Bug #2943
closed
On a Centos 5.8 agent, the log are not sent to the rudder server
Description
I installed a fresh Centos 5.8, and installed on it the rudder agent
Everything was fine, until I tried to look at compliance on the webapp. there, the node appeared as "No Answer"
syslog process was running by default on this box
rsyslog was also installed, but not running (it doesn't start if syslog is running)
The syslog configuration was invalid :
# Rudder specific logging parameters local6.* @192.168.56.85:514
The :514 seems to be illegal
Removing the :514 solved the issue (but then, the agent added again a line with :514 at the end)
Stopping syslog and starting rsyslog solved also the system
Caution : as a side effect, it might prevent the Centos5 agent to send there report to Precise Pangolin server
Updated by Nicolas PERRON over 11 years ago
The fix of #2768 permit Ubuntu server to have reports from their nodes using alternate port for syslog but lead to a bug for the nodes using syslogd.
Indeed, we can't set port in syslog.conf which prevent nodes to send reports to Ubuntu server if they use syslogd.
Updated by Nicolas PERRON over 11 years ago
- Status changed from New to Pending technical review
- % Done changed from 0 to 100
Applied in changeset commit:2b9b73e0493a1ad157b1d09e76c01f2c8e5739a0.
Updated by Jonathan CLARKE over 11 years ago
- Status changed from Pending technical review to Discussion
Nicolas PERRON wrote:
The fix of #2768 permit Ubuntu server to have reports from their nodes using alternate port for syslog but lead to a bug for the nodes using syslogd.
Indeed, we can't set port in syslog.conf which prevent nodes to send reports to Ubuntu server if they use syslogd.
Woah! Not so quickly dude :)
Can you explain (or provider a pointer to an explanation) why we can't set a port for syslog?
This change breaks things: if Rudder server is on a Ubuntu 12.04 (or later) system, nodes using syslog will not work! It therefore needs one of two things: reverting or documenting! Making silent changes that break things is punishable by public humilia... er... shouldn't be done :)
Updated by Nicolas PERRON over 11 years ago
Jonathan CLARKE wrote:
It seems that this is not possible. several people hit the same problems:Nicolas PERRON wrote:
The fix of #2768 permit Ubuntu server to have reports from their nodes using alternate port for syslog but lead to a bug for the nodes using syslogd.
Indeed, we can't set port in syslog.conf which prevent nodes to send reports to Ubuntu server if they use syslogd.
Woah! Not so quickly dude :)
Can you explain (or provider a pointer to an explanation) why we can't set a port for syslog?
- http://forum.soft32.com/linux/syslog-port-ftopict355179.html
- http://www.linuxquestions.org/questions/linux-server-73/syslog-conf-alternate-port-644664/
And the best answer I have found is to use iptables (end of the link): http://help.papertrailapp.com/kb/configuration/troubleshooting-remote-syslog-reachability
This change breaks things: if Rudder server is on a Ubuntu 12.04 (or later) system, nodes using syslog will not work! It therefore needs one of two things: reverting or documenting! Making silent changes that break things is punishable by public humilia... er... shouldn't be done :)
You're right, I should have done a documentation about it. But you can notice that this is better to have a syslogd which can't work with a Rudder server on Ubuntu than a syslogd which can't work with any Rudder server :P
Updated by Nicolas PERRON over 11 years ago
- Status changed from Discussion to In progress
- % Done changed from 100 to 90
A documentation about this is missing.
Updated by Nicolas PERRON over 11 years ago
- Status changed from In progress to Pending technical review
- % Done changed from 90 to 100
Applied in changeset commit:51c33c6e2948caba0cb789858ce20664ef44dabe.
Updated by Jonathan CLARKE over 11 years ago
- Status changed from Pending technical review to 2
Nicolas PERRON wrote:
Applied in changeset commit:51c33c6e2948caba0cb789858ce20664ef44dabe.
Nicolas, this warning is not nearly clear enough. What we have implemented is effectively BREAKING Rudder as an agent on ALL platforms using syslog (not syslog-ng, nor rsyslog)... when the server is an Ubuntu >= 12.04. So, the warning needs to be VERY VERY clear, for those using Ubuntu 12.04 for the server, and also VERY VERY clear that this is not a problem for those using another OS as the server.
Please clarify your doc commit to state clearly:- When this happens (ie, the server is running Ubuntu >= 12.04)
- The consequences (ie, Rudder can apply rules but will never get reports, therefore not be able to calculate compliance)
- How to workaround the problem (ie, A) use a server that's not Ubuntu >= 12.04 or B) change the rsyslog config on the Ubuntu server to use port 514 and allow it, or C) use a iptables rule to send traffic to the correct port). All of these cases should include specific details (commands and an explantion) about how to acheive them.
Updated by Nicolas PERRON over 11 years ago
- % Done changed from 100 to 90
Jonathan CLARKE wrote:
Nicolas PERRON wrote:
Applied in changeset commit:51c33c6e2948caba0cb789858ce20664ef44dabe.
Nicolas, this warning is not nearly clear enough. What we have implemented is effectively BREAKING Rudder as an agent on ALL platforms using syslog (not syslog-ng, nor rsyslog)... when the server is an Ubuntu >= 12.04. So, the warning needs to be VERY VERY clear, for those using Ubuntu 12.04 for the server, and also VERY VERY clear that this is not a problem for those using another OS as the server.
Please clarify your doc commit to state clearly:
- When this happens (ie, the server is running Ubuntu >= 12.04)
- The consequences (ie, Rudder can apply rules but will never get reports, therefore not be able to calculate compliance)
- How to workaround the problem (ie, A) use a server that's not Ubuntu >= 12.04 or B) change the rsyslog config on the Ubuntu server to use port 514 and allow it, or C) use a iptables rule to send traffic to the correct port). All of these cases should include specific details (commands and an explantion) about how to acheive them.
I have updated the informations but an explanation on how to setup iptables to redirect syslogd messages is missing.
Updated by Nicolas PERRON over 11 years ago
- Status changed from 2 to In progress
Updated by Nicolas PERRON over 11 years ago
- Status changed from In progress to Discussion
- Assignee changed from Nicolas PERRON to Jonathan CLARKE
The commit that change the code has been made but the documentation linked to it is not complete.
I'm not sure if I can consider this bug as technically reviewed or not or if I have to postpone to the next version knowing that commits has been done for the 2.4.0~rc1.
Jon, what do you think about it ?
Updated by Nicolas PERRON over 11 years ago
A ticket has been opened here: #3021 to add documentation about iptables.
Updated by Jonathan CLARKE over 11 years ago
- Status changed from Discussion to Released
This looks good to me, technically speaking. I have re-arranged the documentation a bit, to restore the initial logic: the installation section now tells you how to install Rudder, rather than going on about what is not compatible with what :)
Updated by Nicolas PERRON about 11 years ago
- Project changed from Rudder to 34
- Category deleted (
11)
Updated by Benoît PECCATTE about 9 years ago
- Project changed from 34 to Rudder
- Category set to Packaging
Updated by Nicolas CHARLES about 8 years ago
- Related to User story #8120: Documentation about syslogd on centos5 not working with a Rudder ubuntu server is not easy to understand added