fancy-receptionist-50750
06/21/2022, 3:11 PMquiet-fountain-46593
06/21/2022, 9:30 PMsaml-g
INFO message is normalfancy-receptionist-50750
06/21/2022, 10:31 PMripe-actor-83292
06/22/2022, 5:42 PMadmin|admin
? that is indeed peculiar 🤔quiet-fountain-46593
06/23/2022, 5:59 PMfancy-receptionist-50750
06/23/2022, 6:48 PMquiet-fountain-46593
06/27/2022, 7:33 PMfancy-receptionist-50750
06/28/2022, 3:14 PM2022-06-28 14:54:39,170|INFO |MANAGER|com.neu.api.AuthenticationService(apply:824): post path auth
2022-06-28 14:54:39,256|WARN |MANAGER|com.neu.api.AuthenticationService(apply:828): Status: 401 Unauthorized
Body: {"code":3,"error":"Authentication failed","message":"Authentication failed"}
2022-06-28 14:54:39,262|INFO |MANAGER|com.neu.api.AuthenticationService(apply:147): saml-g: servername is empty
The Logs from the Leader Controller:
2022-06-28T14:54:38.808|DEBU|CTL|cache.UpdateConnections: - agent=1d1b9febe7e0 app=1001 bytes=592 client=Host:neoappl clientIP=10.12.2.222 clientPort=0 extIP=false external=false first=1656428055 host=neoappliance-k8s-02:6dce4d56-1a13-a2b1-74e8-b16dd06f283e ingress=true ipproto=6 last=1656428055 local=true network= policyAction=1 policyID=10005 policyViolates=0 scope=global server=793ca6076462 serverIP=192.168.193.66 serverPort=80 sessions=0 threatID=0 threatSev=0 toSidecar=false xff=false
2022-06-28T14:54:38.808|DEBU|CTL|cache.cacheMutexRLock: Acquire ... - goroutine=318
2022-06-28T14:54:38.808|DEBU|CTL|cache.cacheMutexRUnlock: Released - goroutine=318
2022-06-28T14:54:38.808|DEBU|CTL|cache.cacheMutexLock: Acquire ... - goroutine=318
2022-06-28T14:54:38.808|DEBU|CTL|cache.cacheMutexUnlock: Released - goroutine=318
2022-06-28T14:54:38.808|DEBU|CTL|cache.cacheMutexRLock: Acquire ... - goroutine=318
2022-06-28T14:54:38.808|DEBU|CTL|cache.cacheMutexRUnlock: Released - goroutine=318
2022-06-28T14:54:38.808|DEBU|CTL|cache.cacheMutexRLock: Acquire ... - goroutine=318
2022-06-28T14:54:38.808|DEBU|CTL|cache.cacheMutexRUnlock: Released - goroutine=318
2022-06-28T14:54:38.808|DEBU|CTL|cache.UpdateConnections: - agent=1d1b9febe7e0 app=0 bytes=9760 client=c16edcf22e89 clientIP=192.168.193.125 clientPort=0 extIP=false external=false first=1656428072 host=neoappliance-k8s-02:6dce4d56-1a13-a2b1-74e8-b16dd06f283e ingress=false ipproto=6 last=1656428072 local=false network= policyAction=0 policyID=0 policyViolates=0 scope=global server=nv.ip.kubern serverIP=10.43.0.1 serverPort=443 sessions=0 threatID=0 threatSev=0 toSidecar=false xff=false
2022-06-28T14:54:38.808|DEBU|CTL|cache.graphMutexUnlock: Released - goroutine=318
2022-06-28T14:54:38.808|DEBU|CTL|cache.cacheMutexRLock: Acquire ... - goroutine=318
2022-06-28T14:54:38.808|DEBU|CTL|cache.cacheMutexRUnlock: Released - goroutine=318
2022-06-28T14:54:42.706|DEBU|CTL|cache.cacheMutexRLock: Acquire ... - goroutine=1100956
2022-06-28T14:54:42.706|DEBU|CTL|cache.cacheMutexRUnlock: Released - goroutine=1100956
2022-06-28T14:54:42.707|DEBU|CTL|cache.graphMutexLock: Acquire ... - goroutine=318
2022-06-28T14:54:42.707|DEBU|CTL|cache.cacheMutexRLock: Acquire ... - goroutine=318
2022-06-28T14:54:42.707|DEBU|CTL|cache.cacheMutexRUnlock: Released - goroutine=318
2022-06-28T14:54:42.707|DEBU|CTL|cache.cacheMutexLock: Acquire ... - goroutine=318
2022-06-28T14:54:42.707|DEBU|CTL|cache.cacheMutexUnlock: Released - goroutine=318
2022-06-28T14:54:42.707|DEBU|CTL|cache.preProcessConnectPAI: Ignore ingress connection from nv device - client=192.168.67.168 server=192.168.164.101
2022-06-28T14:54:42.707|DEBU|CTL|cache.cacheMutexRLock: Acquire ... - goroutine=318
2022-06-28T14:54:42.707|DEBU|CTL|cache.cacheMutexRUnlock: Released - goroutine=318
2022-06-28T14:54:42.707|DEBU|CTL|cache.cacheMutexLock: Acquire ... - goroutine=318
2022-06-28T14:54:42.707|DEBU|CTL|cache.cacheMutexUnlock: Released - goroutine=318
quiet-fountain-46593
06/29/2022, 5:54 PM2022-06-29T17:29:18.382|DEBU|CTL|rest.handlerAuthLogin: - URL=<https://neuvector-svc-controller.cattle-neuvector-system:10443/v1/auth>
2022-06-29T17:29:18.382|DEBU|CTL|rest.getAuthServersInOrder: - auth-order=[]
2022-06-29T17:29:18.387|DEBU|CTL|rest.handlerAuthLogin: - server=local
2022-06-29T17:29:18.391|INFO|CTL|rest.handlerAuthLogin: - error=Wrong password user=admin
2022-06-29T17:29:18.391|ERRO|CTL|rest.handlerAuthLogin: User login failed - msg=Wrong password user=admin
2022-06-29T17:29:18.392|DEBU|CTL|rest.writer.WriteHeader: 401 - Method=POST URL=<https://neuvector-svc-controller.cattle-neuvector-system:10443/v1/auth>
ripe-actor-83292
06/29/2022, 6:03 PMhttps://<the.ui.service.ip>:8443
?fancy-receptionist-50750
06/29/2022, 6:04 PMripe-actor-83292
06/29/2022, 6:04 PMfancy-receptionist-50750
06/29/2022, 6:05 PMripe-actor-83292
06/29/2022, 6:05 PMfancy-receptionist-50750
06/29/2022, 6:14 PMquiet-fountain-46593
06/29/2022, 6:18 PMhallowed-ocean-20951
06/29/2022, 6:28 PMagreeable-oil-87482
06/29/2022, 6:39 PMfancy-receptionist-50750
06/29/2022, 6:40 PMroot@appliance-k8s-01:/home/aguida# kubectl port-forward service/neuvector-service-webui -n cattle-neuvector-system 8443:8443
Forwarding from 127.0.0.1:8443 -> 8443
Forwarding from [::1]:8443 -> 8443
Handling connection for 8443
Handling connection for 8443
E0629 18:36:17.344121 2335862 portforward.go:406] an error occurred forwarding 8443 -> 8443: error forwarding port 8443 to pod 4d0d9e20c0c56b4f6a26e9e3ebc997be715f11798662f801b60f6069900dadfb, uid : failed to execute portforward in network namespace "/var/run/netns/cni-e8f9fd3b-9834-d83b-0260-a767438f30e6": read tcp4 127.0.0.1:54932->127.0.0.1:8443: read: connection reset by peer
E0629 18:36:17.344927 2335862 portforward.go:234] lost connection to pod
quiet-fountain-46593
06/29/2022, 6:44 PMfancy-receptionist-50750
06/29/2022, 6:47 PMquiet-fountain-46593
06/29/2022, 6:47 PM- name: RANCHER_EP
value for the controller deployment, and make sure controller pods can resolve/connect to it?fancy-receptionist-50750
06/29/2022, 7:10 PMripe-actor-83292
06/29/2022, 7:11 PMquiet-fountain-46593
06/29/2022, 7:12 PMfancy-receptionist-50750
06/29/2022, 7:34 PMquiet-fountain-46593
06/29/2022, 7:35 PMfancy-receptionist-50750
06/29/2022, 7:55 PMadventurous-battery-36116
06/29/2022, 7:55 PMfancy-receptionist-50750
06/29/2022, 7:56 PMripe-actor-83292
06/29/2022, 7:56 PMProtect
mode will not work, if that’s relevant to the use-case.fancy-receptionist-50750
06/29/2022, 7:57 PMadventurous-battery-36116
06/29/2022, 7:58 PMfancy-receptionist-50750
06/29/2022, 7:59 PMripe-actor-83292
06/29/2022, 8:00 PMadventurous-battery-36116
06/29/2022, 8:06 PMkubectl get NetworkPolicy -A
fancy-receptionist-50750
06/29/2022, 8:17 PMroot@appliance-k8s-01:/home/aguida# kubectl get NetworkPolicy -A
NAMESPACE NAME POD-SELECTOR AGE
calico-apiserver allow-apiserver apiserver=true 13d
cattle-fleet-local-system default-allow-all <none> 13d
clean-magazine-25026
06/29/2022, 8:29 PMshow user
fancy-receptionist-50750
06/29/2022, 8:32 PM