Pivotal Knowledge Base

Follow

Correcting Errors Created by Incorrect Hostname in Director Hostname Field

Environment

  • Pivotal Cloud Foundry (PCF) Operations Manager all versions
  • Secure Service Instance Credentials for Pivotal Application Service (PAS) formally known as CredHub.

Symptom

While making edits by clicking Apply Changes in Ops Manager, the process fails at the Migrating credentials to director CredHub step. The only error message it gives is "Exited with -1".

In the credhub.log file on the Director virtual machine (VM) under /var/vcap/sys/log/credhub, an error of the following type may be seen:

ERROR --- SpringApplication: Application startup failed
org.springframework.web.client.ResourceAccessException: I/O error on GET request for
"https://bosh.pcfdev-us-east-1.aws-nonprod.example-domain.com:8443/.well-known/openid-configuration":
Remote host closed connection during handshake; nested exception is javax.net.ssl.SSLHandshakeException:
Remote host closed connection during handshake

This error indicates a failure of the CredHub service, which runs on the Director VM to communicate with UAA. 

Cause

The value for the Director hostname field is not null and the hostname is either absent in DNS or the DNS name does not correspond to the IP address of the director. The Director hostname field is found in the Ops Man Director file in the Director config tab at the bottom of the page.

Screen_Shot_2018-01-16_at_11.10.59_AM.png

...

Screen_Shot_2018-01-16_at_11.11.21_AM.png

Resolution

The simplest resolution is to remove the hostname listed in the Director Hostname field. Then click Apply Changes again. Without a hostname being specified, Ops Man will default to using the IP address of the director.

You may enter a hostname in the Director Hostname field but, in order for it to work correctly, the hostname must be 1) in DNS, and 2) correct. The hostname must be configured in DNS before you click Apply Changes. But the IP address of the director which is necessary in order to assign a DNS name is not assigned until after you click Apply Changes. There are 2 ways you can predict what the IP address will be:

  1. Take the first IP address in the network defined in Ops Man, outside of the Reserved IP's that are assigned to that network.
  2. Find the IP assigned to the director after running Apply Change without a hostname applied. Look at the Status tab of the Ops Man Director tile to find the IP address assigned to the director.

Comments

Powered by Zendesk