Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    Alexis Mousset
    @amousset:matrix.org
    [m]
    This error does not happen at agent execution but when rudder-relayd is reloaded (for example at the end of the policy generations)
    Could you check if these nodes run correctly, if they are in a recent version and if their inventory works?
    Bert Driehuis
    @driehuis
    I took the wisdom from the Rudder backup information page and packaged it up, with some housekeeping thrown in. https://github.com/driehuis/rudder-contrib-backup/releases has the .deb or .rpm. The documentation blurb is at https://github.com/driehuis/rudder-contrib-backup. Needed it for my own devious purposes, thought I'd give back a bit. Includes a Nagios compatible script to monitor backup succes. Sorry, no Rudder technique for it :-)
    Alexis Mousset
    @amousset
    Thanks for sharing this @driehuis! This will be useful for a lot of Rudder users :rocket: We'll see how we can link it from the docs.
    Nicolas Charles
    @ncharles
    Thank you so much @driehuis !
    it's really neat
    Raphael Gauthier
    @RaphaelGauthier
    setup-4.png
    setup-3.png
    setup-2.png
    setup-1.png

    Hi all, we are adding a feature in Rudder 7.0 to help new users to set up their Rudder correctly. This form will allow users to link their Rudder accounts (to download and update their plugins automatically), define the level of metrics sharing, and provide some useful links (doc, getting started...). We would like to add more configurations such as "allowed networks" and many others, to get a well configured and ready to use Rudder once the setup is complete.

    This form appears the first time a root user logs in. The user can skip it, or restart it at any time from the "Settings" menu.

    Here is an overview, keep in mind that this is still in development. We need to work on texts and animations to make it easy tu use, but early feedbacks are welcome :)
    What do you think about it? Which setting(s) should we add?

    Nicolas Charles
    @ncharles
    Awesome ! I think it is missing tooltip or info about what is what - espacially the Rudder Account which can be confusing
    pmg
    @pmg7557_twitter
    Hi All, I wrote a technique "ipv6" that returns True/False whether IP ipv6 is present or not. It works well in my config policies. Now I want to create a dynamic group based on this but I did not found how to do ... Thanks in advance for any advice.
    pmg
    @pmg7557_twitter
    Found, I just created a property.
    Nicolas Charles
    @ncharles
    Great idea !
    pmg
    @pmg7557_twitter
    Hello. I don't understand, in the directive "File content" there are the checkbox "Create the file if it doesn't exist" and "Create only" (If true, the file will be created if it doesn't exist, and only then. If the file already exists, it will be left untouched.) . What's the difference ?
    Alexis Mousset
    @amousset:matrix.org
    [m]
    • Create the file if it doesn't exist => if not checked and the file does not exist, it will not be created
    • Create only : if the file already exist, do not edit it.
    pmg
    @pmg7557_twitter
    ... do not edit it ? via the next directives (Section : File content , ... ) Yes?
    Alexis Mousset
    @amousset:matrix.org
    [m]
    Yes it skips the file completely afaik
    pmg
    @pmg7557_twitter
    Thanks @amousset
    Steev Hise
    @steevhise
    hi question about the debian package install/update technique - i thought i remembered post hooks command options for that but now don't see them... was that removed at some point?
    Steev Hise
    @steevhise
    i'm trying to come up with a strategy to make rudder keep a package held except when it wants to upgrade the package. to stop other tools or humans from accidentally upgrading on certain nodes. i thought if there were pre and post hook commands for package update technique, it would be easy. but now i see there's not so wondering what would be another way.... thanks for any advice...
    Francois Armand
    @fanf
    hello @steevhise , I'm not sure about what you want to do - how do you want to prevent other tools to update packages ? Do a apt-mark hold/unhold around rudder checks ? I think you can do that with you own technique from the editor (with exec command apt-mark unhold, then package method, then exec command apt-mark hold). What would be the logic for rudder to update a package ? You would give it the target version to use?
    Steev Hise
    @steevhise
    yes exactly
    just like the existing debian package technique, but with unhold and hold before and after....
    so maybe i should clone that and try adding to it...?
    peckpeck
    @peckpeck
    you must create a new technique to do that, since we currently don't have pre-hooks in the package technique
    you cannot clone the existing one because it has not been created with the technique editor
    but a new one is not very hard to create since it is mostly a wrapper around the call to package_present
    Matt
    @little-bear-creator
    Hello everyone, I'm seeking help for a rudder-agent error. I'm not very familiar with Gitter so I supose I can ask for help here ? I've posted my problem here : https://serverfault.com/questions/1065407/rudder-server-cant-receive-pending-nodes-there-is-no-readable-input-file-at
    peckpeck
    @peckpeck
    that's surprising that /var/rudder/cfengine-community/inputs/failsafe.cf doesn't exist, but the command rudder agent reset should be able to re create it
    Matt
    @little-bear-creator
    I still have the same error output after the command. I found an error in apache2's log and it seems that my rudder-server has a bad ssl certificate :[ssl:warn] [pid 335:tid 140230402913408] AH01906: rudder-v3.nx-domain.lan:443:0 server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
    Alexis Mousset
    @amousset
    @little-bear-creator this warning is harmless and not the cause of the problem
    could you post the rudder agent check output?
    :warning: :lock: Rudder 6.1.13 and 6.2.7 releases contain a fix for a vulnerability to brute-force attacks on local user authentication. If you are using the file authentication provider (i.e. not an LDAP/AD/radius server) with bcrypt password storage (introduced by default since 6.1), you should upgrade your Rudder server to one of these versions.
    Suvi
    @Suvi8

    hello guys

    can someone tell me how to use the group properties in the technique as a condition?

    Matt
    @little-bear-creator

    @amousset okay, my rudder-server and my rudder agent have the 6.2.7 rudder version, the output of rudder agent checkout is :

     rudder agent check
    INFO: Policies absent, restoring initial version, and updating ...R: Initial policies have been successfully downloaded from the policy server
    ok: Rudder agent policies were updated.
    ok: Rudder agent state has been reset.
     Done
    WARNING: Policies invalid, reseting to initial policies and updating...R: Initial policies have been successfully downloaded from the policy server
    ok: Rudder agent policies were updated.
    ok: Rudder agent state has been reset.
     Done
    INFO: Inventory older than 3 days, resending ...Rudder agent 6.2.7-debian10
    Node uuid: 2fa23f96-6918-49e0-8e4b-a10eb73f3954
       error: There is no readable input file at '/var/rudder/cfengine-community/inputs/promises.cf'. (stat: No such file or directory)
       error: Error reading CFEngine policy. Exiting...
    info     Rudder agent was run on a subset of policies - not all policies were checked
    
    ## Summary #####################################################################
    0 components verified in 1 directives
    Execution time: 0.00s
    ################################################################################

    I found an issue with the rudder-server certificate, I'm going to investigate it. Thank you for your time I will keep you updated if I find anything !

    Suvi
    @Suvi8

    Hello guys,

    I have installed the Agent in a VM and want to reset the Agent-ID before this VM is converted into a template.

    rudder agent factory-reset, does not this job, because it will auto create new ID, instead i need to only to delete the Agent-ID without creating new ID.

    Nicolas Charles
    @ncharles
    You can manually remove all informations:
    rudder agent reset
    rm -f /var/rudder/cfengine-community/ppkeys/*
    rm -f /opt/rudder/etc/ssl/agent.cert
    rm -f /opt/rudder/etc/uuid.hive
    rm -rf /opt/rudder/var/fusioninventory/*
    rm -rf /var/rudder/tmp/inventory/*
    Suvi
    @Suvi8
    @ncharles thanks

    @ncharles

    Can you tell me pls, how to use the group properties in the technique as a condition?

    Nicolas Charles
    @ncharles
    Hi @Suvi8 . Group properties are key-values, they cannot be used directly as a condition
    however, you can use "Condition from variable match" generic method to check if the group proporty as a specific value (or even exists)
    Norberto Aquino
    @norbertoaquino
    Hi! I'am using version 6.1.3 in rudder server. There are any routine/configuration for delete files in folder /var/rudder/reports/failed?
    Alexis Mousset
    @amousset:matrix.org
    [m]
    Hi, it does not seem so! How many files do you have in this folder?
    Norberto Aquino
    @norbertoaquino
    @amousset:matrix.org A lot of files... the size this folder: 7GB. Files since 2021-06-01.
    Alexis Mousset
    @amousset:matrix.org
    [m]
    This is really unexpected. Is the compliance ok on you server?
    do you have recent files in the folder?
    if so, do you have errors in journalctl -u rudder-relayd output?
    Alexis Mousset
    @amousset:matrix.org
    [m]
    A cleanup will be done automatically in the next patch release Normation/rudder#3677