Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    Alexis Mousset
    @amousset:matrix.org
    [m]
    it is not iterable as is in mustache (as it is not an array but an object), but it should be possible with jinja. The other option is to use a "variable from command" and "variable iterator" to define the list from a command
    1 reply
    Suvi
    @Suvi8
    image.png
    Tanguy PELADO
    @tpelado

    So, I've tried using jinja, but I don't understand something.

    This is the template : 

    {#######TCP #}
{% for interface in vars.sys.interfaces %}
    {% for port_tcp in vars.node.properties['ports_tcp'] %}
    add rule ip filter INPUT tcp dport {{ port_tcp }} meta iifname {{interface}} accept # {{ port_tcp.key }}  CUSTOM 
    {% endfor %}
{% endfor %}

    This is the "ports_tcp" property : 

    {
  "http": 80,
  "https": 443
}

    Why is it that "port_tcp", my iterator item, is a str (http) and not the value (80) ?

    Stephen Horvath
    @workshopit:matrix.org
    [m]
    Good morning guys.
    Am faced with this issue this morning.
    in ldap.log - mdb_entry_decode: attribute index 909456690 not recognized
    in webapp.log - Error is: Could not get node information from database; cause
    Exception: Error during search cn=rudder-configuration SUB: internal error in mdb_id2edata; cause was: com.unboundid.ldap.sdk.LDAPSearchException: internal error in mdb_id2edata
    -> com.normation.ldap.sdk.RoLDAPConnection.$anonfun$search$1(LDAPConnection.scala:321)
    1 reply
    Alexis Mousset
    @amousset:matrix.org
    [m]
    Hi Stephen Horvath did you recently upgrade your Rudder server? Could be an interrupted post-inst script that was stopped during a reindexing
    1 reply
    @tpelado: by default jinja (python actually) iterates on keys, you need something like this to access both key and value:
    {% for port_name, port_tcp in vars.node.properties['ports_tcp'] %}
    5 replies
    fanf42
    @fanf42:matrix.org
    [m]
    @tpelado: docs here https://docs.rudder.io/reference/6.2/usage/variables.html#_property_syntax agrees, but misses the case for items(). I will see how we can add it
    but if I understand correctly, it's incorrect in the jinja2 section here: https://docs.rudder.io/reference/6.2/usage/variables.html#_file_content_templates_and_edition ?
    image.png
    Tanguy PELADO
    @tpelado

    Not really incorrect, but as you said, there is no mention of the .items().
    I'd say that this section needs more examples, at least for me, its easier to understand with a given exemple than with a generic explanation.

    I can provide the code I made for a dynamic firewall for NFtables based off a simple json entry in the node property if you feel it might be useful for future reference

    also, I've used https://ttl255.com/jinja2-tutorial-part-2-loops-and-conditionals/ for reference, and its been great so far
    do tell me if you need anything
    (in english, or french)
    fanf42
    @fanf42:matrix.org
    [m]
    I've added the items() part and reference to jinja doc (see https://jinja.palletsprojects.com/en/2.11.x/templates/#list-of-control-structures). Also, we have that entry, I should add it too: https://docs.rudder.io/rudder-by-example/current/files/advanced-file-templating.html
    Tanguy PELADO
    @tpelado
    thanks for your quick reply, appreciate it
    JulianWeis
    @JulianWeis

    Hey there i've got a little problem getting reports from my clients. As far as I see I get following errormassage on my server:
    error: HailServer: ERROR, could not resolve '**'
    error: Rudder agent was interrupted during execution by a fatal error Run with -i to see log messages.
    I already tried:
    checking firewall, running with -i ->nor results or errors

    Have you got any suggestions?

    Fdall
    @Fdall
    Hi @JulianWeis did you check that your policy server name was correctly resolved? If you replace the policy server name by it IP, does it fix the communication issue?
    Rana Masud
    @mrana_dev_gitlab
    Hi,
    I'm new on Rudder.
    I've installed Rudder-Server and Rudder-Agent (on 4 servers). I want to execute simple yum ('yum update -y') command on Agents from Rudder-Server. Please suggest me any documentation or the steps need to follow.
    Thanks in advance.
    Fdall
    @Fdall
    @mrana_dev_gitlab You can try to follow the "getting started guide" to setup your first policies. https://docs.rudder.io/get-started/current/configuration-policies/index.html You will most likely want to create a technique using the same steps than described in the guide, and use an "execution_command_result"
    Rana Masud
    @mrana_dev_gitlab
    @Fdall Thanks a lot. I'll follow that.
    JulianWeis
    @JulianWeis
    @Fdall the policy server is reached and resolved.
    Fdall
    @Fdall
    @JulianWeis Great!
    JulianWeis
    @JulianWeis
    @Fdall But still there is no report showing up!
    JulianWeis
    @JulianWeis
    @Fdall thanx for your help. I checked the DNS-Server - there was no entry for the missing node.
    Rana Masud
    @mrana_dev_gitlab
    Is there anyone can teach me Rudder? I really want to learn and willing to pay for your time. Thank you
    Alexis Mousset
    @amousset:matrix.org
    [m]
    Hi @mrana_dev_gitlab, sure, we do Rudder training sessions (on-site or remote). You can contact us through https://www.rudder.io/contact/ to get more information.
    Rana Masud
    @mrana_dev_gitlab
    Thanks @amousset:matrix.org , remote will work for me.
    @amousset:matrix.org I submitted my request, don't know how soon I'll get response.
    Elenui
    @Elenui
    Hello rudder's team !
    I currently trying to use the templating technique to push on my client snmpd.conf. Nonetheless my agent failed to deploy it with message : " Jinja templating failed with the following error: "
    Except that there is no error :'(
    I tried to have the simplest file with no jinja. And the verbose mode is not really helping me :'(
    Fdall
    @Fdall
    Hi @Elenui does running it in "info" mode using rudder agent run -i help?
    If not, verify that the template is well deployed to your node and that jinja2 is installed. If you want to be sure that your template is deployed on the agent, the best way is to create a technique via the technique editor, and attach the template as a resource to it.
    Elenui
    @Elenui
    Hum... I'm a fool Jinja2 wasn't here
    Now it work like a charm. But isn't strange that rudder didn't tell me ?
    Thanks Fdall for your help :)
    Elenui
    @Elenui
    I may need another advice. I'm trying to do something only if a package is installed. I used the package check installed. And if the package is present my file is copy to my server. Nonetheless if the package is not installed I get an error. The job works but on my display I have some "non" error. Any idea?
    Fdall
    @Fdall
    Currently Rudder does not offer a pretty way to use a method as an audit condition, which means you won't easily be able to do that. You have 2 solutions here:
    • use the package_check_install method in the technique editor, but I am pretty sure that it is based on our old package lib which is not super reliable and will soon be deprecated.
    • The other solution is to define a group based on the presence of the package on the nodes, and use a dedicated rule to apply the configuration to this group. The drawback is that the groups are based on the inventories which is only run one time per day. So this will induce a potential initial delay in your config deployment if you do not force an inventory after the installation of this pakcage.
    Elenui
    @Elenui

    I see. Is it possible to use a property from my node as a condition to deploy or not the file ? The idea is to configure all my snmpd's conf. So create a dédicated rule for each type of server seem pretty overkill and a pain to maintain.

    So far the package_check_install works like a charm except the error if the package is not present. Note that it does what I want but the dashboard is not clean XD.

    Thanks again @Fdall for your help. And thanks the team for this absolute gem :)
    Fdall
    @Fdall
    You can define properties on a global/group/node basis. There is a hierarchical inheritance between the elements at generation time.
    If you want to define conditions usable anywhere in a technique (and not just in a template), to prevent the execution of some methods in it for instance, you can try to use the condition_from_variable_* methods. They are a bit tricky but they are well documented.
    Try to use those and a set of templates if the configuration is pretty complex. Let me know if you find a pretty way configure it.
    Elenui
    @Elenui
    ohh interesting. Didn't see this one. I'll try Monday. Forgot to take pro laptop.
    Thanks again @Fdall :)
    Elenui
    @Elenui
    Hello, so I tried with condition from variable and check path exist. If the path / var match it's ok. But if not it trow a error
    I'll keep that way. It's not pretty but it work.
    Fdall
    @Fdall
    Great :thumbsup: the error should only be thrown if the variable does not exist at all. It is avoidable but quite tricky and ugly. In 7.0 you will be able to disable the reporting of specific method calls so do not worry too much, it should be easily fixable in the near future.
    Elenui
    @Elenui
    Noice :p
    In the version 7, will be a way to upload a file from the agent to the rudder ? I know there is a method with uid. But I think it wont work for my purpose. The idea is to get all ssl certificate create by letsencrypt and upload it to the agent to be deploy on each haproxy node ^^"
    Fdall
    @Fdall
    No idea there, maybe @amousset:matrix.org might be more familiar with this subject