Problems with CentOs 7 and MM 0.9.52

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Problems with CentOs 7 and MM 0.9.52

L4 Transporter

 

Hi guys,

 

I used to run standalone MM 0.9.50 with CentOS 7, perfectly. Last week I updated MM to 0.9.52 with the help of @lmori and the proccess was completed with success. See ( https://live.paloaltonetworks.com/t5/MineMeld-Discussions/Updating-MineMeld-from-0-9-50-to-the-lates... ).

 

However since the upload my MM doesn't work the same way. On my Dashboard is visible that my miner works fine, more than 90K indicators, but almost none of them ara available, less than 1K in the outputs (see figure below).

 

Captura_Minemeld_0_9_52_Dashboard.PNG

 

If we detailed the proccess, we see that the status of many nodes is "stopped". The number of indicators forwarded by the miners is high.

 

Captura_Minemeld_0_9_52_Nodes.PNG

 

 

The number of indicators forwarded by the aggregators is almost the same.

 

Captura_Minemeld_0_9_52_Nodes2.PNG

 

But the number of indicators available by the outputs is extrmely low.

 

Captura_Minemeld_0_9_52_Nodes3.PNG

 

Has anybody experienced something similar? How you dealed with the problem?

 

Best Regards.

40 REPLIES 40

Hi @StephenBradley,

could you elaborate? What error do you see?

TASK [minemeld : collectd types] ************************************************************************************************************************************************************************************************************
ok: [127.0.0.1]

TASK [minemeld : open https port] ***********************************************************************************************************************************************************************************************************
fatal: [127.0.0.1]: FAILED! => {"changed": true, "cmd": ["firewall-cmd", "--zone=public", "--add-service=https"], "delta": "0:00:00.396078", "end": "2019-03-01 08:33:12.260520", "msg": "non-zero return code", "rc": 252, "start": "2019-03-01 08:33:11.864442", "stderr": "FirewallD is not running", "stderr_lines": ["FirewallD is not running"], "stdout": "", "stdout_lines": []}

RUNNING HANDLER [minemeld : restart redis] **************************************************************************************************************************************************************************************************
to retry, use: --limit @/opt/minemeld-ansible/local.retry

PLAY RECAP **********************************************************************************************************************************************************************************************************************************
127.0.0.1 : ok=75 changed=36 unreachable=0 failed=1

Hi @lmori 

 

I followed the steps you indicated but I'm still getting an error:

 

Captura_error_ansible_minemeld.PNG

 

Have you ever experienced something similar?

Regards 

 

Did you delete the directory /opt/minemeld/prototypes before rerunning the playbook like Luigi (lmori) suggested?  That fixed my problem I was having with that issue.

 

steve

Hi @StephenBradley 

 

for sure. When updating I delete 

 

/opt/minemeld/prototypes

/opt/minemeld/engine

/opt/minemeld/www

 

Unhapply it did not work for me.

Regards

The error means that the webui repo had changes in it. Are you sure you deleted the /opt/minemeld/www directory before rerunning the playbook?

Check here for detailed instructions: https://github.com/PaloAltoNetworks/minemeld-ansible/tree/develop#upgrade-minemeld

 

Luigi

Hi @lmori 

 

I executed the procedure again. Now I got:

 

Captura_error_ansible_minemeld_2.PNG

 

I double checked the folder "minemeld" before start and minemeld/prototypes, minemeld/www and minemeld/engine were deleted.

 

Regards

 

 

That is a different error. CentOS7 you are installing on has SELinux disabled. You can comment out the first task of this Ansible playbook here: https://github.com/PaloAltoNetworks/minemeld-ansible/blob/master/roles/minemeld/tasks/CentOS-7-post....

 

Luigi

Hi @lmori 

 

Now I got it

 

Captura_error_ansible_minemeld_3.PNG

 

Regards

Hi @lmori 

 

I proceeded the same way. I commented the lines related to opening ports at the firewall. Now I got 0 errors.

 

Captura_error_ansible_minemeld_4.PNG

 

However, I'm not able to login at MM WEGUI, and the status shows a fatal "Error to Engine":

 

Captura_error_minemeld_status.PNG

 

I got in minemeld/log/minemeld-engine.log the following:

 

ERROR: Invalid config /opt/minemeld/local/config/committed-config.yml: Unknown node class youtubeminer.PlaylistMiner

 

How do I able an extension, since I'm not able to login.

 

Regards

 

Hi @lmori 

 

I removed MM from my server and started the installation from zero. I still got the "Fatal Error" for the engine when checking the status, and in my "minemeld-engine.log" I have:

 

Captura_minemeld_engine_0_9_60_log.PNG

 

I can confirm that I don't have " /var/run/redis/redis.sock".

In my MM WEBGUI I got "timeout" when trying to login.

Right now, I'm unable to use Minemeld.

Regards

 

Hi @lmori ,

 

the health of the system shows that the process "gunicorn" is probably in problem.

 

Captura_MM_top_health.PNG

 

Regards

Hi @lmori ,

 

could you explain me what the status "BACKOFF" means for "minemeld-web":

 

Captura_Minemeld_Web_log_status.PNG

 

Best regards

Thank you

 

 

 

I am still getting this error when following the directions on github.

 

 

TASK [minemeld : collectd types] *****************************************************************************************************************************************************************
ok: [127.0.0.1]

TASK [minemeld : open https port] ****************************************************************************************************************************************************************
fatal: [127.0.0.1]: FAILED! => {"changed": true, "cmd": ["firewall-cmd", "--zone=public", "--add-service=https"], "delta": "0:00:00.387290", "end": "2019-04-18 10:04:07.098549", "msg": "non-zero return code", "rc": 252, "start": "2019-04-18 10:04:06.711259", "stderr": "FirewallD is not running", "stderr_lines": ["FirewallD is not running"], "stdout": "", "stdout_lines": []}
to retry, use: --limit @/opt/minemeld-ansible/local.retry

PLAY RECAP ***************************************************************************************************************************************************************************************
127.0.0.1 : ok=75 changed=50 unreachable=0 failed=1

 

 

Hi @StephenBradley 

 

You can comment the next four tasks

 

#- name: open https port
#  command: firewall-cmd --zone=public --add-service=https
#- name: open http port
#  command: firewall-cmd --zone=public --add-service=http
#- name: open https port (permanent)
#  command: firewall-cmd --zone=public --permanent --add-service=https
#- name: open http port (permanent)
#  command: firewall-cmd --zone=public --permanent --add-service=http

This will allow you to complete the installation. Even executing this procedures, my MM is not working.

 

Regards

 

 

  • 20372 Views
  • 40 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!