Seeing Warning Logs :: Cannot refresh Redis Cluster topology in 6.2.6.RELEASE
subrajitdhal opened this issue · comments
Bug Report
Current Behavior
I've found that the WARN log message is "Cannot refresh Redis Cluster topology", after AWS Elasticache instance reboot.
Although the log was printed every topology refresh period, all requests was fine.NO connection issue though.it just print warning logs.
Unable to connect to [xxxxxxx:port]: PKIX path validation failed: java.security.cert.CertPathValidatorException: Unable to determine revocation status due to network error
Stack trace
i.l.c.c.t.DefaultClusterTopologyRefresh$CannotRetrieveClusterPartitions: Cannot retrieve cluster partitions from [rediss://********************@xxxxxx:port]
Details:
[rediss://********************@xxxxx:port]: PKIX path validation failed: java.security.cert.CertPathValidatorException: Unable to determine revocation status due to network error
Suppressed: java.io.EOFException: not enough content
at sun.security.util.DerValue.<init>(DerValue.java:425)
at sun.security.util.DerValue.<init>(DerValue.java:340)
at s.s.provider.certpath.OCSPResponse.<init>(OCSPResponse.java:200)
at sun.security.provider.certpath.OCSP.check(OCSP.java:196)
at s.s.provider.certpath.RevocationChecker.checkOCSP(RevocationChecker.java:785)
at s.s.provider.certpath.RevocationChecker.check(RevocationChecker.java:369)
Input Code
Input Code
private val topologyRefreshOptions: ClusterTopologyRefreshOptions = ClusterTopologyRefreshOptions
.builder()
.enablePeriodicRefresh(RedisClusterTopologyRefreshInterval)
.enableAllAdaptiveRefreshTriggers()
.dynamicRefreshSources(true)
.build()
Expected behavior/code
"Cannot refresh Redis Cluster topology" log should no longer be printed.
Environment
- Lettuce version(s): 6.2.6.RELEASE
Possible Solution
Additional context
Hey @subrajitdhal ,
How do you verify that "all requests are fine. NO connection issue though."?
From the code I see in Lettuce the WARN message you are seeing is indicating that the topology refresh has failed.
The indicated issue is that the revocation status of the certificate could not be established due to network error.
Have in mind that a topology refresh failing would not stop the driver from operating and using the topology it already has from previous attempts, but the topology information would not be updated until the network issue is resolved.
Hi @tishun ,
Thanks for checking it.
This error we are seeing suddenly though there is no change from application.We have also tried use correct java trust store location.Any pointer would be greatly help.
I am afraid I do not have enough information to help diagnose the issue.
The only pointer I have is that, the Lettuce driver, while attempting to refresh the topology by connecting to rediss://********************@xxxxx:port
fails to establish a connection because there is some network connectivity issue.
If otherwise the driver is able to connect to the same instance then I have no clue why this specific network connection fails.
Hi @tishun ,
Up on further checking we see this warning logs are more frequent in app which are using AWS based Correto Java 17 base images.Where as app which are using Alepine java 11 this warning logs are very very less