Problem with bcrypt when deploying from different operating system

Question

Problem with bcrypt when deploying from different operating system

karlitos opened this issue 5 years ago · comments

Even though the deployment of my Meteor App to Amazon AWS EC2 with Ubuntu 18.04. from my Mac OsX with yamup went absolutely smoothly I realized soon, that the app was crashing, as soon as I tried to use the meteor accounts (log-in, create account ...) I discovered in the logs entries pointing me to the bcrypt module.

Due to the fact, that the project is created locally on my Mac and then pushed to a Linux virtual machine, there is a mismatch in the provided bcrypt binary. There is actually already a stackoverflow thread related to this issue. I tried to manually run

$ cd /opt/your_app/app/programs/server
$ npm rebuild
$ npm install

but not luck so far. It might, be that it wasn't working due to permission problems, because after npm rebuild it ended up with:

│                 npm update check failed                  │
│           Try running with sudo or get access            │
│           to the local update config store via           │
│ sudo chown -R $USER:$(id -gn $USER) /home/ubuntu/.config │

I will investigate it later, for now I removed the bcrypt package from the project. Since this might affect other packages as well yamup should have some built-in solution for this case.

João Bordalo · Answer 1 · Sat Aug 17 2019 18:43:49 GMT+0800 (China Standard Time)

Hi, your stackoverflow link points to a different thread:

"Meteor WebSocket handshake error 400 with nginx"

Can you give the correct link? Thanks in advance.

Karel Mácha · Answer 2 · Tue Aug 20 2019 16:08:31 GMT+0800 (China Standard Time)

My apology, the Stackoverflow link is now fixed.

Karel Mácha · Answer 3 · Wed Aug 28 2019 03:08:54 GMT+0800 (China Standard Time)

Hi, were you able to look at this issue ? I thought it's related to building on different OS, than the OS the app is deployed to, but this seems to be not the case. I managed to get a working CD from Gitlab where I use the image with the same OS (Ubuntu 18.04) as the one on my AWS EC2. But still, deploying with yamup leads to issues with bcrypt

[swiftmind.io] Aug 27 17:59:46 ip-172-31-36-220 swiftmind[14289]: /usr/bin/node: symbol lookup error: /opt/swiftmind/app/programs/server/npm/node_modules/bcrypt/lib/binding/bcrypt_lib.node: undefined symbol: _ZN4node19GetCurrentEventLoopEPN2v87IsolateE
Aug 27 17:59:46 ip-172-31-36-220 systemd[1]: swiftmind.service: Main process exited, code=exited, status=127/n/a
Aug 27 17:59:46 ip-172-31-36-220 systemd[1]: swiftmind.service: Failed with result 'exit-code'.
Aug 27 17:59:46 ip-172-31-36-220 systemd[1]: swiftmind.service: Service hold-off time over, scheduling restart.
Aug 27 17:59:46 ip-172-31-36-220 systemd[1]: swiftmind.service: Scheduled restart job, restart counter is at 283.
Aug 27 17:59:46 ip-172-31-36-220 systemd[1]: Stopped swiftmind.
Aug 27 17:59:46 ip-172-31-36-220 systemd[1]: swiftmind.service: Start request repeated too quickly.
Aug 27 17:59:46 ip-172-31-36-220 systemd[1]: swiftmind.service: Failed with result 'exit-code'.
Aug 27 17:59:46 ip-172-31-36-220 systemd[1]: Failed to start swiftmind.

I will now try to downgrade bcrypt to 3.0.0 as described in this Bugreport.

João Bordalo · Answer 4 · Thu Aug 29 2019 01:22:35 GMT+0800 (China Standard Time)

Sorry for the late reply, but I'm a little busy at the moment. This weekend I will look at it and get back to you.

…

On Tue, Aug 27, 2019 at 8:08 PM Karel Mácha ***@***.***> wrote: Hi, were you able to look at this issue ? I thought it's related to building on different OS, than the OS the app is deployed to, but this seems to be not the case. I managed to get a working CD from Gitlab <#6> where I use the image with the same OS (Ubuntu 18.04) as the one on my AWS EC2. But still, deploying with *yamup* leads to issues with *bcrypt* [swiftmind.io] Aug 27 17:59:46 ip-172-31-36-220 swiftmind[14289]: /usr/bin/node: symbol lookup error: /opt/swiftmind/app/programs/server/npm/node_modules/bcrypt/lib/binding/bcrypt_lib.node: undefined symbol: _ZN4node19GetCurrentEventLoopEPN2v87IsolateE Aug 27 17:59:46 ip-172-31-36-220 systemd[1]: swiftmind.service: Main process exited, code=exited, status=127/n/a Aug 27 17:59:46 ip-172-31-36-220 systemd[1]: swiftmind.service: Failed with result 'exit-code'. Aug 27 17:59:46 ip-172-31-36-220 systemd[1]: swiftmind.service: Service hold-off time over, scheduling restart. Aug 27 17:59:46 ip-172-31-36-220 systemd[1]: swiftmind.service: Scheduled restart job, restart counter is at 283. Aug 27 17:59:46 ip-172-31-36-220 systemd[1]: Stopped swiftmind. Aug 27 17:59:46 ip-172-31-36-220 systemd[1]: swiftmind.service: Start request repeated too quickly. Aug 27 17:59:46 ip-172-31-36-220 systemd[1]: swiftmind.service: Failed with result 'exit-code'. Aug 27 17:59:46 ip-172-31-36-220 systemd[1]: Failed to start swiftmind. I will now try to downgrade *bcrypt* to 3.0.0 as described in this Bugreport <kelektiv/node.bcrypt.js#656>. — You are receiving this because you commented. Reply to this email directly, view it on GitHub <#5?email_source=notifications&email_token=ACHDADHOAVT32AJGK3GSGHLQGV3UNA5CNFSM4IL46NY2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD5IZWZA#issuecomment-525441892>, or mute the thread <https://github.com/notifications/unsubscribe-auth/ACHDADE3PPO2HLARBGSF4D3QGV3UNANCNFSM4IL46NYQ> .

-- blog: http://joaobordalo.com

João Bordalo · Answer 5 · Fri Sep 06 2019 03:02:40 GMT+0800 (China Standard Time)

Hi karlitos,

I don't think you should mess with the javascript file on the server side, and for that, I don't think this is a problem for yamup to solve.

Having said that, I was able to reproduce your error with meteor 1.8.1.

A fresh new project with accounts-ui and accounts-password made this warning pop up:

(STDERR) Note: you are using a pure-JavaScript implementation of bcrypt.
(STDERR) While this implementation will work correctly, it is known to be
(STDERR) approximately three times slower than the native implementation.
(STDERR) In order to use the native implementation instead, run
(STDERR) 
(STDERR)   meteor npm install --save bcrypt
(STDERR) 
(STDERR) in the root directory of your application.

So I followed the instructions:

$ meteor npm install --save bcrypt
...
+ bcrypt@3.0.6

After deploying with yamup, and while using the loginButtons, the server started generating the following errors in a endless loop:

systemd[1]: Started testapp.
testapp[15111]: /usr/bin/node: symbol lookup error: /opt/testapp/app/programs/server/npm/node_modules/bcrypt/lib/binding/bcrypt_lib.node: undefined symbol: _ZN4node19GetCurrentEventLoopEPN2v87IsolateE
systemd[1]: testapp.service: Main process exited, code=exited, status=127/n/a
systemd[1]: testapp.service: Unit entered failed state.
systemd[1]: testapp.service: Failed with result 'exit-code'.
systemd[1]: testapp.service: Service hold-off time over, scheduling restart.
systemd[1]: Stopped testapp.

So I removed the bcrypt package and try it again:

meteor npm uninstall bcrypt

And it's working like a charm. I still get the warning message at the start of the app, but I don't care. Since bcrypt is only used in sign in and sign up, I would not be very concerned about the performance issues.

Please let me know if it fixed your problem.

Karel Mácha · Answer 6 · Fri Sep 06 2019 16:12:12 GMT+0800 (China Standard Time)

Hello,

I investigated the problem a little bit further and I would like to share some conclusion I made:

It is not an issue which SHOULD / CAN be fixed by YAMUP
Although I would strongly recommend to put some hints in the documentation, because user will be affected by this when using bcrypt and possibly other node modules

The reason is, that some npm modules are relying on binaries (which are then platform specific). npm tries to find releases for the particular platforms and package version and if there is non available the binaries would than be compiled upon installation (npm install_).

This has consequences, when you deploy from different OS/platform, than your target OS/platform. You can easily end up with incompatible binaries on your target system. I would recommend to put this information to the documentation of yamup, so the users are aware of the possible issues resulting form deploying from e.g. Mac OS to Linux.

The case of bcrypt is little bit more complicated. The current versions of bcrypt are actually compatible with Node.js versions 10 or higher. And meteor 1.8.x is still stuck with version 8.x. What happend was, that the necessary binaries were successfully compiled on my Mac, so I was unaware of this issue. But the compilation was not successful on Ubuntu 18.04. with Node version 8.x. After I switched to older bcrypt release (2.x) compatible binaries were found and downloaded upon installation and everything went fine.

Till Meteor switches to Node version 10 or later I will also probably remove bcrypt from my app, since the bcrypt version 2.x is flagged as security risk.

I will close now the ticket, but please think about mentioning the cross-os deployment risks in the documentation.

João Bordalo · Answer 7 · Fri Sep 06 2019 18:07:15 GMT+0800 (China Standard Time)

Documentation changed:

392b8e3

Thanks for your help.