Hello Cyberark secretless broker team. I’m not sure if this is the correct place to ask a question and get support, but going to give it a try. Please be patient with me as I can be a bit long winded.
So I’ve followed different guides and documents and think I have a correct setup. I have a docker image of secretless broker from dockerhub configured and started. The logs say it is listening.
2020/02/04 23:19:53 Secretless v1.5.0-4dfeef3 starting up…
2020/02/04 23:19:53 Initializing health check on :5335…
2020/02/04 23:19:53 Initialization of health check done. You can access the endpoint at
2020/02/04 23:19:53 [WARN] Plugin hashes were not provided - tampering will not be detectable!
2020/02/04 23:19:53 Trying to load ./secretless.yml…
2020/02/04 23:19:53 Configuration file ./secretless.yml loaded
2020/02/04 23:19:53 Registering reload signal listeners…
2020/02/04 23:19:53 [WARN] Starting TCP listener on 0.0.0.0:3306…
2020/02/04 23:19:53 [WARN] Starting TCP listener on 0.0.0.0:1433…
/////////////////// cursor just blinks after 2020/02/04 23:19:53 [WARN] Starting TCP listener on 0.0.0.0:1433… log.
I start two different dockized java spring boot web applications configured to access their respective databases via secretless broker, but both applications have connection errors at startup (connection refused). Both applications connect to their databases without secretless broker, but when I change the data source to localhost to access secretless broker I get connection errors, (spring.datasource.url=jdbc:sqlserver://localhost:1433;databaseName=“name”, and spring.datasource.url=jdbc:mysql://localhost:3306/“tableName”). I suspect that the issue might be with secretless broker but I don’t have any logs on the secretless broker side to start troubleshooting. I get error logs from the applications, but no new logs from secretless broker. I checked logs on webpage https://docs.conjur.org/Latest/en/Content/References/connectors/scl_ServiceConnectors_troubleshooting.htm?TocPath=Fundamentals|Secretless%20Pattern|Service%20Connectors|_____4 and I don’t see any logs that match mine. I also don’t see an example of logs that display a good running version of secretless broker.
What logs should be outputted by secretless broker if secretless broker is running correctly? Do you have any suggestions on where to start looking for the error or what the error might be?
The following are more details on my setup. I have minikube version v1.6.1 running in a VM virtualBox which is on my windows 10 computer. As previously mentioned within minikube, I have two docker containerized java spring boot web applications along with a docker container of secretless broker. The secretless.yml file being used by secretless broker is as follows, (some real data has been removed and replace with generic data placed within " " ):
I am using Conjur OSS as the secrets management tool. Without secretless broker, apps successfully retrieve secrets from Conjur OSS and access their databases.
I also have added the required environment variables to minikube so access to conjur OSS can be made.
Thank you for reading and I look forward to your suggestions.