https://issues.rudder.io/https://issues.rudder.io/themes/rudder7/favicon/favicon.ico?17096450182012-11-29T08:55:29ZIssue TrackerRudder - Bug #3052: Having an error with a Directive based on Download from a shared folder using Generic Variable Definition, will lead to all the Directives using Generic Variable to be in errorhttps://issues.rudder.io/issues/3052?journal_id=132472012-11-29T08:55:29ZFrançois ARMANDfrancois.armand@rudder.io
<ul><li><strong>Subject</strong> changed from <i>Having an error with a Directive based on Download from a shared folder using Generic Variable Definition, will lead to all the Directives using Generic Variable</i> to <i>Having an error with a Directive based on Download from a shared folder using Generic Variable Definition, will lead to all the Directives using Generic Variable to be in error</i></li></ul> Rudder - Bug #3052: Having an error with a Directive based on Download from a shared folder using Generic Variable Definition, will lead to all the Directives using Generic Variable to be in errorhttps://issues.rudder.io/issues/3052?journal_id=132482012-11-29T08:56:08ZFrançois ARMANDfrancois.armand@rudder.io
<ul><li><strong>Category</strong> set to <i>Web - Compliance & node report</i></li><li><strong>Status</strong> changed from <i>New</i> to <i>2</i></li><li><strong>Assignee</strong> set to <i>Nicolas CHARLES</i></li><li><strong>Target version</strong> set to <i>2.4.0~rc2</i></li></ul> Rudder - Bug #3052: Having an error with a Directive based on Download from a shared folder using Generic Variable Definition, will lead to all the Directives using Generic Variable to be in errorhttps://issues.rudder.io/issues/3052?journal_id=132672012-11-29T10:19:22ZNicolas CHARLESnicolas.charles@rudder.io
<ul><li><strong>Status</strong> changed from <i>2</i> to <i>In progress</i></li></ul> Rudder - Bug #3052: Having an error with a Directive based on Download from a shared folder using Generic Variable Definition, will lead to all the Directives using Generic Variable to be in errorhttps://issues.rudder.io/issues/3052?journal_id=132712012-11-29T11:43:21ZNicolas CHARLESnicolas.charles@rudder.io
<ul></ul><p>The problem is technique/cfengine related, not reporting :<br />I reproduced it on a test environement, what is happening is that the server is denying further connections as the one with $() within is invalid :<br /><pre>
rudder> Allowing 192.168.110.21 to connect without (re)checking ID
rudder> Non-verified Host ID is 192.168.110.21 (Using skipverify)
rudder> Non-verified User ID seems to be root (Using skipverify)
rudder> -> Public key identity of host "192.168.110.21" is "MD5=f0318b7cb678e7f03a586ca784110555"
rudder> -> Last saw -MD5=f0318b7cb678e7f03a586ca784110555 (alias 192.168.110.21) at Thu Nov 29 12:37:06 2012
rudder> A public key was already known from 192.168.110.21/192.168.110.21 - no trust required
rudder> Adding IP 192.168.110.21 to SkipVerify - no need to check this if we have a key
rudder> The public key identity was confirmed as root@192.168.110.21
rudder> -> Strong authentication of client 192.168.110.21/192.168.110.21 achieved
rudder> -> Receiving session key from client (size=256)...
rudder> Filename /var/rudder/configuration-repository/shared-files/$(generic_variable_definiton.def2) is resolved to /var/rudder/configuration-repository/shared-files/$(generic_variable_definiton.def2)
rudder> Couldn't stat filename /var/rudder/configuration-repository/shared-files/$(generic_variable_definiton.def2) requested by host 192.168.110.21
rudder> !!! System error for lstat: "No such file or directory"
rudder> Access control in sync
rudder> From (host=192.168.110.21,user=root,ip=192.168.110.21)
rudder> REFUSAL of request from connecting host: (SYNCH 1354189026 STAT /var/rudder/configuration-repository/shared-files/$(generic_variable_definiton.def2))
rudder> -> Accepting a connection
rudder> Denying repeated connection from "192.168.110.21"
</pre></p>
<p>On the client side :<br /><pre>
rudder> Comment: Enforce content of /tmp/two based on the content on the Rudder server with mtime method
rudder> .........................................................
rudder>
rudder> -> Copy file /tmp/two from /var/rudder/configuration-repository/shared-files/$(generic_variable_definiton.def2) check
rudder> No existing connection to 192.168.110.20 is established...
rudder> Set cfengine port number to 5309 = 5309
rudder> Set connection timeout to 10
rudder> -> Connect to 192.168.110.20 = 192.168.110.20 on port 5309
rudder> -> Matched IP 192.168.110.20 to key MD5=e82b35316903e3400a840a83fae1d295
rudder> .....................[.h.a.i.l.].................................
rudder> Strong authentication of server=192.168.110.20 connection confirmed
rudder> -> Public key identity of host "192.168.110.20" is "MD5=e82b35316903e3400a840a83fae1d295"
rudder> -> Last saw +MD5=e82b35316903e3400a840a83fae1d295 (alias 192.168.110.20) at Thu Nov 29 12:37:06 2012
rudder> Server returned error: Unspecified server refusal (see verbose server output)
rudder> Can't stat /var/rudder/configuration-repository/shared-files/$(generic_variable_definiton.def2) in files.copyfrom promise
rudder> ?> defining promise result class copy_file_1_failed
(snip)
rudder> -> Handling file existence constraints on /tmp/one
rudder> -> File permissions on /tmp/one as promised
rudder> ?> defining promise result class copy_file_2_kept
rudder> -> Handling file existence constraints on /tmp/one
rudder> -> File permissions on /tmp/one as promised
rudder> ?> defining promise result class copy_file_2_kept
rudder> -> Copy file /tmp/one from /var/rudder/configuration-repository/shared-files/def1 check
rudder> Existing connection to 192.168.110.20 seems to be active...
rudder> Set cfengine port number to 5309 = 5309
rudder> Set connection timeout to 10
rudder> -> Connect to 192.168.110.20 = 192.168.110.20 on port 5309
rudder> -> Matched IP 192.168.110.20 to key MD5=e82b35316903e3400a840a83fae1d295
rudder> Couldn't send
rudder> !!! System error for send: "Broken pipe"
rudder> Couldn't send
rudder> !!! System error for send: "Broken pipe"
rudder> Couldn't send
rudder> !!! System error for send: "Broken pipe"
rudder> Challenge response from server 192.168.110.20/192.168.110.20 was incorrect!
rudder> I: Report relates to a promise with handle ""
rudder> I: Made in version 'not specified' of '/var/rudder/cfengine-community/inputs/copyGitFile/1.3/copyFileFromSharedFolder.cf' near line 90
rudder> I: Comment: Enforce content of file /tmp/one based on the content on the Rudder server with mtime method
rudder> !! Authentication dialogue with 192.168.110.20 failed
rudder> Unable to establish connection with 192.168.110.20
rudder> ?> defining promise result class copy_file_2_failed
</pre></p> Rudder - Bug #3052: Having an error with a Directive based on Download from a shared folder using Generic Variable Definition, will lead to all the Directives using Generic Variable to be in errorhttps://issues.rudder.io/issues/3052?journal_id=132722012-11-29T12:59:26ZNicolas CHARLESnicolas.charles@rudder.io
<ul><li><strong>Status</strong> changed from <i>In progress</i> to <i>Discussion</i></li></ul><p>Having only one connection available per node is clearly limiting for the download from a shared folder technique</p>
<p>Adding a "allallconnects" attribute in the server promises ( <a class="external" href="http://cfengine.com/manuals/cf3-Reference#allowallconnects-in-server">http://cfengine.com/manuals/cf3-Reference#allowallconnects-in-server</a> ) solved the issue</p>
<p>It would allow each node to have several connection with the server. The obvious benefit is that if there is a long copy, other agent execution cannot connect to the server to fetch new promises. Apparently, if a copy fails, the connection is released late also</p>
<p>The risk is that if there are a lot of agent running on a specific node, they can hammer the policy server (but I'm not sure it woul really hammer, as they would still start every 5 minutes)</p>
<p>Should we implement this fix in 2.3 and/or 2.4 ??</p> Rudder - Bug #3052: Having an error with a Directive based on Download from a shared folder using Generic Variable Definition, will lead to all the Directives using Generic Variable to be in errorhttps://issues.rudder.io/issues/3052?journal_id=132732012-11-29T13:01:40ZNicolas CHARLESnicolas.charles@rudder.io
<ul><li><strong>Assignee</strong> changed from <i>Nicolas CHARLES</i> to <i>Jonathan CLARKE</i></li></ul><p>Jon, can we implement this change in 2.3 and 2.4 ? It's a one line modification in the PT/Technique DistributePolicy</p> Rudder - Bug #3052: Having an error with a Directive based on Download from a shared folder using Generic Variable Definition, will lead to all the Directives using Generic Variable to be in errorhttps://issues.rudder.io/issues/3052?journal_id=133132012-12-01T13:04:37ZJonathan CLARKEjonathan.clarke@normation.com
<ul><li><strong>Target version</strong> changed from <i>2.4.0~rc2</i> to <i>2.3.10</i></li></ul><p>Yes, this seems like a good fix to me. I note that we have already set the max number of connections quite high, so this shouldn't be a problem (1000).</p>
<p>Of course, it must be fixed in 2.3 and 2.4, since this bug affects both versions.</p> Rudder - Bug #3052: Having an error with a Directive based on Download from a shared folder using Generic Variable Definition, will lead to all the Directives using Generic Variable to be in errorhttps://issues.rudder.io/issues/3052?journal_id=133142012-12-01T13:04:48ZJonathan CLARKEjonathan.clarke@normation.com
<ul><li><strong>Assignee</strong> changed from <i>Jonathan CLARKE</i> to <i>Nicolas CHARLES</i></li></ul> Rudder - Bug #3052: Having an error with a Directive based on Download from a shared folder using Generic Variable Definition, will lead to all the Directives using Generic Variable to be in errorhttps://issues.rudder.io/issues/3052?journal_id=133172012-12-03T15:14:02ZNicolas CHARLESnicolas.charles@rudder.io
<ul><li><strong>Status</strong> changed from <i>Discussion</i> to <i>Pending technical review</i></li></ul><p>The pull request is here <br /><a class="external" href="https://github.com/Normation/rudder-techniques/pull/6">https://github.com/Normation/rudder-techniques/pull/6</a></p> Rudder - Bug #3052: Having an error with a Directive based on Download from a shared folder using Generic Variable Definition, will lead to all the Directives using Generic Variable to be in errorhttps://issues.rudder.io/issues/3052?journal_id=133182012-12-03T16:29:50ZJonathan CLARKEjonathan.clarke@normation.com
<ul><li><strong>Status</strong> changed from <i>Pending technical review</i> to <i>Released</i></li></ul><p>Nicolas CHARLES wrote:</p>
<blockquote>
<p>The pull request is here <br /><a class="external" href="https://github.com/Normation/rudder-techniques/pull/6">https://github.com/Normation/rudder-techniques/pull/6</a></p>
</blockquote>
<p>Looks good to me, merged.</p> Rudder - Bug #3052: Having an error with a Directive based on Download from a shared folder using Generic Variable Definition, will lead to all the Directives using Generic Variable to be in errorhttps://issues.rudder.io/issues/3052?journal_id=133912012-12-06T11:18:20ZJonathan CLARKEjonathan.clarke@normation.com
<ul><li><strong>Status</strong> changed from <i>Released</i> to <i>Pending release</i></li></ul> Rudder - Bug #3052: Having an error with a Directive based on Download from a shared folder using Generic Variable Definition, will lead to all the Directives using Generic Variable to be in errorhttps://issues.rudder.io/issues/3052?journal_id=157242013-03-14T18:51:02ZNicolas PERRONnicolas.perron@normation.com
<ul><li><strong>Status</strong> changed from <i>Pending release</i> to <i>Released</i></li></ul>