SAM Add New Cluster Failed.

Question

Question

Michael Jobe · Jan 26, 2021

#AWS #Monitoring #SAM - System Alerting and Monitoring #InterSystems IRIS

I installed a community version of Intersystems IRIS in a Large AWS EC2 instance to do some testing. I installed SAM and when I try to "Add a new cluster" I receive the following: "ERROR #5005: Cannot open file '/config/prometheus/isc_tmp_yml_file.yml'"

Screen shot included here: https://share.getcloudapp.com/RBu4K5yv

Product version: IRIS 2020.1

Discussion (6)1

Log in or sign up to continue

Matthew Simpson · Dec 21, 2021

I ran into this same issue and it turned out to be the selinux was set to enforcing, and that prevented the file system writes.

The file /config/prometheus/isc_tmp_yml_file.yml seems to be a temp file that is used during the creation of a new cluster. However, with selinux enforcing, it may be that there would be other file write issues.

To verify the issue was selinux, I used "docker exec -it <container> bash" to connect to bash on the iris container that start.sh started. Once there I used "touch /config/prometheus/isc_tmp_yml_file.yml" to attempt to create the file and it failed.

I then exited bash and used setenforce 0 to temporarily change selinux from enforcing to premissive and retried the touch and it was successful. At that point I was able to continue with the creation of a cluster in SAM.

I have not looked into what policies would need to be created to enable SAM to run with selinux enforcing, but that will be necessary before deploying into production unless the cluster can operate without issue after configuration, in which case, perhaps configuration can be done with selinux set to permissive and then returned to enforcing for operations.

0 0

score 0 · Answer 1 · 2021-01-26T21:46:37-05:00

is this the right place to post this? I'm looking for assistance and want to make sure I am posting in the right place. Thanks.

score 0 · Answer 2 · 2021-01-27T04:42:55-05:00

Hi @Michael Jobe

Yes, you can post here or open a WRC ticket.

The error usually denotes a privilege issue. I see that the file name is not the default we ship the product with. That is isc_prometheus.yml. Also the file should have privileges set to 764 or rwxrw-r---

Another important thing would be to use the start.sh script that checks for the correct privileges on directories and files.

Let us know how you get on.

Thanks

score 0 · Answer 3 · 2021-01-29T19:51:39-05:00

The start.sh script was used to start the services, the stop.sh to stop them

The SAM solution was installed 4x on 4 EC instances, each one received the same error and clusters could not be created.

There is an isc_prometheus.yml file in the directory which by the default installation did not have 764 permissions. I set the permissions to 764 and restarted the services and the same error is received. Documentation is a bit light but I followed the instructions. Has this worked for others as documented?

score 0 · Answer 4 · 2021-02-03T15:32:46-05:00

I will pull down the latest version of SAM when available and retest this, I'll take steps to document each step. It's entirely possible I'm making a mistake in my deployments that is causing consistent failures, if so I imagine that would be helpful to know.

score 0 · Answer 5 · 2021-12-20T18:13:36-05:00

Gary Lusso · Dec 20, 2021

I had the same issue. I reinstalled.

0 0