Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    Nicolas Charles
    @ncharles
    There isn't a directive to check if a directory is mounted, but you can use a generic method and do a command execution (or maybe os-query?)
    Domagoj Bazina
    @dbazina-dev
    Yea, I m doing that. Thanks :)
    Domagoj Bazina
    @dbazina-dev
    @ncharles is there option to execute command, and capture the output?
    e.g. ls -la and to get output of the function?
    Fdall
    @Fdall
    @dbazina-dev It depends on why you want to capture the output. You can define a rudder variable at execution time from the output of the command, using variable from command execution. But if you just want to have the output accessible from the interface, I think that by default, a log info level report is generated .
    You should be able to see it in your node compliance reports tab, when clicking under the Show Logs button
    Domagoj Bazina
    @dbazina-dev
    Thanks :) !
    Domagoj Bazina
    @dbazina-dev

    Hello everyone :)

    I have 3 potential issues with inbuilt directive "Technique Package sources and settings (APT)"

    1) As I mentioned above, after adding new repository, apt update is not executed, rather directive relays on global parameter "updates_cache_expire"

    2) It is not possible to have more than one "Technique Package sources and settings (APT)" in the same Rule, because it overwrites content of the first one. This directive creates rudder-apt.list file in the /ect/apt/sources.list.d directory, and if there are 2 directives, the content of this file will be overwritten. There is option to add more repositories in the same directive, but the thing is that I don't want to have unnecessary repositories added, if the package won't be installed.

    3) This directive may corrupt apt, as It doesn't check if the desired repository already exists on the machine, if it does, it will create a list file with the same content that will cause apt to output warnings.

    Thanks :)

    fanf42
    @fanf42:matrix.org
    [m]
    hello @dbazina-dev . For 1/, you're right, we should reset cache on change. Would you mind open a ticket for that? Same for 3/, it is a bug. For 2, I think it's a design pb with that technique, and it would need a big rewrite.
    What you can as a workaround is to create your own apt management technique, with a cache reset on change (see https://docs.rudder.io/rudder-by-example/current/system/update-rudder-agent-package.html#_delete_rpm_list_cache_when_repository_change for example about how to reset cache)
    fanf42
    @fanf42:matrix.org
    [m]
    so you could have a template copied with your technique, and a command exec to remove cache
    AlexanderT
    @ati_ito_twitter
    good morning everyone :-) i have a question about inventory hooks. Is there a technical limit or best practice for the number of property fields? iIdon't want to burden the system unnecessarily, but there are some important values ​​for us that should be saved.
    fanf42
    @fanf42:matrix.org
    [m]
    there is no technical limits, but node properties merging during policy generation (ie the part where we compute overrides) can be impacting in policy generation time. It's aften better to have fewer properties with bigger json associated than more. That being said, we have users with tens (or hundreds) of properties per node
    Suvi
    @Suvi8
    Hello guys, currently I'm using rudder 6.1, is it safe to use now 6.2?
    DidierMetral
    @DidierMetral
    Hello, before installing Rudder in my company, i have some questions ;) We have an SSO with 2FA. Is it possible to use it for user authentification in Rudder web interface ?
    AlexanderT
    @ati_ito_twitter
    @fanf42:matrix.org thanks for your answer
    Nicolas Charles
    @ncharles
    @Suvi8 Yes it is safe to upgrade to 6.2, it is even recommanded as 6.1 is not supported anymore
    Suvi
    @Suvi8

    @Suvi8 Yes it is safe to upgrade to 6.2, it is even recommanded as 6.1 is not supported anymore

    thanks

    Alexis Mousset
    @amousset:matrix.org
    [m]
    @DidierMetral it is currently not possible
    Norberto Aquino
    @norbertoaquino
    HI! Is it normal for the file size /var/rudder/ldap/openldap-data/data.mdb to be around 19G? I'm using version 6.1.3 and managing 1200 servers. Thanks!!
    Nicolas Charles
    @ncharles
    This is a sparse files, so it's probably not effectively using this size
    # ls -sk /var/rudder/ldap/openldap-data/ total 5176356 5176352 data.mdb 4 lock.mdb

    ls -alh /var/rudder/ldap/openldap-data/

    total 5,0G
    drwxr-xr-x. 2 rudder-slapd rudder-slapd 38 23 sept. 08:07 .
    drwxr-xr-x. 4 rudder-slapd rudder-slapd 41 2 sept. 2019 ..
    -rw-------. 1 rudder-slapd rudder-slapd 100G 23 sept. 13:16 data.mdb
    -rw-------. 1 rudder-slapd rudder-slapd 17K 23 sept. 13:16 lock.mdb
    Norberto Aquino
    @norbertoaquino

    @ncharles my commands:

    ls -sk /var/rudder/ldap/openldap-data/
    total 18921452
    18921444 data.mdb 8 lock.mdb

    ls -alh /var/rudder/ldap/openldap-data/
    total 19G
    drwxr-xr-x 2 rudder-slapd rudder-slapd 38 Sep 23 10:02 .
    drwxr-xr-x 3 rudder-slapd rudder-slapd 27 Sep 24 2020 ..
    -rw------- 1 rudder-slapd rudder-slapd 19G Sep 23 10:37 data.mdb
    -rw------- 1 rudder-slapd rudder-slapd 8.0K Sep 23 10:37 lock.mdb

    Nicolas Charles
    @ncharles
    that's surprising
    with 5000 nodes (fairly similar to be honest) & 300 or 400 directives/groups, I have only 5GB used
    Nicolas Charles
    @ncharles
    maybe you have a lot of different systems and that's why - we deduplicate softwares to save disk space, and maybe our test platform is not representative for that
    Alexis Mousset
    @amousset:matrix.org
    [m]
    @ncharles: isn't 6.1.3 affected by duplicated software?
    Nicolas Charles
    @ncharles
    @amousset:matrix.org good point - i'm searching when it did happen
    i can't find back the issue :/
    but anyway, your version of Rudder is not maintained anymore @norbertoaquino - you should upgrade, at least to latest patch version, idealy to 6.2
    Nicolas Charles
    @ncharles
    @amousset:matrix.org this was a 6.2 issue
    Alexis Mousset
    @amousset:matrix.org
    [m]

    ⚠️ 🔒️ On September 30 2021 (next Thursday), the old root certificate previously used by Let’s Encrypt (DST Root CA X3), now replaced by ISRG Root X1 (which is now widely trusted) will expire. See the official announcement for details.

    As the whole Rudder infrastructure uses Let’s Encrypt certificates, you may be affected by this change. It is very unlikely to be a problem for our websites, but may be for older operating systems interacting with our servers, which happens for:

    • Our package and plugin repositories (if you use https URLs), especially if you don't use a local mirror
    • Our public API (used by the CVE plugin, connecting from the Rudder root server)

    In case you see a certificate verification error you have several options:

    • If the operating system is still maintained, update the root certificates (ca-certificates package on most Linux distributions) to get the correct root certificate.
    • Manually add the new root ISRG Root X1 in your system's certificates store
    • Use plain http URLs for repositories, as both packages and plugins are signed, and system repositories already usually use http by default on older Linux distributions

    Please contact us if you have questions or issues regarding this change.

    Alexis Mousset
    @amousset:matrix.org
    [m]
    In order to prepare a configuration change that will help us make sure the certificate expiration affects Rudder users as little as possible, we are doing an upgrade on our repository server. This may lead to a few minutes of unavailability.
    Domagoj Bazina
    @dbazina-dev

    Hello everyone.

    I need help with replacing the lines in exact file.
    So I have to comment out the exact line in the /etc/fstab, but the thing is that I don't know how that line looks like, all I know is that the line containes certain keyword.

    I've made my own directive, that includes several different generic methods, but now I see that there is in built directive "File content", that offers option of replacing lines using REGEX. The first line defines the Regex that will match the line, and in the second line we have to define the "replacment line". As I said before I don't know the content of the line, all I have to do is to "fetch" the line and replace it with the same exacit line, but commented (#).

    But I don't see that this is possible using inbuilt directives? I would like to avoid using command execution methods and capturing their variables.

    Domagoj Bazina
    @dbazina-dev

    Also I would like to know, do these generic method allow usage of Regex.

    eg. "File line present", can i put the regex instead of the exact line?

    peckpeck
    @peckpeck
    how would rudder guess the exact line to put if it is not present ?
    Domagoj Bazina
    @dbazina-dev

    I've found the solutions.
    It is explained here: https://docs.rudder.io/rudder-by-example/current/files/edition-replace-line.html

    There is option to capture the line that is matching the regex, and that capture is "stored to variable"

    lkoenen
    @lkoenen
    Hey, the docs show Ubuntu 14, 16, 18 and 20 in Community support https://docs.rudder.io/reference/6.2/installation/operating_systems.html but the repo only contains 16, 18, and 20 http://repository.rudder.io/apt/latest/pool/main/r/rudder-agent/ . Which of the two is correct now?
    Alexis Mousset
    @amousset:matrix.org
    [m]
    the repo is correct and the doc is outdated, I'm fixing it
    Eric Renfro
    @erenfro
    Okay, so, weird issue I have today. rudder-cf-serverd fails to stay running on one of my hosts. Just a constant repeat of this, until the start-limit-hit is reached:
    Oct 03 12:52:02 hv1 systemd[1]: Started CFEngine file server.                                                                                                                                  
    Oct 03 12:52:02 hv1 systemd[1]: rudder-cf-serverd.service: Succeeded.                                                                                                                          
    Oct 03 12:52:02 hv1 systemd[1]: rudder-cf-serverd.service: Service RestartSec=100ms expired, scheduling restart.                                                                               
    Oct 03 12:52:02 hv1 systemd[1]: rudder-cf-serverd.service: Scheduled restart job, restart counter is at 4.                                                                                     
    Oct 03 12:52:02 hv1 systemd[1]: Stopped CFEngine file server.
    Nicolas Charles
    @ncharles
    Hi @erenfro - do you have more details in journalctl or /var/log/messages ?
    Stephen Horvath
    @workshopit:matrix.org
    [m]
    Hi Guys, I like the new website and colour scheme
    is this for version 7?
    Stephen Horvath
    @workshopit:matrix.org
    [m]
    am I able to tell my rudder agent to use a different port to look up the server/relay in policy_server.dat? I want to run rudder relay in a docker container and 443 is already used on the docker host
    Eric Renfro
    @erenfro
    @ncharles The bad thing is, no, That's literally all I had. However, I see now that it's running after a reboot from last night, however I'd do so many times in the process of upgrading that server from Debian 10 to 11, (yes I know, no current 11 repos for Rudder), but, it literally just would not start without erroring out as shown above, and no log output. Now, miraculously, it's working like nothing was wrong.
    I also noticed something interesting too. When I was looking into this, I had gone to Rudder.io and noticed, there's no downloads anymore?
    Nicolas Charles
    @ncharles
    ha, this is surprising indeed - documentation says how to donwload it, but an easy info on the website would help
    Nicolas Charles
    @ncharles
    Hi @workshopit:matrix.org - yes, new colour is for Rudder 7
    Stephen Horvath
    @workshopit:matrix.org
    [m]
    will rudder 7 still provide access to compile rudder-relays as before?
    Nicolas Charles
    @ncharles
    Nothing should change there
    Alexis Mousset
    @amousset:matrix.org
    [m]
    ℹ️ we are upgrading the server hosting the docs and the bugtracker, causing a few minutes of unavailability in the next hour.