Project

General

Profile

Actions

Bug #14268

closed

Broken authorized networks in centos6

Added by Félix DALLIDET almost 6 years ago. Updated almost 5 years ago.

Status:
Rejected
Priority:
N/A
Assignee:
-
Category:
Server components
Target version:
Severity:
Minor - inconvenience | misleading | easy workaround
UX impact:
User visibility:
Getting started - demo | first install | Technique editor and level 1 Techniques
Effort required:
Priority:
43
Name check:
Fix check:
Regression:

Description

When installing a centos6 server, the authorized networks set up with rudder-init does not seems to be immediatly effective.
This can be see easily in rtf, setting up a server and an agent and then running the base scenario on it.

Each inventory coming from the agent will be denied by the server, until another server run is triggered.
Output on the agent:

04:50:56        +   info          Inventory                 inventory                                    User list generation tool is not present yet. Skipping...
04:50:56        +rudder     info: Edit file '/var/rudder/tmp/inventory/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs'
04:50:56        +rudder     info: Edit file '/var/rudder/tmp/inventory/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs'
04:50:56        +rudder     info: Copying from 'localhost:/var/rudder/tmp/inventory/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs'
04:50:56        +rudder     info: Transforming '/opt/rudder/bin/rudder-sign "/var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs"' 
04:50:56        +rudder     info: Transformer '/var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs' => '/opt/rudder/bin/rudder-sign "/var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs"' seemed to work ok
04:50:56        +rudder     info: Transforming '/bin/gzip -fq /var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs' 
04:50:56        +rudder     info: Transformer '/var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs' => '/bin/gzip -fq /var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs' seemed to work ok
04:50:56        +rudder     info: Transforming '/usr/bin/curl -L -k -1 -f -s --proxy '' --user rudder:rudder -T /var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs.sign https://server/inventories/' 
04:50:56        +   error: Finished command related to promiser '/var/rudder/inventories' -- an error occurred, returned 22
04:50:56        +rudder     info: Automatically promoting context scope for 'cant_send_inventory' to namespace visibility, due to persistence
04:50:56        +   error: Transformer '/var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs.sign' => '/usr/bin/curl -L -k -1 -f -s --proxy '' --user rudder:rudder -T /var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs.sign https://server/inventories/' returned error
04:50:56        +rudder     info: Transforming '/usr/bin/curl -L -k -1 -f -s --proxy '' --user rudder:rudder -T /var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs.gz https://server/inventories/' 
04:50:56        +   error: Finished command related to promiser '/var/rudder/inventories' -- an error occurred, returned 22
04:50:56        +rudder     info: Automatically promoting context scope for 'cant_send_inventory' to namespace visibility, due to persistence
04:50:56        +   error: Transformer '/var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs.gz' => '/usr/bin/curl -L -k -1 -f -s --proxy '' --user rudder:rudder -T /var/rudder/inventories/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs.gz https://server/inventories/' returned error
04:50:56        +E| error         Inventory                 inventory                                    Could not send the inventory
04:50:56        +   error: Method 'sendInventory' failed in some repairs
04:50:56        +   error: Method 'doInventory_always' failed in some repairs

Apache logs on the rudder server:

04:52:07 [Fri Feb 01 03:50:03 2019] [error] [client 192.168.41.3] client denied by server configuration: /var/rudder/inventories/incoming/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs.sign
04:52:07 [Fri Feb 01 03:50:04 2019] [error] [client 192.168.41.3] client denied by server configuration: /var/rudder/inventories/incoming/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs.gz
04:52:07 [Fri Feb 01 03:50:54 2019] [error] [client 192.168.41.3] client denied by server configuration: /var/rudder/inventories/incoming/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs.sign
04:52:07 [Fri Feb 01 03:50:54 2019] [error] [client 192.168.41.3] client denied by server configuration: /var/rudder/inventories/incoming/agent-2d1d03ed-3ce4-4ee2-8e6a-f356d85a93ee.ocs.gz

This problem is centos6 specific, in rudder 4.1 and rudder 4.3

Actions

Also available in: Atom PDF