by

Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    Vincent Membré
    @VinceMacBuche
    like "testd" here
    "Source path, relative to /var/rudder/configuration-repository/shared-files/ " parameter
    you can type "sit-rudder" maybe in the quicksearch bar to help you find it
    necarnot
    @necarnot
    I have a dozen of "File download (Rudder server)" directives that are using a file from /var/rudder/configuration-repository/shared-files/sit-rudder to spread them to some nodes. In each directive, the source path is sit-rudder/my_custom_file01, 02...
    Is there any problem doing so?
    Vincent Membré
    @VinceMacBuche
    no not at all but you have one directive/technique that looks for a template / file in /var/rudder/configuration-repository/techniques/ ncf_techniques/sit___upgrade_rudder_agent__debian_like_/1.0/resources/shared-files but it should not and I'm looking for this technique/directive and it's not the one i asked you first
    necarnot
    @necarnot
    @VinceMacBuche Vincent, did you read my msg above telling that the error has gone since I git added the sit-rudder dir?
    Vincent Membré
    @VinceMacBuche
    ok so everything is fine ?
    necarnot
    @necarnot
    on the technique generation, yes, it's ok, but https://issues.rudder.io/issues/17917 remains
    and the workaround is not working around
    Francois Armand
    @fanf
    @necarnot : yes, for the bug we are a bit at lost to make the workaround works. There's a command that works in terminal BUT the same does not work in python through cfengine module. We are not sure why, and actually blocked here
    In the meantime, we proposed to install missing dep - I think it's when you hit the problem with jq etc ?
    necarnot
    @necarnot
    @fanf I tried to add a method to install jq in my technique, and it is installing jq, but still never upgrading the agent.
    necarnot
    @necarnot
    Argh, once again, I'm hitting the issue of the server that cannot generate policies.
    I'm creating an issue in redmine because that is getting severe.
    Francois Armand
    @fanf
    @necarnot thanks for reporting, this issue is really strange. @VinceMacBuche we need to understand what is happening here, something is clearly not doing what we want. It's as if there was a mix between what is understood as resources by technique editor and what is from shared-files
    I will try to reproduce, we really need to go to the end of it. @necarnot is it on debian 10 ? (not sure it's important, but still)
    Francois Armand
    @fanf
    @necarnot I wasn't able to reproduce. I added questions/ideas in the ticket
    Francois Armand
    @fanf
    my best guess for now is that something want horribly wrong during update, technique deleted from editor but not from fs/git had their metadata.xml corrupted, Ragnarök ensues. But I would prefer to let north gods out of that and understand what the root cause is.
    (but for now, between that and #17917, it's north gods)
    Francois Armand
    @fanf
    OK: for #17917, I have a working workaround (which will likely becomes the patch, too). It's added in description: https://issues.rudder.io/issues/17917
    pilyon3
    @pilyon3
    Hi everybody. We're using Rudder and Apereo CAS in our envrionment and we would like to kown if it's possible to authenticate Rudder's users via CAS. Any clue ?
    Francois Armand
    @fanf
    @pilyon3 we don't support CAS out of the box, but it could be done (under the houd, we rely on spring security, and I remember having implemented a CAS support for it 15 years ago or so...)
    (I think my brain totally erased details of that in a kind of post-traumatic self preservation stands, but now CAS is integrated in spring security, IIRC - so likely doable)
    pilyon3
    @pilyon3
    ok thanks for the notice
    pilyon3
    @pilyon3
    But delegating authentication to the web server could have been a simpler solution, isn't it ? Maybe not compatible with Rudder's design ?
    Waccabac
    @Waccabac_twitter
    Hi !
    I have a problem before upgrade to 6.1 version
    all agent don't connect to the rudder server, and on the general options on the server, I have this error :
    An error occured when trying to get the list of existing allowed networks
    Error message was: Error when saving new allowed networks for policy server ${policyServerId.value}
    No allowed networks are displayed, and I have this error when I try to add it
    Waccabac
    @Waccabac_twitter
    Anyone can help me ?
    Nicolas Charles
    @ncharles
    Hi - could you try to rerun /opt/rudder/bin/rudder-upgrade (in case of?)
    (this is a bank holiday in france)
    Waccabac
    @Waccabac_twitter
    @ncharles I have the same problem

    ``` # /opt/rudder/bin/rudder-upgrade
    INFO: Checking if rudder-web.properties database access credentials are all right... LDAP OK, SQL OK
    Overriding existing techniques
    INFO: Correcting permissions on /var/rudder/configuration-repository... Done
    Sur la branche master
    rien à valider, la copie de travail est propre
    Techniques have been updated, and update branch set to current state of the Techniques
    INFO: Checking PostgreSQL service status... OK
    INFO: Checking LDAP service status... OK

    INFO: The migration has completed successfully. ```

    Francois Armand
    @fanf
    @Waccabac_twitter did you upgraded scale-out-relay plugin?
    Waccabac
    @Waccabac_twitter
    I don't have plugin
    Francois Armand
    @fanf
    ok. Can you send me /var/log/rudder/webapp/2020_07_15.stderrout.log ? I will have a look.
    @Waccabac_twitter by email if anything private, or pastbin/etc if ok
    Waccabac
    @Waccabac_twitter
    yes
    Waccabac
    @Waccabac_twitter
    Francois Armand
    @fanf
    @Waccabac_twitter ok, I see: Inconsistency: Error when retrieving system directive with ID common-root' which is mandatory for allowed networks configuration.
    so it seems that there is a problem with your LDAP server content. Did something want wrong during first update ? It looks like some system directive are missing. Other idea: did you try to restore an archice ?
    @Waccabac_twitter can you post also the result of following command on root server?
    ldapsearch -o ldif-wrap=no -h localhost -p 389 -x -D "cn=Manager,cn=rudder-configuration" -w PASS_FROM_/opt/rudder/etc/rudder-passwords -b "techniqueCategoryId=Rudder Internal,techniqueCategoryId=Active Techniques,ou=Rudder,cn=rudder-configuration" -s sub
    Francois Armand
    @fanf
    @Waccabac_twitter did you have ipv6 addresses in authorized network ? @ncharles pointed me to that ticket, it might be an alternative version (we will know with the LDAP request) : https://issues.rudder.io/issues/16498
    Waccabac
    @Waccabac_twitter
    I test the command
    ldap_bind: Invalid credentials (49)
    I have IPv6 on machine, but no IPv6 on allowed network
    necarnot
    @necarnot

    I will try to reproduce, we really need to go to the end of it. @necarnot is it on debian 10 ? (not sure it's important, but still)

    @fanf yes it's on debian 10.
    I replied on #17939.

    @fanf About #17917, can you tell me on which line number do you add the option please?