Can't access application after configure SSL
bergpb opened this issue · comments
Hey folks, I'm working configuring Trino Gateway to use with our current Trino Cluster (running with HTTPS).
After a lot of tries, and some team member help, we are able to make the application working without configuration issues, here the relevant part of the config file:
requestRouter:
ssl: true
port: 9080
name: trinoRouter
historySize: 1000
keystorePath: <path>
keystorePass: <password>
server:
applicationConnectors:
- type: https
port: 9081
keyStorePath: <path>
keyStorePassword: <password>
useForwardedHeaders: true
adminConnectors:
- type: https
port: 9082
keyStorePath: <path>
keyStorePassword: <password>
useForwardedHeaders: true
Most of these configurations are from the Dropwizard docs, since we don't have detailed docs on how to deploy Trino Gateway with HTTPS.
After applying these configurations, the application starts, and was able to run healthychecks with Trino clusters, but the Web UI is not available.
Here an error log found:
INFO [2024-02-08 21:03:44,350] io.trino.gateway.baseapp.BaseApp: op=register type=auth filter item=class io.dropwizard.auth.AuthFilter
ERROR [2024-02-08 21:03:44,373] io.trino.gateway.baseapp.BaseApp: Error loading managed app
! java.lang.IllegalStateException: null
! at java.base/java.util.OptionalInt.orElseThrow(OptionalInt.java:273)
! at io.trino.gateway.baseapp.AppModule.getApplicationPort(AppModule.java:37)
! at io.trino.gateway.ha.module.HaGatewayProviderModule.getProxyHandler(HaGatewayProviderModule.java:160)
! at io.trino.gateway.ha.module.HaGatewayProviderModule.provideGateway(HaGatewayProviderModule.java:206)
! at io.trino.gateway.ha.module.HaGatewayProviderModule$$FastClassByGuice$$48db3.GUICE$TRAMPOLINE(<generated>)
! at io.trino.gateway.ha.module.HaGatewayProviderModule$$FastClassByGuice$$48db3.apply(<generated>)
! at com.google.inject.internal.ProviderMethod$FastClassProviderMethod.doProvision(ProviderMethod.java:260)
! at com.google.inject.internal.ProviderMethod.doProvision(ProviderMethod.java:171)
! at com.google.inject.internal.InternalProviderInstanceBindingImpl$CyclicFactory.provision(InternalProviderInstanceBindingImpl.java:185)
! at com.google.inject.internal.InternalProviderInstanceBindingImpl$CyclicFactory.get(InternalProviderInstanceBindingImpl.java:162)
! at com.google.inject.internal.ProviderToInternalFactoryAdapter.get(ProviderToInternalFactoryAdapter.java:40)
! at com.google.inject.internal.SingletonScope$1.get(SingletonScope.java:169)
! at com.google.inject.internal.InternalFactoryToProviderAdapter.get(InternalFactoryToProviderAdapter.java:45)
! at com.google.inject.internal.SingleFieldInjector.inject(SingleFieldInjector.java:50)
! at com.google.inject.internal.MembersInjectorImpl.injectMembers(MembersInjectorImpl.java:146)
! at com.google.inject.internal.ConstructorInjector.provision(ConstructorInjector.java:124)
! at com.google.inject.internal.ConstructorInjector.construct(ConstructorInjector.java:91)
! at com.google.inject.internal.ConstructorBindingImpl$Factory.get(ConstructorBindingImpl.java:300)
! at com.google.inject.internal.InjectorImpl$1.get(InjectorImpl.java:1148)
! ... 13 common frames omitted
! Causing: com.google.inject.ProvisionException: Unable to provision, see the following errors:
!
! 1) [Guice/ErrorInCustomProvider]: IllegalStateException
! at HaGatewayProviderModule.provideGateway(HaGatewayProviderModule.java:187)
! at GatewayManagedApp.gateway(GatewayManagedApp.java:7)
! \_ for field gateway
! while locating GatewayManagedApp
!
! Learn more:
! https://github.com/google/guice/wiki/ERROR_IN_CUSTOM_PROVIDER
!
! 1 error
!
! ======================
! Full classname legend:
! ======================
! GatewayManagedApp: "io.trino.gateway.ha.GatewayManagedApp"
! HaGatewayProviderModule: "io.trino.gateway.ha.module.HaGatewayProviderModule"
! ========================
! End of classname legend:
! ========================
!
! at com.google.inject.internal.InternalProvisionException.toProvisionException(InternalProvisionException.java:251)
! at com.google.inject.internal.InjectorImpl$1.get(InjectorImpl.java:1151)
! at com.google.inject.internal.InjectorImpl.getInstance(InjectorImpl.java:1186)
! at io.trino.gateway.baseapp.BaseApp.lambda$addManagedApps$0(BaseApp.java:189)
! at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
! at io.trino.gateway.baseapp.BaseApp.addManagedApps(BaseApp.java:184)
! at io.trino.gateway.baseapp.BaseApp.registerWithInjector(BaseApp.java:135)
! at io.trino.gateway.baseapp.BaseApp.configureGuice(BaseApp.java:125)
! at io.trino.gateway.baseapp.BaseApp.run(BaseApp.java:102)
! at io.trino.gateway.baseapp.BaseApp.run(BaseApp.java:48)
! at io.dropwizard.core.cli.EnvironmentCommand.run(EnvironmentCommand.java:66)
! at io.dropwizard.core.cli.ConfiguredCommand.run(ConfiguredCommand.java:98)
! at io.dropwizard.core.cli.Cli.run(Cli.java:78)
! at io.dropwizard.core.Application.run(Application.java:94)
! at io.trino.gateway.ha.HaGatewayLauncher.main(HaGatewayLauncher.java:25)
We don't know if that is a configuration issue or a bug in the application, so any help on this will be appreciated.
What version of Trino Gateway are you using... this codepath changed heavily..
Hi @mosabua, I'm using version 5 downloaded from this URL:
https://repo1.maven.org/maven2/io/trino/gateway/gateway-ha/5/gateway-ha-5-jar-with-dependencies.jar
Do I need to use another version?
I believe this is heavily changed by now. I suggest you test this again when version 6 is released. We are working towards that to happen as soon as possible.
I tried switching the HttpConnectorFactory to HttpsConnectFactory and it seems to work -
You'll need to change on the subsequent lines as well. Can you give that a try @bergpb ?
Can you send a PR that implements a switch based on protocol @prakhar10 or @bergpb
Sure, I can do that.
Any updates on this fix, I have raised a issue as well.
#383
#382 should fix this. You could try to compile and run the PR or wait for the next release.