Rudder

Nicolas CHARLES wrote:

Hi Erminio,

Sorry about your problem.
There are 2 main possibilities:

1. Either the file /var/rudder/cfengine-community/policy_server.dat is invalid or doesn't exist
2. Either the node IP is not in the authorized networks of the policy server (see Settings/General in the web interface)

Finally, it could be a firewall issue, as port 443 needs to be open from the node to the policy server

Hi Nicolas, thank you for your speedy answer!

The file policy_server.dat exist, with a valid IP address [ Before, I installed rudder agent on my laptop for give it a try, I changed the policy_server.dat and everythings goes fine. I didn't need to change anythings from the IP authorized network of the policy server and my laptop appair in the " accept new node " interface. ]

I check for any firewall issue..

Thank you again! Sorry for my bad italian english...!

Nicolas CHARLES wrote:

Hi Erminio,

Sorry about your problem.
There are 2 main possibilities:

1. Either the file /var/rudder/cfengine-community/policy_server.dat is invalid or doesn't exist
2. Either the node IP is not in the authorized networks of the policy server (see Settings/General in the web interface)

Finally, it could be a firewall issue, as port 443 needs to be open from the node to the policy server

Hi Nicolas, thank you for your speedy answer!

The file policy_server.dat exist, with a valid IP address [ Before, I installed rudder agent on my laptop for give it a try, I changed the policy_server.dat and everythings goes fine. I didn't need to change anythings from the IP authorized network of the policy server and my laptop appair in the " accept new node " interface. ]

I check for any firewall issue..

Thank you again! Sorry for my bad italian english...!

edit: I checked the policy_server.dat and exist, I set node IP/Mask in the web interface but still give me the same error...

1. If you just change the port or add more ports here, you will likely also
2. have to change the VirtualHost statement in
3. /etc/apache2/sites-enabled/000-default.conf

Listen 80

<IfModule ssl_module>
Listen 443
</IfModule>

<IfModule mod_gnutls.c>
Listen 443
</IfModule>@

Is this ok?

Thanks again for your time

Can someone help?

1. version of Rudder on both server and node
2. OS of the server and the node
3. check that the ip of the node does match the rules defined on the server in files /opt/rudder/etc/rudder-networks.conf and /opt/rudder/etc/rudder-networks-24.conf

Could you also paste the failing generated inventory of the node which should be in /var/rudder/tmp/inventory/ ? (caution, it may contain sensitive info - there's at least the hostname & ip, bur also all packages installed, users on the nodes, ..., so you may need to anonymise it a bit

Hello Erminio, did you have time to take a look at this problem ?

Hello Erminio,

One last question: do you have the file /var/rudder/cfengine-community/rudder-server-uuid.txt ?

Nicolas CHARLES wrote:

Hello Erminio,

One last question: do you have the file /var/rudder/cfengine-community/rudder-server-uuid.txt ?

Hello guys,

I'm sorry to have disappeared for a long time without giving any signs of life.

In this time I came across several mistakes, many of them my own. [It's a very long story, I save you from.. ]
In a random cloudy day Rudder server saw the nodes that he did not recognize before, I accepted them but they could not really communicate with the server. In the client rudder log I encountered problems with TLS sockets and I was looking for the problem on the client side. My eyes was bleeding in search. I was about to edit the file "cf-serverd.cf", when something happens. A little mischievous goblin suggested in my ear softly a memory...

So I went to the server web page, settings, general, and added my ip to allowed network.
It worked.

Thank you for your time,

Have nice days,

Erminio