I looked up the bug as suggested below, although it's restricted for internal development.
For the record I have the following version of OpenSSL installed: 1.0.1e-fips
INFO 2017-08-29 17:09:51,722 security.py:93 - SSL Connect being called.. connecting to the server ERROR 2017-08-29 17:09:51,725 Controller.py:456 - Unable to reconnect to https://xxx.xxx.xxx.xxx:8441/agent/v1/heartbeat/xxx.xxx.xxx.xxx (attempts=6, details=Request to https://xxx.xxx.xxx.xxx:8441/agent/v1/heartbeat/xxx.xxx.xxx.xxx failed due to EOF occurred in violation of protocol (_ssl.c:579)) INFO 2017-08-29 17:10:13,747 Controller.py:471 - Waiting 0.9 for next heartbeat INFO 2017-08-29 17:10:14,648 Controller.py:478 - Wait for next heartbeat over INFO 2017-08-29 17:10:14,651 NetUtil.py:70 - Connecting to https://xxx.xxx.xxx.xxx:8440/connection_info ERROR 2017-08-29 17:10:14,657 NetUtil.py:96 - EOF occurred in violation of protocol (_ssl.c:579) ERROR 2017-08-29 17:10:14,657 NetUtil.py:97 - SSLError: Failed to connect. Please check openssl library versions. Refer to: https://bugzilla.redhat.com/show_bug.cgi?id=1022468 for more details.
Hello @L V,
Please make sure that Ambar Server is started with Oracle JDK and not any other JDK. Second, please make sure that all the Ambari agents are using Python 2.6 to start (this can be seen during Agent restart command). There have been some known issues around this which were fixed by using right JDK and right Python library.
Hope this helps !
I can confirm that Ambari Server is starting with Java Oracle:
- Java(TM) SE Runtime Environment (build 1.8.0_131-b11)
- Java HotSpot(TM) 64-Bit Server VM (build 25.131-b11, mixed mode)
Ambari agent on the other hand is using Python 2.7.X.
My OS is RHEL7, considering it is very similar to Centos 7..Hortonworks recommends v2.7
So should I downgrade or is the problem elsewhere?
Turns out you need to explicitly force it in the /etc/amabri-agent/conf/ambari-agent.ini file.
I am also facing the same issue after updating "force_https_protocol=PROTOCOL_TLSv1_2" in ambari-agent.ini.
Agents are not communicating with server.