Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Update issue with NNA

https://support.nagios.com/forum/viewtopic.php?t=36597

Page 1 of 5

Update issue with NNA

Posted: Fri Jan 15, 2016 1:50 pm
by snapon_admin
I'm having this same issue again for some reason: https://support.nagios.com/forum/viewforum.php?f=32

Last time I basically shook my finger at it hard enough that it started working, but that's not helping this time. I've tried doing the update with the proxy on (unless there's somewhere I should be configuring that besides /etc/yum.conf), and with it on and neither works. There's also nothing in our firewall logs to suggest that the firewall is blocking this. Here's what I get with the proxy enabled:

Code: Select all

[root@lisl-ngna-01-pv nagiosna]# yum update      
Loaded plugins: fastestmirror
Setting up Update Process
Loading mirror speeds from cached hostfile
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=6&arch=x86_64&repo=os&infra=stock error was
14: PYCURL ERROR 7 - "couldn't connect to host"
Error: Cannot find a valid baseurl for repo: base
[root@lisl-ngna-01-pv nagiosna]# vi /etc/yum.conf
And here's with the proxy off (the setting that it should be):

Code: Select all

[root@lisl-ngna-01-pv nagiosna]# yum update      
Loaded plugins: fastestmirror
Setting up Update Process
Loading mirror speeds from cached hostfile
Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=6&arch=x86_64&repo=os&infra=stock error was
14: PYCURL ERROR 7 - "Failed to connect to 2a02:2498:1:3d:5054:ff:fed3:e91a: Network is unreachable"
Error: Cannot find a valid baseurl for repo: base
Different errors, same issue. Thoughts?

Re: Update issue with NNA

Posted: Fri Jan 15, 2016 2:03 pm
by hsmith
yum.conf should do it unless you're using wget. Are you making sure the syntax is correct?

Code: Select all

proxy=http://xxx.xxx.xx.xx:8080
proxy_username=username
proxy_password=password
Really hard to say without seeing the exact configuration..

Are you making it through the proxy?

Code: Select all

curl http://www.google.com URL --proxy http://xxx.xxx.xx.xx:8080

Re: Update issue with NNA

Posted: Fri Jan 15, 2016 2:09 pm
by snapon_admin
Yeah syntax is good, but this server is in a location where it should not connect through our proxy. I can't seem to get to google either, with or without proxy. I can perform an update check with no issue, but that's as far out onto the internet I can get. Our firewall at this location is set up for logging this kind of thing too, and it's not spitting out anything indicating that there's a block there.

Code: Select all

[root@lisl-ngna-01-pv tmp]# curl http://www.google.com URL --proxy http://[PROXY REMOVED]:8080
curl: (7) couldn't connect to host
curl: (7) couldn't connect to host
[root@lisl-ngna-01-pv tmp]# curl http://www.google.com 
curl: (7) Failed to connect to 2607:f8b0:4009:808::2004: Network is unreachable

Re: Update issue with NNA

Posted: Fri Jan 15, 2016 2:11 pm
by hsmith
Didn't we have to add those IPs to your firewall awhile back? I'm surprised it's not logging, as this certainly seems like a firewall issue. You need the IP for the update checks, the IP for assets.nagios.com, and whatever the EPEL/base/update/extras repository is using. I don't have the specific IPs wrote down anywhere..

Re: Update issue with NNA

Posted: Fri Jan 15, 2016 3:13 pm
by snapon_admin
Looks like a couple of the IPs weren't in there for some reason. Did a tail on the NNA IP and found 2 denies. I added those to the ACL and now I'm getting this:

Code: Select all

[root@lisl-ngna-01-pv nagiosna]# ./upgrade
Loaded plugins: fastestmirror
Setting up Install Process
Loading mirror speeds from cached hostfile
Error: Cannot retrieve metalink for repository: epel. Please verify its path and try again
That looks like an issue on the server itself?

Re: Update issue with NNA

Posted: Fri Jan 15, 2016 3:19 pm
by rkennedy
Just to clarify - are you running IPV6 in your environment, if so - is it on the NNA machine and the proxy?

Re: Update issue with NNA

Posted: Fri Jan 15, 2016 3:21 pm
by snapon_admin
No IPv6 here.

Re: Update issue with NNA

Posted: Fri Jan 15, 2016 3:40 pm
by hsmith
Can we see the config file your ethernet interface?

Code: Select all

/etc/sysconfig/network-scripts/ifcfg-whatever

Re: Update issue with NNA

Posted: Mon Jan 18, 2016 1:20 pm
by snapon_admin

Code: Select all

[root@lisl-ngna-01-pv nagiosna]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=static
DHCPCLASS=
HWADDR=00:50:56:8d:10:4f
IPADDR=10.245.128.169
NETMASK=255.255.255.0
GATEWAY=10.245.128.1
ONBOOT=YES

Re: Update issue with NNA

Posted: Mon Jan 18, 2016 3:25 pm
by tgriep
Let's clear out the repo cache and try the upgrade again. Run the following as root on the system and then try the upgrade.

Code: Select all

yum clean all
Sometimes the yum cache needs to be rebuilt / cleaned out.
All times are UTC-05:00
Page 1 of 5

Powered by phpBB® Forum Software © phpBB Limited