Hi all,
I have set up a production server using docker-compose instructions as I was not able to get the kubernetes version to work correctly but will handle that problem later.
I’m using a letsencrypt cert, and have included the server.crt and the device auth public key (artifact-verify-key.pem) in my yocto layer.
I created a user and can log in to my production server with no issue.
After deploying the yocto image on my hardware I can see the device show up on the server and I can authorize it.
However, a number of things are not correct after that step. The device type field and current software are not populated and I never see an updated “last check-in”. There is no remote terminal option either.
On the unit checking the mender-client logs I see a bunch of errors repeating after the unit was authorized:
time="2022-03-26T16:46:39Z" level=info msg="successfully received new authorization data from xxxx.xxxx.com"
time="2022-03-26T16:46:39Z" level=info msg="Local proxy started"
time="2022-03-26T16:46:39Z" level=info msg="Reauthorization successful"
time="2022-03-26T16:46:39Z" level=error msg="Put \"/api/devices/v1/inventory/device/attributes\": unsupported protocol scheme \"\""
time="2022-03-26T16:46:39Z" level=error msg="(request_id: ): Got unexpected HTTP status when submitting to inventory 503 server error message: Put \"/api/devices/v1/inventory/device/attributes\": unsupported protocol scheme \"\"\n"
time="2022-03-26T16:46:39Z" level=warning msg="Failed to refresh inventory: failed to submit inventory data: (request_id: ): Got unexpected HTTP status when submitting to inventory 503 server error message: Put \"/api/devices/v1/inventory/device/attributes\": unsupported protocol scheme \"\"\n"
time="2022-03-26T16:46:39Z" level=info msg="State transition: inventory-update [Sync] -> check-wait [Idle]"
time="2022-03-26T16:46:40Z" level=info msg="State transition: check-wait [Idle] -> update-check [Sync]"
time="2022-03-26T16:46:40Z" level=error msg="Post \"/api/devices/v2/deployments/device/deployments/next\": unsupported protocol scheme \"\""
time="2022-03-26T16:46:40Z" level=error msg="Error receiving scheduled update data: failed to check update info on the server. Response: &{503 Service Unavailable 503 HTTP/1.1 1 1 map[Content-Length:[91] Content-Type:[text/plain; charset=utf-8] Date:[Sat, 26 Mar 2022 16:46:40 GMT] X-Content-Type-Options:[nosniff]] 0x103a220 91 [] false false map[] 0xc80a80 <nil>}"
time="2022-03-26T16:46:40Z" level=error msg="Update check failed: transient error: failed to check update info on the server. Response: &{503 Service Unavailable 503 HTTP/1.1 1 1 map[Content-Length:[91] Content-Type:[text/plain; charset=utf-8] Date:[Sat, 26 Mar 2022 16:46:40 GMT] X-Content-Type-Options:[nosniff]] 0x103a220 91 [] false false map[] 0xc80a80 <nil>}"
time="2022-03-26T16:46:40Z" level=info msg="State transition: update-check [Sync] -> error [Error]"
time="2022-03-26T16:46:40Z" level=info msg="Handling error state, current error: transient error: failed to check update info on the server. Response: &{503 Service Unavailable 503 HTTP/1.1 1 1 map[Content-Length:[91] Content-Type:[text/plain; charset=utf-8] Date:[Sat, 26 Mar 2022 16:46:40 GMT] X-Content-Type-Options:[nosniff]] 0x103a220 91 [] false false map[] 0xc80a80 <nil>}"
time="2022-03-26T16:46:40Z" level=info msg="State transition: error [Error] -> idle [Idle]"
time="2022-03-26T16:46:40Z" level=info msg="State transition: idle [Idle] -> check-wait [Idle]"
time="2022-03-26T16:46:40Z" level=error msg="couldn't dial to remote backend url \"/api/devices/v1/deviceconnect/connect\", err: malformed ws or wss URL"
time="2022-03-26T16:46:42Z" level=info msg="State transition: check-wait [Idle] -> inventory-update [Sync]"
time="2022-03-26T16:46:43Z" level=error msg="Put \"/api/devices/v1/inventory/device/attributes\": unsupported protocol scheme \"\""
My /etc/mender/mender.conf file is:
{
"ArtifactVerifyKey": "/etc/mender/artifact-verify-key.pem",
"InventoryPollIntervalSeconds": 5,
"RetryPollIntervalSeconds": 30,
"ServerURL": "xxxx.xxxx.com",
"TenantToken": "dummy",
"UpdatePollIntervalSeconds": 5
}
On the server, everything seems fully operational:
/run ps
Name Command State Ports
-------------------------------------------------------------------------------------------------------------------------------------
menderproduction_mender-api-gateway_1 /entrypoint.sh --accesslog ... Up 0.0.0.0:443->443/tcp,:::443->443/tcp,
80/tcp
menderproduction_mender-create-artifact- /usr/bin/workflows --confi ... Up 8080/tcp
worker_1
menderproduction_mender-deployments_1 /entrypoint.sh --config /e ... Up 8080/tcp
menderproduction_mender-device-auth_1 /usr/bin/deviceauth --conf ... Up 8080/tcp
menderproduction_mender-deviceconfig_1 /usr/bin/deviceconfig --co ... Up 8080/tcp
menderproduction_mender-deviceconnect_1 /usr/bin/deviceconnect --c ... Up 8080/tcp
menderproduction_mender-gui_1 /entrypoint.sh nginx Up (healthy) 80/tcp, 8080/tcp
menderproduction_mender-inventory_1 /usr/bin/inventory --confi ... Up 8080/tcp
menderproduction_mender-iot-manager_1 /usr/bin/iot-manager serve ... Up 8080/tcp
menderproduction_mender-mongo_1 docker-entrypoint.sh mongod Up 27017/tcp
menderproduction_mender-nats_1 docker-entrypoint.sh -js Up 4222/tcp, 6222/tcp, 8222/tcp
menderproduction_mender-useradm_1 /usr/bin/useradm --config ... Up 8080/tcp
menderproduction_mender-workflows- /usr/bin/workflows --confi ... Up 8080/tcp
server_1
menderproduction_mender-workflows- /usr/bin/workflows --confi ... Up
worker_1
menderproduction_minio_1 /usr/bin/docker-entrypoint ... Up (healthy) 9000/tcp
Clearly something is not correct with the unit communicating to the server after authorization.
Any ideas?
Thanks, Matt.
