Archived

This forum has been archived. Please start a new discussion on GitHub.

Exception getReplicaName in Glacier2

Hello,

I'm using Glacier2 to allow access to an IceGrid Registry placed in a private network.

On the side of the registry, I have set the property IceGrid.Registry.SessionManager.Endpoints to enable the IceGrid/SessionManager. On the side of Glacier2 I have defined client and server endpoints, session manager and session timeout, and the IceGrid.Default.Locator.

The registry and the Glacier2 run ok. In fact, I can connect via icegrid-gui with the registry directly. However, when I try to connect via icegrid-gui with a Route session I receive the next exception:
Could not retrieve replica name: Ice.ObjectNotExitsException
id.name = ...
id.category=IceGrid
facet=""
operation=getReplicaName

After checking the logs I have observed that in the first case the registry receives an admin connection. On the other hand, when I connect via Route, the registry receives a client connection (without access to the Ice::Admin facet). I suppose that this is the problem, but I can not figure out how to solve it.

I'm attaching the configuration and log files for both the Registry and the Glacier2.

Best regards,
Miguel Ángel

Registry configuration
#Default Locator
Ice.Default.Locator=IceGrid/Locator:tcp -h guidoarco.mine.nu -p 4061

#Node Configuration
IceGrid.Node.Name=guido
IceGrid.Node.Endpoints=tcp
IceGrid.Node.Data=/var/icegridnode/db/node
IceGrid.Node.Output=/tmp

IceGrid.Node.CollocateRegistry=1

#Registry Configuration
IceGrid.Registry.Client.Endpoints=tcp -h guidoarco.mine.nu -p 4061
IceGrid.Registry.Server.Endpoints=tcp
IceGrid.Registry.Internal.Endpoints=tcp
IceGrid.Registry.Data=/var/icegridnode/db/registry
IceGrid.Registry.AdminPermissionsVerifier=IceGrid/NullPermissionsVerifier
IceGrid.Registry.DefaultTemplates=/usr/share/doc/ice33-services/config/templates.xml

#Glacier Integration
IceGrid.Registry.SessionManager.Endpoints=tcp -h guidoarco.mine.nu -p 4060

#Logs
Ice.Trace.Locator=2
IceGrid.Registry.Trace.Session=2
IceGrid.Registry.Trace.Adapter=1

Glacier configuration
## Public Access
Glacier2.Client.Endpoints=tcp -h guidoarco.mine.nu -p 4063

## Private Network
Glacier2.Server.Endpoints=tcp -h 161.67.38.76

Glacier2.SessionTimeout=60

## Open Access
Glacier2.PermissionsVerifier=Glacier2/NullPermissionsVerifier

## Locator to IceGrid
Ice.Default.Locator=IceGrid/Locator:tcp -h guidoarco.mine.nu -p 4061

## SessionManager
Glacier2.SessionManager=IceGrid/SessionManager
Glacier2.SessionManager.LocatorCacheTimeout=60

# Logs
Ice.Trace.Locator=2
Ice.Warn.Connections=1
Glacier2.Trace.Session=1

Registry Log
06/30/09 11:29:57.659 icegridnode: warning: session manager endpoints 'IceGrid.Registry.SessionManager.Endpoints' enabled (with Glacier2 filters disabled)
[ 06/30/09 11:29:58.201 icegridnode: Locator: searching for object by id
  object = IceGrid/InternalRegistry-Master ]
[ 06/30/09 11:29:58.201 icegridnode: Locator: retrieved endpoints from locator, adding to locator table
  object = IceGrid/InternalRegistry-Master
  endpoints = tcp -h 161.67.38.76 -p 34380 ]
[ 06/30/09 11:30:17.233 icegridnode: Session: client session 'miguel' created ]
[ 06/30/09 11:30:42.224 icegridnode: Session: admin session 'miguel' created ]
[ 06/30/09 11:30:42.232 icegridnode: Session: admin session 'miguel' keep alive ]

Glacier2 Log
[ 06/30/09 11:28:36.719 glacier2router: Locator: searching for object by id
  object = IceGrid/SessionManager ]
[ 06/30/09 11:28:36.721 glacier2router: Locator: retrieved endpoints from locator, adding to locator table
  object = IceGrid/SessionManager
  endpoints = tcp -h guidoarco.mine.nu -p 4060 ]
[ 06/30/09 11:28:59.521 glacier2router: Locator: found endpoints in locator table
  object = IceGrid/SessionManager
  endpoints = tcp -h guidoarco.mine.nu -p 4060 ]
[ 06/30/09 11:28:59.522 glacier2router: Glacier2: created session
  id = miguel
  category = MR5dHG5nwO\'\S;{Wjz!
  local address = 161.67.38.76:4063
  remote address = 161.67.38.76:40318 ]

Comments

  • benoit
    benoit Rennes, France
    Hi,

    If your goal is to keep the IceGrid registry endpoints accessible to the private network, you should make sure to configure the registry endpoints with only internal network interfaces (using the -h <host> option for each of the registry endpoints).

    I believe the reason why it doesn't work is that you're not using the right endpoints for the admin session manager. You should configure IceGrid.Registry.AdminSessionManager.Endpoints instead of IceGrid.Registry.SessionManager.Endpoints if you want to allow administrative access to the IceGrid registry with Glacier2.

    Also you don't need to specify a port for the session or admin session manager endpoints. Finally, I also strongly recommend to use SSL to secure the admin session manager endpoints to ensure that only the Glacier2 router process can access these endpoints (otherwise, any Ice process might access these endpoints and create administrative sessions to your registry).

    See here in the Ice manual for more information on how to secure IceGrid.

    Cheers,
    Benoit.
  • Hi,

    I have replaced the property IceGrid.Registry.SessionManager.Endpoints with IceGrid.Registry.AdminSessionManager.Endpoints, and now everything works.

    Thank you very much for your quickly and precise reply.

    Best regards,
    Miguel Ángel