Rabbitmq installation with default configuration is not working in FIPS enabled OCP cluster #10585
-
Describe the bugWhen the peer discovery mechanism used is rabbit_peer_discovery_k8s . The installation was successful. But when the rabbitmq pods are keep on restarting with the error *2022-11-14 07:42:49.501027+00:00 [error] <0.230.0> Failed to lock with peer discovery backend rabbit_peer_discovery_k8s: "{failed_connect,\n [{to_address,{"kubernetes.default.svc.cluster.local",443}},\n {inet,\n [inet],\n {eoptions,\n {{badarg,\n [ {crypto,evp_generate_key_nif,[x25519,undefined],[]} {file,"ssl_cipher.erl"} {file,"ssl_gen_statem.erl"} {file,"gen_statem.erl"} {file,"tls_connection.erl"} {file,"proc_lib.erl"} {start,2250} And we don't see this issue when we provide the peer discovery mechanism as classic config. We need to know why we are seeing this error, if the peer discovery mechanism is not classic config. Also what is the recommended peer discovery mechanism that should be used for rabbitmq? There are reported problems in RabbitMQ open source to work with a FIPS enabled K8s cluster, when using the peer discovery k8s cluster formation method. The underlying problem is from Erlang, but there is no formal word about how to make this combination work. When can we expect Erlang will gain FIPS mode compatibility ? Reproduction stepsInstall rabbitmq container in FIPS enabled OCP cluster by setting peer discovery mechanism is set to rabbit_peer_discovery_k8s Expected behaviorSuccessful installaton of rabbitmq. Additional contextNo response |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
You've already started a discussion and received an answer: |
Beta Was this translation helpful? Give feedback.
-
@manoj4rabbbitmq please stop repeatedly filing identical issues (that we then move to Discussions) or you will be banned from ever filing a new issue in this org. |
Beta Was this translation helpful? Give feedback.
You've already started a discussion and received an answer:
#10575