Problems connecting with a sync-gateway running on a cloud docker container

Mobile Sync Gateway
1

Hi,

I’m trying to setup my cloud architecture with couchbase-server and sync-gateway running on docker enviroment.

I have done my initially prototyping locally and then used my couchbase-lite-core client. Locally I can connect to ws://localhost:4984/bucket successfully and replication happens.

Now, that I have my couchbase-server and sync-gateway running on the cloud, it is unable to replicate. The output is like this:

16:47:59.608667| [Sync]: {Repl#4} Connection closed with errno 60: "connect(sg-dev.imaginando.pt:4984): Operation timed out" (state=1)
16:47:59.609054| [Sync] ERROR: {Repl#4} Got LiteCore error: POSIX error 60 "connect(sg-dev.imaginando.pt:4984): Operation timed out"
16:47:59.609098| [Sync]: {Repl#4} now stopped

What could be preventing the replicator from connecting? Ports?
I have cloudflare in the middle. I’m a bit lost. I was looking for ideas on how to debug this.

Thanks in advance,

Nuno

2

Can you ping sg-dev.imaginando.pt? Can you curl sg-dev.imaginando.pt:4984? The replication connection is a WebSocket, so check if there’s anything you need to do on your middleware to enable WebSockets.

3

Hi Jens,

Thanks for your reply.

I cannot ping to https://sg-dev.imaginando.pt:4984/

➜  devops git:(master) ✗ ping https://sg-dev.imaginando.pt:4984
ping: cannot resolve https://sg-dev.imaginando.pt:4984: Unknown host

But I can curl to https://sg-dev.imaginando.pt/

➜  devops git:(master) ✗ curl https://sg-dev.imaginando.pt
{"couchdb":"Welcome","vendor":{"name":"Couchbase Sync Gateway","version":"2.1"},"version":"Couchbase Sync Gateway/2.1.2(2;35fe28e)"}%

Curling to https://sg-dev.imaginando.pt:4984 results in eternal waiting without reply:

➜  devops git:(master) ✗ curl https://sg-dev.imaginando.pt:4984

I can only get out doing CTR+C.

In my docker-compose.yml I have the port 4984 exposed to outside via traefik:

sync-gateway:
  build: sync-gateway
labels:
  - traefik.backend=sg-dev
  - traefik.enable=true
  - traefik.frontend.rule=Host:sg-dev.imaginando.pt
  - traefik.frontend.entryPoints=https
  - traefik.port=4984
ports:
  - "4984"

Using the repUrl ws://sg-dev.imaginando.pt:4984/couchbase_qt the output is like this:

 12:49:13.990660| [DB]: {DB#3} Opening database
 12:49:13.992112| [Sync]: {Repl#4}==> litecore::repl::Replicator /tmp/database/ ->ws://sg-dev.imaginando.pt:4984/db/_blipsync @0x7feed4e32268
 12:49:13.992153| [Sync]: {Repl#4} Push=continuous, Pull=continuous, Options={{}}
 12:49:13.995843| [Sync]: {Repl#4} No local checkpoint 'cp-wdtxdcPx2QIbMaCcu5E2iJnfRs0='

Using the repUrl ws://sg-dev.imaginando.pt/couchbase_qt without the port, the output is like this:

12:50:43.781591| [Sync]: {Repl#4}==> litecore::repl::Replicator /tmp/database/ ->ws://sg-dev.imaginando.pt:80/db/_blipsync @0x7fba43d83988
12:50:43.781619| [Sync]: {Repl#4} Push=continuous, Pull=continuous, Options={{}}
12:50:43.784201| [Sync]: {Repl#4} No local checkpoint 'cp-T7IBRB3XCF9OKrkxHLn9dxjxZE4='
12:50:43.932494| [WS] WARNING: {C4SocketImpl#5}==> litecore::repl::C4SocketImpl ws://sg-dev.imaginando.pt:80/db/_blipsync @0x7fba43d83d40
12:50:43.932549| [WS] WARNING: {C4SocketImpl#5} WebSocket closed abnormally with status 301
12:50:43.932649| [Sync]: {Repl#4} Connection closed with WebSocket status 301: "Unexpected response status 301 Moved Permanently" (state=1)

It seems to be able to connect with the first repUrl but then, nothing happens. I don’t know how to debug it further.

Do you think this is related to the fact that I’m exposing the ports directly to the main address using traefik?

Thanks in advance.

Best regards,

Nuno

4

ping doesn’t allow a protocol, to be specified, only a hostname. Given your following curl command worked, it seems reasonable that you have basic network access to that host.

Based on that and your docker-compose config, it looks like port 4984 is not exposed to the public, and instead, traefik is handling all of your traffic over port 80. In that scenario, you’d leave port numbers off your repUrl below.

It looks like this almost worked. It connected successfully to Sync Gateway through traefik, but something went wrong when the websocket was upgraded and it got a 301/temporary redirect response.

I’ve done a quick bit of reading and it looks like traefik should support websockets fine, so the next steps are to figure out where that 301 is coming from, and why.

5

Hi,

I’ve been able to make it work. The changes are subtle.

a) the port is not being exposed directly anymore

sync-gateway:
    build: sync-gateway
labels:
  - traefik.backend=sg-dev
  - traefik.enable=true
  - traefik.frontend.rule=Host:sg-dev.imaginando.pt
  - traefik.frontend.entryPoints=http
  - traefik.port=4984

b) the repUlr doesn’t take the port anymore

"ws://sg-dev.imaginando.pt/couchbase_qt"

It seems to be connecting and replicating.

Thanks for your feedback!

Best regards,

Nuno