Quick question about shutdown and issue with "unauthorized"

Users
1

The quick question is “What is the purpose of /admin/shutdown?” mean, what risks do I have when not using it?
The behavior of killing/restart/upgrade Docker instances can lead to problems? Does it shut down all services including replicas and D.Zero? Anyway, there is very little about this. It would be interesting to clarify.

https://docs.dgraph.io/deploy/#shutdown-database

The issue.

I am trying to send remotely a Shutdown command (https://docs.dgraph.io/deploy/#shutdown) but I get this error:

// 20180317225134
// http://dgraphserver.db.rancher.internal/admin/shutdown

{
  "errors": [
    {
      "code": "ErrorUnauthorized",
      "message": "Request from IP: 172.17.0.3"
    }
  ]
}

Even this happens with /admin/Export. It is the correct one, because it is protecting the instance. But how is it inside a Docker, how could we supposedly automate it?

PS. I will improvise a Webhook for this. To inject curl into the Dgraph instance.

I am sending a fetch command from another instance in the same Dgraph environment. And that is the problem of authorization, within the instance of the Dgraph all commands works. Would not there be a way to authorize all IP’s temporarily?

For example, my env is behind a Reverse proxy. I only expose 80 and 443 in Firewall. So none Dgraph ports are availeble to outsiders. For me it’s safe expose it.

Cheers

2

/admin/shutdown is supposed to perform a clean shutdown i.e. wait for all pending requests to complete, do a snapshot and then shutdown the server. It’s the preferred way to perform a shutdown though even killing the server is not an issue. It is only used to shutdown a Dgraph server instance and not the cluster. We don’t have a similar command for Zero yet.

Yeah, for now all admin commands are only allowed from localhost though Added IP whitelist for admin/export by armcburney · Pull Request #2233 · dgraph-io/dgraph · GitHub is adding support for whitelisting of certain IPs.

1 Like
3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.