ConnectTimeoutException: Connect to rally1.rallydev.com:443

Issue #4 new
viswanathan ramachandran created an issue

Hi team, I have integrated Rally and Stash by following the KB https://frontcloudsoft.atlassian.net/wiki/display/RCFBS/Configuration and it looks all OK except the the user profile. On user profile of Stash - Manage account, there are connection timeout errors ConnectTimeoutException: Connect to rally1.rallydev.com:443

I do not see the Stash Commit info inside Rally. I can see the Rally ID inside Stash. On user profile of Stash, upon click on Rally Connector - Manage account , I get connection timeout errors ConnectTimeoutException: Connect to rally1.rallydev.com:443. See screenshot attached

  1. On Stash Commit - US2513 is Rally ID and that opens Rally ticket
  2. I do not see anywhere on US2513 - the information/details of Stash Commit.

Rally Post Changeset Hook is enabled in target repository Enabled Build and Changeset in Rally Rally API Key was generated with Full Access

How do I solve the timeout errors. ? Also, how does the API key works? Will that be one time generation and common for all users? Or does each user has to generate API key for their Rally Workspace?

Please advice.

Comments (21)

  1. viswanathan ramachandran reporter

    Hi I also ran curl command from the stash server and I get the message as below. Not sure if I'm wrong here

    bash-4.1$ export https_proxy=https://rally1.rallydev.com bash-4.1$ curl https://rally1.rallydev.com curl: (7) couldn't connect to host bash-4.1$

    Also, if you advice me on the a question? On the Rally connector from Stash, what should be Rally Repository name? should it be Rally Project name or the Stash Repo ? Attaching Screenshot for reference.

  2. viswanathan ramachandran reporter

    On the Stash Commit tab, I can see Rally ID Rally1234. But if i see the details of the commit inside stash, I dont see Rally ID anywhere there.

    May I get response on this please?

  3. George Mace

    We are still trying to reproduce this timeout issue, can you give us the enviroment details? e.g. Bitbucket version, plugin version, rally information. how does the API key works? You can use a single APIKey for all users, however this APIKey must have access all Rally workspaces. We also will add the rally artifacts ids on the commit details page soon.

  4. viswanathan ramachandran reporter

    Thank you George. So other issue is details of Stash commit does not Rally ID. On the high level, I can see Rally ID. And Inside Rally , the ID does not show Stash commits, I don't see in change sets or anywhere. Is connection timeout cause for all these ?

    Stash version is 4.2.3 Rally plugin version is 4.0 Rally1.rallydev.com

    Also, when asked this to Atlassian Support, they have suggested to enable Proxy as per https://confluence.atlassian.com/bitbucketserverkb/how-to-configure-an-outbound-http-and-https-proxy-for-bitbucket-server-779171680.html that might work to see the Stash details on Rally.

    To test this , the curl command from Stash server gave me this output

    bash-4.1$ curl -x http://primary-URL --proxy-user username:password -L https://rally1.rallydev.com <html><head><script type="text/javascript">var w=window,l=w.location,s=l.search,h=l.href.split('#')[1];w.location=h?'/'

    And again, on Stash Repository settings, I give the API key, Rally Workspace name. What is the value to be specified for Rally Repository? is that Stash repo or Rally Project name ? are there any specific formats/syntax to be put ?

    I just mentioned as below Rally workspace - General Rally Repository - Stash

    Please advice and thanks for looking onto this.

    Cheers Viswa

  5. ViswanathanR

    Hi Diego Nope server does not have Internet access. As per the ticket if you mean open outbound proxy on BitBucket BBS is the solution ? Dies it mean BBS is exposed on Internet ?

    Also if you could advice and help on support SLA? Considering we take this plugin , how does support works ? Could we get response on time ?

    Are there any others versions developed ? Will be developed ?

    -

  6. Diego Tremper

    Hi Viswanathan,

    we were not able to reproduce this issue, in this case I need to get some inputs from you. Can you provide us the output for the bellow commands?

    1) curl -v http://rally1.rallydev.com 2) curl -v --proxy [protocol://][user:password@]proxyhost[:port] http://rally1.rallydev.com

    For the first one, I'm expecting to see an error in first command, something like "couldn't connect to host". In the second one, i'm expecting to see something like:

    HTTP/1.1 301 Moved Permanently Date: Thu, 13 Oct 2016 05:42:51 GMT Content-Length: 0 Connection: keep-alive Set-Cookie: __cfduid=d65621cc2c514a0958c7d081d5d4098781476337371; expires=Fri, 13-Oct-17 05:42:51 GMT; path=/; domain=.rallydev.com; HttpOnly Location: https://rally1.rallydev.com/ Server: cloudflare-nginx CF-RAY: 2f107878e5d44adf-GRU

    I'm thinking that we are not able to connect in Rally thru your proxy. In this case, we need to known if you are able to connect using curl command, if so, we can try to configure bitbucket to do the same.

    Thanks.

  7. ViswanathanR

    Hi Diego, I tried this before using curl –x bash-4.1$ curl -x http://primary-proxy.intranet.barcapint.com:8080http://primary-proxy.intranet.barcapint.com:8080/ --proxy-user username:password -L https://rally1.rallydev.comhttps://rally1.rallydev.com/ <html><head><script type="text/javascript">var w=window,l=w.location,s=l.search,h=l.href.split('#')[1];w.location=h?'/'(s?s'&':'?')+'hash='+encodeURIComponent(h):'/slm/login.op';</script></head></html>bash-4.1$

    if we apply the proxy to the BBS as outlined in the related documentationhttps://confluence.atlassian.com/bitbucketserverkb/how-to-configure-an-outbound-http-and-https-proxy-for-bitbucket-server-779171680.html, then restart the instance for the settings to take place, would there be any security risk ? Concern is the security implications of this change as we will have to open up our APIs to the internet to enable Rally to access them. Are there any methods of locking this access down ? but there are still implications and we will need to ensure that the risks associated with this are minimized

    Regards, Viswa

  8. ViswanathanR

    Hi, I get the connection timeout even with latest version of the plugin installed on the Bitbucket.

    Though the commit is successful, while doing git push, I get he message as follows

    username@SGPPWM490961 ~/Docs/Stash/Clone/dev_tools_dev_config (master) $ git push origin master Password for 'http://username@stash:port': Counting objects: 5, done. Delta compression using up to 4 threads. Compressing objects: 100% (2/2), done. Writing objects: 100% (3/3), 351 bytes | 0 bytes/s, done. Total 3 (delta 1), reused 0 (delta 0) remote: WARN: Your pushed commits are safe, but the commit messages were not validated because the Bitbucket server have a network issue trying to communicate with Rally Server. remote: Please contact the server admin to fix it. To http://username@stash:port/scm/dtd/dev_tools_dev_config.git

    d426e18..f7d9ae3 master -> master

    username@SGPPWM490961 ~/Docs/Stash/Clone/dev_tools_dev_config (master)

  9. ViswanathanR

    I don’t see the timeout errors on my BBS side under user profile. But the below com.atlassian.sal.api.net.ResponseException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

    Rally certs are imported to the bitbcket keystore and Bitbucket is restarted. But still the same

  10. Log in to comment