我们正在从云上的一个预生产平台迁移到另一台服务器。我们已经成功迁移了所有内容,但是Orion Context Broker的订阅发生了一些奇怪的事情,因为我们的Orion实例成功地通知了不同的端点,而不是来自我们平台的端点。
两个订阅都是从同一个实例完成并实现HTTPS,并且安全组的配置相同。 Orion上下文代理日志不会显示有关内部正在执行的cURL请求所发生情况的任何有用信息。
以下是此Orion正确订阅的示例:
time=Tuesday 14 Nov 12:54:03 2017.102Z | lvl=INFO | corr=e42533b2-c93a-11e7-b333-0242ac110003 | trans=1510663280-019-00000000009 | from=pending | srv=pending | subsrv=pending | comp=Orion | op=logMsg.h[1832]:lmTransactionStart | msg=Starting transaction from 54.194.53.34:48920/v1/updateContext
time=Tuesday 14 Nov 12:54:03 2017.102Z | lvl=INFO | corr=e42533b2-c93a-11e7-b333-0242ac110003 | trans=1510663280-019-00000000009 | from=54.194.53.34 | srv=pending | subsrv=/howto | comp=Orion | op=rest.cpp[882]:servicePathSplit | msg=Service Path 0: '/howto'
time=Tuesday 14 Nov 12:54:03 2017.103Z | lvl=INFO | corr=e42533b2-c93a-11e7-b333-0242ac110003 | trans=1510663280-019-00000000009 | from=54.194.53.34 | srv=howtoservice | subsrv=/howto | comp=Orion | op=connectionOperations.cpp[92]:collectionQuery | msg=Database Operation Successful (query: { _id.id: "M1111", _id.type: "Thing", _id.servicePath: { $in: [ /^/howto$/ ] } })
time=Tuesday 14 Nov 12:54:03 2017.104Z | lvl=INFO | corr=e42533b2-c93a-11e7-b333-0242ac110003 | trans=1510663280-019-00000000009 | from=54.194.53.34 | srv=howtoservice | subsrv=/howto | comp=Orion | op=connectionOperations.cpp[447]:collectionUpdate | msg=Database Operation Successful (update: <{ _id.id: "M1111", _id.type: "Thing", _id.servicePath: { $in: [ /^/howto$/ ] } }, { $set: { attrs.local: { value: "1.1.1.1,50", type: "string", md: { TimeInstant: { type: "ISO8601", value: "2017-11-14T12:54:03.090Z" } }, mdNames: [ "TimeInstant" ], creDate: 1510662361, modDate: 1510664043 }, attrs.serial_number: { value: "M1111", type: "string", md: { TimeInstant: { type: "ISO8601", value: "2017-11-14T12:54:03.090Z" } }, mdNames: [ "TimeInstant" ], creDate: 1510662361, modDate: 1510664043 }, attrs.TimeInstant: { value: "2017-11-14T12:54:03.090Z", type: "ISO8601", mdNames: [], creDate: 1510662361, modDate: 1510664043 }, modDate: 1510664043, lastCorrelator: "e42533b2-c93a-11e7-b333-0242ac110003" }, $unset: { location: 1 } }>)
time=Tuesday 14 Nov 12:54:03 2017.104Z | lvl=INFO | corr=e42533b2-c93a-11e7-b333-0242ac110003 | trans=1510663280-019-00000000009 | from=54.194.53.34 | srv=howtoservice | subsrv=/howto | comp=Orion | op=logMsg.h[1916]:lmTransactionEnd | msg=Transaction ended
time=Tuesday 14 Nov 12:54:03 2017.105Z | lvl=INFO | corr=N/A | trans=1510663280-019-00000000010 | from=pending | srv=pending | subsrv=pending | comp=Orion | op=logMsg.h[1832]:lmTransactionStart | msg=Starting transaction to https://visualfy.secmotic.com:443/api/v1/devices/orion/local
time=Tuesday 14 Nov 12:54:03 2017.105Z | lvl=INFO | corr=N/A | trans=1510663280-019-00000000010 | from=pending | srv=pending | subsrv=pending | comp=Orion | op=httpRequestSend.cpp[599]:httpRequestSendWithCurl | msg=Sending message 2 to HTTP server: sending message of 540 bytes to HTTP server
time=Tuesday 14 Nov 12:54:03 2017.238Z | lvl=INFO | corr=N/A | trans=1510663280-019-00000000010 | from=pending | srv=pending | subsrv=pending | comp=Orion | op=httpRequestSend.cpp[620]:httpRequestSendWithCurl | msg=Notification Successfully Sent to https://visualfy.secmotic.com:443/api/v1/devices/orion/local
time=Tuesday 14 Nov 12:54:03 2017.239Z | lvl=INFO | corr=N/A | trans=1510663280-019-00000000010 | from=pending | srv=pending | subsrv=pending | comp=Orion | op=logMsg.h[1916]:lmTransactionEnd | msg=Transaction ended
以下是失败通知的示例。
time=Tuesday 14 Nov 12:55:13 2017.809Z | lvl=INFO | corr=0e4a4e20-c93b-11e7-957f-0242ac110003 | trans=1510663280-019-00000000012 | from=pending | srv=pending | subsrv=pending | comp=Orion | op=logMsg.h[1832]:lmTransactionStart | msg=Starting transaction from 54.194.53.34:48922/v1/updateContext
time=Tuesday 14 Nov 12:55:13 2017.810Z | lvl=INFO | corr=0e4a4e20-c93b-11e7-957f-0242ac110003 | trans=1510663280-019-00000000012 | from=54.194.53.34 | srv=pending | subsrv=/howto | comp=Orion | op=rest.cpp[882]:servicePathSplit | msg=Service Path 0: '/howto'
time=Tuesday 14 Nov 12:55:13 2017.810Z | lvl=INFO | corr=0e4a4e20-c93b-11e7-957f-0242ac110003 | trans=1510663280-019-00000000012 | from=54.194.53.34 | srv=howtoservice | subsrv=/howto | comp=Orion | op=connectionOperations.cpp[92]:collectionQuery | msg=Database Operation Successful (query: { _id.id: "M1111", _id.type: "Thing", _id.servicePath: { $in: [ /^/howto$/ ] } })
time=Tuesday 14 Nov 12:55:13 2017.811Z | lvl=INFO | corr=0e4a4e20-c93b-11e7-957f-0242ac110003 | trans=1510663280-019-00000000012 | from=54.194.53.34 | srv=howtoservice | subsrv=/howto | comp=Orion | op=connectionOperations.cpp[447]:collectionUpdate | msg=Database Operation Successful (update: <{ _id.id: "M1111", _id.type: "Thing", _id.servicePath: { $in: [ /^/howto$/ ] } }, { $set: { attrs.local: { value: "1.1.1.1,50", type: "string", md: { TimeInstant: { type: "ISO8601", value: "2017-11-14T12:55:13.800Z" } }, mdNames: [ "TimeInstant" ], creDate: 1510662361, modDate: 1510664113 }, attrs.serial_number: { value: "M1111", type: "string", md: { TimeInstant: { type: "ISO8601", value: "2017-11-14T12:55:13.800Z" } }, mdNames: [ "TimeInstant" ], creDate: 1510662361, modDate: 1510664113 }, attrs.TimeInstant: { value: "2017-11-14T12:55:13.800Z", type: "ISO8601", mdNames: [], creDate: 1510662361, modDate: 1510664113 }, modDate: 1510664113, lastCorrelator: "0e4a4e20-c93b-11e7-957f-0242ac110003" }, $unset: { location: 1 } }>)
time=Tuesday 14 Nov 12:55:13 2017.812Z | lvl=INFO | corr=0e4a4e20-c93b-11e7-957f-0242ac110003 | trans=1510663280-019-00000000012 | from=54.194.53.34 | srv=howtoservice | subsrv=/howto | comp=Orion | op=logMsg.h[1916]:lmTransactionEnd | msg=Transaction ended
time=Tuesday 14 Nov 12:55:13 2017.812Z | lvl=INFO | corr=N/A | trans=1510663280-019-00000000013 | from=pending | srv=pending | subsrv=pending | comp=Orion | op=logMsg.h[1832]:lmTransactionStart | msg=Starting transaction to https://iot.visualfy.com:443/api/v1/devices/orion/local
time=Tuesday 14 Nov 12:55:13 2017.812Z | lvl=INFO | corr=N/A | trans=1510663280-019-00000000013 | from=pending | srv=pending | subsrv=pending | comp=Orion | op=httpRequestSend.cpp[599]:httpRequestSendWithCurl | msg=Sending message 3 to HTTP server: sending message of 535 bytes to HTTP server
time=Tuesday 14 Nov 12:55:13 2017.891Z | lvl=INFO | corr=N/A | trans=1510663280-019-00000000013 | from=pending | srv=pending | subsrv=pending | comp=Orion | op=logMsg.h[1916]:lmTransactionEnd | msg=Transaction ended
订阅与更改为端点的http属性相同。
任何帮助都将不胜感激,如果您需要进一步的信息,请不要犹豫。
更新1
在关闭443端口中的进程并添加侦听器之后,执行类似:nc -l 443
的netcat会导致通知到达具有不可读数据流的netcat。
orion上下文代理日志显示了一些有趣的信息:
time=Friday 17 Nov 11:05:56 2017.587Z | lvl=INFO | corr=N/A | trans=1510663280-019-00000000090 | from=pending | srv=pending | subsrv=pending | comp=Orion | op=logMsg.h[1832]:lmTransactionStart | msg=Starting transaction to https://34.240.0.113:443/api/v1/devices/orion/local
time=Friday 17 Nov 11:05:56 2017.587Z | lvl=INFO | corr=N/A | trans=1510663280-019-00000000090 | from=pending | srv=pending | subsrv=pending | comp=Orion | op=httpRequestSend.cpp[599]:httpRequestSendWithCurl | msg=Sending message 22 to HTTP server: sending message of 531 bytes to HTTP server
time=Friday 17 Nov 11:06:04 2017.153Z | lvl=INFO | corr=4da159ee-cb87-11e7-97f4-0242ac110003 | trans=1510663280-019-00000000091 | from=pending | srv=pending | subsrv=pending | comp=Orion | op=logMsg.h[1832]:lmTransactionStart | msg=Starting transaction from 37.11.95.120:60933/v2/subscriptions
time=Friday 17 Nov 11:06:04 2017.154Z | lvl=INFO | corr=4da159ee-cb87-11e7-97f4-0242ac110003 | trans=1510663280-019-00000000091 | from=37.11.95.120 | srv=pending | subsrv=/howto | comp=Orion | op=rest.cpp[882]:servicePathSplit | msg=Service Path 0: '/howto'
time=Friday 17 Nov 11:06:04 2017.154Z | lvl=INFO | corr=4da159ee-cb87-11e7-97f4-0242ac110003 | trans=1510663280-019-00000000091 | from=37.11.95.120 | srv=howtoservice | subsrv=/howto | comp=Orion | op=connectionOperations.cpp[175]:collectionRangedQuery | msg=Database Operation Successful (query: { query: { servicePath: "/howto" }, orderby: { _id: 1 } })
time=Friday 17 Nov 11:06:04 2017.155Z | lvl=INFO | corr=4da159ee-cb87-11e7-97f4-0242ac110003 | trans=1510663280-019-00000000091 | from=37.11.95.120 | srv=howtoservice | subsrv=/howto | comp=Orion | op=logMsg.h[1916]:lmTransactionEnd | msg=Transaction ended
time=Friday 17 Nov 11:06:04 2017.556Z | lvl=WARN | corr=N/A | trans=1510663280-019-00000000090 | from=pending | srv=pending | subsrv=pending | comp=Orion | op=AlarmManager.cpp[328]:notificationError | msg=Raising alarm NotificationError https://34.240.0.113:443/api/v1/devices/orion/local: (curl_easy_perform failed: SSL connect error)
与失败的通知相同,而不是结束OK的通知。
当通知到达netcat时,与正在工作的服务相同的进程有更多字符通知。换句话说,这是我在没有正确接收通知的netcat中收到的内容:
HD?#
?\?s???s0?^0M
c1\6?QSb?J3298/5
?
这就是我在接收通知的netcat中收到的内容:
?_????=?)>B??w??{?d?O?އ?$V? ?bG??B?>?????
????O???[06?gZZ̨̩?+?/?,?0????/5
? ?&???ualfy.secmotic.com#?ۻ????f??s??? ir????b???;?!~?"-$?}?G?A?Ӎ8????ؽV???%2ߨ??B&?
?Wr?n?<=T?h?A{R?Ϛ?y??'L1??1??????w"m?kY?oKl??5??%'?["?X9??h?f?`???Hj?%mZ?{???I?ʤx??v???m??H?9?????Ƥf%
hhttp/1.1uP
????@^C
更新2 现在很清楚,它是带有通知的HTTPS错误。 我已经进入了Orion Context Broker所在的docker容器,并尝试对HTTPS域执行curl,具有以下输出:
* About to connect() to iot.visualfy.com port 443 (#0)
* Trying 34.240.0.113... connected
* Connected to iot.visualfy.com (34.240.0.113) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* NSS error -5961
* Closing connection #0
* SSL connect error
curl: (35) SSL connect error
我实际上尝试使用-insecureNotif选项配置Orion,但结果是相同的。
答案 0 :(得分:1)
最后,我在这个新场景中找到了解决方案:yum update
。容器未更新,与我启动的图像相同。执行更新后,它安装了新的CA证书,将letsencrypt识别为有效的证书授权。非常感谢您的支持@fgalan