Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Thanks for using the TrueNAS Community Edition issue tracker! TrueNAS Enterprise users receive direct support for their reports from our support portal.

[SCALE] [Containers] timeout on TLS handshake

Description

When running containers without host-networking, sometimes (50% of the time) with some url's (like https://prometheus-community.github.io ) TLS handshake times out when trying to connect.

A repeatable example:
(Using: kubectl run tmp-shell --rm -i --tty --image nicolaka/netshoot – /bin/bash )

bash-5.1# curl --tls-max 1.2 -vvv https://prometheus-community.github.io/helm-charts/index.yaml

  • Trying 185.199.109.153:443...

  • Connected to prometheus-community.github.io (185.199.109.153) port 443 (#0)

  • ALPN, offering h2

  • ALPN, offering http/1.1

  • successfully set certificate verify locations:

  • CAfile: /etc/ssl/certs/ca-certificates.crt

  • CApath: none

  • TLSv1.2 (OUT), TLS handshake, Client hello (1):


I can confirm this issue on SCALE 21.04ALPHA1

Problem/Justification

None

Impact

None

SmartDraw Connector

Katalon Manual Tests (BETA)

Activity

Show:

Waqar May 4, 2021 at 4:23 AM

Kjeld Schouten-lebbing April 30, 2021 at 2:50 PM

Turning iptables on or off in /etc/docker/daemon.json
Changes nothing

Kjeld Schouten-lebbing April 30, 2021 at 2:37 PM

nslookup results for integrated DNS:
/ # nslookup prometheus-community.github.io
Server: 172.17.0.10
Address: 172.17.0.10:53

Name: prometheus-community.github.io
Address: 185.199.111.153
Name: prometheus-community.github.io
Address: 185.199.108.153
Name: prometheus-community.github.io
Address: 185.199.109.153
Name: prometheus-community.github.io
Address: 185.199.110.153

nslookup results for 1.1.1.1
/ # nslookup prometheus-community.github.io 1.1.1.1
Server: 1.1.1.1
Address: 1.1.1.1:53

Non-authoritative answer:
Name: prometheus-community.github.io
Address: 185.199.109.153
Name: prometheus-community.github.io
Address: 185.199.108.153
Name: prometheus-community.github.io
Address: 185.199.110.153
Name: prometheus-community.github.io
Address: 185.199.111.153

This (basically) excludes DNS issues

Kjeld Schouten-lebbing April 30, 2021 at 2:34 PM

I verified the issue does not exist in the following stock k3s deployments:
v1.18.9
v1.20.5+k3s1

Complete

Details

Assignee

Reporter

Labels

Impact

Medium

Priority

More fields

Katalon Platform

Created April 30, 2021 at 2:28 PM
Updated July 6, 2022 at 8:59 PM
Resolved May 4, 2021 at 2:28 PM