Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    Alexis Mousset
    @amousset
    yes, because bionic is ubuntu 18.04, 20.04 is focal
    pmg
    @pmg7557_twitter
    @amousset Of course :-)
    It's better now, dpkg -l | grep rudder
    ii rudder-agent 6.0.9-ubuntu20.04 ...
    Thanks
    Nicolas Charles
    @ncharles
    @mattronix yes, you may remove the keys, and you'll need to remove the certificate as well
    let me find its path
    /opt/rudder/etc/ssl/agent.cert
    So to have a node without any keys nor trust:
    rm -f /var/rudder/cfengine-community/ppkeys/* && rm -f/opt/rudder/etc/ssl/agent.cert`
    command rudder agent check will regenerate both
    sadasd4354sad5
    @sadasd4354sad5
    failure: repodata/repomd.xml from Rudder_6.2: [Errno 256] No more mirrors to try.
    http://repository.rudder.io/rpm/6.2/RHEL_7/repodata/repomd.xml: [Errno 14] HTTP Error 404 - Not Found
    Rudder server install error on cent os 7
    Nicolas Charles
    @ncharles
    6.2 is not yet released, you should pick 6.1
    norbertoaquino
    @norbertoaquino

    Hi, i remove a server and execute rudder agent reset-factory and rudder agent policy-server myspolicyserver but if i click on "Trigger Agent" on web interface i receive this message:

    error: TRUST FAILED, server presented untrusted key: MD5=441c02957c3496133155500f806894be
    error: Failed to connect to host: HOSTNAME
    error Rudder agent was interrupted during execution by a fatal error
    Run with -i to see log messages.

    Summary

    0 components verified in 1 directives
    This summary is incomplete as the agent was interrupted during execution
    Execution time: 7.63s

    #

    On node rudder agent run it's ok

    How solution???

    Alexis Mousset
    @amousset
    Hi @norbertoaquino, which agent and server version?
    norbertoaquino
    @norbertoaquino
    @amousset 6.1.3 server and agent
    Matthew Frost
    @mattronix
    @ncharles thanks :)
    namen3645
    @namen3645
    rudder info: Failed to connect to server: Connection refused
    rudder info: No server is responding on port: 5309
    rudder info: Unable to establish connection to '34.69.72.245'
    error: No suitable server found
    rudder info: Promise belongs to bundle 'update' in file '/var/rudder/cfengine-community/inputs/promises.cf' near line 73
    rudder info: Failed to connect to server: Connection refused
    rudder info: No server is responding on port: 5309
    rudder info: Unable to establish connection to '34.69.72.245'
    error: No suitable server found
    rudder info: Promise belongs to bundle 'update' in file '/var/rudder/cfengine-community/inputs/promises.cf' near line 81
    R: Initial policies have been successfully downloaded from the policy server
    error Rudder agent was interrupted during execution by a fatal error
    PORT STATE SERVICE
    5309/tcp open unknown
    Nmap done: 1 IP address (1 host up) scanned in 0.39 seconds
    Matthew Frost
    @mattronix
    @namen3645 did you whitelist your hosts
    in the settings of the rudder portal
    image.png
    for example i did this
    but
    0.0.0.0 i would not recommend if your new to rudder always use what you need and ours work over the internet
    norbertoaquino
    @norbertoaquino
    hi ! It's possible change default interval of 8 hours for inventory?
    Eric Renfro
    @erenfro
    Gooooood evening.
    I just started being curious about Rudder, and looking at it.
    First thing I did was created a Technique to manage a user. But, then I added a Directive for managing a ssh-key for the same user, but I get errors on that as if the user doesn't exist (but they do)
    Matya
    @matya_gitlab
    Since it is running multiple times, it will converge the a stable state. It might run the key management before it creates the usee2, but at the next run it will follow up on the key as long as the user was managed successfully in the first run.
    Eric Renfro
    @erenfro
    But, it doesn't. It just repeatedly throws the same error on repeat runs.
    The user exists... But, that technique always fails claiming the user doesn't exist, yet it does.
    E| compliant     Common                    ncf Initialization                           Configuration library initialization was correct                                                       
    E| repaired      Common                    Update                                       Policy or configuration library were updated                                                           
    E| compliant     Common                    Security parameters                          The internal environment security is acceptable                                                        
    E| compliant     Common                    CRON Daemon                                  Cron daemon status was correct                                                                         
    E| compliant     Common                    Log system for reports                       Reports forwarding to policy server was correct                                                        
    E| compliant     Inventory                 inventory                                    Next inventory scheduled between 00:00 and 06:00                                                       
    E| error         sshKeyDistribution        SSH key                   Primary Key        The user psi-jack does NOT exist on this machine, not adding SSH key                                   
    E| error         sshKeyDistribution        SSH key                   Primary Key        The user psi-jack does NOT exist on this machine, and the SSH key format is wrong                      
    E| compliant     userGroupManagement       Users                     psi-jack           The user psi-jack ( Eric Renfro ) is already present on the system                                     
    E| compliant     userGroupManagement       Password                  psi-jack           The user psi-jack ( Eric Renfro ) password change is not required                                      
    E| n/a           userGroupManagement       Home directory            psi-jack           The user psi-jack doesn't need to have its home directory checked                                      
    E| error         sshKeyDistribution        Flush SSH file            Primary Key        The user psi-jack does not exists on this system, impossible to flush keys
    E| error         sshKeyDistribution        Flush SSH file            Primary Key        The user psi-jack does not exists on this system
    A| non-compliant sshKeyDistribution        Flush SSH file            Primary Key        The user psi-jack does not exists on this system
    E| error         sshKeyDistribution        Flush SSH file            Primary Key        The user psi-jack does not have a defined home dir
    A| non-compliant sshKeyDistribution        Flush SSH file            Primary Key        The user psi-jack does not have a defined home dir
    E| n/a           Common                    Monitoring                                   No Rudder monitoring information to share with the server
    norbertoaquino
    @norbertoaquino
    @erenfro use rudder agent run -i and put results here please
    Eric Renfro
    @erenfro
    Okay./
    So it seems to not like the dash (-) in the username. LOL
    Eric Renfro
    @erenfro
    Soooo, would that be a bug...? Seems like one to me. :)
    norbertoaquino
    @norbertoaquino
    @erenfro User name is converting in a variable and variables in rudder nor permit "-" @amousset this is a bug? The variable need canonification?
    Eric Renfro
    @erenfro
    Heh. finding a bug my first day using a new application. :)
    Nicolas Charles
    @ncharles
    Hi ! It's most likely that the - is not accepted indeed
    the variable does indeed need canonification
    when writing the technique, we (actually I) had the weird assumption that - were not allowed in login
    Nicolas Charles
    @ncharles
    Eric Renfro
    @erenfro
    Hehe. That, sadly, is a common misunderstanding. - is very much an acceptable character in logins. Has been since the dawn of UNIX time. :)
    And that's slated for next point release? Very nice. :)
    Just waking up. :)
    Eric Renfro
    @erenfro
    One thing I'm totally daunted by about Rudder is that, ultimately, it boils down to using cfengine3, which, to me, is freaking unusual. I had the nightmares of using cfengine1 and 2, and those, were... Not fun.. To put it lightly. LOL
    Eric Renfro
    @erenfro
    Hmmm. I really am entranced by the idea of rudder though. Like even the ability to continue to operate even if the rudder server is down for whatever reason.
    norbertoaquino
    @norbertoaquino
    I worked with cfengine2 and cfengine3 for almost 10 years. cfengine and very complex. Rudder facilitates administration and maintains the desired state. The best tool in my opinion !!!
    Eric Renfro
    @erenfro
    It definitely is interesting to see cfengine used in such a different way than I had. :)
    I'm coming from having knowledge with cfengine1/2, puppet, saltstack, chef, ansible, and now, looking at rudder to replace my current saltstack implementation.