redis connection failure - SCIM bridge not responding to Azure AD

kimed
kimed
Community Member

Everything was working with the integration with SCIM and Azure AD. The synching was working and tested. AD groups were being populated into 1Password. The Azure "Test Connection" was successful. After 1 day, nothing works and nothing was changed on SCIM VM or AD. I am seeing this error every 7 secs:

op-scim_scim.1.p3lvincoqtox@k2e-lvm1 | 2018/12/20 13:09:10 cacheConnWithAddress failed to newRedisConn: newRedisConn failed to Dial: dial tcp: lookup redis on 127.0.0.11:53: server misbehaving
op-scim_scim.1.xai3h75wi90p@k2e-lvm1 | [LOG] [0.7.2] 2018/12/20 13:09:16 (INFO) using default redis connection (redis:6379)
op-scim_scim.1.xai3h75wi90p@k2e-lvm1 | [LOG] [0.7.2] 2018/12/20 13:09:16 (INFO) creating redis connection with address redis:6379
op-scim_scim.1.xai3h75wi90p@k2e-lvm1 | 2018/12/20 13:09:16 cacheConnWithAddress failed to newRedisConn: newRedisConn failed to Dial: dial tcp: lookup redis on 127.0.0.11:53: server misbehaving
op-scim_scim.1.xkarlvgmajpa@k2e-lvm1 | [LOG] [0.7.2] 2018/12/20 13:09:23 (INFO) using default redis connection (redis:6379)
op-scim_scim.1.xkarlvgmajpa@k2e-lvm1 | [LOG] [0.7.2] 2018/12/20 13:09:23 (INFO) creating redis connection with address redis:6379
op-scim_scim.1.xkarlvgmajpa@k2e-lvm1 | 2018/12/20 13:09:23 cacheConnWithAddress failed to newRedisConn: newRedisConn failed to Dial: dial tcp: lookup redis on 127.0.0.11:53: server misbehaving
op-scim_scim.1.pd0z1e39vbad@k2e-lvm1 | [LOG] [0.7.2] 2018/12/20 13:09:29 (INFO) using default redis connection (redis:6379)
op-scim_scim.1.pd0z1e39vbad@k2e-lvm1 | [LOG] [0.7.2] 2018/12/20 13:09:29 (INFO) creating redis connection with address redis:6379
op-scim_scim.1.pd0z1e39vbad@k2e-lvm1 | 2018/12/20 13:09:29 cacheConnWithAddress failed to newRedisConn: newRedisConn failed to Dial: dial tcp: lookup redis on 127.0.0.11:53: server misbehaving


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • kimed
    kimed
    Community Member

    It seems like the redis service has shutdown and scim fails to come up because of this.
    scim-examples/docker-swarm# docker service ps op-scim_redis
    ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
    7eebeg5mtp6d op-scim_redis.1 redis:latest k2e-lvm1 Shutdown Complete 21 hours ago
    scim-examples/docker-swarm# docker service ps op-scim_scim
    ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
    u5nfwe6z3z2u op-scim_scim.1 1password/scim:v0.7.2 k2e-lvm1 Ready Ready 2 seconds ago
    q63s50umvdn9 _ op-scim_scim.1 1password/scim:v0.7.2 k2e-lvm1 Shutdown Failed 2 seconds ago "task: non-zero exit (1)"
    9mea8qkazyk6 _ op-scim_scim.1 1password/scim:v0.7.2 k2e-lvm1 Shutdown Failed 9 seconds ago "task: non-zero exit (1)"
    ncme2nj5nr99 _ op-scim_scim.1 1password/scim:v0.7.2 k2e-lvm1 Shutdown Failed 15 seconds ago "task: non-zero exit (1)"
    hu556wfyt9t4 _ op-scim_scim.1 1password/scim:v0.7.2 k2e-lvm1 Shutdown Failed 22 seconds ago "task: non-zero exit (1)"
    scim-examples/docker-swarm#

  • cohix
    cohix
    1Password Alumni

    @kimed That's something I've never seen before. Is redis running in Docker with the SCIM bridge, or is it external?

  • kimed
    kimed
    Community Member

    Problem: docker containers not surviving a reboot.

    root@k2e-lvm1:/home/kime# docker ps
    CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

    root@k2e-lvm1:/home/kime# docker service ls
    ID NAME MODE REPLICAS IMAGE PORTS
    q6i3ilez46w5 nostalgic_kilby replicated 0/1 op-scim_scim:latest
    pipjyjqnje10 op-scim_redis replicated 0/1 redis:latest
    5utvfo9oymm8 op-scim_scim replicated 0/1 1password/scim:v0.7.2 *:80->8080/tcp, *:443->8443/tcp
    fe24084e7oo3 relaxed_wiles replicated 0/1 op-scim_redis:latest

    Solution:

    I changed the docker-compose.yml file to this:

    restart_policy:
    condition: any

    Everything is now working after a reboot.

  • AGAlumB
    AGAlumB
    1Password Alumni

    Ah, great! Thanks for the update. Glad to hear you were able to get it sorted, but we're here if you need us. Cheers! :)

This discussion has been closed.