Change IP fog Server : unable to change Node storage and TFTP IP
-
@matthieu-jacquart I was going to suggest to get your fog server working to update the database by hand.
It would be also interesting to know if you would inspect the apache or pfp-fpm error logs in /var/log to see if either are throwing an error when you try to update via the web ui. Maybe we find a clue why the update is not working via the web ui too.
-
@george1421 I’ll try to update database by hand.
With Web ui, I found this in logs / apache2 / other_vhosts_access.log
192.168.10.60:80 192.168.10.100 - - [31/Mar/2022:11:21:07 +0200] "POST /fog/status/getservertime.php HTTP/1.1" 200 703 "http://192.168.10.60/fog/management/index.php?node=storage&sub=edit&id=8" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0" 192.168.10.60:80 192.168.10.100 - - [31/Mar/2022:11:21:08 +0200] "POST /fog/management/index.php?node=storage&sub=edit&id=8 HTTP/1.1" 200 735 "http://192.168.10.60/fog/management/index.php?node=storage&sub=edit&id=8" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0"And into table “history” :
[2022-03-31 11:21:08] StorageNode ID: 8 NAME: Fog has been successfully updated.Spoiler alert : it’s not
Edit : Do I have to use –recreate-CA and –recreate-keys after I change ip ?
-
@matthieu-jacquart From the log file you provided that is only the access side. There should be
<something>error.logfor both apache and php-fpm.As for the certificate I don’t know. I would think its not necessary to regenerate the certificate unless it used the IP address in the common name when creating the certificate. But that is more of a question for a developer.
-
@george1421 ok, I’ll try in few days to change ip and modify database by hand.
There is a file error.log for apache2 but with no error for this problem. -
@matthieu-jacquart said in Change IP fog Server : unable to change Node storage and TFTP IP:
Do I have to use –recreate-CA and –recreate-keys after I change ip ?
No, you should not have to so this. The installer will regenerate the certificate nevertheless but it won’t touch the CA - which is not the same thing!!
Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)
Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG
-
@sebastian-roth OK thanks, so it could be usefull to update wiki page ?
https://docs.fogproject.org/en/latest/reference/change_fog_server_ip_address.htmlRerun the installer, you’ll need to use –recreate-CA and –recreate-keys keys as the installer provides a certificate with a Common Name based on the ip which will be shipped in the iPxe kernel and failed to load any https resources as the certificate isn’t valid anymore. -
So i change my server ip, modify the 4 ip by hand, everything works fine !
I didn’t use –recreate-CA and –recreate-keys keys and in folder snapin/ssl ca.cnf is updated with the new ip but req.cnf kept old ip.
I don’t think it will be a problem.Matthieu
-
@matthieu-jacquart So just to be clear if you don’t touch the certificates and only update the IP address as I mentioned everything is OK now?
Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!
-
@matthieu-jacquart said in Change IP fog Server : unable to change Node storage and TFTP IP:
I didn’t use –recreate-CA and –recreate-keys keys and in folder snapin/ssl ca.cnf is updated with the new ip but req.cnf kept old ip.
That is an interesting point. Looks like req.cnf and the certificate request file are not being re-generated unless --recreate-keys is specified. I am not sure why but I think we should change this behavior by moving that part out of the if-clause (code reference). What do you think?
-
@george1421 Exactly ! I changed server +.fogsettings ip (+ 4 ip in database by hand…) and everything is fine (ip in default.ipxe changed automatically)
@sebastian-roth for information :
- ca.cnf (with new ip)
[v3_ca] subjectAltName = @alt_names [alt_names] IP.1 = 192.168.10.52 DNS.1 = FOG.lycee.nd- req.cnf (kept old ip) :
[req] distinguished_name = req_distinguished_name req_extensions = v3_req prompt = yes [req_distinguished_name] CN = 192.168.10.60 [v3_req] subjectAltName = @alt_names [alt_names] IP.1 = 192.168.10.60 DNS.1 = FOG.lycee.nd
