Cannot perform grpc connection from WSL2

[toniher]

Hello,
I am carrying on to monitor a run process from WSL2 following up: #81

When testing:

python3 extract_run_statistics.py --host 172.27.80.1 --position xxx

I get:

grpc._channel._InactiveRpcError: <_InactiveRpcError of RPC that terminated with:
        status = StatusCode.UNAUTHENTICATED
        details = "No authorisation metadata supplied"
        debug_error_string = "UNKNOWN:Error received from peer  {grpc_status:16, grpc_message:"No authorisation metadata supplied"}"
>

list_sequencing_positions.py works OK in both 9501 and 9502.

By reading #64 I generated a cert-key pair.

python3 extract_run_statistics.py --host 172.27.80.1 --port 9502 --position xxx --client-cert-chain=/path/to/cert.pem --client-key=/path/to/key.pem

I get the following error:
grpc._channel._InactiveRpcError: <_InactiveRpcError of RPC that terminated with: status = StatusCode.UNAVAILABLE details = "failed to connect to all addresses; last error: UNAVAILABLE: ipv4:172.27.80.1:8000: Socket closed" debug_error_string = "UNKNOWN:Error received from peer {grpc_status:14, grpc_message:"failed to connect to all addresses; last error: UNAVAILABLE: ipv4:172.27.80.1:8000: Socket closed"}"

If used instead 9501:

grpc._channel._InactiveRpcError: <_InactiveRpcError of RPC that terminated with:
        status = StatusCode.UNAVAILABLE
        details = "failed to connect to all addresses; last error: UNAVAILABLE: ipv4:172.27.80.1:9501: Socket closed"
        debug_error_string = "UNKNOWN:Error received from peer  {grpc_status:14, grpc_message:"failed to connect to all addresses; last error: UNAVAILABLE: ipv4:172.27.80.1:9501: Socket closed"}"

it looks it is not the proper approach?

Should I place these keys somewhere and restart the service? It is unclear for me from the documentation.

As an alternative, I read in main README.md that grpc.ssl_target_name_override could be an option, but I don't know how to use it in a script such as extract_run_statistics.py to 'whitelist' the IP I am pointing: 172.27.80.1

Thanks!

P.D.: guest_rpc_enabled: true is enabled in user_conf

[0x55555555]

Are both the client and cert in this example running inside WSL, or is the client a windows based process?

If this is the case, you need to ensure the servers ca.crt is used when connecting from the client (place the path to it in MINKNOW_TRUSTED_CA in the client terminal)

Thanks,

• George

[toniher]

Hello,

I am using this:

export MINKNOW_TRUSTED_CA="/mnt/l/data/rpc-certs/minknow/ca.crt"

The script is inside WSL2...

Also, there were a couple of key-certs inside the same directory, but the same output as above... For reference:

python3 extract_run_statistics.py --host 172.27.80.1 --port 9502 --position xxx  --client-cert-chain=/mnt/l/data/rpc-certs/minknow/localhost.crt --client-key=/mnt/l/data/rpc-certs/minknow/localhost.key

Thanks!

[0x55555555]

If you remove the client cert arguments, and remove them from the minknow install (and restart minknow), does the API work?

I would suggest taking the setup back to its most basic and confirming when it breaks - client certs can be tricky to configure in gRPC and the errors are misleading - removing them from the equation will make it clearer if there is a more fundamental issue with the communication.

Also - does the setup work if you run it from inside WSL, with or without any of the client cert arguments?

Thanks,

• George

[toniher]

Minknow is running on Windows, and the Python script is in WSL2. I need to wait to restart the Minknow service. Once it's done, I will test it again and let you know.
Thanks!

[toniher]

No luck after restarting the service:

Without any certificate:

 python3 extract_run_statistics.py --host 172.27.80.1  --position P2S-02336-A

....
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
grpc._channel._InactiveRpcError: <_InactiveRpcError of RPC that terminated with:
        status = StatusCode.UNAUTHENTICATED
        details = "No authorisation metadata supplied"

As commented above, when using a cert and a key, it keeps complaining about 8000:

python3 extract_run_statistics.py --host 172.27.80.1 --port 9502 --position P2S-02336-A --client-cert-chain=/mnt/l/data/rpc-certs/minknow/localhost.crt --client-key=/mnt/l/data/rpc-certs/minknow/localhost.key
Failed to connect to minknow instance (retry 1/5): failed to connect to all addresses; last error: UNAVAILABLE: ipv4:172.27.80.1:8000: Socket closed
Failed to connect to minknow instance (retry 2/5): failed to connect to all addresses; last error: UNAVAILABLE: ipv4:172.27.80.1:8000: Socket closed
Failed to connect to minknow instance (retry 3/5): failed to connect to all addresses; last error: UNAVAILABLE: ipv4:172.27.80.1:8000: Socket closed
Failed to connect to minknow instance (retry 4/5): failed to connect to all addresses; last error: UNAVAILABLE: ipv4:172.27.80.1:8000: Socket closed
Failed to connect to minknow instance (retry 5/5): failed to connect to all addresses; last error: UNAVAILABLE: ipv4:172.27.80.1:8000: Socket closed

...
grpc._channel._InactiveRpcError: <_InactiveRpcError of RPC that terminated with:
        status = StatusCode.UNAVAILABLE
        details = "failed to connect to all addresses; last error: UNAVAILABLE: ipv4:172.27.80.1:8000: Socket closed"
        debug_error_string = "UNKNOWN:Error received from peer  {grpc_status:14, grpc_message:"failed to connect to all addresses; last error: UNAVAILABLE: ipv4:172.27.80.1:8000: Socket closed"}"

Port seems open:

 nc -z  172.27.80.1 8000
Connection to 172.27.80.1 8000 port [tcp/*] succeeded!

Any other idea what to try?