Hello guys !
I wonder, are there any defined variables in rudder server, that can be used in technique-s?
e.g. Every node has defined Hostname, Node_ID. So can I create technique, that as parameter uses e.g. $(hostname) and on execution for each node it will use hostname or Node_ID defined on Node summary page?
I know how to define parameter in technique, and then declare it in Directive, but insted of declearing I want to forward that "global variable" defined for each node.
@ncharles I've question about adding aditional sources to APT repository.
Let's say I want to install Docker or some random package, in order to do that I have to complete 2 steps:
1) Get and add repository GPG key
2) Add repository to /etc/apt/sources.list.d/
And on the next update, I can install the package.
In rudder, I saw two built-in directives:
1) Directive Package repository keys (RPM/APT)
2) Package sources and settings (APT)
The second directive is clear to use, all I have to definre URL of repository, pick distribution and ETC.
But the first one is kind a tricky.
I choose to import GPG key, and then there is field "Long hash of the GPG Key". I tought this would be similar directive to the first one, define url of the key, and add it to the trusted.gpg directory.
But it doesn't work like that.
It seems to me that I've to manually download the gpg key on the node, then add it to the trusted.gpg directory using output of command "gpg --list-keys --keyid-format=long". When I try that command I get no output.
So what am I doing wrong here, is there any other way to manage repository GPG keys? Thanks in advance :)
Hello. Today no issue, just a question, so feel free to have a lunch break, relax :)
I witnessed that some of our newest VMs are now provisioned in a way that sets up /etc/resolv.conf with :
[legit things...]
search mydomain1.lan. mydomain2.lan.
So far so good, but pay attention to the trailing period of each domain.
So far, I don't remember having ever seen a trailing period at the end of the domains in the search field.
(please spare your time explaining to me what this period means and how it's use, I'm OK)
But the link with Rudder is this : I'm witnessing that the inventory process ends up naming this node :
myserver.mydomain1.lan. <- please note the trailing period
Our previous nodes did not have a trailing period in their names.
It happens to ruin some of my groups regexps, which I will fix easily, but I'm curious to learn about how the Rudder node name is built and if this behavior is legit?
Thanks
Hi @necar_gitlab, if I understand well you have some nodes that show an incorrect hostname in their inventory.
Can you check in the raw inventory of the node (you can find it under the /var/rudder/inventories/received on your root server) the value of the HOSTNAME under the RUDDER section. It should be the hostname of your node with fqdn. As displayed by the output of hostname -f
Does it seems correct?
Hello everyone :)
A month ago, I've asked a question about installing packages that are not in standard APT (or some other repository). I've found 2 in-built directives for fetching repository keys, and for creating list in /etc/apt/sources.list.d/
I was hoping that those directives will execute "apt-update" after adding new repo, but that doesn't happen, they also relay on those global parameters.
This is not problem for packages that are not defined in standard repository, it will take 10-15 minutes before they get installed (after time defined in global parmater expires and apt-update gets executed).
But the problem is with the packages that exists in standard repository but in older version.
e.g. I want to install zabbix-agent, version in APT repository is 5.0, but I want to use 5.4 version.
I've added repository gpg key, and source file to /etc/apt/sources.list.d/ and If I add "package present directive" for zabbix agent, it will install the older version defined in APT, because apt-updated didn't execute after the key and repo were imported.
Is there any way to handle this situation? I don't want to set global parameter for apt-update to be executed every 2-3 minutes, and even so the proper version of package won't be installed.
Thanks
Hello @ncharles, I m going to check mentioned drawback once more before opening ticket.
I have two other questions.
What does "missing report" mean ? I saw 2 results of this report. First one when directive did its taks, and I got missing report, and second time directive didn't do its taks, and I also got missing report.
Is there directive or any solution to check if directory is mounted? I'have added a line in the /etc/fstab file, but is there option to mount it, or check if it is mounted? There is in-built directive Filesystem mount points, but I'm not sure about what it does.
variable from command execution. But if you just want to have the output accessible from the interface, I think that by default, a log info level report is generated .You should be able to see it in your node compliance reports tab, when clicking under the
Show Logs button
Hello everyone :)
I have 3 potential issues with inbuilt directive "Technique Package sources and settings (APT)"
1) As I mentioned above, after adding new repository, apt update is not executed, rather directive relays on global parameter "updates_cache_expire"
2) It is not possible to have more than one "Technique Package sources and settings (APT)" in the same Rule, because it overwrites content of the first one. This directive creates rudder-apt.list file in the /ect/apt/sources.list.d directory, and if there are 2 directives, the content of this file will be overwritten. There is option to add more repositories in the same directive, but the thing is that I don't want to have unnecessary repositories added, if the package won't be installed.
3) This directive may corrupt apt, as It doesn't check if the desired repository already exists on the machine, if it does, it will create a list file with the same content that will cause apt to output warnings.
Thanks :)
What you can as a workaround is to create your own apt management technique, with a cache reset on change (see https://docs.rudder.io/rudder-by-example/current/system/update-rudder-agent-package.html#_delete_rpm_list_cache_when_repository_change for example about how to reset cache)
# ls -sk /var/rudder/ldap/openldap-data/
total 5176356
5176352 data.mdb 4 lock.mdb
ls -alh /var/rudder/ldap/openldap-data/
total 5,0G
drwxr-xr-x. 2 rudder-slapd rudder-slapd 38 23 sept. 08:07 .
drwxr-xr-x. 4 rudder-slapd rudder-slapd 41 2 sept. 2019 ..
-rw-------. 1 rudder-slapd rudder-slapd 100G 23 sept. 13:16 data.mdb
-rw-------. 1 rudder-slapd rudder-slapd 17K 23 sept. 13:16 lock.mdb
@ncharles my commands:
ls -sk /var/rudder/ldap/openldap-data/
total 18921452
18921444 data.mdb 8 lock.mdb
ls -alh /var/rudder/ldap/openldap-data/
total 19G
drwxr-xr-x 2 rudder-slapd rudder-slapd 38 Sep 23 10:02 .
drwxr-xr-x 3 rudder-slapd rudder-slapd 27 Sep 24 2020 ..
-rw------- 1 rudder-slapd rudder-slapd 19G Sep 23 10:37 data.mdb
-rw------- 1 rudder-slapd rudder-slapd 8.0K Sep 23 10:37 lock.mdb