yugabyte
Error when enabling TLS + Nodeport
Hello,
I deployed a yugabyte cluster using the helm chart v2.7.1.
I added NodePort, so that I an connect clients using a node_ip:nodePort Everything worked fine until I tried to deploy with TLS. I get errors when trying to write data. (Complete new deployment)
tls:
# Set to true to enable the TLS.
enabled: true
nodeToNode: true
clientToServer: true
# Set to false to disallow any service with unencrypted communication from joining this cluster
insecure: false
rootCA:
cert: "......"
key: "....."
serviceEndpoints:
- name: "yb-master-ui"
type: NodePort
app: "yb-master"
ports:
http-ui: "7000"
- name: "yb-tserver-service"
type: NodePort
app: "yb-tserver"
ports:
tcp-yql-port: "9042"
tcp-yedis-port: "6379"
tcp-ysql-port: "5433"
And I am also using the image:
Component: "yugabytedb"
Image:
tag: 2.7.1.1-b1
When I try to connect with the python psycopg2 and following the doc here: https://docs.yugabyte.com/latest/quick-start/build-apps/python/ysql-psycopg2/
I can successfully create the table employee, but impossible to insert any data, I get an error:
InternalError: Network error: Handshake failed: Network error (yb/rpc/secure_stream.cc:1108): Endpoint does not match, address: 172.23.171.61, hostname: 172.23.171.61
The IP displayed here change.
Apparently this is a pod IP
Any idea ?
It seems when enabling SSL, and inserting data using:
conn.set_session(autocommit=False) (following https://docs.yugabyte.com/latest/quick-start/build-apps/python/ysql-psycopg2/)
I get the error. Apparently the tservers can't communicate with each other.
InternalError: Network error: Handshake failed: Network error (yb/rpc/secure_stream.cc:1108): Endpoint does not match, address: 172.23.171.61, hostname: 172.23.171.61
And if I set autocommit=True, I can write data. Probably because the nodes don't need to communicate with each others then.