RabbitMQ Erlang: erlang_cookie_sources Effective user: (none) - rabbitmq

On Windows my RabbitMQ works via the localhost:15672 but I can't reach it otherwise. I have the same content in both .erlang.cookie. I think I have an unexpected return of this command .\rabbitmq-diagnostics.bat erlang_cookie_sources :
(none) should be rabbitmq and the file path has \ and / ? And my RabbitMQ isn't reacheable. Any ideas to change the Effective user, the file path and what to check for my RabbitMQ ? .\rabbitmqctl.bat status is obviously on error.
NB: I installed with both methods Windows installer and Chocolatey and it doesn't change anything, the same error.

Related

Configuration of Running Redis Instance in Swisscom CloudFoundry

I am trying to read the configuration of the running Redis instance. I want to better understand how Redis is configured, especially in regard to persistence settings.
I have successfully connected to the running Redis instance (SSH tunnel) and try to execute the following command:
CONFIG GET *
CONFIG GET appendonly
However, I get the message
ERR unknown command 'CONFIG'
If I invoke the command "CONFIG GET" without any parameters I get the message
Invalid input argument for command: 'CONFIG GET', passed 0 arguments, must be in range 1 - 1
So the command is known. Seems to be a permission issue!? Is there a way to get the configuration?
The current Redis offering (march 2019) has the following settings for persistency:
appendonly yes
appendfsync everysec
It runs with 2 replicas.
Please note that this allies to the current service offering of Swisscom and might change in the future.

Issue installing virtualmin in vps

Trying to install Virtualmin in my new Ubuntu Xenial vps, executing install.sh, I get the following error:
[... up to here all fine..]
Processing triggers for dovecot-core (1:2.2.22-1ubuntu2.2) ...
Job for dovecot.service failed because the control process exited with error cod e. See "systemctl status dovecot.service" and "journalctl -xe" for details.
invoke-rc.d: initscript dovecot, action "restart" failed.
dpkg: error processing package dovecot-core (--configure):
subprocess installed post-installation script returned error exit status 1
Processing triggers for libapache2-mod-php7.0 (7.0.8-0ubuntu0.16.04.3) ...
Errors were encountered while processing:
dovecot-core
FATAL - Fatal Error Occurred: Something went wrong during installation: 0
FATAL - Cannot continue installation.
FATAL - Attempting to remove virtualmin repository configuration, so the install ation can be
FATAL - re-attempted after any problems have been resolved.
FATAL - Removing temporary directory and files.
FATAL - If you are unsure of what went wrong, you may wish to review the log
FATAL - in /root/virtualmin-install.log
I have installed virtualmin in other vps and did not have such issue before. I meet the same issue in this vps also if I change operating system. What could I do to solve? Thanks
I wanted to install virtualmin on Ubuntu 16.04; I met same issues (as in your log); the error is quite cryptic and unexpected; virtualmin setup worked flawlessly in other vps.
A particular thing of my new vps is that ipv6 is not supported; it is probably the same in your case. Working on this information I made virtualmin work as expected, with the following steps:
fresh install of Ubuntu 16.04
apt-get install dovecot-common dovecot-imapd dovecot-pop3d
(these packages are the part related to dovecot for Ubuntu, taken from virtualmin install.sh). This gave issues.
Then edited: /etc/dovecot/dovecot.conf file.. uncommenting the line "listen = *, ::" and setting it to "listen = *" (listen just to ipv4 instead of also ipv6)
then again "apt-get install dovecot-common dovecot-imapd dovecot-pop3d", to check that installation finely completes.
install virtualmin: "/bin/sh install.sh"
service apache2 restart
In /etc/hosts comment the rows related to ipv6 (those with ::)
remove the "ipv6=1" line from /etc/webmin/miniserv.conf
/etc/init.d/webmin restart (now webmin should be up and working at https://yourip:10000)
I've tried these steps to install VirtualMin on my VPS Ubuntu 16.04. I am damn sure it will work for you.
Here are some prerequisites of the VirtualMin on Ubuntu:
-> You must have a new Ubuntu VPS or system with at 1 GB RAM.
-> You must have root access or access to a user with Sudo privileges.
-> A valid hostname set on your server’s primary IP address.
-> Two registered custom nameservers for Virtualmin.
Steps:
Step 1: Update your system with the latest available version:
Linux command: apt-get update
Step 2: Set Hostname and FQDN:
For Virtualmin to work properly, you need to configure the hostname and FQDN on the server itself by editing the /etc/hostname and /etc/hosts files, as well as update your DNS settings so DNS lookups resolve properly.
Linux command: hostname
To change the hostname for your server, open the file /etc/hostname in your editor:
Linux command: sudo nano /etc/hostname
Delete the current hostname and replace it with your hostname:
Use just the hostname, not the entire FQDN, in this file. For example, if your FQDN is demo.yourdomainname.com, enter demo in this file.
Save the file and exit the editor.
Next, add both the hostname and FQDN in the /etc/hosts file:
Linux command: sudo nano /etc/hosts
Modify the line that starts with 127.0.0.1 to use your FQDN and hostname, in that order:
127.0.1.1 your_hostname.your_domain.com your_hostname
127.0.0.1 localhost
...
Remember to replace your_hostname and your_domain.com with your own hostname and domain name. Save the file and exit the editor.
To check if the name has been changed correctly, reboot your server.
Linux command: sudo reboot
Step 3: Download and install Virtualmin
To install Virtualmin, download and run the official Virtualmin installation script, which will install Virtualmin, and Webmin, along with a LAMP stack, BIND, and Postfix.
Use wget to download the script:
Linux command: wget http://software.virtualmin.com/gpl/scripts/install.sh -O /tmp/virtualmin-install.sh
After the Virtualmin script has been downloaded successfully, we will go for the execution of the script. For that, first we will have to make the script file executable by running the following chmod command:
Linux command: chmod +x /tmp/virtualmin-install.sh
Once the file is made executable, we will go further towards running it using a shell. Enter the following command in the terminal to install Virtualmin through script.
Linux command: sh /tmp/virtualmin-install.sh
The script will give a warning message about existing data and compatible operating systems. Press y to confirm that you want to continue the installation.
The installation process may take a few minutes to complete all the steps as it installs various software packages and components.
Step 4: Configuring Webmin Using The Post-Installation Wizard
To configure Webmin, we'll use its web-based Post-Installation Wizard. Open your web browser and navigate to https://your_server_ip:10000. You can also use your fully-qualified domain name to access the site.
Note: Your browser may show a "Your connection is not secure" or "Your connection is not private" warning since Virtualmin uses a self-signed certificate. This warning is normal. You can ignore it.
Next, we'll need to enter the root username and password which is same as of the Linux system's to get access to the Web-based Control Panel of VirtualMin.
Once you have logged in, you'll see the Introduction screen stating that you are going through the steps to configure Virtualmin. Press Next to continue.
On the Memory use screen, select No for Preload Virtual Libraries, because you don't need to run the Virtual User interface all the time. Select Yes for Run email domain lookup server to enable faster mail processing. Press Next to continue.
On the Virus scanning screen, select No for Run ClamAV server scanner so you'll use less RAM. Press Next to continue.
On the Spam filtering screen, select No for Run SpamAssassin server filter and press Next to continue.
On the Database servers screen, select Yes to Run MySQL database server because MySQL server is widely used and supported by most applications, and no to Run PostgreSQL database server. Press Next to continue.
On the MySQL password screen, enter your desired MySQL root password. It should be different from the root password you used to log in to Webmin.
Select Yes if you’d like to remove the test MySQL database
Select Yes if you’d like to remove the anonymous MySQL user
On the MySQL database size screen, select the RAM option that matches the amount of RAM your server has. For a 1GB server, select Large system (1G) on which MySQL is heavily used. Press Next to continue.
On the Nameserver screen, Enter your primary and secondary nameservers which you configured in the prerequisites. If you haven't set these up, check the Skip check for resolvability box to avoid error message and proceed. Press Next to continue.
On the Password storage mode screen, select Store plain-text passwords if you must support password recovery. Otherwise, choose Only store hashed passwords. Here we have chosen plain-text passwords as an example. Press Next to continue.
you will see the All done screen. Click Next to end.
You may see a message stating that Virtualmin's configuration has not been checked. Click the Re-check and refresh the configuration button to check your Virtualmin configuration. Address any errors that the check reports. This process may take a few minutes to complete.
Congratulations! Your server is now configured.

rabbtimqadmin - Could not connect: [Errno -2] Name or service not known

I have RabbitMQ installed on a CentOS 5.x server which I use for message passing between my programs. I've installed rabbitmqadmin following the directions on https://www.rabbitmq.com/management-cli.html and have used it on my servers in the past.
From what I can tell it looks like this particular server is misconfigured. My web-searches have failed me on trying to get more information on how to troubleshoot this issue.
The error:
[root#server ~]# python26 /usr/local/bin/rabbitmqadmin list nodes
*** Could not connect: [Errno -2] Name or service not known
[root#server ~]#
I have tried several different rabbitmqadmin commands and they give the same result. If I run the command without the extra params it displays the normal help dialog. I have this setup and working on several other servers.
Any idea on what the root issue is? If not, anyway to get more details, like verbose?
Update:
I just tried to check the version of rabbitmq and its yielding an error too:
[root#server ~]# rabbitmqctl status
Status of node rabbit#server ...
Error: unable to connect to node rabbit#server: nodedown
DIAGNOSTICS
===========
attempted to contact: [rabbit#server]
rabbit#server:
* connected to epmd (port 4369) on server
* epmd reports node 'rabbit' running on port 25672
* TCP connection succeeded but Erlang distribution failed
* suggestion: hostname mismatch?
* suggestion: is the cookie set correctly?
current node details:
- node name: rabbitmqctl25451#server
- home dir: /var/lib/rabbitmq
- cookie hash: WXaeZT7XXm13naagfRX5cg==
[root#server ~]#
I'm going to see if I can find something from this... I find this weird because the server is passing messages fine and can be monitored through the web console.
Erlang version:
[root#server rabbitmq]# erl -eval 'erlang:display(erlang:system_info(otp_release)), halt().' -noshell
"R14B04"
[root#server rabbitmq]#
Rabbitmq Version:
[root#server rabbitmq]# python26 /usr/local/bin/rabbitmqadmin --version
rabbitmqadmin 3.3.5
[root#server rabbitmq]#
After much digging and frustration, I found my problem... I'm posting the solution in case anyone else has a similar experience
Previously, I found that if you setup RabbitMQ on a linux server then change the hostname that it can break some of the rabbit configuration.
The awesome part about this problem is that someone changed the name of the server from all capital letters to lowercase...
I've solve this one of two ways:
Solution 1:
Revert the host name back to the previous name. So that rabbitmq references with the appended server name work again.
Solution 2:
If you want to keep the server name change, then you can create a rabbitmq-env.conf files in /etc/rabbitmq like:
NODENAME=rabbit#OLDHOSTNAME
If you aren't sure what your previous name was, you can reference it by doing an ls in your /var/lib/rabbitmq/mnesia/ folder. You'll then see a folder that matches the nodename you need to specify.
Reference: https://www.rabbitmq.com/man/rabbitmq-env.conf.5.man.html
UPDATE:
Host name is CaSE SeNSiTIve... had someone change a hostname on me and the only difference was the case... so took a while to notice...
Yesterday I've lost a few hours with this same problem and it was in a fresh install, so the problem was that the erlang cookie from my user and root user was different than the one from rabbitmq user.
Find out the HOME for the user rabbitmq:
# cat /etc/passwd | grep rabbitmq
Check if the cookies differs from each other:
# vimdiff /var/lib/rabbitmq/.erlang.cookie ~/.erlang.cookie
If they are different, copy the cookie from rabbitmq for the user that you want to have access to the server:
# cp /var/lib/rabbitmq/.erlang.cookie ~/.erlang.cookie
References:
rabbitmqctl status says "TCP connection succeeded but Erlang distribution failed"
How Nodes (and CLI tools) Authenticate to Each Other: the Erlang Cookie

RabbitMQ 3.3.1 can not login with guest/guest

I have installed the latest version of RabbitMQ on a VPS Debian Linux box. Tried to get login through guest/guest but returned with the message login failed. I did a little research and found that for security reason its prohibited to get login via guest/guest remotely.
I also have tried enabling guest uses on this version to get logged in remotely by creating a rabbitmq.config file manually (because the installation didn't create one) and placing the following entry only
[{rabbit, [{loopback_users, []}]}].
after restart the rabbitmq with the following command.
invoke-rc.d rabbitmq-server stop -- to stop
invoke-rc.d rabbitmq-server start -- to start
It still doesn't logged me in with guest/guest. I also have tried installing RabbitMQ on Windows VPS and tried to get log in via guest/guest through localhost but again i get the same message login failed.
Also provide me a source where I could try installing the old version of RabbitMQ that does support logging remotely via guest/guest.
I had the same Problem..
I installed RabbitMQ and Enabled Web Interface also but still couldn't sign in with any user i newly created, this is because you need to be administrator to access this.
Do not create any config file and mess with it..
This is what i did then,
Add a new/fresh user, say user test and password test:
rabbitmqctl add_user test test
Give administrative access to the new user:
rabbitmqctl set_user_tags test administrator
Set permission to newly created user:
rabbitmqctl set_permissions -p / test ".*" ".*" ".*"
That's it, enjoy :)
I tried on Debian the same configuration with the following steps:
Installed RabbitMQ.
Enabled the web-management plug-in (not necessary).
When I tried to login I had the same error:
So I created a rabbitmq.config file (classic configuration file) inside the /etc/rabbitmq directory with the following content (notice the final dot):
[{rabbit, [{loopback_users, []}]}].
Alternatively, one can create instead a rabbitmq.conf file (new configuration file) inside the same directory with the following content:
loopback_users = none
Then I executed the invoke-rc.d rabbitmq-server start command and both the console and the Java client were able to connect using the guest/guest credentials:
So I think you have some other problem if this procedure doesn't work. For example your RabbitMQ might be unable to read the configuration file if for some reason you have changed the RABBITMQ_CONFIG_FILE environment variable.
This is a new features since the version 3.3.0. You can only login using guest/guest on localhost. For logging from other machines or on ip you'll have to create users and assign the permissions. This can be done as follows:
rabbitmqctl add_user test test
rabbitmqctl set_user_tags test administrator
rabbitmqctl set_permissions -p / test ".*" ".*" ".*"
Adding the below line in the config file and restarting the server worked for me. Kindly try in your setup.
loopback_users.guest = false
I got this line from the example RabbitMQ config file from Github as linked here.
notice: check your PORT is 15672 ! (version > 3.3 ) if 5672 not works
First of all, check the "choosen answer above":
rabbitmqctl add_user test test
rabbitmqctl set_user_tags test administrator
rabbitmqctl set_permissions -p / test ".*" ".*" ".*"
and if still can't make connection work, check if your port is correct!
for me, this command works:
$ rabbitmqadmin -H 10.140.0.2 -P 15672 -u test -p test list vhosts
+------+----------+
| name | messages |
+------+----------+
| / | |
+------+----------+
for the completed ports , check this:
What ports does RabbitMQ use?
to verify your rabbit mq server, check this: Verify version of rabbitmq
p.s.
For me, after I created the "test" user and run set_user_tags, set_permissions , I can't connect to rabbitmq via port 5672. but I can connect via 15672.
However, port 15672 always gives me a "blank response". and my code stop working.
so about 5 minutes later, I switched to 5672, everything worked!
Very wired problem. I have no time to dig deeper. so I wrote it down here for someone meeting the same problems.
for other guys which use Ansible for RabbitMQ provisioning, what I missed for rabbitmq_user module was tags: administrator
here is my working Ansible configuration to recreate "guest" user (for development environment purpose, don't do that in production environment):
- name: Create RabbitMQ user "guest"
become: yes
rabbitmq_user:
user: guest
password: guest
vhost: /
configure_priv: .*
read_priv: .*
write_priv: .*
tags: administrator
force: yes # recreate existing user
state: present
and I also had to setup a file /etc/rabbitmq/rabbitmq.config containing the following:
[{rabbit, [{loopback_users, []}]}].
in order to be able to log using "guest"/"guest" from outside of localhost
#Create rabbitmq.conf file with
rabbitmq.conf
loopback_users = none
Dockerfile:
FROM rabbitmq:3.7-management
#Rabbitmq config
COPY rabbitmq.conf /etc/rabbitmq/rabbitmq.conf
#Install vim (edit file)
RUN ["apt-get", "update"]
RUN ["apt-get", "-y", "install", "vim"]
#Enable plugins rabbitmq
RUN rabbitmq-plugins enable --offline rabbitmq_mqtt rabbitmq_federation_management rabbitmq_stomp
Run:
$ docker build -t my-rabbitmq-image .
$ docker run -d --hostname my-rabbit --name some-rabbit -p 8080:15672 my-rabbitmq-image
Check that the rabbitmq.conf file has been copied correctly.
$ docker exec -it my_container_id /bin/bash
$ vim /etc/rabbitmq/rabbitmq.conf
I had the same problem. I tried what was suggested by Gas and ran "invoke-rc.d rabbitmq-server start" it didn't start. I tried to reboot the server and the webui worked with the guest user. Maybe after adding the rabbitmq.config file, something else also needed to started.
I used rabbitmq version 3.5.3.
One more thing to note: if you're using AWS instance then you need to open inbound port 15672. (The port for RabbitMQ versions prior to 3.0 is 55672.).
Students and I stared at this problem for an hour. Be sure you've named your files correctly. In the /etc/rabbitmq directory, there are two distinct files. There is an /etc/rabbitmq/rabbitmq.config file which you should edit to get the loopback users as described, but there is another file called rabbitmq-env.conf file. Many folks were using tab completion and just adding "ig", which isn't the right file. Double check!
sometimes you don't need the comma , which is there in the configuration file by default , if nothing else is configured below rabbit tag , while starting broker
we will get a crash
like
{loopback_users, []} , I spend many times hours forgetting this and later removing the comma , it is applicable for all other configurations including SSL
Try restart your rabbitmq and login again, for me work.
For a slightly different use, but might be useful for anyone dealing with accessing the API for monitoring purposes:
I can confirm the answer given by #Oliboy50 works well, however make sure you enable it for each vhost you want the user to be able to monitor, such as:
permissions:
- vhost: "{{item.name}}"
configure_priv: .*
write_priv: .*
read_priv: .*
state: present
tags: management
with_items: "{{user_system_users}}"
With this loop I was able to get past the "401 Unauthorized" error when using the API for any vhost.
By default, the guest user is prohibited from connecting from remote hosts; it can only connect over a loopback interface (i.e. localhost). This applies to connections regardless of the protocol. Any other users will not (by default) be restricted in this way.
It is possible to allow the guest user to connect from a remote host
by setting the loopback_users configuration to none
# DANGER ZONE!
#
# allowing remote connections for default user is highly discouraged
# as it dramatically decreases the security of the system. Delete the user
# instead and create a new one with generated secure credentials.
loopback_users = none
Or, in the classic config file format (rabbitmq.config):
%% DANGER ZONE!
%%
%% Allowing remote connections for default user is highly discouraged
%% as it dramatically decreases the security of the system. Delete the user
%% instead and create a new one with generated secure credentials.
[{rabbit, [{loopback_users, []}]}].
See at "guest" user can only connect from localhost
TIP: It is advisable to delete the guest user or at least change its password to reasonably secure generated value that won't be known to the public.
If you will check the log file under info report you will get this.
`config file(s) : /etc/rabbitmq/rabbitmq.config (not found)`.
Change the config file permission using below command then login using guest , it will work
sudo chmod 777 /etc/rabbitmq/rabbitmq.config

fabric appears to start apache2 but doesn't

I'm using fabric to remotely start a micro aws server, install git and a git repository, adjust apache config and then restart the server.
If at any point, from the fabfile I issue either
sudo('service apache2 restart') or run('sudo service apache2 restart') or a stop and then a start, the command apparently runs, I get the response indicating apache has started, for example
[ec2-184-73-1-113.compute-1.amazonaws.com] sudo: service apache2 start
[ec2-184-73-1-113.compute-1.amazonaws.com] out: * Starting web server apache2
[ec2-184-73-1-113.compute-1.amazonaws.com] out: ...done.
[ec2-184-73-1-113.compute-1.amazonaws.com] out:
However, if I try to connect, the connection is refused and if I ssh into the server and run
sudo service apache2 status it says that "Apache is NOT running"
Whilst sshed in, if run
sudo service apache start, the server is started and I can connect. Has anyone else experienced this? Or does anyone have any tips as to where I could look, in log files etc to work out what has happened. There is nothing in apache2/error.log, syslog or auth.log.
It's not that big a deal, I can work round it. I just don't like such silent failures.
Which version of fabric are you running?
Have you tried to change the pty argument (try to change shell too, but it should not influence things)?
http://docs.fabfile.org/en/1.0.1/api/core/operations.html#fabric.operations.run
You can set the pty argument like this:
sudo('service apache2 restart', pty=False)
Try this:
sudo('service apache2 restart',pty=False)
This worked for me after running into the same problem. I'm not sure why this happens.
This is an instance of this issue and there is an entry in the FAQ that has the pty answer. Unfortunately on CentOS 6 doesn't support pty-less sudo commands and I didn't like the nohup solution since it killed output.
The final entry in the issue mentions using sudo('set -m; service servicename start'). This turns on Job Control and therefore background processes are put in their own process group. As a result they are not terminated when the command ends.
When connecting to your remotes on behalf of a user granted enough privileges (such as root), you can manage system services as shown below:
from fabtools import service
service.restart('apache2')
https://fabtools.readthedocs.org/en/0.13.0/api/service.html
P.S. Its requires the installation of fabtools
pip install fabtools
Couple of more ways to fix the problem.
You could run the fab target with --no-pty option
fab --no-pty <task>
Inside fabfile, set the global environment variable always_use_pty to False, before your target code executes
env.always_use_pty = False
using pty=False still didn't solve it for me. The solution that ended up working for me is doing a double-nohup, like so:
run.sh
#! /usr/bin/env bash
nohup java -jar myapp.jar 2>&1 &
fabfile.py
...
sudo("nohup ./run.sh &> nohup.out", user=env.user, warn_only=True)
...