Announcement

Collapse
No announcement yet.

repo.zabbix.com poor availability

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

    repo.zabbix.com poor availability

    This is a long standing and well known issue: the hosting of repo.zabbix.com is unreliable.

    First, the repo is often slow or simply down.
    Second, the rsync protocol is down for weeks at times, until someone finally restart it I guess (after several tickets!) , which prevent optimal mirroring.

    After raising several tickets myself and seen other users do it, seeing forum posts and IRC chat on #zabbix about this, I feel like this is getting nowhere.

    Since there was no definitive response from the Zabbix team about this on the tracker nor on IRC, I'm asking here: what is going on?

    I'm using zabbix since 2010, I love the project but repo.zabbix.com sucks for years now. Please do something about the hosting or allow other people to mirror your repo correctly. I think that I could even get my company to sponsor an European repository, but there seems to be no interest on this.

    It's bad for the zabbix name that the preferred production installation method from your own website tells user to use repo.zabbix.com when its quality is so low.

    #2
    I am sorry for the availability issues you as well as other users are having with repo.zabbix.com. I hope we will manage to resolve this issue within a few days.
    Alexei Vladishev
    Creator of Zabbix, Product manager
    New York | Tokyo | Riga
    My Twitter

    Comment


      #3
      On an Ubuntu 16.04 (Xenial) system:
      curl -vvv https://repo.zabbix.com/zabbix/3.2/ubuntu
      * Trying 162.243.159.138...
      * Connected to repo.zabbix.com (162.243.159.138) port 443 (#0)
      * found 148 certificates in /etc/ssl/certs/ca-certificates.crt
      * found 592 certificates in /etc/ssl/certs
      * ALPN, offering http/1.1
      * SSL connection using TLS1.2 / ECDHE_RSA_AES_256_GCM_SHA384
      * server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
      * Closing connection 0
      curl: (60) server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
      More details here: http://curl.haxx.se/docs/sslcerts.html

      curl performs SSL certificate verification by default, using a "bundle"
      of Certificate Authority (CA) public keys (CA certs). If the default
      bundle file isn't adequate, you can specify an alternate file
      using the --cacert option.
      If this HTTPS server uses a certificate signed by a CA represented in
      the bundle, the certificate verification probably failed due to a
      problem with the certificate (it might be expired, or the name might
      not match the domain name in the URL).
      If you'd like to turn off curl's verification of the certificate, use
      the -k (or --insecure) option.

      curl --version
      curl 7.47.0 (x86_64-pc-linux-gnu) libcurl/7.47.0 GnuTLS/3.4.10 zlib/1.2.8 libidn/1.32 librtmp/2.3
      Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp smb smbs smtp smtps telnet tftp
      Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz TLS-SRP UnixSockets

      Date and time is fine (i.e., not a clock skew issue on this end). Did something change on the certificates that are now preventing the Ubuntu repo from being used?

      Comment


        #4
        for now the go daddy cert has an issue, it has not the intermediate cert:

        https://www.ssllabs.com/ssltest/anal...epo.zabbix.com
        Path #1: Trusted
        1 Sent by server repo.zabbix.com
        Fingerprint SHA256: 5d4e21a7573c17aa1c4811fd46c6545eff5ca7d1354f89f59e 40fbf8509087db
        Pin SHA256: bYimDqmVMGPIzlJEucxPxsFMd5m8pj1LiqNbmGV3+M0=
        RSA 2048 bits (e 65537) / SHA256withRSA
        2 Extra download Go Daddy Secure Certificate Authority - G2
        Fingerprint SHA256: 973a41276ffd01e027a2aad49e34c37846d3e976ff6a620b67 12e33832041aa6
        Pin SHA256: 8Rw90Ej3Ttt8RRkrg+WYDS9n7IS03bk5bjP/UXPtaY8=
        RSA 2048 bits (e 65537) / SHA256withRSA
        3 In trust store Go Daddy Root Certificate Authority - G2 Self-signed
        Fingerprint SHA256: 45140b3247eb9cc8c5b4f0d7b53091f73292089e6e5a63e274 9dd3aca9198eda
        Pin SHA256: Ko8tivDrEjiY90yGasP6ZpBU4jwXvHqVvQI0GS3GNdA=
        RSA 2048 bits (e 65537) / SHA256withRSA
        Regards,
        Ghislain.

        Comment


          #5
          It should be better now.

          Comment


            #6
            hi,
            environments using Zabbix with this one-stop, comprehensive guide to the Zabbix world Mastering Zabbix Second Edition AndreaDalleVacche Mastering Zabbix Second Edition Nowadays, monitoring systems play a crucial role in any IT environment. They are extensively used to not only measure your system's performance, but also to forecast capacity issues. This is where Zabbix, one of the most popular monitoring solutions for networks and applications, comes into the picture. This new edition will provide you with all the knowledge you need to make strategic and practical decisions about the Zabbix monitoring system. The setup you'll do with this book will fit your environment and monitoring needs like a glove. You will be guided through the initial steps of choosing the correct size and configuration for your system, to what to monitor and how to implement your own custom monitoring component.
            regards
            jayesh
            Plex Kodi Lucky Patcher

            Comment

            Working...
            X