oh my screen shot was wrong! i didn't even notice. ugh. i'm sorry... 
Learning opportunity for me. Only one unrelated addition to router log.
May 28 12:47:46 openziti entrypoint.bash[3168]: [51864.325] ERROR transport/v2/tls.(*sharedListener).processConn [tls:0.0.0.0:3022]: {remote=[45.141.87.87:64001] error=[tls: first record does not look like a TLS handshake]} handshake failed
:$
Its a linux tunneller if thats what you mean.
Problems show up on the tunneller:
May 28 13:39:42 ThinkPad-T480 ziti-edge-tunnel[146769]: (146769)[ 5584.176] WARN ziti-sdk:connect.c:451 connect_get_net_session_cb() conn[0.18/GQhB76e_/Connecting] failed to get 'Dial' session for service[frontend-openziti.discourse]: NO_EDGE_ROUTERS_AVAILABLE(No edge routers are assigned and online to handle the requested connection)
May 28 13:39:42 ThinkPad-T480 ziti-edge-tunnel[146769]: (146769)[ 5584.176] ERROR tunnel-cbs:ziti_tunnel_cbs.c:103 on_ziti_connect() ziti dial failed: ziti edge router is not available
May 28 13:39:51 ThinkPad-T480 ziti-edge-tunnel[146769]: (146769)[ 5593.307] WARN ziti-sdk:connect.c:451 connect_get_net_session_cb() conn[0.19/ks6v2IfF/Connecting] failed to get 'Dial' session for service[frontend-openziti.discourse]: NO_EDGE_ROUTERS_AVAILABLE(No edge routers are assigned and online to handle the requested connection)
May 28 13:39:51 ThinkPad-T480 ziti-edge-tunnel[146769]: (146769)[ 5593.307] ERROR tunnel-cbs:ziti_tunnel_cbs.c:103 on_ziti_connect() ziti dial failed: ziti edge router is not available
May 28 13:39:52 ThinkPad-T480 ziti-edge-tunnel[146769]: (146769)[ 5593.889] WARN ziti-sdk:connect.c:451 connect_get_net_session_cb() conn[0.20/9kTV1MJ-/Connecting] failed to get 'Dial' session for service[frontend-openziti.discourse]: NO_EDGE_ROUTERS_AVAILABLE(No edge routers are assigned and online to handle the requested connection)
May 28 13:39:52 ThinkPad-T480 ziti-edge-tunnel[146769]: (146769)[ 5593.889] ERROR tunnel-cbs:ziti_tunnel_cbs.c:103 on_ziti_connect() ziti dial failed: ziti edge router is not available
May 28 13:39:52 ThinkPad-T480 ziti-edge-tunnel[146769]: (146769)[ 5594.472] WARN ziti-sdk:connect.c:451 connect_get_net_session_cb() conn[0.21/7gjneoY9/Connecting] failed to get 'Dial' session for service[frontend-openziti.discourse]: NO_EDGE_ROUTERS_AVAILABLE(No edge routers are assigned and online to handle the requested connection)
May 28 13:39:52 ThinkPad-T480 ziti-edge-tunnel[146769]: (146769)[ 5594.472] ERROR tunnel-cbs:ziti_tunnel_cbs.c:103 on_ziti_connect() ziti dial failed: ziti edge router is not available
I'll go back in the log and see if I can find a connection error.
Ok. It could be due to policies too. You can run the ziti CLI to see some hints maybe:
ziti edge policy-advisor identities -q
That will tell you if you have "Common Routers" or not. Should look like this when correct:
OKAY : ozdialer (1) -> fronted-openziti-discourse (1) Common Routers: (1/1) Dial: Y Bind: N
If you see OKAY -- then you have a problem with the tunneler getting to the rotuer via the IP underlay.
If it doesn't say OKAY it'll tell you to adjust the router policies.
Policies it is.
ubuntu@openziti:~$ ziti edge policy-advisor identities -q
ERROR: EdgeRouter (1) -> OpenHAB (0) Common Routers: (0/0) Dial: Y Bind: N
- Service has no edge routers assigned. Adjust service edge router policies.
ERROR: EdgeRouter (1) -> frontend-openziti.discourse (0) Common Routers: (0/0) Dial: N Bind: Y
- Service has no edge routers assigned. Adjust service edge router policies.
ERROR: laptop2_oci (0) -> OpenHAB (0) Common Routers: (0/0) Dial: Y Bind: N
- Identity has no edge routers assigned. Adjust edge router policies.
- Service has no edge routers assigned. Adjust service edge router policies.
ERROR: laptop2_oci (0) -> frontend-openziti.discourse (0) Common Routers: (0/0) Dial: Y Bind: N
- Identity has no edge routers assigned. Adjust edge router policies.
- Service has no edge routers assigned. Adjust service edge router policies.
ERROR: Default Admin (0) -> OpenHAB (0) Common Routers: (0/0) Dial: Y Bind: N
- Identity has no edge routers assigned. Adjust edge router policies.
- Service has no edge routers assigned. Adjust service edge router policies.
ERROR: raspi1_oci (0) -> OpenHAB (0) Common Routers: (0/0) Dial: Y Bind: Y
- Identity has no edge routers assigned. Adjust edge router policies.
- Service has no edge routers assigned. Adjust service edge router policies.
I would recommend you make a "#public" routers -- "#all" identities edge router policy.
And an "#all/#all" service edge router policy if not there:
And then make sure your public edge rotuer has the #public attribute
That worked, at least for my service. The discourse service is still not connecting. I've got other service to create, so will see how that goes. And then connect in my private router - hopefully our previous session with that will get me there.
Thanks again.
1 Like