Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    amousset
    @amousset:matrix.org
    [m]
    do you have recent logs in /var/log/rudder/webapp/${TODAY}.log about the server's inventory?
    Fabien
    @fclemens_gitlab
    the command rudder agent inventory didn’t show any error but the log says :
    [2021-03-24 11:12:17+0100] ERROR inventory-processing - Rejecting Inventory 'debian-2gb-' for Node 'root' because the Inventory signature is not valid: the Inventory was not signed with the same agent key as the one saved within Rudder for that Node. If you updated the agent key on this node, you can update the key stored within Rudder with the https://docs.rudder.io/api/#api-Nodes-updateNodeapi (look for 'agentKey' property). The key path depends of your OS, on linux it's: '/var/rudder/cfengine-community/ppkeys/localhost.pub'. It is also contained in the <AGENT_CERT> value of inventory (you can extract public key with openssl x509 -pubkey -noout -in - << EOF -----BEGIN CERTIFICATE----- .... -----END CERTIFICATE----- EOF). If you did not change the key, please ensure that the node sending that inventory is actually the node registered within Rudder
    amousset
    @amousset:matrix.org
    [m]
    Ok, so the cert is not correctly updates
    amousset
    @amousset:matrix.org
    [m]
    run curl -k -H "X-API-Token: $(cat /var/rudder/run/api-token)" -H "Content-Type: application/json" -X POST 'https://localhost/rudder/api/latest/nodes/root' -d '{"agentKey":{"status":"undefined"}}'
    on the root server
    Fabien
    @fclemens_gitlab

    the page is not found

    <li>A non-existing URL.</li>
    <li>An essential component (LDAP or PostgreSQL) that is not accessible.</li>
    <li>The web application being unable to load.</li>
    <li>A non initialised Rudder installation. Please run /opt/rudder/bin/rudder-init to set it up.</li>
    <li>Not space left on disk, Rudder may have been stopped to prevent data corruption. Please check that you have available space.</li>

    But webapp is working

    amousset
    @amousset:matrix.org
    [m]
    I edited the line, the URL was incorrect
    Fabien
    @fclemens_gitlab
    The curl was ok. I regenerated policies.
    But on the node, nothing change
    amousset
    @amousset:matrix.org
    [m]
    does rudder agent update work on the node?
    Fabien
    @fclemens_gitlab
    nope : error: No suitable server found
    amousset
    @amousset:matrix.org
    [m]
    with the same key error as before?
    Fabien
    @fclemens_gitlab
    yes
    amousset
    @amousset:matrix.org
    [m]
    Ok, so you need to use rudder agent server-keys-reset; rudder agent reset to allow the update to work
    Fabien
    @fclemens_gitlab
    I’ve made a serverkey-reset but I’ll try the reset
    change nothing
    Didier-M-work
    @Didier-M-work
    Hello, I have some issues with rudder server 6.1.11 (I don't know if this issue was present before). Every time I change something in rudder web interface, rudder-cf-serverd is restarting. The result is that a lot of my nodes are not compliant.
    Here is an extract of my daemon.log :
    Mar 25 14:59:42 my-rudder-server systemd[1]: rudder-cf-serverd.service: Service hold-off time over, scheduling restart.
    Mar 25 14:59:42 my-rudder-server systemd[1]: Stopped CFEngine file server.
    Mar 25 14:59:42 my-rudder-server systemd[1]: Started CFEngine file server.
    Mar 25 14:59:43 my-rudder-server systemd[1]: Reloading CFEngine file server.
    Mar 25 14:59:43 my-rudder-server systemd[1]: Reloaded CFEngine file server.
    Mar 25 14:59:53 my-rudder-server systemd[1]: rudder-cf-serverd.service: Service hold-off time over, scheduling restart.
    Mar 25 14:59:53 my-rudder-server systemd[1]: Stopped CFEngine file server.
    Mar 25 14:59:53 my-rudder-server systemd[1]: Started CFEngine file server.
    Mar 25 14:59:54 my-rudder-server cf-serverd[215876]: rudder info: Failed to canonicalise filename '/var/rudder/configuration-repository/ncf/50_techniques' (realpath: No such file or directory)
    Mar 25 14:59:54 my-rudder-server cf-serverd[215876]: rudder info: Path does not exist, it's added as-is in access rules: /var/rudder/configuration-repository/ncf/50_techniques
    Mar 25 14:59:54 my-rudder-server cf-serverd[215876]: rudder info: WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
    Mar 25 14:59:54 my-rudder-server cf-serverd[215876]: rudder info: Failed to canonicalise filename '/var/rudder/shared-files/host-id/' (realpath: No such file or directory)
    Mar 25 14:59:54 my-rudder-server cf-serverd[215876]: rudder info: Path does not exist, it's added as-is in access rules: /var/rudder/shared-files/host-id/
    Mar 25 14:59:54 my-rudder-server cf-serverd[215876]: rudder info: WARNING: this means that (not) having a trailing slash defines if it's (not) a directory!
    ...
    Mar 25 14:59:54 my-rudder-server cf-serverd[215876]: notice: Server is starting...
    Mar 25 15:00:00 my-rudder-server systemd[1]: Reloading CFEngine file server.
    Mar 25 15:00:00 my-rudder-server cf-serverd[215876]: rudder info: Doing a Graceful restart
    Mar 25 15:00:00 my-rudder-server cf-serverd[215876]: notice: Cleaning up and exiting...
    Mar 25 15:00:00 my-rudder-server cf-serverd[215876]: notice: Stopping gracefully
    Mar 25 15:00:00 my-rudder-server systemd[1]: Reloaded CFEngine file server.
    Francois Armand
    @fanf
    @Didier-M-work hello, we are discussing that pb right now. It is due to https://issues.rudder.io/issues/18893 correction. We are working on a better correction
    amousset
    @amousset:matrix.org
    [m]
    This is a new behavior to fix an old bug (where the configuration was never reloaded), but the effects are more visible than expected.
    Didier-M-work
    @Didier-M-work
    Ok. If you're already on this issue, I'll let you work on it ;) Thanks
    amousset
    @amousset:matrix.org
    [m]
    you can remove the RestartSec=10s line in /lib/systemd/system/rudder-cf-serverd.service, then run systemctl daemon-reload and systemctl restart rudder-cf-serverd on your server. This should lower the downtime at service reload. Could you test it and check if the proble; is still visible?
    Didier-M-work
    @Didier-M-work
    @amousset:matrix.org Yes problem still visible but less nodes are not compliant
    amousset
    @amousset:matrix.org
    [m]
    @Didier-M-work: Thanks for you feedbaclk, we are working on a fix for the remaining 2-3 seconds
    Rudder Chatbot
    @rudderbot
    fanf fclemens_gitlab: cool, and sorry for the bad user experience. We are adding an healthcheck in a next release to let user know that there is a pb with their root server keys
    Rudder Chatbot
    @rudderbot
    fanf @fclemens_gitlab:
    Waccabac
    @Waccabac_twitter
    Hi !
    It's possible to store the result of "File report content" to a Variable ?
    I want to check a value in a configuration file on nodes
    amousset
    @amousset:matrix.org
    [m]
    You can use Variable string from command
    Technically ${file_report_content.content} should contain the output of the latest call to File report content but it's not a stable interface and may change at any time.
    Waccabac
    @Waccabac_twitter
    Thanks, I test this
    amousset
    @amousset:matrix.org
    [m]
    :point_up: Edit: Technically ${file_report_content.content} should contain the output of the latest call to File report content but it's not a stable interface and may change at any time, so I would advice against using it.
    Rudder Chatbot
    @rudderbot
    stephen wit
    jayakrishna k
    @jayakrishna.k_gitlab
    hi
    Alexis Mousset
    @amousset:matrix.org
    [m]
    Hi @jayakrishna.k_gitlab
    jayakrishna k
    @jayakrishna.k_gitlab
    We have a situation, We have installed the Rudder server in ubuntu 20.04 but the problem is we are not able to see the rudder agent and also not getting any nodes
    jayakrishna k
    @jayakrishna.k_gitlab
    not able to update the policy service too kindly do the needful
    jayakrishna k
    @jayakrishna.k_gitlab
    hello @amousset:matrix.org kindly do the needful
    Alexis Mousset
    @amousset:matrix.org
    [m]
    @jayakrishna.k_gitlab: To get an answer on community chat/bugtracker, you need to provide a precise description of the problem, how it happened and what you already tried to solve it. If you need more general support, you should contact the company on https://www.rudder.io/contact/ (as already explained twice on the bug tracker).
    Alexis Mousset
    @amousset:matrix.org
    [m]
    so in you case, which Rudder version did you install, what do you mean by "not able to see the rudder agent"? Did you install agents on other nodes?
    xlbt
    @xlbt

    Hello,
    I'm new in Rudder, I try to use mustache template to set sshd config.
    (I would like to avoid to use jinja2 as it ask for a package dependencie.)

    I use {{{vars.sys.ipv4[eth0]}}} for the ipv4 address, but it seems {{{vars.sys.ipv6[eth0]}}} does not exist.
    With {{{vars.sys.inet6.addresses.eth0.address}}}, I have an ipv6, but if the server does not have ipv6 set,
    it gives ipv6 link-local addresse (with prefix fe80::).

    What can I do to write the line "ListenAddress ..." only if the ipv6 is set on the server ?

    I didn't success/anderstand to use of :
    {{#vars....}}
    {{/vars....}}

    Thanks.

    Alexis Mousset
    @amousset:matrix.org
    [m]
    @xlbt: Hello, welcome! Mustache has very limited conditional capabilities. One option is to define a condition in the technique before calling the templating method, for example a Condition from command(my_name, ip a | grep ..., 0, 1) with a command detecting if the system has a proper IPv6 address, and use the defined condition with {{#classes.my_name_true}} ListenAddress ... {{/classes.my_name_true}}.
    arjenandringa
    @arjenandringa
    Hi there! I've been reading up on Rudder's Git repository. I wonder if it's possible, without corrupting the data, to sync the repository to another location within the on-premises infrastructure and changing contents of files? Such as extending techniques or rulesets?
    Francois Armand
    @fanf
    hello @arjenandringa ! Yes it is. Just be aware that only /var/rudder/configuration-repositor/techniques and ncf are a source of data, rules, directives etc are serialisation of the current corresponding object. If you modify these ones, you will need to do an "archive restauration - from last commit" to load them
    (we are working on making the git content the source of truth for all data, should come in 7.0)
    arjenandringa
    @arjenandringa
    Thanks for the very quick response. When can 7.0 be expected? I just reached Rudder a few weeks ago.
    Francois Armand
    @fanf
    @arjenandringa ho, it's for september, so you should go for 6.2 now :)
    arjenandringa
    @arjenandringa
    Sounds great, thanks!