policy drools healthcheck with proxy fails

 
1
0
-1

Hi,

as it seams the healthcheck of the policy is failing if proxy is used.

the ports 6969 and the 9696 of drools are open and active.

root@ecomp-vm1-policy:/home/ubuntu# nc -zv 127.0.0.1 6969
Connection to 127.0.0.1 6969 port [tcp/*] succeeded!

ubuntu@ecomp-vm1-robot:~$ nc -zv 10.0.6.1 6969
Connection to 10.0.6.1 6969 port [tcp/*] succeeded!


policy@drools:/tmp/policy-install$ http -a 'healthcheck:zb!XztG34' :6969/healthcheck
HTTP/1.1 504 Gateway Timeout
Content-Length: 2705

 <title>
      504 DNS look up failed
    </title>
  </head>
  <body>
    <div class="oc">
      <div class="ic">
        <div class="msg">
          <h1>
            504 DNS look up failed
          </h1>
          <p>
            <p>
              The proxy server reported that an error occurred while trying to access the website.  Please click


if I change the seddions http_proxy settings then the following result shows up:
policy@drools:/tmp/policy-install$ export http_proxy=
policy@drools:/tmp/policy-install$ http -a 'healthcheck:zb!XztG34' :6969/healthcheck
HTTP/1.1 200 OK
Content-Length: 276
Content-Type: application/json
Date: Thu, 14 Sep 2017 07:07:05 GMT
Server: Jetty(9.3.14.v20161028)
{
    "details": [
        {
            "code": 200,
            "healthy": true,
            "message": "alive",
            "name": "PDP-D",
            "url": "self"
        },
        {
            "code": 200,
            "healthy": true,
            "message": "",
            "name": "PAP",
            "url": "http://pap:9091/pap/test"
        },
        {
            "code": 200,
            "healthy": true,
            "message": "",
            "name": "PDP",
            "url": "http://pdp:8081/pdp/test"
        }
    ],
    "healthy": true
}

unfortunately if I exit the drools and reenter it the proxy settings are back.

but without the proxy settings I cannot install the drools container..
and I do not know what is the drools container root password.. to make the proxy setting system wide or to enter the pap,pdp,nexus,.. ip addresses to the hosts file.


Do you have any solution for this?

(I think this problem is also valid for other containers like in aai or in vid)


    CommentAdd your comment...

    1 answer

    1.  
      2
      1
      0

      Hi Attila Jány

      Not sure how could proxy in maven blocking health-checks. I believe you might have updated in /etc/maven/settings.xml file. you can login to root use of docker container like following

      docker exec -ti -u 0 drools bash

      Give a try following and re-create (not restart) drools container

      Find/locate docker-install.sh for drools container in VM or technically we can mount /opt/policy/policy-drools/docker-install.sh to drools container by updating /opt/policy/docker-compose.yml 

      In docker-install.sh in function configure_base add proxy like following by adding a sed statement after configure_settings function call


      function configure_base() {
      if [[ $DEBUG == y ]]; then
      echo "-- ${FUNCNAME[0]} $@ --"
      set -x
      fi

      local BASH_PROFILE_LINE PROFILE_LINE

      # check if fqdn is set in base.conf and use that value if set
      if [[ -z ${INSTALL_FQDN} ]]
      then
      echo "FQDN not set in config...using the default FQDN ${FQDN}"
      else
      echo "Using FQDN ${INSTALL_FQDN} from config"
      FQDN=${INSTALL_FQDN}
      fi

      configure_component "${BASE_CONF}" "${POLICY_HOME}"

      configure_settings
      sed -i "/<\/servers>/a\ \<proxies> <proxy> <id>http-proxy<\/id> <active>true<\/active> <protocol>http<\/protocol> <host>host<\/host> <port>port<\/port> <nonProxyHosts>localhost|127.0.0.1<\/nonProxyHosts> <\/proxy> <proxy> <id>https-proxy<\/id> <active>true<\/active> <protocol>https<\/protocol> <host>host<\/host> <port>port<\/port> <nonProxyHosts>localhost|127.0.0.1<\/nonProxyHosts> <\/proxy> <\/proxies>" $HOME_M2/settings.xml


      To re-create drools container

      docker rm -f drools

      Export following

      NEXUS_USERNAME=$(cat /opt/config/nexus_username.txt)
      NEXUS_PASSWD=$(cat /opt/config/nexus_password.txt)
      NEXUS_DOCKER_REPO=$(cat /opt/config/nexus_docker_repo.txt)
      DOCKER_IMAGE_VERSION=$(cat /opt/config/docker_version.txt)
      export MTU=$(/sbin/ifconfig | grep MTU | sed 's/.*MTU://' | sed 's/ .*//' | sort -n | head -1)
      export DOCKER_REPOSITORY=${NEXUS_DOCKER_REPO}

      cd /opt/policy

      /opt/docker/docker-compose up -d


      Then try health checks again

      1. Attila Jány

        I had to make an export http_proxy= with empty value and the same for https and after that it was working! (the root user is a nice thing to have (smile) )

      2. kranthi guttikonda

        Not sure why the proxy variables are set upon re-login. That's strange. If you want to avoid to unset of proxy variables each time then try the solution provided (smile)

      3. Attila Jány

        yes I did that too!

        that helped the robot health check to PASS !

      4. kranthi guttikonda

        Great (smile)

      CommentAdd your comment...