Harness + Harness CLI + Auth Server Installation for Production
98 views
Skip to first unread message
Thanasis Karpouzis
Mar 10, 2021, 1:10:49 PM3/10/21
to actionml-user
Hi,
I would like to migrate from predictionio to harness as suggested by Pat some months ago. However, I am facing some problems setting up the full system stack for production and more specifically the harness auth server.
I followed the steps described in: https://actionml.com/docs/harness_native_guide and i managed to install harness successfully.
I cloned the master branches for harness, harness-cli and auth server. I am using local build for everything since docker or any container is not an option for me.
Regarding auth server, I read the guide in https://actionml.com/docs/harness_security and https://github.com/actionml/harness-auth-server but it unclear for me what I have to do in order to be able to create a user using the hctl. When i try to add an admin user i receive the following error:
$ harness-cli user-add admin
Error creating new user
There was an internal server error.
I checked the error log in: ~/harness/rest-server/Harness-0.6.1/logs/harness.log and I found the following error:
ERROR ActorSystemImpl - Error during processing of request: 'Authentication failed'. Completing with 500 Internal Server Error response. To change default exception handling behavior, provide a custom ExceptionHandler.
com.actionml.authserver.AuthenticationFailedException: Authentication failed
at com.actionml.authserver.services.AuthServerProxyServiceImpl$$anonfun$proxyAuthRequest$1.applyOrElse(AuthServerProxyService.scala:48)
at com.actionml.authserver.services.AuthServerProxyServiceImpl$$anonfun$proxyAuthRequest$1.applyOrElse(AuthServerProxyService.scala:46)
at scala.concurrent.Future$$anonfun$recoverWith$1.apply(Future.scala:346)
at scala.concurrent.Future$$anonfun$recoverWith$1.apply(Future.scala:345)
at scala.concurrent.impl.CallbackRunnable.run(Promise.scala:36)
at akka.dispatch.BatchingExecutor$AbstractBatch.processBatch(BatchingExecutor.scala:55)
at akka.dispatch.BatchingExecutor$BlockableBatch$$anonfun$run$1.apply$mcV$sp(BatchingExecutor.scala:91)
at akka.dispatch.BatchingExecutor$BlockableBatch$$anonfun$run$1.apply(BatchingExecutor.scala:91)
at akka.dispatch.BatchingExecutor$BlockableBatch$$anonfun$run$1.apply(BatchingExecutor.scala:91)
at scala.concurrent.BlockContext$.withBlockContext(BlockContext.scala:72)
at akka.dispatch.BatchingExecutor$BlockableBatch.run(BatchingExecutor.scala:90)
at akka.dispatch.TaskInvocation.run(AbstractDispatcher.scala:39)
at akka.dispatch.ForkJoinExecutorConfigurator$AkkaForkJoinTask.exec(AbstractDispatcher.scala:415)
at scala.concurrent.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260)
at scala.concurrent.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339)
at scala.concurrent.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979)
at scala.concurrent.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107)
Caused by: akka.stream.StreamTcpException: Tcp command [Connect(localhost:9099,None,List(),Some(10 seconds),true)] failed because of Connection refused
I haven't setup SSL yet. The harness, harness-cli and auth server configurations are the default. What I understand from the tutorials is that it should be possible to add users using the CLI locally without having to change any configuration (any env file).
Harness is running:
Harness CLI v settings
==================================================================
HARNESS_CLI_HOME ............... /home/aml/harness-cli/harness-cli
HARNESS_CLI_SSL_ENABLED .................................... false
HARNESS_CLI_AUTH_ENABLED ................................... false
HARNESS_SERVER_ADDRESS ................................. localhost
HARNESS_SERVER_PORT ......................................... 9090
==================================================================
Harness Server status: OK
Harness server and system info:
{
"buildVersion": "0.6.1",
"elasticsearchURI": "http://localhost:9200",
"gitBranch": "No git branch (BRANCH) detected in env.",
"gitHash": "No git short commit number (GIT_HASH) detected in env.",
"harnessURI": "http://localhost:9090",
"mongoURI": "mongodb://localhost:27017"
}
Any help would be much appreciated.
Thanks
Pat Ferrel
Mar 11, 2021, 3:37:18 PM3/11/21
to Thanasis Karpouzis, actionml-user
There is generally no need to use the Auth server unless you are using an unsecured network to communicate from your appserver to Harness. If you are using a secure LAN or VPN you probably don’t need it.
If you do need the Auth server, you’ll also need a cert for your servers to get 2-way encryption and you’ll need to create an admin user, which is the only user-role that can create other users. This is probably why you got an error.
--
You received this message because you are subscribed to the Google Groups "actionml-user" group.
To unsubscribe from this group and stop receiving emails from it, send an email to actionml-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/actionml-user/86ecb2a2-88f1-42b7-a26e-72ab50649eben%40googlegroups.com.
You received this message because you are subscribed to the Google Groups "actionml-user" group.
To unsubscribe from this group and stop receiving emails from it, send an email to actionml-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/actionml-user/86ecb2a2-88f1-42b7-a26e-72ab50649eben%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages