Datalore 2023.2 (Kubernetes Helm ver. 0.2.8) HUB Auth error

Nikolai · May 22, 2023, 3:14pm

Hello,

We already have installed and configured HUB
Base URL - https://hub.domain.name/hub
HUB version - Build 2022.3.15481 [14-02-2023 08:56] Docker Image

Deployed Datalore kubernetes version
Helm version - 0.2.8
Datalore version 2023.2
Base url - https://datalore.domain.name

After clicking on the Accept button we get a 500 error.
Screenshot

Datalore server pod output (log)

08:44:55.795 INFO  [taskScheduler-2] j.d.u.s.i.g.HubGroupsServiceImpl - No Hub events have been ever processed. Importing initial Hub groups.
08:44:55.844 ERROR [taskScheduler-2] o.s.s.s.TaskUtils$LoggingErrorHandler - Unexpected error occurred in scheduled task
javax.ws.rs.ProcessingException: java.net.UnknownHostException: hub
	at org.glassfish.jersey.client.internal.HttpUrlConnector.apply(HttpUrlConnector.java:269)
	at org.glassfish.jersey.client.ClientRuntime.invoke(ClientRuntime.java:297)
	at org.glassfish.jersey.client.JerseyInvocation.lambda$invoke$1(JerseyInvocation.java:675)
	at org.glassfish.jersey.client.JerseyInvocation.call(JerseyInvocation.java:697)
	at org.glassfish.jersey.client.JerseyInvocation.lambda$runInScope$3(JerseyInvocation.java:691)
	at org.glassfish.jersey.internal.Errors.process(Errors.java:292)
	at org.glassfish.jersey.internal.Errors.process(Errors.java:274)
	at org.glassfish.jersey.internal.Errors.process(Errors.java:205)
	at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:390)
	at org.glassfish.jersey.client.JerseyInvocation.runInScope(JerseyInvocation.java:691)
	at org.glassfish.jersey.client.JerseyInvocation.invoke(JerseyInvocation.java:674)
	at org.glassfish.jersey.client.JerseyInvocation$Builder.method(JerseyInvocation.java:422)
	at org.glassfish.jersey.client.JerseyInvocation$Builder.get(JerseyInvocation.java:318)
	at jetbrains.jetpass.client.oauth2.OAuth2Client.getHubScope(OAuth2Client.kt:45)
	at jetbrains.jetpass.client.hub.HubClient.getAccountsClient(HubClient.kt:52)
	at jetbrains.datalore.userManagement.server.impl.hub.LazyHubAccountsClient$hubClient$2.invoke(LazyHubAccountsClient.kt:4)
	at jetbrains.datalore.userManagement.server.impl.hub.LazyHubAccountsClient$hubClient$2.invoke(LazyHubAccountsClient.kt:3)
	at kotlin.SynchronizedLazyImpl.getValue(LazyJVM.kt:74)
	at jetbrains.datalore.userManagement.server.impl.hub.LazyHubAccountsClient.a(LazyHubAccountsClient.kt:7)
	at jetbrains.datalore.userManagement.server.impl.hub.LazyHubAccountsClient.getEventClient(LazyHubAccountsClient.kt:1)
	at jetbrains.datalore.userManagement.server.impl.groups.HubGroupsServiceImpl.d(HubGroupsServiceImpl.kt:126)
	at jetbrains.datalore.userManagement.server.impl.groups.HubGroupsServiceImpl.updateLastProcessedEvent$default(HubGroupsServiceImpl.kt:90)
	at jetbrains.datalore.userManagement.server.impl.groups.HubGroupsServiceImpl.a(HubGroupsServiceImpl.kt:138)
	at jetbrains.datalore.userManagement.server.impl.groups.HubGroupsServiceImpl.updateGroupsFromHub(HubGroupsServiceImpl.kt:302)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:568)
	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:344)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:198)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
	at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:123)
	at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:388)
	at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:119)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:215)
	at jdk.proxy3/jdk.proxy3.$Proxy150.updateGroupsFromHub(Unknown Source)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:568)
	at org.springframework.scheduling.support.ScheduledMethodRunnable.run(ScheduledMethodRunnable.java:84)
	at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54)
	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539)
	at java.base/java.util.concurrent.FutureTask.runAndReset(FutureTask.java:305)
	at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:305)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
	at java.base/java.lang.Thread.run(Thread.java:833)
Caused by: java.net.UnknownHostException: hub
	at java.base/sun.nio.ch.NioSocketImpl.connect(NioSocketImpl.java:567)
	at java.base/java.net.Socket.connect(Socket.java:633)
	at java.base/sun.net.NetworkClient.doConnect(NetworkClient.java:178)
	at java.base/sun.net.www.http.HttpClient.openServer(HttpClient.java:531)
	at java.base/sun.net.www.http.HttpClient.openServer(HttpClient.java:636)
	at java.base/sun.net.www.http.HttpClient.<init>(HttpClient.java:279)
	at java.base/sun.net.www.http.HttpClient.New(HttpClient.java:384)
	at java.base/sun.net.www.http.HttpClient.New(HttpClient.java:406)
	at java.base/sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:1309)
	at java.base/sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1242)
	at java.base/sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1128)
	at java.base/sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:1057)
	at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1665)
	at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1589)
	at java.base/java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:529)
	at org.glassfish.jersey.client.internal.HttpUrlConnector._apply(HttpUrlConnector.java:378)
	at org.glassfish.jersey.client.internal.HttpUrlConnector.apply(HttpUrlConnector.java:267)
	... 48 common frames omitted

hub openid discovery conf

{
  "issuer": "https://hub.domain.name/hub",
  "authorization_endpoint": "https://hub.domain.name/hub/api/rest/oauth2/auth",
  "token_endpoint": "https://hub.domain.name/hub/api/rest/oauth2/token",
  "userinfo_endpoint": "https://hub.domain.name/hub/api/rest/oauth2/userinfo",
  "jwks_uri": "https://hub.domain.name/hub/api/rest/oauth2/keys",
  "scopes_supported": [
    "openid",
    "profile",
    "email"
  ],
  "response_types_supported": [
    "code",
    "token",
    "id_token"
  ],
  "grant_types_supported": [
    "authorization_code",
    "client_credentials",
    "password",
    "refresh_token",
    "implicit"
  ],
  "subject_types_supported": [
    "public"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post"
  ],
  "claims_supported": [
    "sub",
    "name",
    "preferred_username",
    "profile",
    "picture",
    "email",
    "email_lowercased",
    "email_verified"
  ],
  "service_documentation": "https://www.jetbrains.com/help/hub/Managing-Services.html",
  "request_uri_parameter_supported": false
}

Datalore helm values.yaml

---
datalore:
  databaseSecret:
    password: ***************
  dataloreEnv:
    DATALORE_PUBLIC_URL: https://datalore.domain.name
    HUB_DATALORE_SERVICE_ID: **************
    HUB_DATALORE_SERVICE_SECRET: **************
    HUB_FORCE_EMAIL_VERIFICATION: 'false'
    HUB_PERM_TOKEN: perm:**************
    HUB_PUBLIC_BASE_URL: https://hub.domain.name/hub
  ingress:
    className: nginx
    enabled: true
    hosts:
      - host: internal-datalore.domain.name
        paths:
          - path: /
            pathType: ImplementationSpecific
      - host: datalore.domain.name
        paths:
          - path: /
            pathType: ImplementationSpecific
    tls:
      - hosts:
          - datalore.domain.name
        secretName: tls
  volumeClaimTemplates:
    - metadata:
        name: postgresql-data
      spec:
        accessModes:
          - ReadWriteOnce
        resources:
          requests:
            storage: 2Gi
        storageClassName: storageClassName
    - metadata:
        name: storage
      spec:
        accessModes:
          - ReadWriteOnce
        resources:
          requests:
            storage: 2Gi
        storageClassName: storageClassName

HUB Service config (I’ll try to add this screenshot to the comment due to restrictions on 1 attachment for new users on the forum)

I also tried to fill in all the fields according to the instructions - I get exactly the same error in both cases

At the stage of creating Generate HUB token, we created a separate user and assigned him the role (Low-level Admin / Full Admin) - I get exactly the same error in both cases