Bug #5233
closedIf the inventory of Rudder server is not received by rudder-webapp, Rudder server has no role then rsyslogd configuration is broken
Description
During an installation, Rudder server has sent its inventory to endpoint but the LDAP access was denied to rudder-webapp:
[...] [2014-07-07 14:25:11] INFO com.normation.inventory.provisioning.endpoint.FusionReportEndpoint - Report 'server-2014-07-07-14-25-06.ocs' parsed in 1 second and 805 milliseconds, sending to save engine. [2014-07-07 14:25:11] ERROR com.normation.ldap.sdk.ROPooledSimpleAuthConnectionProvider - Can't get a new LDAP connection com.unboundid.ldap.sdk.LDAPException: invalid credentials [...]
Then, no inventory has been received by rudder-webapp. The result is that the server itself has no role leading to wrong generated promises.
The promises applied was not able to configure correctly rsyslog configuration (cfengine variable not expanded [p.psql_password2] ). Furthermore, applying MetaTechniques during thisstate will broke CFEngine promises:
$ /var/rudder/cfengine-community/bin/cf-agent -KI 2014-07-07T15:00:47+0000 error: Bundle 'Add_best_editor' listed in the bundlesequence is not a defined bundle 2014-07-07T15:00:47+0000 error: Fatal CFEngine error: Errors in promise bundles: could not verify bundlesequence 2014-07-07T15:00:47+0000 error: Policy failed validation with command '"/var/rudder/cfengine-community/bin/cf-promises" -c "/var/rudder/cfengine-community/inputs/promises.cf"'
The workaround is:
- Resend server inventory to endpoint:
/var/rudder/cfengine-community/bin/^C-agent -KID force_inventory
or
cp /var/rudder/inventories/received/server*ocs /var/rudder/inventories/incoming/
- Apply a "clear cache": On WebUI 'Administration' -> 'Settings' -> 'Clear policy caches' -> 'Clear Caches' Button
Updated by Nicolas PERRON over 10 years ago
Without the right role, the promises of the server don't contain:
- files:
"server-roles/1.0/component-check.cf"
"server-roles/1.0/alive-check.cf"
"server-roles/1.0/init-check.cf"
"server-roles/1.0/integrity-check.cf"
"server-roles/1.0/network-check.cf"
"server-roles/1.0/password-check.cf"
"server-roles/1.0/postgres-check.cf"
"server-roles/1.0/logrotate-check.cf"
"server-roles/1.0/technique-reload.cf"
"server-roles/1.0/servers-by-role.cf"
- bundles:
"root_component_check"
- classes:
"rudder-ldap"
"rudder-inventory-ldap"
"rudder-reports"
"rudder-webapp"
"rudder-jetty"
"rudder-server-root"
"rudder-web"
"rudder-inventory-endpoint"
"rudder-db"
Updated by Nicolas CHARLES over 10 years ago
- Category set to 26
- Status changed from New to Pending technical review
- Assignee set to François ARMAND
- Target version set to 2.11.0~rc2
- Pull Request set to https://github.com/Normation/rudder/pull/570
Updated by Nicolas CHARLES over 10 years ago
- Status changed from Pending technical review to Pending release
- % Done changed from 0 to 100
Applied in changeset cb4898c252ab12e708999075fbee760361e2a138.
Updated by François ARMAND over 10 years ago
Applied in changeset ea32be4c7aa48137bff34b561aa230bc14b004a1.
Updated by Nicolas PERRON over 10 years ago
- Target version changed from 2.11.0~rc2 to 2.11.0~rc1
Updated by Vincent MEMBRÉ over 10 years ago
- Status changed from Pending release to Released
This bug has been fixed in Rudder 2.11.0~rc1 (announcement , changelog), which was released today.
- Download information: https://www.rudder-project.org/site/get-rudder/downloads/
Updated by Benoît PECCATTE almost 10 years ago
- Category changed from 26 to Web - Nodes & inventories