Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dapr cannot connect to Sentry in self-hosted mode #1458

Open
AlbertoVPersonal opened this issue Oct 21, 2024 · 0 comments
Open

Dapr cannot connect to Sentry in self-hosted mode #1458

AlbertoVPersonal opened this issue Oct 21, 2024 · 0 comments
Labels
kind/bug Something isn't working

Comments

@AlbertoVPersonal
Copy link

In what area(s)?

/area runtime

What version of Dapr?

CLI: 1.14.1
Runtime: 1.14.4

Expected Behavior

The sidecar of my app should connect to the Sentry service correctly as this happened with the version 1.13.4.

Actual Behavior

My sidecar cannot connect to Sentry 😢

Steps to Reproduce the Problem

  1. Install the latest versions of DAPR CLI and DAPR on a Windows environment.
  2. Configure Sentry to use the local and auto-generated certificates. That is, the certificates generated by Sentry when it starts.
apiVersion: dapr.io/v1alpha1
kind: Configuration
metadata:
  name: daprsystem
  namespace: default
spec:
  mtls:
    enabled: true
    workloadCertTTL: "8760h"
  1. Run Sentry with the following command line:
.\bin\sentry.exe --issuer-credentials .\certs\ --trust-domain cluster.local --config .\config.yaml

Log

time="2024-10-21T09:27:20.7000976+02:00" level=info msg="Log level set to: info" instance=MY_PC scope=dapr.sentry type=log ver=1.14.4
time="2024-10-21T09:27:20.7000976+02:00" level=info msg="Starting watch on filesystem directory: certs" instance=MY_PC scope=dapr.sentry type=log ver=1.14.4
time="2024-10-21T09:27:20.7006232+02:00" level=info msg="Adding validator 'insecure'" instance=MY_PC scope=dapr.sentry type=log ver=1.14.4
time="2024-10-21T09:27:20.7006232+02:00" level=info msg="Using local file system for trust bundle storage" instance=MY_PC scope=dapr.sentry.ca type=log ver=1.14.4
time="2024-10-21T09:27:20.7011652+02:00" level=info msg="Root and issuer certs found: using existing certs" instance=MY_PC scope=dapr.sentry.ca type=log ver=1.14.4
time="2024-10-21T09:27:20.701671+02:00" level=info msg="CA certificate key pair ready" instance=MY_PC scope=dapr.sentry type=log ver=1.14.4
time="2024-10-21T09:27:20.7016884+02:00" level=info msg="Using validator 'insecure'" instance=MY_PC scope=dapr.sentry type=log ver=1.14.4
time="2024-10-21T09:27:20.7016884+02:00" level=info msg="Fetching initial identity certificate" instance=MY_PC scope=dapr.runtime.security type=log ver=1.14.4
time="2024-10-21T09:27:20.7016884+02:00" level=info msg="Security is initialized successfully" instance=MY_PC scope=dapr.runtime.security type=log ver=1.14.4
time="2024-10-21T09:27:20.7016884+02:00" level=info msg="Starting workload cert expiry watcher; current cert expires on: 2025-10-21 07:27:20 +0000 UTC, renewing at 2025-04-21 19:19:50 +0000 UTC" instance=MY_PC scope=dapr.runtime.security type=log ver=1.14.4
time="2024-10-21T09:27:20.7022006+02:00" level=info msg="Healthz server is listening on [::]:8080" instance=MY_PC scope=dapr.sentry type=log ver=1.14.4time="2024-10-21T09:27:20.7022006+02:00" level=info msg="metrics server started on :9090/" instance=MY_PC scope=dapr.sentry type=log ver=1.14.4
time="2024-10-21T09:27:20.7027255+02:00" level=info msg="Running gRPC server on port 50001" instance=MY_PC scope=dapr.sentry.server type=log ver=1.14.4
  1. Run a sidecar app.

In this scenario I have included the ports in the command line but the most of time it is not included for my dummy apps.

dapr run --log-level debug --app-id DummyApp --dapr-http-port 10001 -G 10002 --resources-path .\components\ -- .\DummyApp.exe

Log

Flag --components-path has been deprecated, This flag is deprecated and will be removed in the future releases. Use "resources-path" flag instead
Starting Dapr with id DummyApp. HTTP Port: 10001. gRPC Port: 10002
Checking if Dapr sidecar is listening on HTTP port 10001
Flag --dapr-http-max-request-size has been deprecated, use '--max-body-size 4Mi'
Flag --dapr-http-read-buffer-size has been deprecated, use '--read-buffer-size 4Ki'
time="2024-10-21T10:21:01.0410199+02:00" level=info msg="Starting Dapr Runtime -- version 1.14.4 -- commit 583960dc90120616124b60ad2b7820fc0b3edf44" app_id=DummyApp instance=MY_PC scope=dapr.runtime type=log ver=1.14.4
time="2024-10-21T10:21:01.0410199+02:00" level=info msg="Log level set to: debug" app_id=DummyApp instance=MY_PC scope=dapr.runtime type=log ver=1.14.4
time="2024-10-21T10:21:01.0410199+02:00" level=info msg="Fetching initial identity certificate" app_id=DummyApp instance=MY_PC scope=dapr.runtime.security type=log ver=1.14.4
Dapr sidecar is not listening on HTTP port: dial tcp 127.0.0.1:10001: connectex: No connection could be made because the target machine actively refused it.
Checking if Dapr sidecar is listening on GRPC port 10002
Dapr sidecar is not listening on GRPC port: dial tcp 127.0.0.1:10002: connectex: No connection could be made because the target machine actively refused it.
Dapr sidecar might not be responding.
== APP == Dapr.DaprException: State operation failed: the Dapr endpoint indicated a failure. See InnerException for details.
== APP ==  ---> Grpc.Core.RpcException: Status(StatusCode="Unavailable", Detail="Error connecting to subchannel.", DebugException="System.Net.Sockets.SocketException: No connection could be made because the target machine actively refused it.")
== APP ==  ---> System.Net.Sockets.SocketException (10061): No connection could be made because the target machine actively refused it.
== APP ==    at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.ThrowException(SocketError error, CancellationToken cancellationToken)
== APP ==    at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.System.Threading.Tasks.Sources.IValueTaskSource.GetResult(Int16 token)
== APP ==    at System.Net.Sockets.Socket.<ConnectAsync>g__WaitForConnectWithCancellation|285_0(AwaitableSocketAsyncEventArgs saea, ValueTask connectTask, CancellationToken cancellationToken)
== APP ==    at Grpc.Net.Client.Balancer.Internal.SocketConnectivitySubchannelTransport.TryConnectAsync(ConnectContext context)
== APP ==    --- End of inner exception stack trace ---
== APP ==    at Grpc.Net.Client.Balancer.Internal.ConnectionManager.PickAsync(PickContext context, Boolean waitForReady, CancellationToken cancellationToken)
== APP ==    at Grpc.Net.Client.Balancer.Internal.BalancerHttpHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
== APP ==    at Grpc.Net.Client.Internal.GrpcCall`2.RunCall(HttpRequestMessage request, Nullable`1 timeout)
== APP ==    at Dapr.Client.DaprClientGrpc.GetBulkStateRawAsync(String storeName, IReadOnlyList`1 keys, Nullable`1 parallelism, IReadOnlyDictionary`2 metadata, CancellationToken cancellationToken)
== APP ==    --- End of inner exception stack trace ---
== APP ==    at Dapr.Client.DaprClientGrpc.GetBulkStateRawAsync(String storeName, IReadOnlyList`1 keys, Nullable`1 parallelism, IReadOnlyDictionary`2 metadata, CancellationToken cancellationToken)
== APP ==    at Dapr.Client.DaprClientGrpc.GetBulkStateAsync(String storeName, IReadOnlyList`1 keys, Nullable`1 parallelism, IReadOnlyDictionary`2 metadata, CancellationToken cancellationToken)
== APP ==    at MyClassForStateManagement.GetStateAsync(List`1 keys)

Release Note

RELEASE NOTE: FIX Dapr cannot connect to Sentry in self-hosted mode.
@AlbertoVPersonal AlbertoVPersonal added the kind/bug Something isn't working label Oct 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@AlbertoVPersonal