Community Articles

Enabling SMTP in Cloudbreak

---------------------------

1. The Profile file

2. Bug in mailer.js and a workaround

    2.1 The Problem

    2.2 The Cause

    2.3 Details

    2.4 A Workaround

3. Fix postfix config

---

1. The Profile file

-------------------

In the Profile file, set the following CLOUDBREAK_SMTP_* variables and

set CBD_FORCE_START to enable starting Cloudbreak containers with a

modified file docker-composer.yml (see section 2.4):

  cloudbreak $ cd $CBD_ROOT

  cloudbreak $ more Profile

  export PUBLIC_IP=example.compute.amazonaws.com

  export AWS_SECRET_ACCESS_KEY=***

  export AWS_ACCESS_KEY_ID=***

  export CBD_FORCE_START=true

  export CLOUDBREAK_SMTP_SENDER_HOST="172.17.0.1"

  export CLOUDBREAK_SMTP_SENDER_FROM="cloudbreak@compute.amazonaws.com"

  export CLOUDBREAK_SMTP_AUTH=false

  export CLOUDBREAK_SMTP_STARTTLS_ENABLE=false

---

2. Bug in mailer.js and a workaround

------------------------------------

See

  https://github.com/sequenceiq/cloudbreak/issues/1492

---

2.1 The Problem

---------------

Can not receive mail from the cloufd UI, e.g., to reset the password:

   http://example.compute.amazonaws.com:3000

I found the cause of the problem and a workaround.

---

2.2 The Cause

-------------

When the environment variables

    SL_SMTP_SENDER_USERNAME

    SL_SMTP_SENDER_PASSWORD

are defined in the sultans container -- and they are derived

from the environment variables

   CLOUDBREAK_SMTP_SENDER_USERNAME

   CLOUDBREAK_SMTP_SENDER_PASSWORD

on the cloudbreak deployer -- even if they are set to the empty string,

the Javascript code in /sultans/mailer.js in he sultans container

tries to do authentication with the SMTP server.

---

2.3 Details

-----------

1. Because on the Cloudbreak deployer the env varts are defined

    cloudbreak $ cbd env show | egrep SMTP

    CLOUDBREAK_SMTP_SENDER_USERNAME   =  

    CLOUDBREAK_SMTP_SENDER_PASSWORD   =  

    CLOUDBREAK_SMTP_SENDER_HOST       = 172.17.0.1

    CLOUDBREAK_SMTP_SENDER_PORT       = 25

    CLOUDBREAK_SMTP_SENDER_FROM       = cloudbreak@compute.amazonaws.com

    CLOUDBREAK_SMTP_AUTH              = false

    CLOUDBREAK_SMTP_STARTTLS_ENABLE   = false

    CLOUDBREAK_SMTP_TYPE              = smtp

  the cbd start command will inser in docker-compose.yml

   cloudbreak $ egrep -A 10 sultans: /var/lib/cloudbreak-deployment/docker-compose.yml

   sultans:

    environment:

        - SL_CLIENT_ID=sultans

        - SL_CLIENT_SECRET=cbsecret2015

        - SERVICE_NAME=sultans

          #- SERVICE_CHECK_HTTP=/

        - SL_PORT=3000

        - SL_SMTP_SENDER_HOST=172.17.0.1

        - SL_SMTP_SENDER_PORT=25

        - SL_SMTP_SENDER_USERNAME=

        - SL_SMTP_SENDER_PASSWORD=

2. The above settings in docker-compose.yml will in turn cause the

   sultans container to have

     SL_SMTP_SENDER_USERNAME

     SL_SMTP_SENDER_PASSWORD

  Indeed:

    bash-4.3# cat /proc/5/environ | sed 's/\0/\n/' | egrep SMTP | sort

    SL_SMTP_SENDER_FROM=cloudbreak@compute.amazonaws.com

    SL_SMTP_SENDER_HOST=172.17.0.1

    SL_SMTP_SENDER_PASSWORD=

    SL_SMTP_SENDER_PORT=25

    SL_SMTP_SENDER_USERNAME=

3. The code in /sultans/mailer.js will do auth if these are defined, even

   if they are the empry string:

     SL_SMTP_SENDER_USERNAME

     SL_SMTP_SENDER_PASSWORD

  Indeed:

   bash-4.3# egrep -A10 ^sendSimple   /sultans/mailer.js

   sendSimpleEmail = function(to, subject, content) {

    var transport = null;

    if (process.env.SL_SMTP_SENDER_USERNAME == null && process.env.SL_SMTP_SENDER_PASSWORD == null) {

        transport = nodemailer.createTransport(smtpTransport({

            host: process.env.SL_SMTP_SENDER_HOST,

            port: process.env.SL_SMTP_SENDER_PORT,

            secure: false,

            tls: {

                rejectUnauthorized: false

            }

        }));

---

2.4 A Workaround

-----------------

Make sure that

    SL_SMTP_SENDER_USERNAME

    SL_SMTP_SENDER_PASSWORD

are not defined in the cbreak_sultans_1 bash container.

Steps:

1. Hack the file docker-compose.yml:

    cloudbreak $ diff /var/lib/cloudbreak-deployment/docker-compose.yml \

                      /var/lib/cloudbreak-deployment/docker-compose.yml.sav

    149a150,151

    >         - SL_SMTP_SENDER_USERNAME=

    >         - SL_SMTP_SENDER_PASSWORD=

2. Restart the containers but not with cbd start, because that will overwrite

   docker-compose.yml.sav:

     cloudbreak $ cbd kill

     cloudbreak $ cd /var/lib/cloudbreak-deployment/

     cloudbreak $ ./.deps/bin/docker-compose -p cbreak up -d

3. Check that

    SL_SMTP_SENDER_USERNAME

    SL_SMTP_SENDER_PASSWORD

  are not defined on the container:

    cloudbreak $ alias sultans

    alias sultans='docker exec -it  cbreak_sultans_1 bash'

    cloudbreak $ sultans

    bash-4.3# ps                                                                                                                  

    PID   USER     TIME   COMMAND

      1 root       0:00 {start-docker.sh} /bin/bash /sultans/start-docker.sh

      5 root       0:03 node main.js

    bash-4.3# cat /proc/5/environ | sed 's/\0/\n/' | egrep SMTP                                                                            SL_SMTP_SENDER_FROM=cloudbreak@compute.amazonaws.com

    SL_SMTP_SENDER_PORT=25

    SL_SMTP_SENDER_HOST=172.17.0.1

---

3. Fix postfix config

---------------------

Change /etc/postfix/main.cf

  cloudbreak # egrep "inet_.*=" /etc/postfix/main.cf.orig

  #inet_interfaces = all

  #inet_interfaces = $myhostname

  #inet_interfaces = $myhostname, localhost

  inet_interfaces = localhost

  inet_protocols = all

Set inet_interfaces = all

  cloudbreak # diff /etc/postfix/main.cf /etc/postfix/main.cf.orig

  113c113

  < inet_interfaces = all

  ---

  > #inet_interfaces = all

  116c116

  < #inet_interfaces = localhost

  ---

  > inet_interfaces = localhost

Restart

  cloudbreak # systemctl stop postfix.service

  cloudbreak # systemctl start postfix.service