Project

General

Profile

Actions

Bug #5233

closed

If the inventory of Rudder server is not received by rudder-webapp, Rudder server has no role then rsyslogd configuration is broken

Added by Nicolas PERRON over 10 years ago. Updated almost 10 years ago.

Status:
Released
Priority:
1 (highest)
Category:
Web - Nodes & inventories
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:
Name check:
Fix check:
Regression:

Description

During an installation, Rudder server has sent its inventory to endpoint but the LDAP access was denied to rudder-webapp:

[...]
[2014-07-07 14:25:11] INFO  com.normation.inventory.provisioning.endpoint.FusionReportEndpoint - Report 'server-2014-07-07-14-25-06.ocs' parsed in 1 second and 805 milliseconds, sending to save engine.

[2014-07-07 14:25:11] ERROR com.normation.ldap.sdk.ROPooledSimpleAuthConnectionProvider - Can't get a new LDAP connection
com.unboundid.ldap.sdk.LDAPException: invalid credentials
[...]

Then, no inventory has been received by rudder-webapp. The result is that the server itself has no role leading to wrong generated promises.

The promises applied was not able to configure correctly rsyslog configuration (cfengine variable not expanded [p.psql_password2] ). Furthermore, applying MetaTechniques during thisstate will broke CFEngine promises:

$ /var/rudder/cfengine-community/bin/cf-agent -KI
2014-07-07T15:00:47+0000    error: Bundle 'Add_best_editor' listed in the bundlesequence is not a defined bundle
2014-07-07T15:00:47+0000    error: Fatal CFEngine error: Errors in promise bundles: could not verify bundlesequence
2014-07-07T15:00:47+0000    error: Policy failed validation with command '"/var/rudder/cfengine-community/bin/cf-promises" -c "/var/rudder/cfengine-community/inputs/promises.cf"'

The workaround is:
- Resend server inventory to endpoint:

/var/rudder/cfengine-community/bin/^C-agent -KID force_inventory

or
cp /var/rudder/inventories/received/server*ocs /var/rudder/inventories/incoming/

- Apply a "clear cache": On WebUI 'Administration' -> 'Settings' -> 'Clear policy caches' -> 'Clear Caches' Button


Subtasks 1 (0 open1 closed)

Bug #5234: Test fails when building Rudder due to invalid ldap schema for unit testsReleasedFrançois ARMAND2014-07-07Actions
Actions #1

Updated by Nicolas PERRON over 10 years ago

Without the right role, the promises of the server don't contain:
- files:
"server-roles/1.0/component-check.cf"
"server-roles/1.0/alive-check.cf"
"server-roles/1.0/init-check.cf"
"server-roles/1.0/integrity-check.cf"
"server-roles/1.0/network-check.cf"
"server-roles/1.0/password-check.cf"
"server-roles/1.0/postgres-check.cf"
"server-roles/1.0/logrotate-check.cf"
"server-roles/1.0/technique-reload.cf"
"server-roles/1.0/servers-by-role.cf"

- bundles:
"root_component_check"

- classes:
"rudder-ldap"
"rudder-inventory-ldap"
"rudder-reports"
"rudder-webapp"
"rudder-jetty"
"rudder-server-root"
"rudder-web"
"rudder-inventory-endpoint"
"rudder-db"

Actions #2

Updated by Nicolas CHARLES over 10 years ago

  • Category set to 26
  • Status changed from New to Pending technical review
  • Assignee set to François ARMAND
  • Target version set to 2.11.0~rc2
  • Pull Request set to https://github.com/Normation/rudder/pull/570
Actions #3

Updated by Nicolas CHARLES over 10 years ago

  • Status changed from Pending technical review to Pending release
  • % Done changed from 0 to 100
Actions #5

Updated by Nicolas PERRON over 10 years ago

  • Target version changed from 2.11.0~rc2 to 2.11.0~rc1
Actions #6

Updated by Vincent MEMBRÉ over 10 years ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 2.11.0~rc1 (announcement , changelog), which was released today.

Actions #7

Updated by Benoît PECCATTE almost 10 years ago

  • Category changed from 26 to Web - Nodes & inventories
Actions

Also available in: Atom PDF