Bug #11593
closedInventory ERROR: No RUDDER/AGENT/POLICY_SERVER_UUID
Description
Hi to all,
Don't know if it's a real bug, but I need help!
as in the object, when I run sudo rudder agent inventory
to force the node to send inventory to server, it exit with a non zero status.
In the verbose one, it seems like: E| error Inventory inventory Generated inventory has been detected as invalid
and
@R: ************************************************************************- WARNING Generated inventory is not valid, as it is missing mandatory fields. *
- Not sending it to the Rudder Server *
- You can check the invalid inventory in /var/rudder/tmp/inventory/
*************************************************************************@
When: sudo rudder agent check
----> ok: Rudder agent check ran without errors.
When: sudo rudder agent health
---> Connection errors in Rudder agent last run
See /var/rudder/cfengine-community/outputs/previous for more details
sudo cat .../previous
---> R: *************************************************************************
- rudder-agent could not get an updated configuration from the policy server. *
- This can be caused by: *
- * an incorrect DNS resolution of this node *
- * an agent key that has been changed *
- * if this node is not accepted or deleted node on the Rudder root server *
- * if this node has changed policy server without sending a new inventory *
- Any existing configuration policy will continue to be applied without change.
**************************************************************************@
I think there's a missed file?
Thank you,
best regards
Updated by Nicolas CHARLES over 7 years ago
- Category set to System techniques
Hi Erminio,
Sorry about your problem.There are 2 main possibilities:
- Either the file /var/rudder/cfengine-community/policy_server.dat is invalid or doesn't exist
- Either the node IP is not in the authorized networks of the policy server (see Settings/General in the web interface)
Finally, it could be a firewall issue, as port 443 needs to be open from the node to the policy server
Updated by Erminio Mangusti over 7 years ago
Nicolas CHARLES wrote:
Hi Erminio,
Sorry about your problem.
There are 2 main possibilities:
- Either the file /var/rudder/cfengine-community/policy_server.dat is invalid or doesn't exist
- Either the node IP is not in the authorized networks of the policy server (see Settings/General in the web interface)
Finally, it could be a firewall issue, as port 443 needs to be open from the node to the policy server
Hi Nicolas, thank you for your speedy answer!
The file policy_server.dat exist, with a valid IP address [ Before, I installed rudder agent on my laptop for give it a try, I changed the policy_server.dat and everythings goes fine. I didn't need to change anythings from the IP authorized network of the policy server and my laptop appair in the " accept new node " interface. ]
I check for any firewall issue..
Thank you again! Sorry for my bad italian english...!
Updated by Erminio Mangusti over 7 years ago
Nicolas CHARLES wrote:
Hi Erminio,
Sorry about your problem.
There are 2 main possibilities:
- Either the file /var/rudder/cfengine-community/policy_server.dat is invalid or doesn't exist
- Either the node IP is not in the authorized networks of the policy server (see Settings/General in the web interface)
Finally, it could be a firewall issue, as port 443 needs to be open from the node to the policy server
Hi Nicolas, thank you for your speedy answer!
The file policy_server.dat exist, with a valid IP address [ Before, I installed rudder agent on my laptop for give it a try, I changed the policy_server.dat and everythings goes fine. I didn't need to change anythings from the IP authorized network of the policy server and my laptop appair in the " accept new node " interface. ]
I check for any firewall issue..
Thank you again! Sorry for my bad italian english...!
edit: I checked the policy_server.dat and exist, I set node IP/Mask in the web interface but still give me the same error...
Login to ssh into the device where the node is installed, in etc/apache2/, using cat on ports.conf show me this: @@test-CH-04:/etc/apache2$ cat ports.conf- If you just change the port or add more ports here, you will likely also
- have to change the VirtualHost statement in
- /etc/apache2/sites-enabled/000-default.conf
Listen 80
<IfModule ssl_module>
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
Listen 443
</IfModule>@
Is this ok?
Thanks again for your time
Updated by Nicolas CHARLES over 7 years ago
To help debugging further, could tell us:
- version of Rudder on both server and node
- OS of the server and the node
- check that the ip of the node does match the rules defined on the server in files /opt/rudder/etc/rudder-networks.conf and /opt/rudder/etc/rudder-networks-24.conf
Could you also paste the failing generated inventory of the node which should be in /var/rudder/tmp/inventory/ ? (caution, it may contain sensitive info - there's at least the hostname & ip, bur also all packages installed, users on the nodes, ..., so you may need to anonymise it a bit
Updated by Benoît PECCATTE over 7 years ago
Hello Erminio, did you have time to take a look at this problem ?
Updated by Nicolas CHARLES over 7 years ago
Hello Erminio,
One last question: do you have the file /var/rudder/cfengine-community/rudder-server-uuid.txt ?
Updated by Erminio Mangusti over 7 years ago
Nicolas CHARLES wrote:
Hello Erminio,
One last question: do you have the file /var/rudder/cfengine-community/rudder-server-uuid.txt ?
Hello guys,
I'm sorry to have disappeared for a long time without giving any signs of life.
In this time I came across several mistakes, many of them my own. [It's a very long story, I save you from.. ]
In a random cloudy day Rudder server saw the nodes that he did not recognize before, I accepted them but they could not really communicate with the server. In the client rudder log I encountered problems with TLS sockets and I was looking for the problem on the client side. My eyes was bleeding in search. I was about to edit the file "cf-serverd.cf", when something happens. A little mischievous goblin suggested in my ear softly a memory...
So I went to the server web page, settings, general, and added my ip to allowed network.
It worked.
Thank you for your time,
Have nice days,
Erminio
Updated by Benoît PECCATTE over 7 years ago
- Status changed from New to Rejected
It's good to hear that you solved your problem.