Project

General

Profile

Actions

Question #11735

closed

Mandatory flow between agent and server ( Could not retrieve the UUID of the policy server)

Added by pierrick prost over 6 years ago. Updated about 6 years ago.

Status:
Resolved
Priority:
N/A
Assignee:
-
Category:
-
Target version:
-
Regression:

Description

Hello Everyone,

i have to create firewall rules between nodes and one rudder server. Right now, il only opened mandatory flow :

---------------------------------------------------------------------------------------------------------------
Port 5309, TCP
Agent communication port, used to fetch policy and shared files from the policy server.
Port 443, TCP, for nodes
WebDAV/HTTPS communication port, used to send inventory and fetch the id of the Rudder Server. Powershell DSC agent communication port, used to fetch policy and shared files from the policy server on Windows
Port 514, TCP/UDP
Syslog port, used to centralize reports.

And this one is optional:

Port 5310, TCP
---------------------------------------------------------------------------------------------------------------

no ping allowed, no HTTP /HTTPS right now.

When i start an inventory, i have this error :


[root@centreonpoller ~]# rudder agent inventory
Rudder agent 4.2.2.release (CFEngine Core 3.10.2)
Node uuid: 8ea77128-6671-4a09-9fa0-8064eed4f2d6
Start execution with config [0]

M| State Technique Component Key Message
E| error Inventory inventory Could not retrieve the UUID of the policy server

  1. Summary #####################################################################
    => 1 components in Enforce mode
    -> 1 error
    execution time: 7.27s ################################################################################

After some research, UUID is get by curl on this URL ? https://RUDDER_IP/uuid

So I have to open port 443 beetween nodes and server too ?

Have a good day.

Pierrick

Open-it

Actions #1

Updated by pierrick prost over 6 years ago

Sorry I'm reformulating my question,

i need to open others port than 443 ? Or something else to debug.

Regards.

Actions #2

Updated by Benoît PECCATTE over 6 years ago

  • Status changed from New to Discussion

Ports needed are : 5309 TCP, 443 TCP, 514 UDP, all from nodes to Rudder server.

You can add:
- 514 TCP from node to server if you configured syslog to use tcp
- 5309 TCP from server to node if you want to be able to use the "rudder remote run" command

Actions #3

Updated by Benoît PECCATTE about 6 years ago

  • Status changed from Discussion to Resolved

Closing since there is no answer.
Feel free to reopen if needed.

Actions

Also available in: Atom PDF