Skip to content

Instantly share code, notes, and snippets.

@janeczku

janeczku/agent-register-handshake.sh

Last active January 8, 2021 23:33
Show Gist options
  • Save janeczku/e20e6298462918b0570dda8c66c47f62 to your computer and use it in GitHub Desktop.
Save janeczku/e20e6298462918b0570dda8c66c47f62 to your computer and use it in GitHub Desktop.
Download ZIP
Replay/test the initial registration handshake between Cattle node agent and Rancher server
Raw
agent-register-handshake.sh
#!/bin/bash
# Execute this script in a cattle-node-agent container
# Successful websocket handshake is indicated by following line being printed:
# HTTP/1.1 101 Switching Protocols
TOKEN=$(cat /cattle-credentials/token)
URL="$(cat /cattle-credentials/url)/v3/connect/register"
echo "Using TOKEN: $TOKEN"
echo "Using URL: $URL"
read -r -d '' PARAMS_JSON << EOF
{
"Node": {
"customConfig": {
"address": "8.8.8.8",
"roles": [
],
"labels": [
]
},
"etcd": false,
"controlPlane": false,
"worker": false,
"requestedHostname": "hostname1"
}
}
EOF
echo "Using PARAMS:"
echo "$PARAMS_JSON"
PARAMS_BASE64=$(echo "$PARAMS_JSON" | base64 -w0)
#docker run --net=host appropriate/curl -i -N \
curl -v -i -N --http1.1 \
-H "Connection: Upgrade" \
-H "Upgrade: websocket" \
-H "Sec-WebSocket-Key: SGVsbG8sIHdvcmxkIQ==" \
-H "Sec-WebSocket-Version: 13" \
-H "X-API-Tunnel-Token: $TOKEN" \
-H "X-API-Tunnel-Params: $PARAMS_BASE64" \
-k $URL
@Baykonur
Copy link

Baykonur commented Apr 4, 2019

I guess there is an issue with read parameter -d:

Using TOKEN: v8xgxhkrzxqsnh96t89kp5rx8jndm98rxtn66wgbxq4kslssskrfp8
Using URL: https://luu1754t.internal.epo.org:8443/v3/connect/register
agent-register-handshake.sh: 15: read: Illegal option -d
Using PARAMS:

*   Trying 10.14.1.25...
* TCP_NODELAY set
* Connected to luu1754t.internal.epo.org (10.14.1.25) port 8443 (#0)
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: O=the-ranch; CN=luu1754t.internal.epo.org
*  start date: Apr  4 07:42:06 2019 GMT
*  expire date: Apr  3 07:42:08 2020 GMT
*  issuer: O=the-ranch; CN=cattle-ca
*  SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
> GET /v3/connect/register HTTP/1.1
> Host: luu1754t.internal.epo.org:8443
> User-Agent: curl/7.58.0
> Accept: */*
> Connection: Upgrade
> Upgrade: websocket
> Sec-WebSocket-Key: SGVsbG8sIHdvcmxkIQ==
> Sec-WebSocket-Version: 13
> X-API-Tunnel-Token: v8xgxhkrzxqsnh96t89kp5rx8jndm98rxtn66wgbxq4kslssskrfp8
> X-API-Tunnel-Params: Cg==
>
< HTTP/1.1 200 OK
HTTP/1.1 200 OK
< Date: Thu, 04 Apr 2019 07:59:53 GMT
Date: Thu, 04 Apr 2019 07:59:53 GMT
< Content-Length: 28
Content-Length: 28
< Content-Type: text/plain; charset=utf-8
Content-Type: text/plain; charset=utf-8

<
unexpected end of JSON input* Connection #0 to host luu1754t.internal.epo.org left intact

@janeczku
Copy link
Author

janeczku commented Apr 4, 2019

Fixed formatting error.

@fabiorauber
Copy link

I'm trying to debug an issue in Rancher (rancher/rancher#17617), and found this gist. Would you happen to know the curl equivalent of an agent already registered connecting to rancher?

time="2019-08-08T14:36:05Z" level=info msg="Connecting to wss://rancher.domain/v3/connect with token atoken"
time="2019-08-08T14:36:05Z" level=info msg="Connecting to proxy" url="wss://rancher.domain/v3/connect"
time="2019-08-08T14:36:14Z" level=info msg="Starting plan monitor"
time="2019-08-08T14:36:19Z" level=debug msg="Wrote ping"
time="2019-08-08T14:36:24Z" level=debug msg="Wrote ping"
time="2019-08-08T14:36:24Z" level=error msg="Failed to connect to proxy" error="read tcp machine_ip:59454->rancher_ip:443: i/o timeout"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment