[rudder-users] rudder-users Digest, Vol 25, Issue 7

Nicolas Charles nicolas.charles at normation.com
Mon Dec 23 14:55:57 CET 2013 

On 23/12/2013 14:43, Mikaël Mantel wrote:
> Le 23/12/2013 14:18, Mikaël Mantel a écrit :
>> Le 20/12/2013 09:34, Mikaël Mantel a écrit :
>>> Le 19/12/2013 19:31, Matthieu CERDA a écrit :
>>>> Le 19/12/2013 16:24, Mikaël Mantel a écrit :
>>>>> Hello Matthieu,
>>>>>
>>>>> I have retry to install and use relay function.
>>>>> dav and dav_fs modules are enabled.
>>>>>
>>>>> But on the relay , in /var/log/rudder/apache2/error.log , i have 
>>>>> many :
>>>>>
>>>>> [error] [client ::1] (1)Operation not permitted: There was a problem
>>>>> writing the file atomically after writes.  [500, #1]
>>>>>
>>>>>
>>>>> Thanks a lot !!
>>>> Hi Mikaël,
>>>>
>>>> Can you tell me if your /var or /var/rudder filesystem is mounted with
>>>> specific options, on your relay machine ?
>>>>
>>>> It looks like an error that can happen when used with a NFS share.
>>>>
>>>> Regards,
>>>> -- 
>>>> Matthieu CERDA
>>>>
>>> Hi Matthieu,
>>>
>>> The relay machine is a openvz container, and /var/rudder is mounted 
>>> with simfs filesystem.
>>>
>>> I will try with a virtual machine when i have time.
>>>
>>> Thank you for your light
>>
>> Hi !
>>
>> When i modify the rights on /opt/rudder/etc/htpasswd-webdav-initial,
>> the error in /var/log/rudder/apache2/error.log disapear.
>>
>>
>> But on the relay machine, in syslog, i have :
>> Not allowing connection from non-authorized IP '172.16.8.193'
>>
>> This is the Node Ip.
>>
>> i have configured the Allowed networks (172.16.8.192/26) for policy 
>> server relay on the web interface -> Administration.
>>
>> Where is the configuration file who is read by cf-serverd when the 
>> node want to communicate ?
>>
>> Regards,
>>
>> Mikaël Mantel
> EDIT :
>
> i add the network 172.16.8.192/26 in 
> /var/rudder/cfengine-community/inputs/common/1.0/cf-served.cf and the 
> relay machine respond to the node.
>
> But i have a error again in cf-agent -KI :
>
> Bad protocol reply 'BAD: key could not be accepted on trust
>
> My  /var/rudder/cfengine-community/policy_server.dat contain the relay 
> ip. It's Right ?
>
> Regards, 

On which machine do you have this error ? The relay ? or the node ?
The node should have its 
/var/rudder/cfengine-community/policy_server.dat contain the relay server IP
The relay server should have the policy server IP address in this file

And it seems that the promises are not updated correctly on your relay, 
if you had to manually update the network. Are you sure you changed the 
allowed network for the relay on the webapp ?

Regards,
Nicolas

More information about the rudder-users mailing list