’s not resolving the name:
2017-10-30T11:09:38,538 traceId= spanId= [plication/x-thrift})] WARN  z.r.AsyncReporter$BoundedAsyncReporter : Dropped 1 spans due to UnknownHostException(zipkin-server)
java.net.UnknownHostException: zipkin-server
Camden.SR6 btw
Does eureka resolution only work in Edgeware?
Dave Syer
@dsyer
Oct 30 2017 11:47
Edgware
Mark Corkery
@KramKroc
Oct 30 2017 11:47
Cheers @dsyer
Dave Syer
@dsyer
Oct 30 2017 11:47
I don't know when that feature was added
Mark Corkery
@KramKroc
Oct 30 2017 11:48
Last night? :D
Dave Syer
@dsyer
Oct 30 2017 11:48
If you know when it was added, you know what branch it is in.
master is Edgware
Mark Corkery
@KramKroc
Oct 30 2017 11:48
It was a jokey guess
But yes, it’s in master
Mark Corkery
@KramKroc
Oct 30 2017 11:49
Thanks!
bakomchik
@bakomchik
Oct 30 2017 11:58

Hi folks, i noticed that my eureka instances frequently is in Self-preservation mode.
i found in sources that numberOfRenewsPerMinThreshold decreased only via REST-API

com.netflix.eureka.registry.PeerAwareInstanceRegistryImpl#cancel

but when lease expired decreasing not occurrs

so , numberOfRenewsPerMinThreshold does not correlate with real instance count and expectedNumberOfRenewsPerMin
in my case instances often does not unregister properly(sigterm)
and condititon at com.netflix.eureka.registry.PeerAwareInstanceRegistryImpl#updateRenewalThreshold

if ((count * 2) > (serverConfig.getRenewalPercentThreshold() * numberOfRenewsPerMinThreshold)

never evaluates to true and numberOfRenewsPerMinThreshold never decreased

Dave Syer
@dsyer
Oct 30 2017 12:04
I saw your issue in github
Did you read the analysis here: spring-cloud/spring-cloud-netflix#373
Not sure if that is relevant to your case
bakomchik
@bakomchik
Oct 30 2017 12:39

Thanks Dave, i read this analysis
This does not correspond to my case,
in described case numOfRenewsInLastMin is increases
and eureka never go into selfPreservationMode

In my case i have many lease expirations, and eureka does not recalculate expectedNumberOfRenewsPerMin when evicting instances.
example scenario :
1) i have 100 registered instances (numberOfRenewsPerMinThreshold = (100 2) =200)
2) 20 instances terminates(sigterm) and lease expires
3) now count of instances is 80, but numberOfRenewsPerMinThreshold is still equal 170
4) Eureka trying to updateRenewalThreshold (com.netflix.eureka.registry.PeerAwareInstanceRegistryImpl#updateRenewalThreshold) and check condititon if ((count
2) > (serverConfig.getRenewalPercentThreshold() numberOfRenewsPerMinThreshold)
80
2 > 0,85 200 = > 160 > 170 == false
and numberOfRenewsPerMinThreshold not changes
5) then evicting occurs and com.netflix.eureka.registry.PeerAwareInstanceRegistryImpl#isLeaseExpirationEnabled invoked but condition getNumOfRenewsInLastMin > numberOfRenewsPerMinThreshold == false , because getNumOfRenewsInLastMin is equal 80
2

sorry for my poor english
Dave Syer
@dsyer
Oct 30 2017 12:42
So you have fallen below the threshold, and you don't expect to ever get back above it?
As I understand it the threshold is there to stop leases being cancelled when the server is cut off from the clients.
The threshold can only be updated when it is not breached. Kind of makes sense. But I might be missing something.
OTOH sigterm should result in graceful shutdown and cancellation by the client
If I were you I'd look at how your instances are being stopped.
Dave Syer
@dsyer
Oct 30 2017 12:48
They might need more time. Or something is using SIGKILL when they told you they were using SIGTERM.
bakomchik
@bakomchik
Oct 30 2017 13:16
@dsyer yep, exactly, i don't expect to ever get back above threshold
in my case threshold is not breached ,instances are evicted from registry successfully, but threshold are not changes
Sushant Borse
@sushant91265_twitter
Oct 30 2017 14:31
@pcornelissen I'm doing perf testing(instrument spring-cloud-zuul) and want to measure response time, throughput etc.