Installation of Secure Gateway on Mac fails

Question

Ran the secgw.command from Finder and got many NPM errors

Start of warnings/errors:

End

Couldn't find the log file:

I installed log4js (npm install log4js -g), still getting errors.

npm cache clean did not help.

Copied ibm directory to somewhere else and used sudo

MacBook-Pro:ibm jps$ cd Desk*
MacBook-Pro:ibm jps$ cd ibm
MacBook-Pro:ibm jps$ sudo ./secgw.command

Output with increased loglevel:

MacBook-Pro-3:client jps$ node lib/secgwclient.js <gateway> -t <token>
    [2017-10-14 13:33:37.290] [INFO] (Client ID 22481) No password provided. The UI will not require a password for access
    [2017-10-14 13:33:37.313] [WARN] (Client ID 22481) UI Server started. The UI is not currently password protected
    [2017-10-14 13:33:37.313] [INFO] (Client ID 22481) Visit localhost:9003/dashboard to view the UI.
    cli> [2017-10-14 13:33:37.750] [INFO] (Client ID 22482) Setting log level to TRACE
    [2017-10-14 13:33:37.755] [DEBUG] (Client ID 22482) The Secure Gateway client will fetch its configuration from https://sgmanager.eu-de/.bluemix.net/sgconfig/QqiJp83bfu4_prod_eu-de/
    [2017-10-14 13:33:37.862] [INFO] (Client ID 22483) Setting log level to INFO
    [2017-10-14 13:33:37.870] [ERROR] (Client ID 22482) The response is code: ENOTFOUND, message: getaddrinfo
    cli> [2017-10-14 13:33:37.872] [INFO] (Client ID 22482) Process exiting without errors due to user or server request
    [2017-10-14 13:33:38.422] [ERROR] (Client ID 22483) The Secure Gateway tunnel connection had an error
    cli> [2017-10-14 13:33:38.425] [INFO] (Client ID 22483) Process exiting without errors due to user or server request
    cli>

Telnet to Germany: connected, but not prompted for user

Peters-MacBook-2784:~ jps$ telnet sgmanager.eu-de.bluemix.net 443
Trying 169.50.12.140...
Connected to eu-de.bluemix.net.
Escape character is '^]'.

Tried secgw.command again:

[2017-10-14 22:07:43.205] [INFO] (Client ID 27049) No password provided. The UI will not require a password for access
[2017-10-14 22:07:43.216] [ERROR] (Client ID 27049) Unable to establish UI on port 9003.  Is this port already in use?
cli> [2017-10-14 22:07:43.497] [INFO] (Client ID 27050) Setting log level to INFO
[2017-10-14 22:07:43.537] [ERROR] (Client ID 27050) The response is code: ENOTFOUND, message: getaddrinfo
cli> [2017-10-14 22:07:43.539] [INFO] (Client ID 27050) Process exiting without errors due to user or server request

Galen Keene · Accepted Answer · 2017-10-11T15:10:50.007

1

tar.unpack untar error could mean that the the packages didn't download correctly and thus can't be unpacked (see this npm issue). Try running npm cache clean (might need sudo) and then running the secgw.command script again.

Ensure you can telnet the regional server (based on your Bluemix region) sgmanager.<region>.bluemix.net where is one of the following:

US South : ng
United Kingdom : eu-gb
Germany : eu-de
Sydney : au-syd

For example, if you are using the Germany region, a successful telnet connection should look like:

$ telnet sgmanager.eu-de.bluemix.net 443
Trying 169.50.24.140...
Connected to eu-de.bluemix.net.

For the gateway you are attempting to connect to, it will have a Node specified on the Secure Gateway Dashboard in the Gateway Info Panel. Ensure you can telnet to that server name on port 9000, as well. For example, a gateway with Node cap-eu-de-prd-sg-bm-01.integration.ibmcloud.com would have a successful telnet of:

$ telnet cap-eu-de-prd-sg-bm-01.integration.ibmcloud.com 9000
Trying 159.122.71.68...
Connected to cap-eu-de-prd-sg-bm-01.integration.ibmcloud.com.

The machine hosting the Secure Gateway Client must be able to access both the regional server and the server your gateway is hosted on to be able to connect successfully.

When attempting to connect the Secure Gateway Client, ENOTFOUND implies a networking issue resulting in the host running the client to be unable to resolve the address of either the sgmanager.<region>.bluemix.net or the specific gateway node and would result in one or both of the above telnet commands failing.

edited Oct 11 '17 at 15:10

answered Oct 03 '17 at 15:27

Galen Keene

303
1
10

Tried npm cache clean: same error. Copied the ibm directory somwhere else and ran sudo ./secgw.command: no untar errors, but a secgw error: ERROR] (Client ID 36322) The response is code: ENOTFOUND, message: getaddrinfo. The gateway is ENABLED in Bluemix , but marked with red rings (should be green , I assume). – jpsstack Oct 03 '17 at 16:40
ENOTFOUND implies that your machine couldn't resolve the hostname for the SG servers. Are you able to `telnet sgmanager..bluemix.net 443` where is your Bluemix region `ng`, `eu-gb`, `au-syd`, or `eu-de` for US South, United Kingdom, Sydney, and Frankfurt, respectively. Increasing the loglevel to DEBUG or TRACE will also log which one it is calling. – Galen Keene Oct 03 '17 at 17:58
added telnet and ping results, pls. advise how to increase loglevel – jpsstack Oct 03 '17 at 19:37
correction: ping is possible today to US South, GB, Frankfurt, telnet 443 still not working to any of those (the SG service is running in Frankfurt) – jpsstack Oct 04 '17 at 08:13
I've updated my answer with more specific results expected from telnet. To increase the loglevel, you would have to start the client manually by navigating into the `securegateway/client` directory and attempting to run `node lib/secgwclient.js -t -l TRACE` – Galen Keene Oct 10 '17 at 21:46
added output of this statement – jpsstack Oct 14 '17 at 11:41
telnet to the EU Bluemix is working from both of my Macs now – jpsstack Oct 14 '17 at 19:47
Based on `eu-de/` being in the middle of the debug line, was there an extra character at the end of your gatewayID (looks like there is a trailing `/`)? The region the SG Client attempts to connect to is determined by parsing the Gateway ID provided so having trailing characters or a malformed ID will cause issues. Given that your telnet works, at least the initial request should work. – Galen Keene Oct 16 '17 at 13:33

Installation of Secure Gateway on Mac fails

1 Answers1