I am running spacewalk 1.4 on RHEL 5u5
I am in the process of adding clients to a proxy server and so far none of them
are showing up as 'online' in the Spacewalk UI. My proxy server shows as
online and I can run remote commands on it through the UI. I can see
connections from the clients on the proxy server port 5222. In syslog on the
proxy and on the server I see that dialback is failing
All hostnames are fqdn, sanitized here:
spacewalk-proxy:
Oct 25 08:46:03 spacewalk-proxy jabberd/s2s[21730]: dns lookup for
spacewalk-server failed
Oct 25 08:46:03 spacewalk-proxy jabberd/s2s[21730]: [8] [10.57.199.45,
port=5269] outgoing connection for spacewalk-server
Oct 25 08:46:03 spacewalk-proxy jabberd/s2s[21730]: [8] [10.57.199.45,
port=5269] sending dialback auth request for route spacewalk-proxy
/spacewalk-server
Oct 25 08:47:04 spacewalk-proxy jabberd/s2s[21730]: [8] [10.57.199.45,
port=5269] error: Stream error (dialback timed out)
Oct 25 08:47:04 spacewalk-proxy jabberd/s2s[21730]: [8] [10.57.199.45,
port=5269] disconnect, packets: 0
spacewalk-server:
Oct 25 08:46:03 spacewalk-server jabberd/s2s[1913]: [8] [10.48.199.32,
port=46525] received dialback auth request for route spacewalk-server
/spacewalk-proxy
Oct 25 08:46:34 spacewalk-server jabberd/s2s[1913]: dns lookup for
spacewalk-proxy failed
Oct 25 08:47:04 spacewalk-server jabberd/s2s[1913]: [8] [10.48.199.32,
port=46525] dialback for incoming route spacewalk-server / spacewalk-proxy
timed out
The obvious thing here is the dns lookup failures. The odd thing is that DNS
is working fine in my environment. I can lookup forward and reverse entries
for both server and proxy. So I added an entry in /etc/hosts on both servers.
I had to restart osad and run an rhn_check on a client to trigger the dialback
request (pinging from the UI didn't do it). Now the dialback route is showing
valid in the logs and the client behind the proxy shows online in the UI.
So I dug a bit in the jabberd config files and found this stanza in the s2s.xml:
<!-- Local network configuration -->
<local>
<!--
Helper DNS resolver component - if this component is not
connected, dialback connections will fail
(default: resolver) -->
<resolver>resolver</resolver>
According to the online documentation for OSA, /usr/bin/resolver is one of the
6 components of jabberd (https://fedorahosted.org/spacewalk/wiki/OsadHowTo).
However, /usr/bin/resolver does not exist on my servers and is not part of the
jabberd package I have: jabberd-2.2.11-2.el5. The resolver.xml is also absent
from spacewalk-setup-jabberd-1.3.2-1.el5.
My question then is, given that the resolver service has been deprecated, how
should s2s resolve names? In my environment, adding /etc/hosts entries to all
the proxies and the master is feasible, but using DNS would be less brittle
over time.
--
Adam Glassman
Sr. Systems Engineer
Amdocs Interactive
Seattle, WA
This message and the information contained herein is proprietary and
confidential and subject to the Amdocs policy statement,
you may review at http://www.amdocs.com/email_disclaimer.asp
_______________________________________________
Spacewalk-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/spacewalk-list
