[Bro] Cluster setup

Daniel Thayer dnthayer at illinois.edu
Tue Oct 29 11:01:28 PDT 2013


Exit from broctl, then verify that you can ping the
worker machine from the manager machine.  If that works,
then do another "broctl install" and make sure you
don't see any error or warning messages.


On 10/29/2013 12:50 PM, hiren panchasara wrote:
> On Tue, Oct 29, 2013 at 10:09 AM, hiren panchasara
> <hiren.panchasara at gmail.com> wrote:
>> On Mon, Oct 28, 2013 at 11:50 PM, Daniel Thayer <dnthayer at illinois.edu> wrote:
>>> Did you verify that you can ssh from host-A to host-B without
>>> having to type a password?
>> Just set that up.
>
> Ah, I realized that I had to do this as "root" because broctl is run as root :-)
>
> Set that up and now:
>
> [BroControl] > install
> removing old policies in
> /usr/local/spool/installed-scripts-do-not-touch/site ... done.
> removing old policies in
> /usr/local/spool/installed-scripts-do-not-touch/auto ... done.
> creating policy directories ... done.
> installing site policies ... done.
> generating cluster-layout.bro ... done.
> generating local-networks.bro ... done.
> generating broctl-config.bro ... done.
> updating nodes ... warning: host 10.73.149.31 is not alive
> done.
> [BroControl] > check
> manager is ok.
> proxy-1 is ok.
> worker-1 is ok.
> [BroControl] > start
> starting manager ...
> starting proxy-1 ...
> starting worker-1 ...
> worker-1 terminated immediately after starting; check output with "diag"
>
> [BroControl] > diag worker-1
> [worker-1]
>
> ==== No reporter.log
>
> ==== stderr.log
> error in /usr/local/share/bro/base/frameworks/cluster/__load__.bro,
> line 16: can't open cluster-layout
>
> ==== stdout.log
> unlimited
> 536870912
> unlimited
>
> ==== .cmdline
> -i bce1 -U .status -p broctl -p broctl-live -p local -p worker-1
> local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto
>
> ==== .env_vars
> PATH=/usr/local/bin:/usr/local/share/broctl/scripts:/sbin:/bin:/usr/sbin:/usr/bin:/usr/games:/usr/local/sbin:/usr/local/bin:/home/y/bin:/root/bin
> BROPATH=/usr/local/spool/installed-scripts-do-not-touch/site::/usr/local/spool/installed-scripts-do-not-touch/auto:/usr/local/share/bro:/usr/local/share/bro/policy:/usr/local/share/bro/site
> CLUSTER_NODE=worker-1
>
> ==== .status
> TERMINATED [atexit]
>
> ==== No prof.log
>
> ==== No packet_filter.log
>
> ==== No loaded_scripts.log
> [BroControl] >
>
>
> Trying to determine what is causing this.
>
> cheers,
> Hiren
>




More information about the Bro mailing list