[Bro] Cluster setup
hiren panchasara
hiren.panchasara at gmail.com
Tue Oct 29 11:16:42 PDT 2013
On Tue, Oct 29, 2013 at 11:04 AM, hiren panchasara
<hiren.panchasara at gmail.com> wrote:
> On Tue, Oct 29, 2013 at 10:50 AM, hiren panchasara
> <hiren.panchasara at gmail.com> wrote:
>> On Tue, Oct 29, 2013 at 10:09 AM, hiren panchasara
>> <hiren.panchasara at gmail.com> wrote:
>>> On Mon, Oct 28, 2013 at 11:50 PM, Daniel Thayer <dnthayer at illinois.edu> wrote:
>>>> Did you verify that you can ssh from host-A to host-B without
>>>> having to type a password?
>>> Just set that up.
>>
>> Ah, I realized that I had to do this as "root" because broctl is run as root :-)
>>
>> Set that up and now:
>>
>> [BroControl] > install
>> removing old policies in
>> /usr/local/spool/installed-scripts-do-not-touch/site ... done.
>> removing old policies in
>> /usr/local/spool/installed-scripts-do-not-touch/auto ... done.
>> creating policy directories ... done.
>> installing site policies ... done.
>> generating cluster-layout.bro ... done.
>> generating local-networks.bro ... done.
>> generating broctl-config.bro ... done.
>> updating nodes ... warning: host 10.73.149.31 is not alive
>> done.
>> [BroControl] > check
>> manager is ok.
>> proxy-1 is ok.
>> worker-1 is ok.
>> [BroControl] > start
>> starting manager ...
>> starting proxy-1 ...
>> starting worker-1 ...
>> worker-1 terminated immediately after starting; check output with "diag"
>>
>> [BroControl] > diag worker-1
>> [worker-1]
>>
>> ==== No reporter.log
>>
>> ==== stderr.log
>> error in /usr/local/share/bro/base/frameworks/cluster/__load__.bro,
>> line 16: can't open cluster-layout
>>
>> ==== stdout.log
>> unlimited
>> 536870912
>> unlimited
>>
>> ==== .cmdline
>> -i bce1 -U .status -p broctl -p broctl-live -p local -p worker-1
>> local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto
>>
>> ==== .env_vars
>> PATH=/usr/local/bin:/usr/local/share/broctl/scripts:/sbin:/bin:/usr/sbin:/usr/bin:/usr/games:/usr/local/sbin:/usr/local/bin:/home/y/bin:/root/bin
>> BROPATH=/usr/local/spool/installed-scripts-do-not-touch/site::/usr/local/spool/installed-scripts-do-not-touch/auto:/usr/local/share/bro:/usr/local/share/bro/policy:/usr/local/share/bro/site
>> CLUSTER_NODE=worker-1
>>
>> ==== .status
>> TERMINATED [atexit]
>>
>> ==== No prof.log
>>
>> ==== No packet_filter.log
>>
>> ==== No loaded_scripts.log
>> [BroControl] >
>>
>>
>> Trying to determine what is causing this.
>
> I am not able to find/understand what is causing this problem.
Alright, So its looking for a file: cluster-layout.bro
I could see that on manager node at:
/usr/local/spool/installed-scripts-do-not-touch/auto/
But it was not available on same location in worker-1 node. (please
let me know if there is a better way to this)
I scp'ed that file there and then
[BroControl] > install
[BroControl] > start
worked.
top also shows all the nodes: manager, proxy-1 and worker-1 active.
Now is time for actual traffic.
Cheers,
Hiren
More information about the Bro
mailing list