🎄 Happy Holidays! 🥳
Most of Solace is closed December 24–January 1 so our employees can spend time with their families. We will re-open Thursday, January 2, 2024. Please expect slower response times during this period and open a support ticket for anything needing immediate assistance.
Happy Holidays!
Please note: most of Solace is closed December 25–January 2, and will re-open Tuesday, January 3, 2023.
Distributed Tracing: ACCESS ERROR (amqp:unauthorized-access)
Hi,
I'm testing the new dsitributed tracing feature, so I deployed a local stack with Docker:
- solace/solace-pubsub-standard:10.2.1.32
- otel/opentelemetry-collector-contrib:0.67.0
- jaegertracing/all-in-one
I setup the telemetry over the UI and are using the "Try me" to send message, i find them in my Queue and also in the tracing queue.
but I have an error message on OpenTelemetry-collector :
2022-12-21T15:05:54.103Z debug solacereceiver@v0.67.0/messaging_service.go:125 Dialing AMQP {"kind": "receiver", "name": "solace", "pipeline": "traces", "addr": "amqp://solace:5672"} 2022-12-21T15:05:54.110Z debug solacereceiver@v0.67.0/messaging_service.go:131 Creating new AMQP Session {"kind": "receiver", "name": "solace", "pipeline": "traces"} 2022-12-21T15:05:54.111Z debug solacereceiver@v0.67.0/messaging_service.go:137 Creating new AMQP Receive Link {"kind": "receiver", "name": "solace", "pipeline": "traces", "source": "queue://#telemetry-tracing"} 2022-12-21T15:05:54.113Z debug solacereceiver@v0.67.0/messaging_service.go:144 Create AMQP Receiver Link failure {"kind": "receiver", "name": "solace", "pipeline": "traces", "error": "*Error{Condition: amqp:unauthorized-access, Description: SMF AD bind response error, Info: map[solace.response_code:403 solace.response_text:Permission Not Allowed]}"} 2022-12-21T15:05:54.113Z debug solacereceiver@v0.67.0/receiver.go:155 Encountered error while connecting messaging service {"kind": "receiver", "name": "solace", "pipeline": "traces", "error": "*Error{Condition: amqp:unauthorized-access, Description: SMF AD bind response error, Info: map[solace.response_code:403 solace.response_text:Permission Not Allowed]}"} 2022-12-21T15:05:54.113Z debug solacereceiver@v0.67.0/messaging_service.go:159 Closing AMQP Session {"kind": "receiver", "name": "solace", "pipeline": "traces"} 2022-12-21T15:05:54.113Z debug solacereceiver@v0.67.0/messaging_service.go:166 Closing AMQP Client {"kind": "receiver", "name": "solace", "pipeline": "traces"}
I created a new client_username and gave it client_profile and ACL which are already created with UI.
I think the problem comes from the configuration of the queue, it has no owner and also Non-Owner Permission contains "No Access"
Any idea please ?
Thanks in advance. Kind regards,
Badr.
Comments
-
Hey @badr - A couple of things that you can look into:
- Can you please confirm if the telemetry profile enabled? You can check this by going to the Settings tab in your
tracing_profile
profile and making sure that both Trace and Receiver are enabled - In your created telemetry profile (
tracing_profile
) under theReceiver Connect ACLs
tab, make sure that the Client Connect Default Action is set to Allow - Under Access Control --> Client Username, make sure you have a client username and a password that matches what you have in your otel config file (
otel-collector-config.yaml
) in the solace receiver section
solace: broker: [solbroker:5672] max_unacknowledged: 500 auth: sasl_plain: username: <username> password: <password> queue: queue://#telemetry-trace tls: insecure: true insecure_skip_verify: true
- Make sure that profile that you created is Enabled. If you click on the created username, make sure the Enabled section is toggled on
- Make sure the client_profile and adn the acl_profile of that username is set to
#telemetry-tracing_profile
Note that the No Access just simply means that anyone who is not the queue owner cannot interact with the queue (e.g. bind, add subscriptions, SMF delete). You can read more about it under the Configuring Queue section in the docs
Let me know if you still face the same issue after checking all these and we can look into it
Also, I have edited your question to reformat the code block of your logs ;)
0 - Can you please confirm if the telemetry profile enabled? You can check this by going to the Settings tab in your
-
Hi @Tamimi,
Thanks for your response, Here are my answers to your questions :
- Can you please confirm if the telemetry profile enabled? You can check this by going to the Settings tab in your
tracing_profile
profile and making sure that both Trace and Receiver are enabled ? YES, i confirms that telemetry profile is activated - In your created telemetry profile (
tracing_profile
) under theReceiver Connect ACLs
tab, make sure that the Client Connect Default Action is set to Allow ? YES,I set the value to ALLOW - Under Access Control --> Client Username, make sure you have a client username and a password that matches what you have in your otel config file (
otel-collector-config.yaml
) in the solace receiver section? YES, I put the right client_username with the right password on the OTEL configuration - Make sure that profile that you created is Enabled. If you click on the created username, make sure the Enabled section is toggled on? the profile is created when I activated the telemetry, on my side I created a new client_username and I gave him the PROFILE and ACL generated by telemetry
- Make sure the client_profile and adn the acl_profile of that username is set to
#telemetry-tracing_profile? i confirme.
I still have the authorization error.
Best Regards.
Badr.
0 - Can you please confirm if the telemetry profile enabled? You can check this by going to the Settings tab in your
-
Hey @badr!
It looks like the receiver is trying to connect to the wrong queue. From the logs, the Solace Receiver on the OpenTelemetry Collector is trying to connect to the queue
#telemetry-tracing
whereas in your screenshots the queue name is actually#telemetry-tracing_profile
. Can you try changing the queue name in the OpenTelemetry config to match the queue name#telemetry-tracing_profile
?0