Cannot Boot Strap Initial Policy Server.

[Steve Ovens]

Hi All,

I am having trouble getting CFEngine up on CentOS 6.5. I have downloaded the RPMs and installed them

 wget https://s3.amazonaws.com/cfengine.package-repos/community_binaries/cfengine-community-3.6.0-1.x86_64.rpm
 rpm -Uhv cfengine-community-3.6.0-1.x86_64.rpm

 

Then I attempted the bootstrap

2014-07-06T10:15:55-0400    error: /default/cfe_internal_update/files/'/var/cfengine/inputs'[0]: No suitable server responded to hail
R: This autonomous node assumes the role of voluntary client
R: Failed to copy policy from policy server at 192.168.99.60:/var/cfengine/masterfiles
       Please check
       * cf-serverd is running on 192.168.99.60
       * network connectivity to 192.168.99.60 on port 5308
       * masterfiles 'body server control' - in particular allowconnects, trustkeysfrom and skipverify
       * masterfiles 'bundle server' -> access: -> masterfiles -> admit/deny
       It is often useful to restart cf-serverd in verbose mode (cf-serverd -v) on 192.168.99.60 to diagnose connection issues.
       When updating masterfiles, wait (usually 5 minutes) for files to propagate to inputs on 192.168.99.60 before retrying.
R: Did not start the scheduler
2014-07-06T10:15:55-0400   notice: /default/cfe_internal_call_update/commands/'"/var/cfengine/bin/cf-agent" -f update.cf'[0]: Q: ".../cf-agent" -f u": 2014-07-06T10:15:55-0400    error: There is no readable input file at '/var/cfengine/inputs/update.cf'. (stat: No such file or directory)
Q: ".../cf-agent" -f u": 2014-07-06T10:15:55-0400    error: CFEngine was not able to get confirmation of promises from cf-promises, so going to failsafe
Q: ".../cf-agent" -f u": 2014-07-06T10:15:55-0400    error: /default/cfe_internal_update/files/'/var/cfengine/inputs'[0]: No suitable server responded to hail
Q: ".../cf-agent" -f u": R: Failed to copy policy from policy server at 192.168.99.60:/var/cfengine/masterfiles
Q: ".../cf-agent" -f u":        Please check
Q: ".../cf-agent" -f u":        * cf-serverd is running on 192.168.99.60
Q: ".../cf-agent" -f u":        * network connectivity to 192.168.99.60 on port 5308
Q: ".../cf-agent" -f u":        * masterfiles 'body server control' - in particular allowconnects, trustkeysfrom and skipverify
Q: ".../cf-agent" -f u":        * masterfiles 'bundle server' -> access: -> masterfiles -> admit/deny
Q: ".../cf-agent" -f u":        It is often useful to restart cf-serverd in verbose mode (cf-serverd -v) on 192.168.99.60 to diagnose connection issues.
Q: ".../cf-agent" -f u":        When updating masterfiles, wait (usually 5 minutes) for files to propagate to inputs on 192.168.99.60 before retrying.
Q: ".../cf-agent" -f u": R: Did not start the scheduler
Q: ".../cf-agent" -f u": 2014-07-06T10:15:55-0400   notice: /default/cfe_internal_call_update/commands/'"/var/cfengine/bin/cf-agent" -f update.cf'[0]: Q: ".../cf-agent" -f u": 2014-07-06T10:15:55-0400    error: There is no readable input file at '/var/cfengine/inputs/update.cf'. (stat: No such file or directory)
Q: ".../cf-agent" -f u": Q: ".../cf-agent" -f u": 2014-07-06T10:15:55-0400    error: CFEngine was not able to get confirmation of promises from cf-promises, so going to failsafe

2014-07-06T10:15:55-0400    error: Bootstrapping failed, no input file at '/var/cfengine/inputs/promises.cf' after bootstrap

This file definitely does not exist and promises.cf file in the input, only the failsafe. Following the suggestion in the output above, I ran cf-serverd -v:

cf-serverd -v
2014-07-06T10:17:10-0400  verbose: Could not open extension plugin 'cfengine-enterprise.so' from '/var/cfengine/lib/cfengine-enterprise.so': (not installed)
2014-07-06T10:17:10-0400  verbose: Setting cfengine default port to 5308
2014-07-06T10:17:10-0400  verbose: Work directory is /var/cfengine
2014-07-06T10:17:10-0400  verbose: Looking for a source of entropy in '/var/cfengine/randseed'
2014-07-06T10:17:10-0400  verbose: Making sure that locks are private...
2014-07-06T10:17:10-0400  verbose: Checking integrity of the state database
2014-07-06T10:17:10-0400  verbose: Checking integrity of the module directory
2014-07-06T10:17:10-0400  verbose: Checking integrity of the PKI directory
2014-07-06T10:17:10-0400  verbose: Loaded private key at '/var/cfengine/ppkeys/localhost.priv'
2014-07-06T10:17:10-0400  verbose: Loaded public key '/var/cfengine/ppkeys/localhost.pub'
2014-07-06T10:17:10-0400  verbose: Reference time set to 'Sun Jul  6 10:17:10 2014'
2014-07-06T10:17:10-0400  verbose: CFEngine Core 3.6.0
2014-07-06T10:17:10-0400  verbose: Host name is: cfengine
2014-07-06T10:17:10-0400  verbose: Operating System Type is linux
2014-07-06T10:17:10-0400  verbose: Operating System Release is 2.6.32-042stab088.4
2014-07-06T10:17:10-0400  verbose: Architecture = x86_64
2014-07-06T10:17:10-0400  verbose: Using internal soft-class linux for host cfengine
2014-07-06T10:17:10-0400  verbose: The time is now Sun Jul  6 10:17:10 2014
2014-07-06T10:17:10-0400  verbose: Additional hard class defined as: 64_bit
2014-07-06T10:17:10-0400  verbose: Additional hard class defined as: linux_2_6_32_042stab088_4
2014-07-06T10:17:10-0400  verbose: Additional hard class defined as: linux_x86_64
2014-07-06T10:17:10-0400  verbose: Additional hard class defined as: linux_x86_64_2_6_32_042stab088_4
2014-07-06T10:17:10-0400  verbose: GNU autoconf class from compile time: compiled_on_linux_gnu
2014-07-06T10:17:10-0400  verbose: Address given by nameserver: 192.168.99.60
2014-07-06T10:17:10-0400  verbose: No interface exception file /var/cfengine/inputs/ignore_interfaces.rx
2014-07-06T10:17:10-0400  verbose: Interface 1: lo
2014-07-06T10:17:10-0400  verbose: Interface 2: venet0
2014-07-06T10:17:10-0400  verbose: IP address of host set to 127.0.0.1
2014-07-06T10:17:10-0400  verbose: Skipping apparent virtual interface 3: venet0:0
2014-07-06T10:17:10-0400  verbose: Trying to locate my IPv6 address
2014-07-06T10:17:10-0400  verbose: Looking for environment from cf-monitord...
2014-07-06T10:17:10-0400  verbose: Unable to detect environment from cf-monitord
2014-07-06T10:17:10-0400  verbose: This appears to be a redhat (or redhat-based) system.
2014-07-06T10:17:10-0400  verbose: Looking for redhat linux info in 'CentOS release 6.5 (Final)'
2014-07-06T10:17:10-0400  verbose: This appears to be an OpenVZ/Virtuozzo/Parallels Cloud Server guest system.

2014-07-06T10:17:10-0400  verbose: Found 16 processors
2014-07-06T10:17:10-0400  verbose: This agent is not bootstrapped
2014-07-06T10:17:10-0400    error: There is no readable input file at '/var/cfengine/inputs/promises.cf'. (stat: No such file or directory)

Is a CFEngine Policy Server not supported with venet?

Can someone please advise?

Thanks!

 

[Brian Bennett]

What's the exact command you used to bootstrap?

Do you have an existing set of policies? If not you'll need to download the default set (https://github.com/cfengine/masterfiles/archive/3.6.0.tar.gz) and follow the instructions in the README.md.

-- 

Brian Bennett

Looking for CFEngine training?

http://www.verticalsysadmin.com/

--
You received this message because you are subscribed to the Google Groups "help-cfengine" group.
To unsubscribe from this group and stop receiving emails from it, send an email to help-cfengin...@googlegroups.com.
To post to this group, send email to help-c...@googlegroups.com.
Visit this group at http://groups.google.com/group/help-cfengine.
For more options, visit https://groups.google.com/d/optout.

[Steve Ovens]

Hi Brian,

Thanks for the response. This additional dependency should be noted somewhere so that n00bs like me don't have to pester you fine folks with trivia like this. Is there a plan to include this in the RPMs in the future?

[Steve Ovens]

After downloading the masterfiles linked by Brian and following the instructions I am still having the same problems as before. Is there some other package that needs to be downloaded that provides the input/* files?

[Brian Bennett]

They've always been included until 3.6. Recently it was decided that masterfiles should be split into its own repository.

You're right, it should be easier to learn this.

-- 

Brian Bennett

Looking for CFEngine training?

http://www.verticalsysadmin.com/

[Brian Bennett]

Inputs should be automatically copied from masterfiles during bootstrap.

When you get masterfiles, you need to extract it somewhere else then run make, it won't work if you just put it directly in masterfiles.

-- 

Brian Bennett

Looking for CFEngine training?

http://www.verticalsysadmin.com/

On Jul 6, 2014, at 10:33 AM, Steve Ovens <steve...@gmail.com> wrote:

After downloading the masterfiles linked by Brian and following the instructions I am still having the same problems as before. Is there some other package that needs to be downloaded that provides the input/* files?

--

[Steve Ovens]

Thanks again for the reply

Just for clarification this is what I did:

1) Purge CFEngine (rpm -e) then remove remaining files

2) Downloaded the cfengine-community rpm from the website

3) installed via rpm -Uhv 

4) downloaded the masterfiles from the link provided above

5) untarred it

6) make install (as the README.md describes)

7) cf-agent -B 192.168.99.60 (cf-agent is in the path)

8) fail

I'm sorry if I misunderstood or missed a step. Please let me know if I did something out of order

[Nick Anderson]

Hi Steven,

Looks like your running into this open issue: https://dev.cfengine.com/issues/1490

One of the comments suggests "Workaround is to define eth0 for container as described in http://wiki.openvz.org/Virtual_Ethernet_device."

[Steve Ovens]

Hi Nick,

Thanks for the reply. You are correct, adding eth0 to my container allowed me to bootstrap successfully!

I am sure I will have more questions in the future as I stumble my way through CFEngine, but for now I am ready to move forward

Cheers

[Brian Bennett]

I've just opened a pull request to fix this.

https://github.com/cfengine/core/pull/1819

-- 
Brian Bennett
Looking for CFEngine training?
http://www.verticalsysadmin.com/