Internal Errigal Collaboration Wiki

User Tools

Site Tools

Trace: dealing_with_emails
toolsandtechnologies:trouble-shooting

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
toolsandtechnologies:trouble-shooting [2021/06/25 10:09] – external edit 127.0.0.1toolsandtechnologies:trouble-shooting [2023/05/15 12:43] (current) 10.91.110.100
Line 1: Line 1:
-====== New RDF Trouble-shooting Tips and Guides ====== +====== New RDF Troubleshooting Tips and Guides ====== 
-**Please document any issues and common solutions here**+ 
 +===Invalid Access Token=== 
 + 
 +This error can be seen in any number of the MDC applications, mainly the MDC translator, tracker and orchestrator. This is due to the access token being incorrect for connection to the orchestrator. You can check the validity of the token [[https://jwt.io/|here]]. You can paste the jwt token in here to see what username is being used. If there has been a reinit or the data was copied from another environment, the token may need to be regenerated. Check the orchestrator.agent table for the correct agent username to generate with. You can generate it using the orchestrator, following the inscructions [[http://wiki.err/doku.php?id=toolsandtechnologies:rdf_server_setup&s[]=generate&s[]=token|here]]. 
 + 
 +Once the token is generated, you will need to update the env-configuration repo with the new token and reconfigure the MDC apps to use it. 
 + 
 +<code> 
 +ansible-playbook -i ../env-configuration/<env>/hosts.ini --diff mdc-translator.yml --extra-vars "actions='stop,configure,deploy,stop,start'" --vault-d @prompt 
 +ansible-playbook -i ../env-configuration/<env>/hosts.ini --diff tracker.yml --extra-vars "actions='stop,configure,deploy,stop,start'" --vault-d @prompt 
 +ansible-playbook -i ../env-configuration/<env>/hosts.ini --diff orchestrator.yml --extra-vars "actions='stop,configure,deploy,stop,start'" --vault-d @prompt 
 +ansible-playbook -i ../env-configuration/<env>/hosts.ini --diff idms-proxy.yml --extra-vars "actions='stop,configure,deploy,stop,start'" --vault-d @prompt 
 +</code> 
 + 
 +You may need to add new user roles for the agent. To check if the agent has the correct permissions, run the below query. 
 + 
 +<code> 
 +select r.from user_role ur  
 +join orchestrator.agent a on ur.user_id = a.id  
 +join orchestrator.role r on ur.role_id = r.id  
 +where a.username like '<agent_username>'; 
 +</code> 
 + 
 +I found that the agent needs the below 3 roles if they are missing: 
 + 
 +<code> 
 +INSERT into orchestrator.user_role  
 +values ((select id from orchestrator.agent where username = '<agent_username>'), 
 +(select id from orchestrator.role where role.role = 'NMS')); 
 + 
 +INSERT into orchestrator.user_role  
 +values ((select id from orchestrator.agent where username = '<agent_username>'), 
 +(select id from orchestrator.role where role.role = 'ADMIN')); 
 + 
 +INSERT into orchestrator.user_role  
 +values ((select id from orchestrator.agent where username = '<agent_username>'), 
 +(select id from orchestrator.role where role.role = 'AGENT')); 
 +</code> 
 + 
 +Also, check the snmp_manager.orchestrator_access_credentials to see if it's using the incorrect login details. 
 + 
 + 
 +===MDC Translator Path Invalid=== 
 + 
 +<code> 
 +2023-03-22 06:01:56.447 ERROR 4061 --- [http-nio-8079-exec-847] c.e.r.config.security.PermissionMap      : path: /api/v1/agent/version/latest did not match any routes/permissions 
 +</code> 
 + 
 +If the above error is found in the orchestrator logs but doesn't complain about an invalid token or permissions, it's possible that the mdc_translator redirect is missing from the nginx config.  
 + 
 +Log into the <env>lbdbrmq environment.  
 + 
 +<code>sudo vi /etc/nginx/conf/nginx.conf</code>  
 + 
 +Check if the below example config are in there.  
 + 
 +<code> 
 +  upstream translators { 
 +          server <oat1_ip_address>:8101; 
 +          server <oat2_ip_address>:8101; 
 +      } 
 + 
 +    location /mdc-translator { 
 +                proxy_pass http://translators/mdc-translator; 
 +    } 
 +</code> 
 + 
 +If it's missing, you can run the nginx playbook in deployment playbooks to reconfigure it or add it in manually and restart the nginx service. 
 + 
 +<code>ansible-playbook -i ../env-configuration/<env>/hosts.ini ../setup-nginx.yml --diff --vault-id @prompt</code> 
 + 
 + 
 +===Missing Database=== 
 + 
 +<code>2023-05-15 07:38:59.324 ERROR 29667 --- [task-1411] com.zaxxer.hikari.pool.HikariPool        : HikariPool-1712 - Exception during pool initialization. 
 + 
 +java.sql.SQLNonTransientConnectionException: Could not create connection to database server. Attempted reconnect 3 times. Giving up. 
 +Caused by: com.mysql.cj.exceptions.CJException: Unknown database 'devatc' 
 +</code> 
 + 
 +This could happen after a reinit. There is a unique database in the MDC database, usually named after the environment, as above. This isn't normally reinited as it can be quite large. To fix, create the appropriate database. 
 + 
 +<code>CREATE DATABASE devatc;</code> 
 + 
 +===Login Issue=== 
 + 
 +Some of the applications are reporting that you do not have permissions or they rediect to other applications. This could be caused by userprofile authorization_client not having the correct client id for ticketer or access credentials. These details are encrypted so are not handled by the transform scripts. 
 + 
 +To check the client code, check the env-configuration repo under app_vars.ticketer.auth.clientId. Compare this to the uuid of the userprofile.authorization_client for the ticketer. If's is different, update the uuid in userprofile. 
 + 
 +Also, check the access credentials for the applcations. Each application has a database connection at: 
 + 
 +https://env.errigal.com/userprofile/application/list 
 + 
 +Update the data username and data password using the UI, so that it gets encrypted in the database.
toolsandtechnologies/trouble-shooting.1624612196.txt.gz · Last modified: 2021/06/25 10:09 by 127.0.0.1

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki