Bug #9739
closed
Node rename did not update ACLs and other parts of cf-served.cf
Added by Florian Heigl over 7 years ago. Updated over 4 years ago.
Description
I'm running 3.2.9 on this.
Renamed one of the nodes to be called "admin" instead of the transient IP amazon gives.
Did a rudder agent inventory later just to be sure.
Found policies weren't updateable anymore and /opt/rudder/bin/check-rudder-agent could not really fix.
Checked:
System renamed in GUI.
rudder server debug shows the node is generally recognized but its promises aren't accessible.
In the end, to refresh, did a sed from the old to the new hostname and HUPed cf-served.
Then it worked.
[x] It stayed intact after I ran rudder agent run on the master.
[x] It stayed intact when I cleared caches/policies on the master.
[x] old IP did not creep back in.
I'm confused and don't know how to get you more data since the error doesn't come back.
I don't know how often this templating part is called.
Just definitely it wasn't called when the node sent a new hostname. -> problematic.
Updated by François ARMAND over 7 years ago
Hum. Not good.
When you say "rename", you mean you changed the hostname (just to be sure it was only a hostname change) ?
I'm sure you are aware of that, but for other people finding that ticket, a hostname change does not trigger a policy regeneration, and one must be called manually, see: http://www.rudder-project.org/redmine/issues/1411
We will try to reproduce it, given what you are saying, a simple "grep" on the old hostname after the rename should give us all the places which weren't correctly updated.
Updated by Florian Heigl over 7 years ago
Hi,
yes, just changed the hostname.
that's open for 5 years? you need to put that somewhere more prominent.
anyway. I've just had another case of this, and at least clear caches and the following rebuild did not have effect.
as for testing:
I fix the file using sed, so it should be really easy to reproduce.
(fix via sed worked + HUP cf-served worked)
Updated by Nicolas CHARLES over 7 years ago
- Category set to Web - Config management
- Status changed from New to In progress
- Assignee set to Nicolas CHARLES
Updated by Nicolas CHARLES over 7 years ago
Hi Florian,
I tried to reproduce on a Centos 6.6, with Rudder 3.2.9What I did:
- accept a new node
- apply policy on it
- checked it could get policies, and apply it
- update hostname (hostname <HOST>, edit /etc/sysconfig/network and /etc/hosts
- ran rudder agent inventory on the node
- ran rudder agent run on the server
- checked that the node name was changed
- correct /etc/hosts on server
- click on "status/Update"
- policies are regenerated
- hostname in /var/rudder/cfengine-community/inputs/common/1.0/cf-served.cf is correct
- ran rudder agent update on the node - it worked
- changed policies, it worked
Updated by Nicolas CHARLES over 7 years ago
- Status changed from In progress to Discussion
- Assignee changed from Nicolas CHARLES to Florian Heigl
i doubled checked with hostname "admin", just to be sure, and it does work also
Is there something I didn't do (or an extra step i did) compared to you ?
Updated by Vincent MEMBRÉ over 7 years ago
- Target version changed from 3.2.10 to 3.2.11
Updated by Vincent MEMBRÉ about 7 years ago
- Target version changed from 3.2.11 to 339
Updated by Vincent MEMBRÉ about 7 years ago
- Target version changed from 339 to 4.0.4
Updated by Benoît PECCATTE about 7 years ago
- Severity set to Major - prevents use of part of Rudder | no simple workaround
- User visibility set to Operational - other Techniques | Technique editor | Rudder settings
- Priority set to 34
Updated by Vincent MEMBRÉ about 7 years ago
- Target version changed from 4.0.4 to 4.0.5
Updated by Jonathan CLARKE about 7 years ago
- Status changed from Discussion to New
- Assignee deleted (
Florian Heigl)
Updated by Vincent MEMBRÉ almost 7 years ago
- Target version changed from 4.0.5 to 4.0.6
- Priority changed from 34 to 33
Updated by Vincent MEMBRÉ almost 7 years ago
- Target version changed from 4.0.6 to 4.0.7
Updated by Vincent MEMBRÉ almost 7 years ago
- Target version changed from 4.0.7 to 357
Updated by Alexis Mousset almost 7 years ago
- Target version changed from 357 to 4.1.6
Updated by Vincent MEMBRÉ over 6 years ago
- Target version changed from 4.1.6 to 4.1.7
- Priority changed from 47 to 46
Updated by Vincent MEMBRÉ over 6 years ago
- Target version changed from 4.1.7 to 4.1.8
- Priority changed from 46 to 45
Updated by Vincent MEMBRÉ over 6 years ago
- Target version changed from 4.1.8 to 4.1.9
- Priority changed from 45 to 44
Updated by Vincent MEMBRÉ over 6 years ago
- Target version changed from 4.1.9 to 4.1.10
Updated by Vincent MEMBRÉ about 6 years ago
- Target version changed from 4.1.10 to 4.1.11
Updated by Vincent MEMBRÉ about 6 years ago
- Target version changed from 4.1.11 to 4.1.12
Updated by Vincent MEMBRÉ almost 6 years ago
- Target version changed from 4.1.12 to 4.1.13
Updated by Vincent MEMBRÉ almost 6 years ago
- Target version changed from 4.1.13 to 4.1.14
Updated by Benoît PECCATTE almost 6 years ago
- Target version changed from 4.1.14 to 4.1.15
Updated by Vincent MEMBRÉ over 5 years ago
- Target version changed from 4.1.15 to 4.1.16
Updated by Vincent MEMBRÉ over 5 years ago
- Target version changed from 4.1.16 to 4.1.17
Updated by Vincent MEMBRÉ over 5 years ago
- Target version changed from 4.1.17 to 4.1.18
- Priority changed from 43 to 0
Updated by Vincent MEMBRÉ over 5 years ago
- Target version changed from 4.1.18 to 4.1.19
Updated by Alexis Mousset over 5 years ago
- Target version changed from 4.1.19 to 4.1.20
Updated by François ARMAND about 5 years ago
- Target version changed from 4.1.20 to 4.1.21
Updated by Vincent MEMBRÉ about 5 years ago
- Target version changed from 4.1.21 to 4.1.22
Updated by Vincent MEMBRÉ almost 5 years ago
- Target version changed from 4.1.22 to 4.1.23
Updated by Vincent MEMBRÉ almost 5 years ago
- Target version changed from 4.1.23 to 4.1.24
Updated by Vincent MEMBRÉ almost 5 years ago
- Target version changed from 4.1.24 to 588
Updated by François ARMAND almost 5 years ago
- Status changed from New to Rejected
We believe that the problem was happening when cf-serverd wasn't able to correctly reload its new configuration (for ex, it waits that all incoming connection are closed to do so).
To avoid inconsistency, we added post generation hook that force a sighup.
We didn't have recent reports on that ticket, so we believe that it is now OK.
Of course, if someone see that behavior, please reopen that ticket.
Updated by Alexis Mousset over 4 years ago
- Target version changed from 588 to 4.1.24