Skip to main content

Remediate may fail to start in offline mode

Clive Weir
  • Updated

If the Docker host is unable to reach its configured DNS server(s) then Remediate may fail to start in offline (-o, --offline) mode on that host.

Error messages and logs

Some services fail to initialize on start-up:

# docker-compose run remediate start -o --license-file license.json
Creating volume "v200_bootstrap_data" with default driver
Creating volume "v200_vr_certs" with default driver
Creating v200_remediate_run ... done
Creating network remediate_default
Creating service remediate_audit
Creating service remediate_frontdoor
Creating service remediate_vr
Creating service remediate_export
Creating service remediate_storage
Creating service remediate_ui
Creating service remediate_remote-edge
Creating service remediate_vault
Creating service remediate_controller
Creating service remediate_identity
Creating service remediate_licensing
Creating service remediate_edge
Creating service remediate_gopdp

         ,,,     ,,,            audit          [ healthy ]
  ,,,    ,,,     ,,,    ,,,     controller     [ healthy ]
  ,,,,,,,,,,,,,,,,,,,,,,,,,     edge           [ stopped ]
  ,,,,,,,,,,,,,,,,,,,,,,,,,     export         [ starting ]
                        ,,,     frontdoor      [ healthy ]
             ,,,,       ,,,     gopdp          [ stopped ]
          ,,,,,,,,,,    ,,,     identity       [ healthy ]
  ,,,,,,,,,,     ,,,    ,,,     licensing      [ healthy ]
  ,,,.....,,.    ,,,    ,,,     storage        [ healthy ]
  ,,,     ,,,,,,,,,,    ,,,     ui             [ starting ]
  ,,,,        ,,       ,,,,     vault          [ healthy ]
    ,,,,,,          ,,,,,       vr             [ healthy ]
       .,,,,,   ,,,,,.
           ,,,,,,,
              .

Waiting until services are healthy..

This message is observed in the Docker logs of the failed containers, indicating a timeout connecting to UDP port 53 which is commonly used for DNS:

2021-04-09T11:56:59.392038998Z ERRO[2021-04-09T11:56:59Z] failed to query provider "https://identity:8443/auth/realms/remediate": Get https://identity:8443/auth/realms/remediate/.well-known/openid-configuration: dial tcp: lookup identity on 127.0.0.11:53: read udp 127.0.0.1:37552->127.0.0.11:53: i/o timeout

Version and installation information

Product: Puppet Remediate

Version: 1.4, 2.0

Installation type: Offline installation (using -o, --offline flag)

Solution

Before starting Remediate in offline mode, in /etc/resolv.conf, if there are nameserver entries, ensure that at least one of them is reachable from the Docker host. Offline mode can continue to work with no nameserver entries. In /etc/resolv.conf, comment out or remove all unreachable nameservers entries.

Did this solve your problem?
0 out of 0 found this helpful

How can we improve this article?

0 comments

Please sign in to leave a comment.

Related articles