我使用带有属性srv_api_uri: http://api.cf.epam.by的BOSH(带有CF清单文件的完整BOSH)将CloudFoundry部署在vSphere之上当我试图登录到我的CloudFoundry实例时,我得到了错误
vmc login
target: http://api.cf.epam.by
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown protocol
For more information, see ~/.vmc/crash
vmc login -t的结果为
target: http://api.cf.epam.by
>>>
REQUEST: GET /info
REQUEST_HEADERS:
accept : application/json
user-agent : Ruby
content-length : 0
RESPONSE: [200]
RESPONSE_HEADERS:
date : Fri, 04 Jan 2013 09:51:24 GMT
server : nginx
content-type : application/json; charset=utf-8
etag : "35acd28a7b24338237a8a1025d78f6ca"
cache-control : max-age=0, private, must-revalidate
x-ua-compatible : IE=Edge,chrome=1
transfer-encoding : chunked
{
"name": "vcap",
"build": 2222,
"support": "http://support.cloudfoundry.com",
"version": "0.999",
"description": "VMware's Cloud Application Platform",
"allow_debug": false,
"frameworks": {
"sinatra": {
"name": "sinatra",
"runtimes": [
{
"name": "ruby18",
"version": "1.8.7p357",
"description": "Ruby 1.8"
},
{
"name": "ruby19",
"version": "1.9.2p180",
"description": "Ruby 1.9"
}
],
"detection": [
{
"*.rb": "\s*require[\s\(]*['"]sinatra(/base)?['"]"
},
{
"config/environment.rb": false
}
]
},
"play": {
"name": "play",
"runtimes": [
{
"name": "java",
"version": "1.6.0_24",
"description": "Java 6"
},
{
"name": "java7",
"version": "1.7.0_04",
"description": "Java 7"
}
],
"detection": [
{
"lib/play.*.jar": true
}
]
},
"standalone": {
"name": "standalone",
"runtimes": [
{
"name": "java",
"version": "1.6.0_24",
"description": "Java 6"
},
{
"name": "java7",
"version": "1.7.0_04",
"description": "Java 7"
},
{
"name": "ruby18",
"version": "1.8.7p357",
"description": "Ruby 1.8"
},
{
"name": "ruby19",
"version": "1.9.2p180",
"description": "Ruby 1.9"
},
{
"name": "node",
"version": "0.4.12",
"description": "Node.js"
},
{
"name": "node06",
"version": "0.6.8",
"description": "Node.js"
},
{
"name": "node08",
"version": "0.8.2",
"description": "Node.js"
}
],
"detection": [ ]
},
"rack": {
"name": "rack",
"runtimes": [
{
"name": "ruby18",
"version": "1.8.7p357",
"description": "Ruby 1.8"
},
{
"name": "ruby19",
"version": "1.9.2p180",
"description": "Ruby 1.9"
}
],
"detection": [
{
"config.ru": true
},
{
"config/environment.rb": false
}
]
},
"node": {
"name": "node",
"runtimes": [
{
"name": "node",
"version": "0.4.12",
"description": "Node.js"
},
{
"name": "node06",
"version": "0.6.8",
"description": "Node.js"
},
{
"name": "node08",
"version": "0.8.2",
"description": "Node.js"
}
],
"detection": [
{
"*.js": "."
}
]
},
"spring": {
"name": "spring",
"runtimes": [
{
"name": "java",
"version": "1.6.0_24",
"description": "Java 6"
},
{
"name": "java7",
"version": "1.7.0_04",
"description": "Java 7"
}
],
"detection": [
{
"*.war": true
}
]
},
"lift": {
"name": "lift",
"runtimes": [
{
"name": "java",
"version": "1.6.0_24",
"description": "Java 6"
},
{
"name": "java7",
"version": "1.7.0_04",
"description": "Java 7"
}
],
"detection": [
{
"*.war": true
}
]
},
"rails3": {
"name": "rails3",
"runtimes": [
{
"name": "ruby18",
"version": "1.8.7p357",
"description": "Ruby 1.8"
},
{
"name": "ruby19",
"version": "1.9.2p180",
"description": "Ruby 1.9"
}
],
"detection": [
{
"config/application.rb": true
},
{
"config/environment.rb": true
}
]
},
"java_web": {
"name": "java_web",
"runtimes": [
{
"name": "java",
"version": "1.6.0_24",
"description": "Java 6"
},
{
"name": "java7",
"version": "1.7.0_04",
"description": "Java 7"
}
],
"detection": [
{
"*.war": true
}
]
},
"grails": {
"name": "grails",
"runtimes": [
{
"name": "java",
"version": "1.6.0_24",
"description": "Java 6"
},
{
"name": "java7",
"version": "1.7.0_04",
"description": "Java 7"
}
],
"detection": [
{
"*.war": true
}
]
}
},
"authorization_endpoint": "https://uaa.cf.epam.by"
}
<<<
>>>
REQUEST: GET /login
REQUEST_HEADERS:
accept : application/json
user-agent : Ruby
content-length : 0
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown protocol
For more information, see ~/.vmc/crash
为什么要使用SSL?为什么"authorization_endpoint": "https://uaa.cf.epam.by"使用https而不是http?(http://uaa.cf.epam.by是可用的,但没有https://uaa.cf.epam.by)
注:我在Google Groups中打开这样的讨论https://groups.google.com/a/cloudfoundry.org/forum/#!topic/vcap-dev/OAZcsFiZ3LA%5B1-25-false%5D但在这一刻我什么都没有。谁能帮我弄清楚出了什么问题吗?
当前的cf发布作业具有cloud_controller.yml.erb和UAA的硬编码https URL。这在生产环境中绝对是强制性的,但我可以理解为什么您可能希望在开发环境中更改它。还有其他地方配置或猜测协议,例如在login.yml.erb:
<% if !properties.login || !properties.login.uaa_base
# Fix this to https when SSL certs are working in dev and staging
protocol = (properties.login && properties.login.protocol) ? properties.login.protocol : "http"
uaa_base = "#{protocol}://uaa.#{properties.domain}"
else
uaa_base = properties.login.uaa_base
end %>
您可以修改cloud_controller.yml.erb来做类似的事情并重新部署。
有一个尚未合并的补丁可用于cf-release,以允许仅http的waa端点。也许你可以尝试一下,并在gerrit补丁上发表评论。
http://reviews.cloudfoundry.org//c/13137/