What is the correct broker URL to use in a Terraform configuration for connecting to a Message VPN
While running GitLab CICD pipeline using terraform for message VPN below configuration get used for solace provider
# Configure the provider
provider "solacebroker"
{
username = var.broker_username
password = var.broker_password
url = var.broker_url
}
What is the correct URL is it
PORT 943
Message VPN https://mr-connection-XXXXXXXX.messaging.solace.cloud:943/
or
REST API URL Port 9443
https://mr-connection-XXXXXXXXX.messaging.solace.cloud:9443
As per my knowledge it should be with port 943
Answers
-
Hi @swapnil_mahajan,
Assuming you are using the default ports then yes, 943 is what you are using. Since you're using Solace Cloud it's the SEMP URL you should be using which can be found under the "Manage" tab in your Messaging Service.
Hope that helps!
0 -
Hey @marc ,
You mean to use full URL-
https://mr-connection-XXXXXXXXXXXXX.messaging.solace.cloud:943/SEMP/v2/config
Current port 943 URL default one is not working. Pipeline run timeout issue I am facing. You are already present on question-Gitlab: Terraform script timeout.
Do you feel any link between both? 🤔
0 -
Unfortunately The full URL from SEMP REST API also giving same kind of timeout error
2098│ Error: Broker check failed2099│ 2100│ with solacebroker_msg_vpn_client_username.test_solace-cloud-client,2101│ on main.tf line 111, in resource "solacebroker_msg_vpn_client_username" "test_solace-cloud-client":2102│ 111: resource "solacebroker_msg_vpn_client_username" "test_solace-cloud-client" {2103│ 2104│ context deadline exceeded (Client.Timeout exceeded while awaiting headers)
0 -
Do you feel any link between both? 🤔
yes, it seems like these are both the same issue. For some reason you just don't seem to be able to connect to the broker. I see @Balazs is helping you on the other discussion so I imagine once that is resolved it will also be fixed here.
In addition I have opened an issue on the github repo to make sure the proper URL is clear in the docs to avoid this problem in the future:
0 -
So @swapnil_mahajan , the URL you should try is
https://mr-connection-XXXXXXXXXXXXX.messaging.solace.cloud:943To verify, this URL shall bring you to the Web Manager login page if you paste it into a browser.
1 -
Hey @Balazs Yes I am already using below URL. But I am facing Timeout issue.
https://mr-connection-XXXXXXXXXXXXX.messaging.solace.cloud:9430 -
Here are the analysis from my internal expertise for Gitlab CICD pipeline
- Verify how Solace provider exposes their system into the internet.
- I am using the shared runners in the Gitlab pipeline, and that DNS
mr-connection-xxxxxxxx.messaging.solace.cloudis not resolvable. - You might be in some dedicated network where this is setup for you.
0 -
Hi @swapnil_mahajan , the analysis is correct, either the GitLab runner has limited external connection and its DNS services are restricted to an internal network or the Solace PubSub+ test broker is not publicly accessible.
Can you verify if you can access the broker SEMP service (Web Manager login page) from your local computer (assuming it has no restriction to this internet address)? I expect this Solace Cloud address is public:
https://mr-connection-XXXXXXXXXXXXX.messaging.solace.cloud:9430 -
@Balazs Yes I am able to connect with
https://mr-connection-XXXXXXXXXXXXX.messaging.solace.cloud:943
Yes Solace Event Broker Instance do have Hybrid Connectivity. Generally I click on Message VPN and Redirect to Web Portal Manager.
Even with pasting Web Portal Manager URL in browser and login with credentials also takes me to Portal. I am not sure what you are checking with this 🤔
0 -
Hi @swapnil_mahajan , I don't know how the GitLab runner is configured. It will only work if it is able to reach the broker SEMP service.
The goal of the prev test was to verify that the SEMP service is at least up and reachable somehow. Now the next step is to check if it is reachable from your GitLab runner. To test that, add this script before the Terraform test job and try to run it:
curl https://mr-connection-xxxxxxxxxxxxx.messaging.solace.cloud:943/where the URL is the same that worked for you in the prev step.
If it fails (seems expected) then you would need to configure the GitLab runner to be able to reach this domain. The Terraform test will fail as long as this test fails.
0 -
Hi @Balazs
I added below stage in my yml file
test:stage: testimage: $TF_IMAGEscript:- echo "Broker URL test"- curl https://mr-connection-xxxxxxxxxxxxxxx.messaging.solace.cloud:943- echo "content"- exit 0I see Job succeeded with below message-
% Total % Received % Xferd Average Speed Time Time Time Current25 Dload Upload Total Spent Left Speed26100 1457 100 1457 0 0 12212 0 --:--:-- --:--:-- --:--:-- 12347
I am attaching log file for more details.
Still pipeline is running. I will post the result of apply stage(which was timeout in all previous runs)
0 -
Hi @swapnil_mahajan, any chance the runner is using an http proxy or some other indirect way to reach the broker?
0 -
Hi @Balazs Yes. Below variables I am using in YML file for http proxy
variables:TF_STATE_NAME: defaultTF_CACHE_KEY: defaultTF_ROOT: terraformhttp_proxy: $CODE_PROXYhttps_proxy: $CODE_PROXYno_proxy: $CODE_NO_PROXYHTTP_PROXY: $http_proxyHTTPS_PROXY: $http_proxyNO_PROXY: $no_proxy0 -
``Hi @Balazs Did you get a chance to look into the issue.
0 -
0
-
Hi @swapnil_mahajan , the next provider release is planned to include support for http proxy, will update when we know the date.
0 -
Thanks @Balazs I will wait for the update.
0 -
@Balazs Any updates for provider release which includes support for http proxy.
0 -
@Balazs Any updates on provide release.
0 -
Any updates for provider release which includes support for http proxy.
0
