Hi all,
I realize this may transition to a support item, but since the documentation implies this should work, I'll start this way:
I've got a data portal system with two IPs (on one interface) -- one for legacy HTTPS and FTP content, the other for GCS5.
Everything is containerized (contained?), and the HTTPS container is only listening on its IP. The gcs5 is inside a rocky linux 9.2 container.
I setup the node like so:
podman create -t --name gcs5 --cap-add=SYS_ADMIN --cap-add=SYS_PTRACE --cap-add=NET_RAW --cap-add=NET_ADMIN --cap-add=AUDIT_WRITE \
--net=bridge -v /sys/fs/cgroup:/sys/fs/cgroup:ro \
.... blah blah blat blah ....
globus-connect-server node setup --data-interface 140.208.31.32 --ip-address 140.208.31.32 \
... etc etc etc ...
and the processes do start, but there's nobody listening on :443. Relevant section of the gcs self-diagnostic are:
globus-connect-server --version
globus-connect-server, package 5.4.65, cli 1.0.44
== diagnostic: globus-gridftp-server --version ==
globus_connect_gridftp_server: 15.100 (1686146736-86)
== diagnostic: func:get_info_uri() ==
https://f4efe4.8540.data.globus.org/api/info
== diagnostic: func:resolve_nodes() ==
Domain
f4efe4.8540.data.globus.org resolves to 140.208.31.32
== diagnostic: func:contact_info_uri() ==
Error accessing GCS Manager at
140.208.31.32: HTTPSConnectionPool(host='140.208.31.32', port=443): Max retries exceeded with url: /api/info (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7f1575b56e50>: Failed to establish a new connection: [Errno 111] Connection refused'))
If I leave the HTTPS container off, the GCS5 container will start, but the http squats on *:443 which prevents the HTTPS container from starting.
I started tinkering with the (generated) gcs5 apache configs but didn't get anywhere.
Ideas?
thanks,
--Chan
Chan Wilson SAIC for NOAA GFDL Toolsmith
General Specialist, Info Tech RDHPCS Security
chandin...@noaa.gov +1-608-216-5689