Hello, I'm trying to implement cerbos in my node application. For development, I'm running the cerbos instance with docker-compose

cerbos:
    image: ghcr.io/cerbos/cerbos:latest
    container_name: cerbos_service
    ports:
      - '3592:3592'
      - '3593:3593'
    volumes:
      - ./cerbos/policies:/cerbos-service/policies
      - ./cerbos/config.yaml:/cerbos-service/config.yaml
    command: ['server', '--config=/cerbos-service/config.yaml']
    environment:
      - CERBOS_ADMIN_USERNAME=${CERBOS_ADMIN_USERNAME}
      - CERBOS_ADMIN_PASSWORD_HASH=${CERBOS_ADMIN_PASSWORD_HASH}
    networks:
      - core_network

My cerbos config file is as below

import { GRPC as Cerbos } from '@cerbos/grpc';
import { logger } from '../utils/logger';
import EnvConfiguration from './env';

function createCerbosClient(): Cerbos {
  const { CERBOS_HOST, CERBOS_PORT, CERBOS_TLS, CERBOS_PLAYGROUND_INSTANCE } = EnvConfiguration;

  logger.info('Initializing Cerbos client with the following configuration:', {
    CERBOS_HOST,
    CERBOS_PORT,
    CERBOS_TLS,
    CERBOS_PLAYGROUND_INSTANCE,
  });

  if (!CERBOS_HOST) {
    const error = new Error('CERBOS_HOST is not set');
    logger.error(error.message);
    throw error;
  }

  if (!CERBOS_PORT) {
    const error = new Error('CERBOS_PORT is not set');
    logger.error(error.message);
    throw error;
  }

  try {
    const cerbosClient = new Cerbos(`${CERBOS_HOST}:${CERBOS_PORT}`, {
      tls: CERBOS_TLS,
      playgroundInstance: CERBOS_PLAYGROUND_INSTANCE,
    });

    logger.info('Cerbos client created successfully');
    return cerbosClient;
  } catch (error) {
    logger.error('Failed to initialize Cerbos client:', error);
    throw error;
  }
}

class CerbosClient {
  private static instance: Cerbos | null = null;

  private constructor() {}

  public static getInstance(): Cerbos {
    if (!CerbosClient.instance) {
      logger.info('Creating a new Cerbos client instance');
      CerbosClient.instance = createCerbosClient();
      logger.info('Cerbos client initialized successfully');
    } else {
      logger.info('Using existing Cerbos client instance');
    }

    return CerbosClient.instance;
  }
}

export default CerbosClient.getInstance();

However, I get the error

Authorization error: gRPC error 14 (UNAVAILABLE): Name resolution failed for target dns:cerbos_service:3592 {
core_service      |   "code": 14,
core_service      |   "details": "Name resolution failed for target dns:cerbos_service:3592",
core_service      |   "name": "NotOK",
core_service      |   "stack": "NotOK: gRPC error 14 (UNAVAILABLE): Name resolution failed for target dns:cerbos_service:3592\n    at Object.callback (/app/node_modules/@cerbos/grpc/src/transport.ts:75:15)\n    at Object.onReceiveStatus (/app/node_modules/@grpc/grpc-js/src/client.ts:360:26)\n    at Object.onReceiveStatus (/app/node_modules/@grpc/grpc-js/src/client-interceptors.ts:458:34)\n    at Object.onReceiveStatus (/app/node_modules/@grpc/grpc-js/src/client-interceptors.ts:419:48)\n    at /app/node_modules/@grpc/grpc-js/src/resolving-call.ts:163:24\n    at processTicksAndRejections (node:internal/process/task_queues:77:11)"
core_service      | }

How can I resolve this? Any help from here?

Hi, I think you’ve set the CERBOS_PORT as 3592 which is the http port, but the SDK is expecting the gRPC port which is 3593. Is that correct?

@oguzhan, changed the port to 3593 but still getting the same error

Authorization error: gRPC error 14 (UNAVAILABLE): Name resolution failed for target dns:cerbos_service:3593 {
core_service      |   "code": 14,
core_service      |   "details": "Name resolution failed for target dns:cerbos_service:3593",
core_service      |   "name": "NotOK",
core_service      |   "stack": "NotOK: gRPC error 14 (UNAVAILABLE): Name resolution failed for target dns:cerbos_service:3593\n    at Object.callback (/app/node_modules/@cerbos/grpc/src/transport.ts:75:15)\n    at Object.onReceiveStatus (/app/node_modules/@grpc/grpc-js/src/client.ts:360:26)\n    at Object.onReceiveStatus (/app/node_modules/@grpc/grpc-js/src/client-interceptors.ts:458:34)\n    at Object.onReceiveStatus (/app/node_modules/@grpc/grpc-js/src/client-interceptors.ts:419:48)\n    at /app/node_modules/@grpc/grpc-js/src/resolving-call.ts:163:24\n    at processTicksAndRejections (node:internal/process/task_queues:77:11)"
core_service      | }

Do you run the node application in a docker container, or in the host machine?

I run the application in a docker container, in the same network as the cerbos instance.

I couldn’t see what might be the problem with your setup. Hence I have created an example repository similar to your usage to try to reproduce the error. Please see the repository: https://github.com/oguzhand95/node-cerbos-demo Executing

docker-compose up

will start the

cerbos

and the

.

(node app) service. Browsing the

localhost:3000

will trigger a request to

cerbos

and response from

cerbos

will available in your browser. Would you mind checking if there are any apparent differences between your

cerbos

configuration,

Dockerfile

or

docker-compose.yaml

to the ones on the repository?