Cert process worked yesterday, but not this morning

hello -

i am trying to put a demo together for our company, which will go a “git install” of cockroach.

here are the commands i ran yesterday:

export ipaddr=$(hostname -I ; dig +short myip.opendns.com @resolver1.opendns.com. ; ) ;

echo ${ipaddr};

cockroach cert create-ca --certs-dir=./path-to-certs-directory --ca-key=./path-to-ca-key/ca-key ;

cockroach cert create-node localhost ${ipaddr} --certs-dir=./path-to-certs-directory --ca-key=./path-to-ca-key/ca-key ;

cockroach cert create-client root --certs-dir=./path-to-certs-directory --ca-key=./path-to-ca-key/ca-key ;

cockroach cert create-client markedwards --certs-dir=./path-to-certs-directory --ca-key=./path-to-ca-key/ca-key ;

cockroach user set markedwards --certs-dir=./path-to-certs-directory --password ; ## prompts for two passwords

this all worked fine yesterday, but this morning i am seeing the following:

Enter password:
Confirm password:
Error: unable to connect or connection lost.

Please check the address and credentials such as certificates (if attempting to
communicate with a secure cluster).

dial tcp [::1]:26257: getsockopt: connection refused
Failed running “user”

could this be because i have requested too many certs? i am using google-console (centos7) and recreating a new environment every time, so the IP numbers will be different each time.

thank you.

I’m not sure what’s happening here. It could be a networking problem in your environment. What version of cockroach are you running?

1 Like

Build Tag: v1.1.6
Build Time: 2018/03/12 17:58:05
Distribution: CCL
Platform: linux amd64
Go Version: go1.8.3
C Compiler: gcc 6.3.0
Build SHA-1: f6b7567d85d54689a7d1b61907336d1bc72b09a4
Build Type: release-gnu

update:

this works in a digitalOcean VPS, but not in the google-cloud. my ip is 104.154.98.150 if that helps. it behaves as if this IP range is being blocked.

If it works in one environment but not another then it might not be a cockroach bug. You may need to verify the addresses you are using to connect to are correct, and that your networking isn’t firewalling the connection. You can also experiment with the --host and --advertise-host flags in cockroach.

1 Like