1369093 – [behind proxy] xPaaS builds failing intermittent under Proxy ("peer not authenticated" error)

Bug 1369093 - [behind proxy] xPaaS builds failing intermittent under Proxy ("peer not authenticated" error)

Summary: [behind proxy] xPaaS builds failing intermittent under Proxy ("peer not authe...

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	ImageStreams
Sub Component:
Version:	3.2.1
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	low
Target Milestone:	---
Target Release:	---
Assignee:	kconner
QA Contact:	Tomas Schlosser
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2016-08-22 13:28 UTC by Bogdan Calomfirescu
Modified:	2017-02-18 00:41 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2017-02-18 00:41:08 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Failed build log for Jboss WebServer Tomcat 7 Image (28.21 KB, text/plain) 2016-08-22 13:28 UTC, Bogdan Calomfirescu	no flags	Details
Failed build log for JWS Tomcat 8 Image (18.54 KB, text/plain) 2016-08-22 13:29 UTC, Bogdan Calomfirescu	no flags	Details
Failed build log for EAP 6 Image (52.49 KB, text/plain) 2016-08-22 13:30 UTC, Bogdan Calomfirescu	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Description Bogdan Calomfirescu 2016-08-22 13:28:52 UTC

Created attachment 1192932 [details]
Failed build log for Jboss WebServer Tomcat 7 Image

Description of problem:
Builds are failing due to "peer not authenticated" error

Version-Release number of selected component (if applicable):

OpenShift Master:
v3.2.1.9-1-g2265530
Kubernetes Master:
v1.2.0-36-g4a3f9c5

How reproducible:
When using an image from xPaaS suite it sometimes fails with the error "Peer Not authenticated"

When applying this WA from version 3.1 it still fails with ""Remote host closed connection during handshake: SSL peer shut down incorrectly""

          - name: MAVEN_ARGS_APPEND
            value: "-e -Dmaven.wagon.http.ssl.insecure=true -e -Dmaven.wagon.http.ssl.allowall=true -e -Dhttps.protocols=TLSv1,SSLv3"



Additional info:
Please note that we are using a corporate Proxy.

Also we had failed builds due to bug 1349224 and after applying the work around we jumped to this issue.

Support Case for reference: https://access.redhat.com/support/cases/#/case/01677396

Original bug for your reference: https://bugzilla.redhat.com/show_bug.cgi?id=1349224

Comment 1 Bogdan Calomfirescu 2016-08-22 13:29:44 UTC

Created attachment 1192933 [details]
Failed build log for JWS Tomcat 8 Image

Comment 2 Bogdan Calomfirescu 2016-08-22 13:30:22 UTC

Created attachment 1192934 [details]
Failed build log for EAP 6 Image

Comment 3 kconner 2016-10-31 13:59:23 UTC

PRIVATE:

From the EAP log it looks as if maven central closed the connection early

Caused by: org.sonatype.aether.transfer.ArtifactTransferException: Could not transfer artifact org.jboss.logging:jboss-logging:pom:3.1.0.CR2 from/to central (https://repo1.maven.org/maven2): Remote host closed connection during handshake

Comment 4 kconner 2016-10-31 14:08:53 UTC

PRIVATE:

Tomcat image appears to show the same

Caused by: org.sonatype.aether.transfer.ArtifactTransferException: Could not transfer artifact org.apache.maven.plugins:maven-resources-plugin:pom:2.5 from/to central (https://repo1.maven.org/maven2): Remote host closed connection during handshake

Comment 5 kconner 2016-10-31 14:14:25 UTC

PRIVATE:

BTW neither log mentions anything about "Peer Not authenticated".  I notice that you mention a corporate proxy, could this be closing the connection down?  Have you looked at the network traffic to see what is happening or turned on the tls/ssl debugging?

Comment 6 kconner 2016-12-12 17:24:41 UTC

Apologies, I thought this was a support case and coming from a RH employee.  I'm making my private comments public.

Comment 7 Bogdan Calomfirescu 2016-12-13 09:10:12 UTC

Hello,

Thank you for your feedback.

We no longer use a corporate proxy because of the complexity that it induced and the issues that we had with builds. Also it seems that Openshift doesn't have a full support on using proxies (Red Hat doesn't recommend using them).

Thank you again for your support.

Have a good day,

Bogdan Calomfirescu

Comment 8 kconner 2017-02-18 00:41:08 UTC

Since this seems to be related to the network infrastructure rather than the image I'm now closing this as not a bug.

Note You need to log in before you can comment on or make changes to this bug.