Listening Tentacles Offline

Hi,

We are experiencing that the octopus tentacles (In Listening Mode) are going offline and health checks are failing with below exception.
Can you please help? This is Urgent.

2020-10-21 00:01:31.7597 28 INFO listen://[::]:10933/ 28 Accepted TCP client: [::ffff:10.161.56.18]:54952
2020-10-21 00:01:31.7753 52 INFO listen://[::]:10933/ 52 Performing TLS server handshake
2020-10-21 00:01:31.8378 52 INFO listen://[::]:10933/ 52 Secure connection established, client is not yet authenticated, client connected with Tls12
2020-10-21 00:01:31.8378 52 INFO listen://[::]:10933/ 52 Client at [::ffff:10.161.56.18]:54952 authenticated as 10011693581C9F7FA144D6277A092706A7CFFF17
2020-10-21 00:15:34.3232 52 INFO listen://[::]:10933/ 52 Unhandled error when handling request from client: [::ffff:10.161.56.18]:54952
System.IO.IOException: Unable to read data from the transport connection: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. —> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond
at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
— End of inner exception stack trace —
at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.FixedSizeReader.ReadPacket(Byte[] buffer, Int32 offset, Int32 count)
at System.Net.Security._SslStream.StartFrameHeader(Byte[] buffer, Int32 offset, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security._SslStream.StartReading(Byte[] buffer, Int32 offset, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security._SslStream.ProcessRead(Byte[] buffer, Int32 offset, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslStream.Read(Byte[] buffer, Int32 offset, Int32 count)
at System.IO.StreamReader.ReadBuffer()
at System.IO.StreamReader.ReadLine()
at Halibut.Transport.Protocol.MessageExchangeStream.ReadLine() in y:\work\7ab39c94136bc5c6\source\Halibut\Transport\Protocol\MessageExchangeStream.cs:line 93
at Halibut.Transport.Protocol.MessageExchangeStream.ExpectNextOrEnd() in y:\work\7ab39c94136bc5c6\source\Halibut\Transport\Protocol\MessageExchangeStream.cs:line 67
at Halibut.Transport.Protocol.MessageExchangeProtocol.ProcessClientRequests(Func`2 incomingRequestProcessor) in y:\work\7ab39c94136bc5c6\source\Halibut\Transport\Protocol\MessageExchangeProtocol.cs:line 110
at Halibut.Transport.SecureListener.ExecuteRequest(TcpClient client) in y:\work\7ab39c94136bc5c6\source\Halibut\Transport\SecureListener.cs:line 126
2020-10-21 01:01:32.9670 28 INFO listen://[::]:10933/ 28 Accepted TCP client: [::ffff:10.161.56.18]:55190
2020-10-21 01:01:32.9826 50 INFO listen://[::]:10933/ 50 Performing TLS server handshake

Thank you,
Sarada Mamidi

Hi,

Thanks for reaching out.

Is this one tentacle or many? Has anything recently changed in your infrastructure or network that could be causing the connection to be altered? When was the last time the tentacle(s) worked properly?

Thanks,
Jeremy

Hi Jeremy,

There are many tentacles failing health checks on many servers.
Some of these servers also have more than one tentacle. But all are in Listening mode.
Some standard windows patches and security software are installed on these servers.

Can you help me here?
Thanks,
Sarada

Hi,

When was the last time they were working correctly? Did a certificate expire? Did something on your network/infrastructure change? Did you upgrade Octopus?

Thanks,
Jeremy

When was the last time they were working correctly?
On one of the server, its Oct 27th

Did a certificate expire?
Certs are valid and did not expire

Did something on your network/infrastructure change?
We changed our security Software but that was in August. It worked after that install.

Did you upgrade Octopus?
Its not upgraded - its the same - 3.3.2

What are the next steps we can take here?

Hi,

Can you take a look at the tentacle logs for one of the affected targets and see what errors are being output?

Thanks,
Jeremy

Hi,

Could you also look at this documentation and run through everything?

This is an important test to run within that but please go through the entire document: https://octopus.com/docs/infrastructure/deployment-targets/windows-targets/troubleshooting-tentacles#checking-a-listening-tentacle

Please let me know how it goes.

Thanks,
Jeremy

Thanks for the link Jeremy, i will reach out to our Networking team.

Hi @smamidi,

You’re very welcome.

Please let me know if you get it going or if you need more help.

Thanks,
Jeremy

Hi Jeremy, how would the tentacle find out the octopus server ? is this info about the servername is saved in a config file or cert ? Currently the communication from Octopus Server to tentacle is happening… so i was wondering if the tentacle is not able to respond back to server. to find it out, i need to know the places i should look for. BTW, i did all the troubleshooting in the above link and still no luck.

Hi @smamidi,

Listening tentacles don’t store the server anywhere, all they do is listen for communications from the server on a specific port. You can find that port out by remoting into the tentacle machine and running tentacle.exe show-configuration --instance==INSTANCENAME in an admin command prompt from the tentacle directory. Docs: https://octopus.com/docs/octopus-rest-api/tentacle.exe-command-line/show-configuration

Was there anything in the tentacle logs that might indicate the issue?

Please let me know.

Thanks,
Jeremy

there is unauthorized exception for this Url originated from octopus server to tentacle…
http://dfsdfs.sdfds.com/admin/api/serverstatus. the logs give this exception:

“Category”: “Error”,
“OccurredAt”: “2020-11-05T18:50:38.385-06:00”,
“MessageText”: “Unhandled exception from web server: The semaphore timeout period has expired”,
“Detail”: “System.Net.HttpListenerException (0x80004005): The semaphore timeout period has expired\r\n at System.Net.HttpResponseStream.Write(Byte[] buffer, Int32 offset, Int32 size)\r\n at System.IO.Compression.DeflateStream.WriteDeflaterOutput(Boolean isAsync)\r\n at System.IO.Compression.DeflateStream.Write(Byte[] array, Int32 offset, Int32 count)\r\n at System.IO.StreamWriter.Flush(Boolean flushStream, Boolean flushEncoder)\r\n at System.IO.StreamWriter.Write(String value)\r\n at Newtonsoft.Json.JsonTextWriter.WritePropertyName(String name, Boolean escape)\r\n at Newtonsoft.Json.Serialization.JsonSerializerInternalWriter.SerializeObject(JsonWriter writer, Object value, JsonObjectContract contract, JsonProperty member, JsonContainerContract collectionContract, JsonProperty containerProperty)\r\n at Newtonsoft.Json.Serialization.JsonSerializerInternalWriter.SerializeList(JsonWriter writer, IEnumerable values, JsonArrayContract contract, JsonProperty member, JsonContainerContract collectionContract, JsonProperty containerProperty)\r\n at Newtonsoft.Json.Serialization.JsonSerializerInternalWriter.SerializeObject(JsonWriter writer, Object value, JsonObjectContract contract, JsonProperty member, JsonContainerContract collectionContract, JsonProperty containerProperty)\r\n at Newtonsoft.Json.Serialization.JsonSerializerInternalWriter.Serialize(JsonWriter jsonWriter, Object value, Type objectType)\r\n at Newtonsoft.Json.JsonSerializer.SerializeInternal(JsonWriter jsonWriter, Object value, Type objectType)\r\n at Nancy.Serialization.JsonNet.JsonNetSerializer.Serialize[TModel](String contentType, TModel model, Stream outputStream)\r\n at Octopus.Server.Web.Infrastructure.NancyCompression.<>c__DisplayClass3_0.b__0(Stream responseStream) in Y:\work\refs\tags\3.3.2\source\Octopus.Server\Web\Infrastructure\NancyCompression.cs:line 99\r\n at Octopus.Server.Web.OctopusNancyHost.OutputWithDefaultTransferEncoding(Response nancyResponse, HttpListenerResponse response) in Y:\work\refs\tags\3.3.2\source\Octopus.Server\Web\OctopusNancyHost.cs:line 350\r\n at Octopus.Server.Web.OctopusNancyHost.ConvertNancyResponseToResponse(NancyContext nancyRequest, Response nancyResponse, HttpListenerResponse response) in Y:\work\refs\tags\3.3.2\source\Octopus.Server\Web\OctopusNancyHost.cs:line 338\r\n at Nancy.NancyEngineExtensions.HandleRequest(INancyEngine nancyEngine, Request request, Func2 preRequest, Action1 onComplete, Action`1 onError, CancellationToken cancellationToken)\r\n at Octopus.Server.Web.OctopusNancyHost.Process(HttpListenerContext ctx) in Y:\work\refs\tags\3.3.2\source\Octopus.Server\Web\OctopusNancyHost.cs:line 0”

Hi,

Are you able to follow the network traffic from the tentacle back to the server? This appears to be network related. Do you have any functioning listening tentacles you can compare network settings with?

Thanks,
Jeremy

yes tentacle is going back to server and vice versa. But the health check is timing out from UI in octopus deploy… but the tcp connections are ok and we found this as part of tracking the network traffic.

Hi,

Could you please send me a screenshot of the Machine Policy page that applies to the machines having issues?

Thanks,
Jeremy

we are in 3.3.2 and no there no page for machine policy as far as i Know.

Hi,

Are these targets part of any long running tasks?

This issue may be related: https://github.com/OctopusDeploy/Issues/issues/3142

Please let me know what you think.

Thanks,
Jeremy

ty, is there a way for me to check the database to find out a given machine health checks that i can query and find out… At least we can know from when the checks were failing…

Hi,

To get the history of health checks the easiest way might be to do the Audit Trail on a machine. If you go to one of the affected machines within Infrastructre -> Deployment Targets, then click into an affected machine, and in the upper right click the 3 dots and click Audit Trail. This will let you track the target and you should see when it has gone unhealthy.

Is that the sort of information you were looking for? Please let me know if I misunderstood.

Thanks,
Jeremy

Appreciate your prompt feedback Jeremy. But since we use Octopus version 3.3.2, i dont have infrastructure link in the UI in the Admin Console of Octopus Server.