Question #11735
closedMandatory flow between agent and server ( Could not retrieve the UUID of the policy server)
Description
Hello Everyone,
i have to create firewall rules between nodes and one rudder server. Right now, il only opened mandatory flow :
---------------------------------------------------------------------------------------------------------------
Port 5309, TCP
Agent communication port, used to fetch policy and shared files from the policy server.
Port 443, TCP, for nodes
WebDAV/HTTPS communication port, used to send inventory and fetch the id of the Rudder Server. Powershell DSC agent communication port, used to fetch policy and shared files from the policy server on Windows
Port 514, TCP/UDP
Syslog port, used to centralize reports.
And this one is optional:
Port 5310, TCP
---------------------------------------------------------------------------------------------------------------
no ping allowed, no HTTP /HTTPS right now.
When i start an inventory, i have this error :
[root@centreonpoller ~]# rudder agent inventory
Rudder agent 4.2.2.release (CFEngine Core 3.10.2)
Node uuid: 8ea77128-6671-4a09-9fa0-8064eed4f2d6
Start execution with config [0]
M| State Technique Component Key Message
E| error Inventory inventory Could not retrieve the UUID of the policy server
- Summary #####################################################################
=> 1 components in Enforce mode
-> 1 error
execution time: 7.27s ################################################################################
After some research, UUID is get by curl on this URL ? https://RUDDER_IP/uuid
So I have to open port 443 beetween nodes and server too ?
Have a good day.
Pierrick
Open-it
Updated by pierrick prost about 7 years ago
Sorry I'm reformulating my question,
i need to open others port than 443 ? Or something else to debug.
Regards.
Updated by Benoît PECCATTE about 7 years ago
- Status changed from New to Discussion
Ports needed are : 5309 TCP, 443 TCP, 514 UDP, all from nodes to Rudder server.
You can add:
- 514 TCP from node to server if you configured syslog to use tcp
- 5309 TCP from server to node if you want to be able to use the "rudder remote run" command
Updated by Benoît PECCATTE almost 7 years ago
- Status changed from Discussion to Resolved
Closing since there is no answer.
Feel free to reopen if needed.