EINVAL error on login #192
Comments
|
Are you able to connect to your vault server with another vault container
acting as cli?
…On Sep 26, 2017 8:21 AM, "Daniel Brachmann" ***@***.***> wrote:
Hi
i have been trying to get your vault-ui docker image to work on a
multinode Kubernetes cluster (https://github.com/coreos/
coreos-kubernetes/tree/master/multi-node/vagrant) but alwys get the
following error message no matter which auth backend i use:
Error: Error: connect EINVAL 0.0.32.8:80 - Local (0.0.0.0:0)
I verified that i can reach the clusterip and the serviceport of the vault
service as wella s the nodeip and nodeport of the vault service from inside
the vault-ui container.
Any hints on how to debug this? The error message is meaning nothing to
me. I can only suspect that there is some connectivity issue?
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#192>, or mute the thread
<https://github.com/notifications/unsubscribe-auth/AHk8EQMHMGJboFgZoUlE_Wk79bLpa0T1ks5smRaSgaJpZM4Pkbb2>
.
|
|
that works fine |
|
Ok, well did you try experimenting with the vault server url setting on the
vault ui login page? You could mess around and get it to work through the
ui then update `VAULT_URL_DEFAULT`. I'm just throwing out ideas, no idea of
what you are facing exactly :)
…On Sep 26, 2017 8:39 AM, "Daniel Brachmann" ***@***.***> wrote:
that works fine
***@***.*** vagrant]$ kubectl get pods NAME READY STATUS RESTARTS
AGE etcd-operator-346152359-t2czs 1/1 Running 0 3h
example-etcd-cluster-0000 1/1 Running 0 1h example-etcd-cluster-0001 1/1
Running 0 1h example-etcd-cluster-0002 1/1 Running 0 1h
vault-364488652-06k5c 1/1 Running 0 1h vault-364488652-1v995 1/1 Running 0
1h vault-ui-1028415239-xgvgn 1/1 Running 0 9m ***@***.*** vagrant]$
kubectl exec -it vault-364488652-1v995 vault auth Token (will be hidden):
Successfully authenticated! You are now logged in. token:
793938fc-11f8-d18a-7f21-499d43273e0e token_duration: 0 token_policies:
[root] ***@***.*** vagrant]$
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#192 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AHk8EUfeb6yeyA_v8mrEjos2BupjyWVgks5smRqzgaJpZM4Pkbb2>
.
|
|
yupp already tried it. the url i'm using is working fine with a different vault-ui project but the ux of that one isn't quite as good. |
|
Just to clarify, are you having trouble reaching Vault-UI through your browser? Or are you having trouble reaching Vault from Vault-UI? |
|
I'm having trouble reaching Vault from Vault-UI. |
|
I've seen EINVAL when I was using the wrong protocol. Can you confirm that you are using the proper |
|
I'm using the same endpoint that is working with the nyxcharon/vault-ui I'm no knowing enough about react to be able to debug it further. and the container logs dont show an error either |
|
If you open up your browsers debug tool, Vault-UI is likely throwing a more verbose error in the console, or there is likely a network request that is failing and has more information in the response. Could you check these and see if there is anything helpful there?
Thanks,
DJ Enriquez
… On Sep 27, 2017, at 1:51 AM, Daniel Brachmann ***@***.***> wrote:
I'm using the same endpoint that is working with the nyxcharon/vault-ui
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub, or mute the thread.
|
|
In the Firefox console i see a request to http://172.17.4.201:30080/v1/auth/token/lookup-self?vaultaddr=10.3.0.87:8200 which gets a 500 Return Code and the response contains the following :
|
|
0.0.32.8 is not a valid IP address |
|
I'm not trying to access 0.0.32.8. I am trying to access: 10.3.0.87:8200 |
|
@fengor, you're missing the protocol scheme in your vault addr. That URI should either look like: unsecureor secure |
|
We could put logic in place where if it's missing, assume |
|
Or just give a decent error message? Like check if the string starts with http? Going to try with the protocol in the url tomorrow and will report. I'd classify this as a missing input validation bug or at least unclear documentation. |
|
I agree, thanks for the input. We'll leave this issue open until we have a fix. |
|
Ok tested it with the protocol in front and the http://10.3.0.87:8200 successfully connects. Insofar as handling the wrong input I'd prefer a simple and clear error message to prepending http/s:// if it misses since it could confuse an user if the wrong protocol was assumed. |
|
I created a pull request with a quick fix to the readme.md that would have helped me to avoid this issue. That isn't a real fix but should help till the real fix is implemented |
|
Closing per #204. |
Hi
i have been trying to get your vault-ui docker image to work on a multinode Kubernetes cluster (https://github.com/coreos/coreos-kubernetes/tree/master/multi-node/vagrant) but alwys get the following error message no matter which auth backend i use:
Error: Error: connect EINVAL 0.0.32.8:80 - Local (0.0.0.0:0)
I verified that i can reach the clusterip and the serviceport of the vault service as wella s the nodeip and nodeport of the vault service from inside the vault-ui container.
Any hints on how to debug this? The error message is meaning nothing to me. I can only suspect that there is some connectivity issue?
The text was updated successfully, but these errors were encountered: