Conceptual question on connections between depot&config svr

[Earwain]

Hi,

We are setting up an OPSI server at OPSICONFIG.ACME.COM (our site) and multiple depots at OPSIDEPOT.CLIENT1.COM, OPSIDEPOT.CLIENT2.COM (customer sites)

Between the servers are WAN connections, and the OPSI config server is hosted in a data center with good bandwidth

- All depot servers can communicate over HTTPS port 4447 to the config server.
- The config server has a public URL and a public CA-SSL Certificate

My first question:
- should the CONFIG server be able to reach the DEPOT servers (i.e. initiate the connection to OPSIDEPOT.CLIENT1.COM) or is sufficient if the depot server (and the clients at the depot server) can reach the CONFIG server?

Related question:
- now, only the config server can be reached by the depot servers. All seems to work fine, including zsynching the packages with the config server (which is also set up as a depot server)
- however, we are unable to succesfully use any NETBOOT products. The error is a timeout at "mounting depot ...." (and then the local depot server at the client)

I have debugged this for hours, and even at log level 7, opsiconfd. doesn't really show me what's going on.
The bootimage log is never created, so opsiconfd is all I got.

I already checked
- rights on the /opt/pcbin dirs = ok
- versions of OPSI packages between main and slave servers = ok
- setting pcpatch password again. Works, no advantage
- TFTBOOT and CDROM boot - same issue
- using W7 x64, hwinvent, etc - all same issue

My theory is that the CONFIG server is trying to locate the DEPOT server (initiating connection) but the FQDN for the DEPOT server is not reachable by the CONFIG server (only the other direction). Could this be it?

Thanks and sorry for yet another long post... trying to be as clear as possible!

Attaching a code excerpt loglevel 7 from the opsiconfd log of the hostid we're trying to setup as well!
The error is on the third last line from the bottom of the excerpt.

Code: Alles auswählen

[7] [Dec 28 21:21:46] Got productOnClients (Backend.py|2597)
[6] [Dec 28 21:21:46] ProductOnClient <ProductOnClient clientId 'test-kvo-w7.alfaprint.be', productId 'win7-x64', installationStatus 'None', actionRequest 'None'> exist, updating (Backend.py|2782)
[7] [Dec 28 21:21:46] Dispatching method 'productOnClient_getObjects' to backends: [u'jsonrpc'] (BackendManager.py|304)
[7] [Dec 28 21:21:47] Dispatching method 'productOnClient_insertObject' to backends: [u'jsonrpc'] (BackendManager.py|304)
[6] [Dec 28 21:22:17] Traceback: (Logger.py|710)
[6] [Dec 28 21:22:17]      line 802 in 'execute' in file '/usr/lib/pymodules/python2.6/opsiconfd/opsiconfd.py' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 1 in '<module>' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 1 in 'productOnClient_updateObjects' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 393 in '_executeMethod' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/Backend.py' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 1 in '<module>' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 1 in 'productOnClient_updateObjects' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 393 in '_executeMethod' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/Backend.py' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 1 in '<module>' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 1 in 'productOnClient_updateObjects' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 678 in '_executeMethod' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/BackendManager.py' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 1 in '<module>' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 1 in 'productOnClient_updateObjects' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 393 in '_executeMethod' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/Backend.py' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 1 in '<module>' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 1 in 'productOnClient_updateObjects' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 393 in '_executeMethod' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/Backend.py' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 1 in '<module>' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 2783 in 'productOnClient_updateObjects' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/Backend.py' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 2748 in 'productOnClient_updateObject' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/Backend.py' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 2740 in '_productOnClientUpdateOrCreate' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/Backend.py' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 1 in 'productOnClient_insertObject' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 309 in '_dispatchMethod' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/BackendManager.py' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 1 in '<module>' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 1 in 'productOnClient_insertObject' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 582 in '_jsonRPC' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/JSONRPC.py' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 122 in 'execute' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/JSONRPC.py' (Logger.py|710)
[6] [Dec 28 21:22:17]      line 128 in 'waitForResult' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/Backend.py' (Logger.py|710)
[6] [Dec 28 21:22:17]      ==>>> Opsi timeout error: Timed out after 30 seconds ([Errno -2] Name or service not known) (error on server) (opsiconfd.py|808)
[3] [Dec 28 21:22:17] Execution error: Opsi timeout error: Timed out after 30 seconds ([Errno -2] Name or service not known) (error on server) (opsiconfd.py|809)
[7] [Dec 28 21:22:17] Sending compressed (level: 1) data (opsiconfd.py|945)
[7] [Dec 28 21:22:17] Freeing session <opsiconfd.opsiconfd.Session instance at 0xa94610c> (opsiconfd.py|407)
[7] [Dec 28 21:22:18] Now using log-file '/var/log/opsi/opsiconfd/10.0.0.150.log' for object 0xb05c94c (Logger.py|358)
[6] [Dec 28 21:22:18] Worker <opsiconfd.opsiconfd.WorkerOpsiJsonRpc instance at 0xb05c94c> started processing (opsiconfd.py|853)
[7] [Dec 28 21:22:18] Trying to get username and password from Authorization header (opsiconfd.py|413)
[7] [Dec 28 21:22:18] Authorization header found (type: basic) (opsiconfd.py|416)
[6] [Dec 28 21:22:18] Reusing session for client '10.0.0.150', application 'opsi linux bootimage 20101203' (opsiconfd.py|480)
[7] [Dec 28 21:22:18] Content-Type: MimeType('gzip-application', 'json-rpc', {}) (opsiconfd.py|627)
[7] [Dec 28 21:22:18] Expecting compressed data from client (opsiconfd.py|629)
[7] [Dec 28 21:22:18] Now using log-file '/var/log/opsi/opsiconfd/10.0.0.150.log' for object 0xb05cf0c (Logger.py|358)
[5] [Dec 28 21:22:18] -----> Executing: productOnClient_updateObjects(<ProductOnClient clientId 'test-kvo-w7.alfaprint.be', productId 'win7-x64', installationStatus 'None', actionRequest 'none'>) (opsiconfd.py|796)
[7] [Dec 28 21:22:18] ExtendedBackend <OPSI.Backend.BackendManager.BackendManager instance at 0xaa160cc>: executing 'productOnClient_updateObjects' on backend '<OPSI.Backend.BackendManager.BackendExtender instance at 0xadfdaac>' (Backend.py|392)
[7] [Dec 28 21:22:18] ExtendedBackend <OPSI.Backend.BackendManager.BackendExtender instance at 0xadfdaac>: executing 'productOnClient_updateObjects' on backend '<OPSI.Backend.BackendManager.BackendAccessControl object at 0xadd7dec>' (Backend.py|392)
[7] [Dec 28 21:22:18] ExtendedBackend <OPSI.Backend.HostControl.HostControlBackend instance at 0xadec26c>: executing 'productOnClient_updateObjects' on backend '<OPSI.Backend.Depotserver.DepotserverBackend instance at 0xada1d2c>' (Backend.py|392)
[7] [Dec 28 21:22:18] ExtendedBackend <OPSI.Backend.Depotserver.DepotserverBackend instance at 0xada1d2c>: executing 'productOnClient_updateObjects' on backend '<OPSI.Backend.Backend.ExtendedConfigDataBackend instance at 0xadb1bac>' (Backend.py|392)
[6] [Dec 28 21:22:18] Updating productOnClient '<ProductOnClient clientId 'test-kvo-w7.alfaprint.be', productId 'win7-x64', installationStatus 'None', actionRequest 'none'>' (Backend.py|2777)
[7] [Dec 28 21:22:18] Dispatching method 'productOnClient_getObjects' to backends: [u'jsonrpc'] (BackendManager.py|304)
[7] [Dec 28 21:22:18] Got productOnClients (Backend.py|2597)
[6] [Dec 28 21:22:18] ProductOnClient <ProductOnClient clientId 'test-kvo-w7.alfaprint.be', productId 'win7-x64', installationStatus 'None', actionRequest 'none'> exist, updating (Backend.py|2782)
[7] [Dec 28 21:22:18] Dispatching method 'productOnClient_getObjects' to backends: [u'jsonrpc'] (BackendManager.py|304)
[7] [Dec 28 21:22:19] Dispatching method 'productOnClient_insertObject' to backends: [u'jsonrpc'] (BackendManager.py|304)
[6] [Dec 28 21:22:49] Traceback: (Logger.py|710)
[6] [Dec 28 21:22:49]      line 802 in 'execute' in file '/usr/lib/pymodules/python2.6/opsiconfd/opsiconfd.py' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 1 in '<module>' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 1 in 'productOnClient_updateObjects' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 393 in '_executeMethod' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/Backend.py' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 1 in '<module>' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 1 in 'productOnClient_updateObjects' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 393 in '_executeMethod' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/Backend.py' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 1 in '<module>' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 1 in 'productOnClient_updateObjects' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 678 in '_executeMethod' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/BackendManager.py' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 1 in '<module>' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 1 in 'productOnClient_updateObjects' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 393 in '_executeMethod' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/Backend.py' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 1 in '<module>' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 1 in 'productOnClient_updateObjects' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 393 in '_executeMethod' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/Backend.py' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 1 in '<module>' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 2783 in 'productOnClient_updateObjects' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/Backend.py' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 2748 in 'productOnClient_updateObject' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/Backend.py' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 2740 in '_productOnClientUpdateOrCreate' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/Backend.py' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 1 in 'productOnClient_insertObject' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 309 in '_dispatchMethod' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/BackendManager.py' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 1 in '<module>' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 1 in 'productOnClient_insertObject' in file '<string>' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 582 in '_jsonRPC' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/JSONRPC.py' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 122 in 'execute' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/JSONRPC.py' (Logger.py|710)
[6] [Dec 28 21:22:49]      line 128 in 'waitForResult' in file '/usr/lib/pymodules/python2.6/OPSI/Backend/Backend.py' (Logger.py|710)
[6] [Dec 28 21:22:49]      ==>>> Opsi timeout error: Timed out after 30 seconds ([Errno -2] Name or service not known) (error on server) (opsiconfd.py|808)
[3] [Dec 28 21:22:49] Execution error: Opsi timeout error: Timed out after 30 seconds ([Errno -2] Name or service not known) (error on server) (opsiconfd.py|809)
[7] [Dec 28 21:22:49] Sending compressed (level: 1) data (opsiconfd.py|945)
[7] [Dec 28 21:22:49] Freeing session <opsiconfd.opsiconfd.Session instance at 0xa94610c> (opsiconfd.py|407)

Thanks,
Krgds
Koen.

[j.schneider]

Hi Koen,

it is important that:

• The configserver and the depotservers can communicate over port 4447/tcp in BOTH directions
• The configserver and the depotservers can resolve each others names and ips (DNS or /etc/hosts)

Greetings,
Jan

[Earwain]

Thanks!

In that case, we have some work to do, as the FQDN of the depot is not resolvable currently by the config server.

Will post update as soon as we have done this.

Wonderful support community, btw!

Krgds
Koen

[mansukhpatel]

Thanks!

In that case, we have some work to do, as the FQDN of the depot is not resolvable currently by the config server.

Will post update as soon as we have done this.

Wonderful support community, btw!

Krgds
Koen

Hi,

Did you have much joy with the above issues?

In my setup, I setup both the config server and depot server to be part of the same domain and added updated the host file with the names and IPs of the servers

After deploying the client agent and rebooting the client PC, I get the error below

Opsi authentication error: Forbidden: Backend authentication error: Host 'opsi-client1.opsi.local' not found in backend <OPSI.Backend.BackendManager.BackendManager instance at 0x91f0b2c> (error on server) (OpsiService.pyo|97)"

Have you go any thoughts on this?

[j.schneider]

Hi,

seems to be a problem occurred while opsi-client-agent installation.
Please post the opsi-client-agent.txt from c:\tmp