Bug #5723
closed
Rsyslog configuration lacks postgresql password on relay-top
Added by Benoît PECCATTE over 9 years ago. Updated over 4 years ago.
Description
On relay-top, the system technique file distributePolicy/1.0/rsyslogConf.st generates /etc/rsyslog.d/rudder.conf without postgresql password.
This is a problem since multiserver setup will fail to transmit reports.
First the file containing the password is not copied from the webapp server. ( /opt/rudder/etc/rudder-passwords.conf )
Then the server-roles/1.0/password-check.cf use the class root_server instead of a class that includes the relay-top role.
Updated by Jonathan CLARKE over 9 years ago
- Target version changed from 3.0.0~beta1 to 3.0.0~beta2
Updated by François ARMAND over 9 years ago
- Target version changed from 3.0.0~beta2 to 3.0.0~rc1
Updated by Vincent MEMBRÉ over 9 years ago
- Target version changed from 3.0.0~rc1 to 3.0.0
Updated by Matthieu CERDA over 9 years ago
- Status changed from New to Discussion
- Assignee set to François ARMAND
- Priority changed from N/A to 2
First issue to address is: how do we distribute the passwords. We would need to build an acl for cf-serverd with the root server + relays ip addresses.
Maybe we need a system variable for this ?
Once it is done, the remaining part will be piece of cake :)
Anyone could suggest an approach here ? fanf of ncharles maybe ?
Updated by Nicolas CHARLES over 9 years ago
Passwords are stored in a specific files, with other password (ldap and webdav)
Since all passwords are stored in a file, it sounds dangerous to share this file on too more machine than necessary
We could use a system variable, but we'd have a nasty issue when changing the passwords: the promises would use old password (from promises), and webapp would be unable to regenerate new promises, as database would be unavailable - wrong password
This sounds like a complex problem, and the solution probably is "user must manage himself its password in distributed installation, with the help of easy to use documentation/scripts that explain what to do"
Updated by François ARMAND about 9 years ago
I agree with you comment Nicolas.
Benoit, could you document what is needed to do to make it works ?
I think the documentation must appear at the end of the package installation, so that the user is notified that he has something left to do. And the same documentation must be added in relay server installation http://www.rudder-project.org/rudder-doc-3.0/rudder-doc.html#relay-servers
Actually, the documentation for relay server is not up-to-date (see #6226)
Updated by François ARMAND about 9 years ago
- Project changed from 24 to Rudder
- Category changed from Techniques to Documentation
Updated by François ARMAND about 9 years ago
- Target version changed from 3.0.0 to 3.1.0~beta1
So, to be more precise, that ticket will be studied in 3.1, and for 3.0 we are going to address #6226.
Updated by Vincent MEMBRÉ almost 9 years ago
- Target version changed from 3.1.0~beta1 to 3.1.0~rc1
Updated by Vincent MEMBRÉ almost 9 years ago
- Target version changed from 3.1.0~rc1 to 3.1.0
Updated by Vincent MEMBRÉ almost 9 years ago
- Target version changed from 3.1.0 to 3.1.1
Updated by Vincent MEMBRÉ over 8 years ago
- Target version changed from 3.1.1 to 3.1.2
Updated by Vincent MEMBRÉ over 8 years ago
- Target version changed from 3.1.2 to 3.1.3
Updated by Vincent MEMBRÉ over 8 years ago
- Target version changed from 3.1.3 to 3.1.4
Updated by Vincent MEMBRÉ over 8 years ago
- Target version changed from 3.1.4 to 3.1.5
Updated by Vincent MEMBRÉ over 8 years ago
- Target version changed from 3.1.5 to 3.1.6
Updated by Vincent MEMBRÉ over 8 years ago
- Target version changed from 3.1.6 to 3.1.7
Updated by Vincent MEMBRÉ about 8 years ago
- Target version changed from 3.1.7 to 3.1.8
Updated by Vincent MEMBRÉ about 8 years ago
- Target version changed from 3.1.8 to 3.1.9
Updated by Vincent MEMBRÉ about 8 years ago
- Target version changed from 3.1.9 to 3.1.10
Updated by Vincent MEMBRÉ almost 8 years ago
- Target version changed from 3.1.10 to 3.1.11
Updated by Vincent MEMBRÉ almost 8 years ago
- Target version changed from 3.1.11 to 3.1.12
Updated by Vincent MEMBRÉ almost 8 years ago
- Target version changed from 3.1.12 to 3.1.13
Updated by Vincent MEMBRÉ over 7 years ago
- Target version changed from 3.1.13 to 3.1.14
Updated by Vincent MEMBRÉ over 7 years ago
- Target version changed from 3.1.14 to 3.1.15
Updated by Vincent MEMBRÉ over 7 years ago
- Target version changed from 3.1.15 to 3.1.16
Updated by Vincent MEMBRÉ over 7 years ago
- Target version changed from 3.1.16 to 3.1.17
Updated by Vincent MEMBRÉ over 7 years ago
- Target version changed from 3.1.17 to 3.1.18
Updated by Vincent MEMBRÉ about 7 years ago
- Target version changed from 3.1.18 to 3.1.19
Updated by François ARMAND about 7 years ago
- Severity set to Major - prevents use of part of Rudder | no simple workaround
- User visibility set to Infrequent - complex configurations | third party integrations
- Priority set to 0
Updated by Vincent MEMBRÉ about 7 years ago
- Target version changed from 3.1.19 to 3.1.20
Updated by Jonathan CLARKE about 7 years ago
- Status changed from Discussion to New
Updated by Jonathan CLARKE about 7 years ago
- Assignee deleted (
François ARMAND)
Updated by Vincent MEMBRÉ almost 7 years ago
- Target version changed from 3.1.20 to 3.1.21
Updated by Vincent MEMBRÉ almost 7 years ago
- Target version changed from 3.1.21 to 3.1.22
Updated by Benoît PECCATTE almost 7 years ago
- User visibility changed from Infrequent - complex configurations | third party integrations to Operational - other Techniques | Technique editor | Rudder settings
- Priority changed from 0 to 30
Updated by Vincent MEMBRÉ over 6 years ago
- Target version changed from 3.1.22 to 3.1.23
Updated by Vincent MEMBRÉ over 6 years ago
- Target version changed from 3.1.23 to 3.1.24
Updated by Vincent MEMBRÉ over 6 years ago
- Target version changed from 3.1.24 to 3.1.25
Updated by Vincent MEMBRÉ over 6 years ago
- Target version changed from 3.1.25 to 387
- Priority changed from 43 to 44
Updated by Vincent MEMBRÉ over 6 years ago
- Target version changed from 387 to 4.1.10
Updated by Vincent MEMBRÉ about 6 years ago
- Target version changed from 4.1.10 to 4.1.11
Updated by Vincent MEMBRÉ about 6 years ago
- Target version changed from 4.1.11 to 4.1.12
- Priority changed from 44 to 45
Updated by Vincent MEMBRÉ almost 6 years ago
- Target version changed from 4.1.12 to 4.1.13
- Priority changed from 45 to 46
Updated by Vincent MEMBRÉ almost 6 years ago
- Target version changed from 4.1.13 to 4.1.14
Updated by Benoît PECCATTE over 5 years ago
- Target version changed from 4.1.14 to 4.1.15
Updated by Vincent MEMBRÉ over 5 years ago
- Target version changed from 4.1.15 to 4.1.16
- Priority changed from 46 to 47
Updated by Vincent MEMBRÉ over 5 years ago
- Target version changed from 4.1.16 to 4.1.17
- Priority changed from 47 to 48
Updated by Vincent MEMBRÉ over 5 years ago
- Target version changed from 4.1.17 to 4.1.18
- Priority changed from 48 to 0
Updated by Vincent MEMBRÉ over 5 years ago
- Target version changed from 4.1.18 to 4.1.19
Updated by Alexis Mousset over 5 years ago
- Target version changed from 4.1.19 to 4.1.20
Updated by Alexis Mousset almost 5 years ago
- Target version changed from 4.1.20 to 588
Updated by Alexis Mousset almost 5 years ago
- Status changed from New to Rejected
relay-top are not supported any more, closing.
Updated by Alexis Mousset over 4 years ago
- Target version changed from 588 to 4.1.24