hera icon indicating copy to clipboard operation
hera copied to clipboard

Published 20 hours ago verified publisher icon aschzero

Handshake with edge error

Open jakobbsm opened this issue 4 years ago • 8 comments

When hera detects a container and tries to spin up the container it seems to fail. I changed the domain name to mydomain.com, that's not the actual one.

[INFO] Hera v0.2.5 has started
[INFO] Found certificate: mydomain.com.pem
[INFO] Container found, connecting to 769e01d96270...
[INFO] Registering tunnel heratest.mydomain.com
[INFO] Hera is listening
time="2021-05-04T10:59:46Z" level=info msg="Build info: {GoOS:linux GoVersion:go1.11.5 GoArch:amd64}"
time="2021-05-04T10:59:46Z" level=info msg="Version 2019.4.1"
time="2021-05-04T10:59:46Z" level=info msg=Flags config=/var/run/s6/services/heratest.mydomain.com/config.yml hostname=heratest.mydomain.com logfile=/var/log/hera/heratest.mydomain.com.log no-autoupdate=true origincert=/certs/mydomain.com.pem proxy-dns-upstream="https://1.1.1.1/dns-query, https://1.0.0.1/dns-query" url="172.23.0.3:9000"
time="2021-05-04T10:59:46Z" level=info msg="Starting metrics server" addr="127.0.0.1:34401"
time="2021-05-04T10:59:46Z" level=info msg="Proxying tunnel requests to http://172.23.0.3:9000"
time="2021-05-04T10:59:46Z" level=error msg="Unable to dial edge" error="Handshake with edge error: x509: certificate has expired or is not yet valid"
time="2021-05-04T10:59:46Z" level=info msg="Retrying in 1s seconds"

I tried with both the latest CLI and cloudflare/cloudflared:2020.7.0 and that worked just fine. Any suggestions?

jakobbsm avatar May 04 '21 11:05 jakobbsm

Apparently it was caused by the Docker image being outdated. Building it yourself fixes it. Considering how many other deprecation issues seem to be showing up I'm assuming this project is becoming outdated?

jakobbsm avatar May 19 '21 12:05 jakobbsm

You're probably better off moving to the offical Cloudflared docker image. The configuration format is a little different now that they have changed the way tunnels work, but its easier to use in the long run.

gregg098 avatar May 19 '21 14:05 gregg098

@gregg098 does the official docker image automatically create the tunnels for containers the way this one does ?

mikeburgh avatar Jun 03 '21 08:06 mikeburgh

@mikeburgh no, you have to create them manually.

jakobbsm avatar Jun 03 '21 10:06 jakobbsm

If tunnels must be declared and managed manually using cloudflared it's a far inferior solution to Hera's simple label approach.

worldofgeese avatar Aug 30 '21 09:08 worldofgeese

This docker image is broken. Because it's obsolete version of cloudflared package, the connection simply fails. On top of that equinox.io is going out of business, so in October the image will not even build. I think the container must have been great when it worked. Kudos to @aschzero! I can understand that @aschzero may not have time to work on this docker, but it would be nice to put in the README that the container does not work or even archive the project so that other people don't waste their time installing this.

rage4design avatar Sep 06 '21 03:09 rage4design

Although I wouldn't recommend starting to use it since it will become obsolete quickly, here's an updated image as of today that has an updated cloudfared package that works for archiving purposes: https://hub.docker.com/r/contagon/hera

contagon avatar Sep 25 '21 02:09 contagon

You may find https://github.com/mikeburgh/subway of use, it's the concept of Hera, but using the newer Cloudflared tunnel approach, still has some rough edges, but it works.

mikeburgh avatar Oct 22 '21 02:10 mikeburgh