Bug 1090453
| Summary: | If the agent is under firewall, Remote agent installation doesn't show the exception for end user | ||
|---|---|---|---|
| Product: | [Other] RHQ Project | Reporter: | Jeeva Kandasamy <jkandasa> |
| Component: | Core UI | Assignee: | John Mazzitelli <mazz> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Mike Foley <mfoley> |
| Severity: | urgent | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 4.11 | CC: | hrupp |
| Target Milestone: | GA | ||
| Target Release: | RHQ 4.11 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2014-07-21 10:13:58 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1070242 | ||
in order to test, I use this iptables command to block SSH traffic: iptables -I INPUT -p tcp --dport 22 -j DROP When I do this, and I just plainly do "ssh <my host>" from a normal bash command line shell, my shell hangs. It never returns to my prompt. This sounds like what is happening to RHQ too. The low-level TCP connection is hanging. So what I suspect might be happening is the TCP connection created by RHQ is just hanging waiting for the remote server to reply back but never does. Its, therefore, possible there is not much we can do. I will run some tests to see if there is something we can do about the low-level TCP connection hanging. Oh, wait a minute. I missed this part:
> 2. Try to install a agent on remote where the port(16163) is blocked by firewall on agent machine
I thought the agent machine's SSH port (22) was behind the firewall. But this is saying its the agent's own server-side port is blocked.
So the installation actually works. Its just the agent's own port is blocked.
Hmm.. I'll have to think about this. Because in a sense, the installation worked fine (its just as if you manually installed - the agent can install just fine). The problem is during the agent registration after it starts up.
I need to contemplate how best to handle this.
git commit to master: 6594868 if the agent's port appears down after the install, we'll pop up an error message in the UI telling the user something is wrong. Bulk closing of RHQ 4.11 issues, now that RHQ 4.12 is out. If you find an issue with those, please open a new BZ, linking to the old one. |
Description of problem: If the agent is under firewall, Remote agent installation doesn't show the exception for end user via GUI. We can see it in agent.log, ---------snap------------ 2014-04-23 16:42:44,159 ERROR [RHQ Agent Registration Thread] (org.rhq.enterprise.agent.AgentMain)- {AgentMain.agent-registration-rejected}The server has rejected the agent registration request. Cause: [org.rhq.core.clientapi.server.core.AgentRegistrationException:Server cannot ping the agent's endpoint. The agent's endpoint is probably invalid or there is a firewall preventing the server from connecting to the agent. Endpoint: socket://10.70.35.78:16163/?rhq.communications.connector.rhqtype=agent&numAcceptThreads=1&maxPoolSize=303&clientMaxPoolSize=304&socketTimeout=60000&enableTcpNoDelay=true&backlog=200] ---------snap------------ Version-Release number of selected component (if applicable): Version : 4.11.0-SNAPSHOT Build Number : 1bc9904 GWT Version : 2.5.0 SmartGWT Version : 3.0 Version-Release number of selected component (if applicable): How reproducible: always Steps to Reproduce: 1. Navigate to "Administration-->Agents-->New" 2. Try to install a agent on remote where the port(16163) is blocked by firewall on agent machine Actual results: There is no exception in GUI Expected results: Same or similar exception should be indicated via gui for end user