> I am running spacewalk 1.4 on RHEL 5u5 > > I am in the process of adding clients to a proxy server and so far none of > them are showing up as 'online' in the Spacewalk UI. My proxy server > shows as online and I can run remote commands on it through the UI. I can > see connections from the clients on the proxy server port 5222. In syslog > on the proxy and on the server I see that dialback is failing > > All hostnames are fqdn, sanitized here: > spacewalk-proxy: > Oct 25 08:46:03 spacewalk-proxy jabberd/s2s[21730]: dns lookup for > spacewalk-server failed Oct 25 08:46:03 spacewalk-proxy > jabberd/s2s[21730]: [8] [10.57.199.45, port=5269] outgoing connection for > spacewalk-server Oct 25 08:46:03 spacewalk-proxy jabberd/s2s[21730]: [8] > [10.57.199.45, port=5269] sending dialback auth request for route > spacewalk-proxy /spacewalk-server Oct 25 08:47:04 spacewalk-proxy > jabberd/s2s[21730]: [8] [10.57.199.45, port=5269] error: Stream error > (dialback timed out) Oct 25 08:47:04 spacewalk-proxy jabberd/s2s[21730]: > [8] [10.57.199.45, port=5269] disconnect, packets: 0 > > spacewalk-server: > Oct 25 08:46:03 spacewalk-server jabberd/s2s[1913]: [8] [10.48.199.32, > port=46525] received dialback auth request for route spacewalk-server > /spacewalk-proxy Oct 25 08:46:34 spacewalk-server jabberd/s2s[1913]: dns > lookup for spacewalk-proxy failed Oct 25 08:47:04 spacewalk-server > jabberd/s2s[1913]: [8] [10.48.199.32, port=46525] dialback for incoming > route spacewalk-server / spacewalk-proxy timed out > > The obvious thing here is the dns lookup failures. The odd thing is that > DNS is working fine in my environment. I can lookup forward and reverse > entries for both server and proxy. So I added an entry in /etc/hosts on > both servers. I had to restart osad and run an rhn_check on a client to > trigger the dialback request (pinging from the UI didn't do it). Now the > dialback route is showing valid in the logs and the client behind the > proxy shows online in the UI. > > So I dug a bit in the jabberd config files and found this stanza in the > s2s.xml: > > <!-- Local network configuration --> > <local> > <!-- > Helper DNS resolver component - if this component is not > connected, dialback connections will fail > (default: resolver) --> > <resolver>resolver</resolver> > > According to the online documentation for OSA, /usr/bin/resolver is one of > the 6 components of jabberd > (https://fedorahosted.org/spacewalk/wiki/OsadHowTo). However, > /usr/bin/resolver does not exist on my servers and is not part of the > jabberd package I have: jabberd-2.2.11-2.el5. The resolver.xml is also > absent from spacewalk-setup-jabberd-1.3.2-1.el5.
You are right -- resolver component has been deprecated and the /s2s/local/resolver thing is no longer needed in s2s.xml. I removed the corresponding template from s2s.xsl. > My question then is, given that the resolver service has been deprecated, > how should s2s resolve names? In my environment, adding /etc/hosts > entries to all the proxies and the master is feasible, but using DNS would > be less brittle over time. I'm afraid I cannot answer your question, nevertheless you may remove /s2s/local/resolver from your /etc/jabberd/s2s.xml. Thank you for your feedback. -Milan Zazrivec _______________________________________________ Spacewalk-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/spacewalk-list
