问题描述
我可以使用以下命令成功验证自己的身份。
~ boundary authenticate password -login-name=jeff -password=foofoofoo -auth-method-id=ampw_5Aiqy1zvF5
Authentication information:
Account ID: apw_nDkJsApfym
Auth Method ID: ampw_5Aiqy1zvF5
Expiration Time: Wed,10 Mar 2021 14:49:42 JST
Token:
at_p0itAjmn67_s12TzikoWGGZfA4vtNy17Za2jqYPhntRZgSt6fV1daQYReBR5Vmz52jFa5mZdy6kDmmkRerGngNK2RBpyUeuzcGoBTF7YiUohcmyRdngWdRbdT
User ID: u_mPihJkaNsc
但是,当我尝试使用 boundary connect ssh -target-id ttcp_bNARIi1qIZ
连接到目标实例时,出现以下错误。
Error dialing the worker: Failed to WebSocket dial: Failed to send handshake request: Get "https://boundary.dev.mydomain.cloud:9202/v1/proxy": dial tcp 10.0.16.28:9202: connect: operation timed out
kex_exchange_identification: read: Connection reset by peer
What should I check to handle this problem?
我的controller.hcl
如下。
disable_mlock = true
controller {
name = "kubernetes-controller"
description = "A controller for a kubernetes demo!"
database {
url = "env://BOUNDARY_PG_URL"
}
public_cluster_addr = "boundary.boundary.svc.cluster.local:9201"
}
listener "tcp" {
address = "0.0.0.0"
purpose = "api"
tls_disable = true
}
listener "tcp" {
address = "0.0.0.0"
purpose = "cluster"
tls_disable = true
}
kms "aead" {
purpose = "root"
aead_type = "aes-gcm"
key = "sP1fnF5Xz85RrXyELHFeZg9Ad2qt4Z4bgNHVGtD6ung="
key_id = "global_root"
}
kms "aead" {
purpose = "worker-auth"
aead_type = "aes-gcm"
key = "8fZBjCUfN0TzjEGLQldGY4+iE9AkOvCfjh7+p0GtRBQ="
key_id = "global_worker-auth"
}
kms "aead" {
purpose = "recovery"
aead_type = "aes-gcm"
key = "8fZBjCUfN0TzjEGLQldGY4+iE9AkOvCfjh7+p0GtRBQ="
key_id = "global_recovery"
}
我的worker.hcl
如下。
disable_mlock = true
worker {
# Name should be unique across workers
name = "kubernetes-boundary-worker"
description = "Boundary worker running in k8s"
controllers = ["boundary.boundary.svc.cluster.local:9201"]
public_addr = "boundary.dev.mydomain.cloud"
}
listener "tcp" {
address = "0.0.0.0"
purpose = "proxy"
tls_disable = true
}
kms "aead" {
purpose = "root"
aead_type = "aes-gcm"
key = "sP1fnF5Xz85RrXyELHFeZg9Ad2qt4Z4bgNHVGtD6ung="
key_id = "global_root"
}
kms "aead" {
purpose = "worker-auth"
aead_type = "aes-gcm"
key = "8fZBjCUfN0TzjEGLQldGY4+iE9AkOvCfjh7+p0GtRBQ="
key_id = "global_worker-auth"
}
kms "aead" {
purpose = "recovery"
aead_type = "aes-gcm"
key = "8fZBjCUfN0TzjEGLQldGY4+iE9AkOvCfjh7+p0GtRBQ="
key_id = "global_recovery"
}
有关其他信息,我使用 kubernetes 作为 istio。我使用一种部署在不同的容器上分别部署了工作线程和控制器。如果我应该提供其他信息,请随时询问。谢谢。
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)