I am trying to crytp using gpg2 the mails sent by Nagios3. For that, I have create this custom command on /etc/nagios3/commands.cfg :
/usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$\n" | /usr/bin/gpg2 --armor --encrypt --recipient toto#titi.com | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" $CONTACTEMAIL$
}
Some points:
The e-mail is sent but it is "empty":
Sep 19 14:35:25 tutu nagios3: Finished daemonizing... (New PID=4313)
Sep 19 14:36:15 tutu nagios3: SERVICE ALERT:
tete_vm;HTTP;OK;HARD;4;HTTP OK: HTTP/1.1 200 OK - 347 bytes in 0.441
second response time Sep 19 14:36:15 tutu nagios3: SERVICE
NOTIFICATION: tata;tete_vm;HTTP;OK;notify-service-by-email;HTTP OK:
HTTP/1.1 200 OK - 347 bytes in 0.441 second response time
The command:
/usr/bin/gpg2 --armor --encrypt --recipient toto#titi.com | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" $CONTACTEMAIL$</code>
works very well on command line
I have tested this command:
/usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$\n" | /usr/bin/gpg2 --armor --encrypt --recipient toto#titi.com >> /tmp/toto.txt
The file /tmp/toto.txt is created but "empty".
So, it seems to be a problem using /usr/bin/gpg2 on this file, but I cannot find why!
The most common mistake when encrypting from within services using GnuPG is that the recipient's key was imported by another (system) user than the one the service is running under, for example imported by root, but the service runs as nagios.
GnuPG maintains per-user "GnuPG home directories" (usually ~/.gnupg) with per-user keyrings in them. If you imported as root, other service accounts don't know anything about the keys in there.
The first step for debugging the issue would be to redirect gpg's stderr to a file, so you can read the error message by adding 2>>/tmp/gpg-error.log to the GnuPG call:
/usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$\n" | /usr/bin/gpg2 --armor --encrypt --recipient toto#titi.com 2>>/tmp/gpg-error.log | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" $CONTACTEMAIL$
If the issue is something like "key not found" or similar, you've got two possibilities to resolve the issue:
Import to the service's user account. Switch to the service's user, and import the key again.
Hard-code the GnuPG home directory to somewhere else using the --homedir [directory] option, for example in a place you also store your Nagios plugins.
Be aware of using appropriate, restrictive permissions. GnuPG is very picky if other users than the owner are allowed to read the files!
Related
I have the following very simple manifest:
type: install
name: very simple manifest
onInstall:
- log: installing manifest
I can install it from the Jelastic Dashboard. There is an import function in the main menu where I can copy / paste that manifest content and it gets installed. In the Jelastic console, I can see
[15:36:38 manifest.settings]: BEGIN INSTALLATION: very simple manifest
[15:36:39 manifest.settings]: BEGIN HANDLE EVENT: {"topic":"application/install","envAppid":""}
[15:36:39 manifest.settings:1]:> installing manifest
[15:36:39 manifest.settings]: END HANDLE EVENT: application/install
[15:36:39 manifest.settings]: END INSTALLATION: very simple manifest
and the Jelastic dashboard confirms installation.
Now, when I do the same, but via the Jelastic REST API, i.e. using the endpoint
http://my-jelastic-provide.com/1.0/marketplace/jps/REST/install
with the relevant data, then, it doesn't install. Instead, I get the strange error message
Can\'t find environment by domain [jelasticclient-master-0954606]
where jelasticclient-master-0954606 is the envName I set.
However, if I change my manifest to e.g.
type: install
name: very simple manifest
nodes:
count: 1
cloudlets: 4
nodeGroup: cp
image: alpine:latest
skipNodeEmails: true
onInstall:
- log: installing manifest
then it installs perfectly. What am I missing?
I am using Jelastic v6.0.2.
Your "very simple manifest" doesn't suppose any environment name to be passed.
That's why when you pass it you get an error "Can't find environment by domain [domain-name]" (Example1).
When you don't have the "nodes" parameter in the manifest (as in your second example), you shouldn't pass any environment name (Example2) or should pass the existing environment name (response is in Example3).
Example1:
curl -X POST 'https://jca.host-domain/1.0/marketplace/jps/rest/install' \
-d 'envName=jelasticclient-master-0954606' \
-d session=*** \
-d skipNodeEmails=1 \
-d ownerUid=UID \
--data-urlencode 'jps={ "type": "install", "name": "very simple manifest", "onInstall": [ { "log": "installing manifest" } ] }'
The response is:
{"result":11,"response":{"result":11,"source":"JEL","error":"domain [jelasticclient-master-0954606] doesn't exist"},"source":"JEL","error":"domain [jelasticclient-master-0954606] doesn't exist"}
When the environment name is not passed (Example2),
curl -X POST 'https://jca.host-domain/1.0/marketplace/jps/rest/install' \
-d session=*** \
-d skipNodeEmails=1 \
-d ownerUid=UID \
--data-urlencode 'jps={ "type": "install", "name": "very simple manifest", "onInstall": [ { "log": "installing manifest" } ] }'
the response is
{"result":0,"uniqueName":"3c819586-2ef7-4691-9faa-d3059459d20e","response":{"result":0,"uniqueName":"3c819586-2ef7-4691-9faa-d3059459d20e","successText":"","appid":""},"appid":"","successText":""}
When the environment with envName=jelasticclient-master-0954606 already exists, the response of the same request from the Example1 is as this (Example3)
{"result":0,"uniqueName":"b52a8db9-8850-4b66-958a-3dee3345b923","response":{"result":0,"uniqueName":"b52a8db9-8850-4b66-958a-3dee3345b923","successText":"","appid":"7b0c465f6c9573b8d8ce3ed59591781b"},"appid":"7b0c465f6c9573b8d8ce3ed59591781b","successText":""}
In other words, if you pass the environment name when deploying this "very simple manifest" this manifest is installed like an add-on because there is no "nodes" parameter in it but there is no existing environment "jelasticclient-master-0954606" to install this "add-on".
I've updated cygnus from version 0.13 to 1.7.0 by installing NGSI following this tutorial:
https://github.com/telefonicaid/fiware-cygnus/tree/master/cygnus-ngsi
Error the subscription
[
{
"id": "59d38a92dbaa1e477aef9c00",
"description": "A subscription to get info about pruebas",
"status": "failed",
"subject": {
"entities": [
{
"id": "pruebas",
"type": "pruebas"
}
],
"condition": {
"attrs": [
"pressure"
]
}
},
"notification": {
"timesSent": 2,
"lastNotification": "2017-10-03T13:03:43.00Z",
"attrs": [
"temperature",
"pressure"
],
"attrsFormat": "legacy",
"http": {
"url": "http://localhost:5050/notify"
},
"lastFailure": "2017-10-03T13:03:43.00Z"
}
}
]
viewing the contextBroker log gives the following:
$pp[328]:notificationError | msg=Raising alarm NotificationError http://localhost:5050/notify: (curl_easy_perform failed: Couldn't connect to server)
I have contextBroker on the same machine as cygnus so I have already tried to change the notify ip for the server and for localhost and it does not work for any of it.
with version 0.13 if it works with localhost.
What could be the problem?
It does not even come to cygnus configuration files because it can not access from the contextBroker.
Greetings and thank you.
EDIT1:
I am tested with the fiwareLab machines and removing cygnus 0.13 that comes pre installed with YUM REMOVE CYGNUS. Then I installed 1.7 with YUM INSTALL CYGNUS-NGSI and installed two packages ngsi and common.
Restarting the service with service cygnus restart indicates the following:
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
cygnus-ngsi x86_64 1.7.1-0.g9df0d4d fiware 74 M
Installing for dependencies:
cygnus-common x86_64 1.7.1-0.g9df0d4d fiware 128 M
Transaction Summary
================================================================================
Install 2 Package(s)
Total size: 202 M
Installed size: 223 M
Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
[INFO] Creating cygnus user
Installing : cygnus-common-1.7.1-0.g9df0d4d.x86_64 1/2
[INFO] Creating log directory
Done
Installing : cygnus-ngsi-1.7.1-0.g9df0d4d.x86_64 2/2
Verifying : cygnus-common-1.7.1-0.g9df0d4d.x86_64 1/2
Verifying : cygnus-ngsi-1.7.1-0.g9df0d4d.x86_64 2/2
Installed:
cygnus-ngsi.x86_64 0:1.7.1-0.g9df0d4d
Dependency Installed:
cygnus-common.x86_64 0:1.7.1-0.g9df0d4d
Complete!
[centos#centos6 cygnus]$ sudo service cygnus restart
There aren't any instance of Cygnus running [ OK ]
Starting Cygnus 1... [ OK ]
When I try on my server I do the same steps but when doing the service cygnus restart has two cygnus the 1 and 2 not as in vuesta machine that only has one and therefore indicates that the port 8081 is already in use.
Dependencias resueltas
============================================================================================================================================================================
Paquete Arquitectura Versión Repositorio Tamaño
============================================================================================================================================================================
Instalando:
cygnus-ngsi x86_64 1.7.1-0.g9df0d4d fiware 74 M
Instalando para las dependencias:
cygnus-common x86_64 1.7.1-0.g9df0d4d fiware 128 M
Resumen de la transacción
============================================================================================================================================================================
Instalar 2 Paquete(s)
Tamaño total de la descarga: 202 M
Tamaño instalado: 223 M
Está de acuerdo [s/N]:s
Descargando paquetes:
(1/2): cygnus-common_hadoopcore_1.2.1-1.7.1-0.g9df0d4d.x86_64.rpm | 128 MB 00:14
(2/2): cygnus-ngsi-1.7.1-0.g9df0d4d.x86_64.rpm | 74 MB 00:07
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 8.9 MB/s | 202 MB 00:22
Ejecutando el rpm_check_debug
Ejecutando prueba de transacción
La prueba de transacción ha sido exitosa
Ejecutando transacción
[INFO] Creating cygnus user
Instalando : cygnus-common-1.7.1-0.g9df0d4d.x86_64 1/2
[INFO] Creating log directory
Done
Instalando : cygnus-ngsi-1.7.1-0.g9df0d4d.x86_64 2/2
Verifying : cygnus-common-1.7.1-0.g9df0d4d.x86_64 1/2
Verifying : cygnus-ngsi-1.7.1-0.g9df0d4d.x86_64 2/2
Instalado:
cygnus-ngsi.x86_64 0:1.7.1-0.g9df0d4d
Dependencia(s) instalada(s):
cygnus-common.x86_64 0:1.7.1-0.g9df0d4d
¡Listo!
[root#UAL-IoF2020 conf]# ls
agent_1.conf agent_ngsi.conf.template cygnus_instance_2.conf grouping_rules_2.conf krb5_login.conf README-cygnus-common.md
agent_3.conf cartodb_keys.conf.template cygnus_instance.conf.template grouping_rules.conf.template log4j.properties README-cygnus-ngsi.md
agent.conf.template cygnus_instance_1.conf flume-env.sh.template krb5.conf.template name_mappings.conf.template
[root#UAL-IoF2020 conf]# service cygnus restart
There aren't any instance of Cygnus running [ OK ]
Starting Cygnus 1... [ OK ]
Starting Cygnus 2... [ OK ]
[root#UAL-IoF2020 conf]#
Is it possible that this is the problem and that is not recognizing my NGSI and this occupying the 8081 the common? or is this normal?
Log cygnus :
time=2017-10-03T21:51:09.326Z | lvl=INFO | corr= | trans= | srv= | subsrv= | comp=cygnusagent | op=main | msg=com.telefonica.iot.cygnus.nodes.CygnusApplication[301] : Starting a Jetty server listening on 0.0.0.0:8081 (Management Interface)
time=2017-10-03T21:51:09.381Z | lvl=WARN | corr= | trans= | srv= | subsrv= | comp=cygnusagent | op=warn | msg=org.mortbay.log.Slf4jLog[76] : failed SelectChannelConnector#0.0.0.0:8081: java.net.BindException: La dirección ya se está usando
time=2017-10-03T21:51:09.381Z | lvl=WARN | corr= | trans= | srv= | subsrv= | comp=cygnusagent | op=warn | msg=org.mortbay.log.Slf4jLog[76] : failed Server#52992ace: java.net.BindException: La dirección ya se está usando
time=2017-10-03T21:51:09.381Z | lvl=FATAL | corr= | trans= | srv= | subsrv= | comp=cygnusagent | op=run | msg=com.telefonica.iot.cygnus.http.JettyServer[90] : Fatal error running the Management Interface. Details=La dirección ya se está usando
EDIT2
I have already solved the problem of two cygnus, had two agent_1 and agent_2 created. I have deleted one of them and already performing service cygnus restart appears only one cygnus. We are getting better.
But I still have the same problem with the subscriptions:
The contextBroker log indicates:
msg = Raising alarm NotificationError http: // localhost: 5050 / notify: (curl_easy_perform failed: could not connect to server)
When I try:
[root # UAL-IoF2020 conf] # netstat -np | grep 5050
I do not think anything.
When I launch this:
[root # UAL-IoF2020 conf] # netstat -np | grep 1026
tcp 0 0 150.XXX.XXX.XXX:1026 XXX.XXX.XXX.XXX:50348 ESTABLISHED 5169 / contextBroker
I am trying to launch a Test of your page.
./notification-json-simple.sh http: // localhost: 5050 / notify myservice myservicepath
and gives me the following error:
[root # UAL-IoF2020 ngsi-examples] # ./notification-json-simple.sh http: // localhost: 5050 / notify myservice myservicepath
* About to connect () to localhost port 5050 (# 0)
* Trying :: 1 ... Connection refused
* Trying 127.0.0.1 ... Connection refused
* could not connect to host
* Closing connection # 0
curl: (7) could not connect to host
It gives the impression that in the 5050 I have nothing listening.
Any clue what that might be?
cygnus-ngsi.sources = http-source
cygnus-ngsi.sinks = mysql-sink
cygnus-ngsi.channels = mysql-channel
#=============================================
# source configuration
# channel name where to write the notification events
cygnus-ngsi.sources.http-source.channels = mysql-channel
# source class, must not be changed
cygnus-ngsi.sources.http-source.type = org.apache.flume.source.http.HTTPSource
# listening port the Flume source will use for receiving incoming notifications
cygnus-ngsi.sources.http-source.port = 5050
# Flume handler that will parse the notifications, must not be changed
cygnus-ngsi.sources.http-source.handler = com.telefonica.iot.cygnus.handlers.NGSIRestHandler
# URL target
cygnus-ngsi.sources.http-source.handler.notification_target = /notify
# default service (service semantic depends on the persistence sink)
cygnus-ngsi.sources.http-source.handler.default_service = default
# default service path (service path semantic depends on the persistence sink)
cygnus-ngsi.sources.http-source.handler.default_service_path = /
# source interceptors, do not change
cygnus-ngsi.sources.http-source.interceptors = ts gi
# TimestampInterceptor, do not change
cygnus-ngsi.sources.http-source.interceptors.ts.type = timestamp
# GroupingInterceptor, do not change
cygnus-ngsi.sources.http-source.interceptors.gi.type = com.telefonica.iot.cygnus.interceptors.NGSIGroupingInterceptor$Builder
# Grouping rules for the GroupingInterceptor, put the right absolute path to the file if necessary
# see the doc/design/interceptors document for more details
cygnus-ngsi.sources.http-source.interceptors.gi.grouping_rules_conf_file = /usr/cygnus/conf/grouping_rules.conf
Do I have to install cygnus-common manual?
Reading the documentation (https://github.com/telefonicaid/fiware-cygnus/tree/master/cygnus-ngsi) it's wrote:
Cygnus NGSI is based on Apache Flume, which is used through cygnus-common and which Cygnus NGSI depends on.
I think you need to install cygnus-common.
I have already solved the problem.
It was in the configuration file of cygnus_instance_1.conf, you had to rename the cygnusagent agent by cygnus-ngsi.
For installation, I have simply followed these steps.
Install ContextBroker.
Install MongoDB (for contextBroker to
work).
Install cygnus-ngsi, this in turn installed automatically
cygnus-common.
Copy the agent_ngsi.conf.template and rename it with
agent_1.conf
Copy the cygnus_instance.conf.template to cygnus_instance_1.conf
Rename the agent from cygnus_instance_1.conf to cygnus-ngsi and the configuration file created above (agent_1.conf)
All this has been with Yum Install, with RPM, I have not had to install apache flume or anything, this way it does everything automatically.
I hope this helps and thanks.
The last error log you have posted is the key: there is another running process listening on TCP/5050 port. Most probably, a previous run of Cygnus not stopped/killed properly.
i installed Nagios core on my system which sends me an email if some service goes into Critical/warning stage. everything is working fine.
I have configures post-fix to send out an email and configured an email address in "sasl_passwd" file something like this "[smtp.gmail.com]:587 <email-id>:<password>".
when i receive a mail about service stage it comes as a "Alert from <email-id>" now i want to change that i want an email to come as "Nagios alert" or something like that in mail subject rather than just <email-id> showing.
How can i do that?
Alter your commands notify-host-by-email and notify-service-by-email. These commands are what sends the email notification. It pipes a message string to /bin/mail by default. It already includes the -s flag indicating the subject. So in order to overwrite the sender, we check man mail and determine that the flag is -r [from-addr]. So, you can change your commands from:
# 'notify-host-by-email' command definition
define command{
command_name notify-host-by-email
command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" | /bin/mail -s "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" $CONTACTEMAIL$
}
# 'notify-service-by-email' command definition
define command{
command_name notify-service-by-email
command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$\n" | /bin/mail -s "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" $CONTACTEMAIL$
}
To:
# 'notify-host-by-email' command definition
define command{
command_name notify-host-by-email
command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" | /bin/mail -r "someemail#somewhere.com" -s "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" $CONTACTEMAIL$
}
# 'notify-service-by-email' command definition
define command{
command_name notify-service-by-email
command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$\n" | /bin/mail -r "someemail#somewhere.com" -s "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" $CONTACTEMAIL$
}
Where someemail#somewhere.com is your email address.
Hope this helps.
EDITED:
I've an OpenShift cluster with one master and two nodes. I've installed NFS on the master and NFS client on the nodes.
I've followed the wordpress example with NFS: https://github.com/openshift/origin/tree/master/examples/wordpress
I did the following on my master as: oc login -u system:admin:
mkdir /home/data/pv0001
mkdir /home/data/pv0002
chown -R nfsnobody:nfsnobody /home/data
chmod -R 777 /home/data/
# Add to /etc/exports
/home/data/pv0001 *(rw,sync,no_root_squash)
/home/data/pv0002 *(rw,sync,no_root_squash)
# Enable the new exports without bouncing the NFS service
exportfs -a
So exportfs shows:
/home/data/pv0001
<world>
/home/data/pv0002
<world>
$ setsebool -P virt_use_nfs 1
# Create the persistent volumes for NFS.
# I did not change anything in the yaml-files
$ oc create -f examples/wordpress/nfs/pv-1.yaml
$ oc create -f examples/wordpress/nfs/pv-2.yaml
$ oc get pv
NAME LABELS CAPACITY ACCESSMODES STATUS CLAIM REASON
pv0001 <none> 1073741824 RWO,RWX Available
pv0002 <none> 5368709120 RWO Available
This is also what I get.
Than I'm going to my node:
oc login
test-admin
And I create a wordpress project:
oc new-project wordpress
# Create claims for storage in my project (same namespace).
# The claims in this example carefully match the volumes created above.
$ oc create -f examples/wordpress/pvc-wp.yaml
$ oc create -f examples/wordpress/pvc-mysql.yaml
$ oc get pvc
NAME LABELS STATUS VOLUME
claim-mysql map[] Bound pv0002
claim-wp map[] Bound pv0001
This looks exactly the same for me.
Launch the MySQL pod.
oc create -f examples/wordpress/pod-mysql.yaml
oc create -f examples/wordpress/service-mysql.yaml
oc create -f examples/wordpress/pod-wordpress.yaml
oc create -f examples/wordpress/service-wp.yaml
oc get svc
NAME LABELS SELECTOR IP(S) PORT(S)
mysql name=mysql name=mysql 172.30.115.137 3306/TCP
wpfrontend name=wpfrontend name=wordpress 172.30.170.55 5055/TCP
So actually everyting seemed to work! But when I'm asking for my pod status I get the following:
[root#ip-10-0-0-104 pv0002]# oc get pod
NAME READY STATUS RESTARTS AGE
mysql 0/1 Image: openshift/mysql-55-centos7 is ready, container is creating 0 6h
wordpress 0/1 Image: wordpress is not ready on the node 0 6h
The pods are in pending state and in the webconsole they're giving the following error:
12:12:51 PM mysql Pod failedMount Unable to mount volumes for pod "mysql_wordpress": exit status 32 (607 times in the last hour, 41 minutes)
12:12:51 PM mysql Pod failedSync Error syncing pod, skipping: exit status 32 (607 times in the last hour, 41 minutes)
12:12:48 PM wordpress Pod failedMount Unable to mount volumes for pod "wordpress_wordpress": exit status 32 (604 times in the last hour, 40 minutes)
12:12:48 PM wordpress Pod failedSync Error syncing pod, skipping: exit status 32 (604 times in the last hour, 40 minutes)
Unable to mount +timeout. But when I'm going to my node and I'm doing the following (test is a created directory on my node):
mount -t nfs -v masterhostname:/home/data/pv0002 /test
And I place some file in my /test on my node than it appears in my /home/data/pv0002 on my master so that seems to work.
What's the reason that it's unable to mount in OpenShift?
I've been stuck on this for a while.
LOGS:
Oct 21 10:44:52 ip-10-0-0-129 docker: time="2015-10-21T10:44:52.795267904Z" level=info msg="GET /containers/json"
Oct 21 10:44:52 ip-10-0-0-129 origin-node: E1021 10:44:52.832179 1148 mount_linux.go:103] Mount failed: exit status 32
Oct 21 10:44:52 ip-10-0-0-129 origin-node: Mounting arguments: localhost:/home/data/pv0002 /var/lib/origin/openshift.local.volumes/pods/2bf19fe9-77ce-11e5-9122-02463424c049/volumes/kubernetes.io~nfs/pv0002 nfs []
Oct 21 10:44:52 ip-10-0-0-129 origin-node: Output: mount.nfs: access denied by server while mounting localhost:/home/data/pv0002
Oct 21 10:44:52 ip-10-0-0-129 origin-node: E1021 10:44:52.832279 1148 kubelet.go:1206] Unable to mount volumes for pod "mysql_wordpress": exit status 32; skipping pod
Oct 21 10:44:52 ip-10-0-0-129 docker: time="2015-10-21T10:44:52.832794476Z" level=info msg="GET /containers/json?all=1"
Oct 21 10:44:52 ip-10-0-0-129 docker: time="2015-10-21T10:44:52.835916304Z" level=info msg="GET /images/openshift/mysql-55-centos7/json"
Oct 21 10:44:52 ip-10-0-0-129 origin-node: E1021 10:44:52.837085 1148 pod_workers.go:111] Error syncing pod 2bf19fe9-77ce-11e5-9122-02463424c049, skipping: exit status 32
Logs showed Oct 21 10:44:52 ip-10-0-0-129 origin-node: Output: mount.nfs: access denied by server while mounting localhost:/home/data/pv0002
So it failed mounting on localhost.
to create my persistent volume I've executed this yaml:
{
"apiVersion": "v1",
"kind": "PersistentVolume",
"metadata": {
"name": "registry-volume"
},
"spec": {
"capacity": {
"storage": "20Gi"
},
"accessModes": [ "ReadWriteMany" ],
"nfs": {
"path": "/home/data/pv0002",
"server": "localhost"
}
}
}
So I was mounting to /home/data/pv0002 but this path was not on the localhost but on my master server (which is ose3-master.example.com. So I created my PV in a wrong way.
{
"apiVersion": "v1",
"kind": "PersistentVolume",
"metadata": {
"name": "registry-volume"
},
"spec": {
"capacity": {
"storage": "20Gi"
},
"accessModes": [ "ReadWriteMany" ],
"nfs": {
"path": "/home/data/pv0002",
"server": "ose3-master.example.com"
}
}
}
This was also in a training environment. It's recommended to have a NFS server outside of your cluster to mount to.
I use tcpdump on openwrt to capture packets and send them to a raspberry pi with netcat.
the problem is that i want to use multiple routers to capture the requests, and forward them to the raspberry pi.
tcpdump -i wlan0 -e -s 256 -l type mgt subtype probe-req |nc 192.168.0.230 22222
And i recieve the packet info with a python script:
import socket
HOST = 'localhost' # use '' to expose to all networks
PORT = 12345
def incoming(host, port):
"""Open specified port and return file-like object"""
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
# set SOL_SOCKET.SO_REUSEADDR=1 to reuse the socket if
# needed later without waiting for timeout (after it is
# closed, for example)
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
sock.bind((host, port))
sock.listen(0) # do not queue connections
request, addr = sock.accept()
return request.makefile('r', 0)
# /-- network ---
for line in incoming(HOST, PORT):
print line,
output:
15:17:57 801928 3933710786us tsft 1.0 Mb/s 2412 Mhz 11b -38dB signal antanna 1 BSSID: broadcast SA:xxxx ....
desired output:
192.168.0.130 15:17:57 801928 3933710786us tsft 1.0 Mb/s 2412 Mhz 11b -38dB signal antanna 1 BSSID: broadcast SA:xxxx ....
But how can i add the the Ip-address of the router to the command? so i can see witch router received the packet.
Or how can i just send and extra string like "router1" to identify the router?
You can send an extra string to the router with the script below:
#! /bin/bash
ip=$(ifconfig wlan0 | grep cast | awk -F: '{print $2}' | awk '{print $1}' )
tcpdump -i wlan0 -e -s 256 -l type mgt subtype probe-req |\
while read line; do
echo "$ip" "$(date +%T)" "$line"
done | nc 192.168.0.230 22222
It will insert ip address and time stamp at the beggining of each line of tcpdump's output and pipe it to netcat.