-
Notifications
You must be signed in to change notification settings - Fork 67
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ApiPlaneException: 401 Unauthorized #13
Comments
hango-api-plane的Pod的serviceaccount是 hango-apiplane,其 clusterrolebinding 是 cluster-admin,不应该 是 访问k8s api 权限的问题。 |
这个链路是istiod调用k8s api,可以看下环境中istiod的clusterrolebinding。 |
维护的 网关信息和服务信息 没有做 持久化啊,重建 hango-api-plane 的pod后,维护的信息就没了。 |
是的,如果需要持久化,可以对接到mysql。开源的是H2的,剥离了持久化数据库。 |
hango-gateway不是全部开源啊,在生产上不敢用,只能玩玩了。哎。 |
开源上,我们的方向更多是轻量,易用。如果有易用性方向问题,通过issue报告。 |
非常感谢。怎么对接 自定义的Istiod服务,比如istio-system下的istio,而不是文档中通过Operator方式部署的Istio。 |
权限 问题 还是 没有解决,不知道是不是 和 高版本的Istio 不兼容。希望 项目组能 验证一下。 |
Describe the bug
A clear and concise description of what the bug is.
发布服务时,报错:401 Unauthorized,无法从“K8s注册中心”获取服务列表。
组件 hango-api-plane 日志详细信息:
2021-09-10 16:03:41.703 [http-nio-10880-exec-2] INFO o.h.c.w.i.RequestLogInterceptor ==== uuid:27c61646-f040-440c-a1e2-1033b2a2846e - ----- Request Id: 27c61646-f040-440c-a1e2-1033b2a2846e, Request Method: GET, Uri: /api?Action=GetServiceAndPortList&Type=Kubernetes&Version=2019-07-25 -----
2021-09-10 16:03:41.706 [http-nio-10880-exec-2] INFO o.h.c.c.k.http.DefaultK8sHttpClient ==== uuid:27c61646-f040-440c-a1e2-1033b2a2846e - Request{method=GET, url=https://10.43.0.1/api/v1/namespaces/hango-system/pods?labelSelector=app%3Distiod&fieldSelector=status.phase%3DRunning, tags={}}
2021-09-10 16:03:41.814 [http-nio-10880-exec-2] INFO o.h.c.c.k.http.DefaultK8sHttpClient ==== uuid:27c61646-f040-440c-a1e2-1033b2a2846e - Request{method=GET, url=https://10.43.0.1/api/v1/namespaces/hango-system/pods?labelSelector=app%3Distiod&fieldSelector=status.phase%3DRunning, tags={}}
2021-09-10 16:03:41.881 [http-nio-10880-exec-2] INFO o.h.c.u.i.RestTemplateLogInterceptor ==== uuid:27c61646-f040-440c-a1e2-1033b2a2846e - Request --> URI: http://10.42.97.240:8080/debug/endpointz?brief=true, Request Body:
2021-09-10 16:03:41.881 [http-nio-10880-exec-2] INFO o.h.c.u.i.RestTemplateLogInterceptor ==== uuid:27c61646-f040-440c-a1e2-1033b2a2846e - Request --> URI: http://10.42.97.240:8080/debug/endpointz?brief=true, Request Body:
2021-09-10 16:03:41.883 [http-nio-10880-exec-2] INFO o.h.c.u.i.RestTemplateLogInterceptor ==== uuid:27c61646-f040-440c-a1e2-1033b2a2846e - Response <-- Status code: 401
2021-09-10 16:03:41.883 [http-nio-10880-exec-2] INFO o.h.c.u.i.RestTemplateLogInterceptor ==== uuid:27c61646-f040-440c-a1e2-1033b2a2846e - Response <-- Status code: 401
2021-09-10 16:03:41.884 [http-nio-10880-exec-2] WARN o.h.cloud.core.istio.PilotHttpClient ==== uuid:27c61646-f040-440c-a1e2-1033b2a2846e -
org.springframework.web.client.HttpClientErrorException: 401 Unauthorized
at org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:78)
at org.springframework.web.client.RestTemplate.handleResponse(RestTemplate.java:700)
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:653)
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:613)
at org.springframework.web.client.RestTemplate.getForEntity(RestTemplate.java:312)
at org.hango.cloud.core.istio.PilotHttpClient.getForEntity(PilotHttpClient.java:295)
at org.hango.cloud.core.istio.PilotHttpClient.access$100(PilotHttpClient.java:41)
at org.hango.cloud.core.istio.PilotHttpClient$1.load(PilotHttpClient.java:92)
at org.hango.cloud.core.istio.PilotHttpClient$1.load(PilotHttpClient.java:89)
at com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3708)
at com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2416)
at com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2299)
at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2212)
at com.google.common.cache.LocalCache.get(LocalCache.java:4147)
at com.google.common.cache.LocalCache.getOrLoad(LocalCache.java:4151)
at com.google.common.cache.LocalCache$LocalLoadingCache.get(LocalCache.java:5140)
at org.hango.cloud.core.istio.PilotHttpClient.getEndpoints(PilotHttpClient.java:199)
at org.hango.cloud.core.istio.PilotHttpClient.getEndpointList(PilotHttpClient.java:210)
at org.hango.cloud.core.istio.PilotHttpClient.getEndpointList(PilotHttpClient.java:248)
at org.hango.cloud.core.gateway.service.impl.DefaultResourceManager.getEndpointList(DefaultResourceManager.java:53)
at org.hango.cloud.core.gateway.service.impl.DefaultResourceManager.getServiceAndPortList(DefaultResourceManager.java:80)
at org.hango.cloud.service.impl.GatewayServiceImpl.getServiceAndPortList(GatewayServiceImpl.java:222)
at org.hango.cloud.web.controller.GatewayCommonController.getServiceAndPortList(GatewayCommonController.java:46)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:133)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:97)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:827)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:738)
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:634)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.hango.cloud.web.filter.CacheHttpRequestFilter.doFilter(CacheHttpRequestFilter.java:20)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.hango.cloud.web.filter.LogUUIDFilter.doFilter(LogUUIDFilter.java:33)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.hango.cloud.web.filter.RequestContextHolderFilter.doFilter(RequestContextHolderFilter.java:20)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:108)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:81)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:115)
at org.springframework.boot.web.support.ErrorPageFilter.access$000(ErrorPageFilter.java:59)
at org.springframework.boot.web.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:90)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:108)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:528)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:678)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:798)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:810)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
2021-09-10 16:03:41.888 [http-nio-10880-exec-2] ERROR o.h.c.u.a.CommonExceptionHandler ==== uuid:27c61646-f040-440c-a1e2-1033b2a2846e - Request Id: 27c61646-f040-440c-a1e2-1033b2a2846e, Common exception handler catch :
com.google.common.util.concurrent.UncheckedExecutionException: org.hango.cloud.util.exception.ApiPlaneException: 401 Unauthorized
at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2218)
at com.google.common.cache.LocalCache.get(LocalCache.java:4147)
at com.google.common.cache.LocalCache.getOrLoad(LocalCache.java:4151)
at com.google.common.cache.LocalCache$LocalLoadingCache.get(LocalCache.java:5140)
at org.hango.cloud.core.istio.PilotHttpClient.getEndpoints(PilotHttpClient.java:199)
at org.hango.cloud.core.istio.PilotHttpClient.getEndpointList(PilotHttpClient.java:210)
at org.hango.cloud.core.istio.PilotHttpClient.getEndpointList(PilotHttpClient.java:248)
at org.hango.cloud.core.gateway.service.impl.DefaultResourceManager.getEndpointList(DefaultResourceManager.java:53)
at org.hango.cloud.core.gateway.service.impl.DefaultResourceManager.getServiceAndPortList(DefaultResourceManager.java:80)
at org.hango.cloud.service.impl.GatewayServiceImpl.getServiceAndPortList(GatewayServiceImpl.java:222)
at org.hango.cloud.web.controller.GatewayCommonController.getServiceAndPortList(GatewayCommonController.java:46)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:133)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:97)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:827)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:738)
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:861)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:634)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.hango.cloud.web.filter.CacheHttpRequestFilter.doFilter(CacheHttpRequestFilter.java:20)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.hango.cloud.web.filter.LogUUIDFilter.doFilter(LogUUIDFilter.java:33)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.hango.cloud.web.filter.RequestContextHolderFilter.doFilter(RequestContextHolderFilter.java:20)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:108)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:81)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:115)
at org.springframework.boot.web.support.ErrorPageFilter.access$000(ErrorPageFilter.java:59)
at org.springframework.boot.web.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:90)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:108)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:528)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:678)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:798)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:810)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
Caused by: org.hango.cloud.util.exception.ApiPlaneException: 401 Unauthorized
at org.hango.cloud.core.istio.PilotHttpClient.getForEntity(PilotHttpClient.java:298)
at org.hango.cloud.core.istio.PilotHttpClient.access$100(PilotHttpClient.java:41)
at org.hango.cloud.core.istio.PilotHttpClient$1.load(PilotHttpClient.java:92)
at org.hango.cloud.core.istio.PilotHttpClient$1.load(PilotHttpClient.java:89)
at com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3708)
at com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2416)
at com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2299)
at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2212)
... 81 common frames omitted
To Reproduce
Steps to reproduce the behavior:
部署参考:
https://github.com/hango-io/hango-gateway/blob/master/install/README.zh_CN.md
Expected behavior
A clear and concise description of what you expected to happen.
Additional context
Add any other context about the problem here, e.g.
The text was updated successfully, but these errors were encountered: