Redis-UI not connecting to aws redis cluster when Encryption in-transit option is enabled.
jangammohan opened this issue · 21 comments
Redis-UI not connecting to AWS Redis cluster when Encryption in-transit option is enabled. If the encryption in-transit option is disabled not seeing any issue but when the option is enabled getting below error.
Redis-ui connection details:
connections:
- name: rcdev
host: //aws redis-cluster-url goes here
port: 6379
cluster: true
readonly: false
awsElastiCache: true
Error Details:
[P3XRS] [PID: 000008] socket.io connection-connect added new socket.id mT9ohegE24LHz_LcAAAB to undefined name with rcdev
[P3XRS] [PID: 000008] socket.io connection-connect redis error fun undefined rcdev error
[P3XRS] [PID: 000008] ClusterAllFailedError: Failed to refresh slots cache.
at tryNode (/usr/local/lib/node_modules/p3x-redis-ui/node_modules/ioredis/built/cluster/index.js:396:31)
at /usr/local/lib/node_modules/p3x-redis-ui/node_modules/ioredis/built/cluster/index.js:413:21
at Timeout. (/usr/local/lib/node_modules/p3x-redis-ui/node_modules/ioredis/built/cluster/index.js:671:24)
at Timeout.run (/usr/local/lib/node_modules/p3x-redis-ui/node_modules/ioredis/built/utils/index.js:156:22)
at listOnTimeout (node:internal/timers:559:11)
at processTimers (node:internal/timers:500:7) {
lastNodeError: Error: timeout
at Object.timeout (/usr/local/lib/node_modules/p3x-redis-ui/node_modules/ioredis/built/utils/index.js:159:38)
at Cluster.getInfoFromNode (/usr/local/lib/node_modules/p3x-redis-ui/node_modules/ioredis/built/cluster/index.js:668:55)
at tryNode (/usr/local/lib/node_modules/p3x-redis-ui/node_modules/ioredis/built/cluster/index.js:402:19)
at Cluster.refreshSlotsCache (/usr/local/lib/node_modules/p3x-redis-ui/node_modules/ioredis/built/cluster/index.js:421:9)
at /usr/local/lib/node_modules/p3x-redis-ui/node_modules/ioredis/built/cluster/index.js:192:22
}
[P3XRS] [PID: 000008] socket.io connection-connect redis error fun didConnected false
[P3XRS] [PID: 000008] socket.io connection-connect redis error fun disconnectedData {
connectionId: undefined,
error: 'Failed to refresh slots cache.',
status: 'error'
}
[P3XRS] [PID: 000008] socket.io shared disconnect redis includes true length === 1 1
[P3XRS] [PID: 000008] shared disconnectRedisIo try
[P3XRS] [PID: 000008] shared disconnectRedisIo executed
[P3XRS] [PID: 000008] Error: None of startup nodes is available
at Cluster.handleCloseEvent (/usr/local/lib/node_modules/p3x-redis-ui/node_modules/ioredis/built/cluster/index.js:235:29)
at Object.onceWrapper (node:events:513:28)
at Cluster.emit (node:events:406:35)
at /usr/local/lib/node_modules/p3x-redis-ui/node_modules/ioredis/built/cluster/index.js:367:18
at processTicksAndRejections (node:internal/process/task_queues:78:11)
UI Screen shot:
sorry, i do not support other than Redis as I have no AWS account besides...
@p3x-robot I am trying to connect to redis TLS enabled instance, does redis-ui support TLS ? if yes could you please share connection configuration details? I use Kubernetes for deployment.
TLS is not supported.
i mean, i could do it, but i do not have a TLS instance to test it, it is very straightforward to do it.
const redis = new Redis({
host: "localhost",
tls: {
// Refer to `tls.connect()` section in
// https://nodejs.org/api/tls.html
// for all supported options
ca: fs.readFileSync("cert.pem"),
},
});
@p3x-robot Could you let me know where exactly the above the line of code goes in your Redis-ui-server, I will give it a try
it requires multiple point of changes (ui and server), and multiple languages.:
https://github.com/patrikx3/redis-ui#development
actually, it is very fast to add this tls options.
hang on i will do it in a few yours and you can test.
@p3x-robot Thank you very much, will wait for your changes.
https://github.com/patrikx3/redis-ui/releases/tag/v2021.10.119
if it is not working right away, it will be done later in a few months.
i just added the code, but i could not test at all.
@p3x-robot thanks once again, I will test & update you.
ok, not working, need more configuration
I haven't tested it yet, was occupied with other things, will test & update you.
it is working with Redis v6 as the README.md
says.
It works @ https://p3x.redis.patrikx3.com/
@p3x-robot I followed this link - https://spin.atomicobject.com/2021/08/05/configuring-redis-tls/ and configured tls enabled redis instance locally.
But with the redis UI it did not work, I used node package - p3x-redis-ui@2021.10.124
getting following error:
[P3XRS] [PID: 000001] Error: error:0909006C:PEM routines:get_name:no start line
at node:internal/tls/secure-context:65:13
at Array.forEach ()
at setCerts (node:internal/tls/secure-context:63:3)
at configSecureContext (node:internal/tls/secure-context:152:5)
at Object.createSecureContext (node:_tls_common:116:3)
at Object.connect (node:_tls_wrap:1621:48)
at /usr/local/lib/node_modules/p3x-redis-ui/node_modules/ioredis/built/connectors/StandaloneConnector.js:55:45
at processTicksAndRejections (node:internal/process/task_queues:78:11) {
library: 'PEM routines',
function: 'get_name',
reason: 'no start line',
code: 'ERR_OSSL_PEM_NO_START_LINE'
Redis-UI connection screenshot
you have stripped off the ERR_OSSL_PEM_NO_START_LINE
-----BEGIN CERTIFICATE-----
and
-----BEGIN RSA PRIVATE KEY-----
and
-----BEGIN CERTIFICATE-----
for starting and missing the end lines as well.
@p3x-robot Thanks for the quick response, I am getting this error any idea?
Redis-ui Log details:
[P3XRS] [PID: 000001] Error: connect ECONNREFUSED 10.97.100.71:30104
at TCPConnectWrap.afterConnect [as oncomplete] (node:net:1146:16) {
errno: -111,
code: 'ECONNREFUSED',
syscall: 'connect',
address: '10.97.100.71',
port: 30104
}
no idea. on my test server it works.
by the way the error exactly shows the error. debug
@p3x-robot Its working now, in redis.conf file commented this line "bind 127.0.0.1" and changed "protected-mode" to no. Now able to connect using redis-ui.
Thanks for your support and providing code changes quickly.