This error does not happen at agent execution but when rudder-relayd is reloaded (for example at the end of the policy generations)
Could you check if these nodes run correctly, if they are in a recent version and if their inventory works?
I took the wisdom from the Rudder backup information page and packaged it up, with some housekeeping thrown in. https://github.com/driehuis/rudder-contrib-backup/releases has the .deb or .rpm. The documentation blurb is at https://github.com/driehuis/rudder-contrib-backup. Needed it for my own devious purposes, thought I'd give back a bit. Includes a Nagios compatible script to monitor backup succes. Sorry, no Rudder technique for it :-)
it's really neat
Hi all, we are adding a feature in Rudder 7.0 to help new users to set up their Rudder correctly. This form will allow users to link their Rudder accounts (to download and update their plugins automatically), define the level of metrics sharing, and provide some useful links (doc, getting started...). We would like to add more configurations such as "allowed networks" and many others, to get a well configured and ready to use Rudder once the setup is complete.
This form appears the first time a root user logs in. The user can skip it, or restart it at any time from the "Settings" menu.
Here is an overview, keep in mind that this is still in development. We need to work on texts and animations to make it easy tu use, but early feedbacks are welcome :)
What do you think about it? Which setting(s) should we add?
Hello. I don't understand, in the directive "File content" there are the checkbox "Create the file if it doesn't exist" and "Create only" (If true, the file will be created if it doesn't exist, and only then. If the file already exists, it will be left untouched.) . What's the difference ?
Create the file if it doesn't exist=> if not checked and the file does not exist, it will not be createdCreate only: if the file already exist, do not edit it.
i'm trying to come up with a strategy to make rudder keep a package held except when it wants to upgrade the package. to stop other tools or humans from accidentally upgrading on certain nodes. i thought if there were pre and post hook commands for package update technique, it would be easy. but now i see there's not so wondering what would be another way.... thanks for any advice...
hello @steevhise , I'm not sure about what you want to do - how do you want to prevent other tools to update packages ? Do a
apt-mark hold/unhold around rudder checks ? I think you can do that with you own technique from the editor (with exec command apt-mark unhold, then package method, then exec command apt-mark hold). What would be the logic for rudder to update a package ? You would give it the target version to use?
just like the existing debian package technique, but with unhold and hold before and after....
so maybe i should clone that and try adding to it...?
you cannot clone the existing one because it has not been created with the technique editor
but a new one is not very hard to create since it is mostly a wrapper around the call to package_present
Hello everyone, I'm seeking help for a rudder-agent error. I'm not very familiar with Gitter so I supose I can ask for help here ? I've posted my problem here : https://serverfault.com/questions/1065407/rudder-server-cant-receive-pending-nodes-there-is-no-readable-input-file-at
I still have the same error output after the command. I found an error in apache2's log and it seems that my rudder-server has a bad ssl certificate :
[ssl:warn] [pid 335:tid 140230402913408] AH01906: rudder-v3.nx-domain.lan:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
could you post the
rudder agent check output?
:warning: :lock: Rudder 6.1.13 and 6.2.7 releases contain a fix for a vulnerability to brute-force attacks on local user authentication. If you are using the
file authentication provider (i.e. not an LDAP/AD/radius server) with bcrypt password storage (introduced by default since 6.1), you should upgrade your Rudder server to one of these versions.
@amousset okay, my rudder-server and my rudder agent have the 6.2.7 rudder version, the output of rudder agent checkout is :
rudder agent check
INFO: Policies absent, restoring initial version, and updating ...R: Initial policies have been successfully downloaded from the policy server
ok: Rudder agent policies were updated.
ok: Rudder agent state has been reset.
Done
WARNING: Policies invalid, reseting to initial policies and updating...R: Initial policies have been successfully downloaded from the policy server
ok: Rudder agent policies were updated.
ok: Rudder agent state has been reset.
Done
INFO: Inventory older than 3 days, resending ...Rudder agent 6.2.7-debian10
Node uuid: 2fa23f96-6918-49e0-8e4b-a10eb73f3954
error: There is no readable input file at '/var/rudder/cfengine-community/inputs/promises.cf'. (stat: No such file or directory)
error: Error reading CFEngine policy. Exiting...
info Rudder agent was run on a subset of policies - not all policies were checked
## Summary #####################################################################
0 components verified in 1 directives
Execution time: 0.00s
################################################################################I found an issue with the rudder-server certificate, I'm going to investigate it. Thank you for your time I will keep you updated if I find anything !
rudder agent reset
rm -f /var/rudder/cfengine-community/ppkeys/*
rm -f /opt/rudder/etc/ssl/agent.cert
rm -f /opt/rudder/etc/uuid.hive
rm -rf /opt/rudder/var/fusioninventory/*
rm -rf /var/rudder/tmp/inventory/*@ncharles
Can you tell me pls, how to use the group properties in the technique as a condition?
Hi, it does not seem so! How many files do you have in this folder?
This is really unexpected. Is the compliance ok on you server?
do you have recent files in the folder?
if so, do you have errors in
journalctl -u rudder-relayd output?