000038539 - NWSETUP-TUI mistakenly run on the RSA NetWitness Platform Admin Server

Document created by RSA Customer Support Employee on Mar 10, 2020Last modified by RSA Customer Support Employee on Jul 30, 2020
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000038539
Applies ToRSA Product Set: NetWitness Platform
RSA Product/Service Type: NetWitness Platform/Nw Admin Server
RSA Version/Condition: 11.3.x
Platform: CentOS
O/S Version: EL7
Issue
Note: To view the article in a demo format for more insights please click the below link, NWSETUP-TUI mistakenly run on the RSA NetWitness Platform Admin Server - EduTube Video.



Upgrade fails for any node.

Running upgrade using CLI on the NetWitness Admin Server results in a similar error as below:
 

[2020-02-28T23:11:21+00:00] <98045> (ERROR) Command line upgrade can only be executed on the NW Server (please re-run from the NW Server).

Missing /var/netwitness/common/repo/ folder - no repo files


Running orchestration-cli update-admin-node on the NetWitness Admin server fails with errors.
 
Causenwsetup-tui was run by mistake on the NetWitness Admin node

Usually happens when user has the habit of doing ssh from the head unit connecting to the other hosts. Sometimes thinking they are already ssh'd to the target host, and run nwsetup-tui to initiate the node configuration. 
ResolutionOn the NetWitness Admin server (nw-node-zero):
  • Re-create the repo folders, and copy/unzip the update files.
  • Re-create /etc/netwitness/platform/resolv.dnsmasq file with correct DNS server.
  • Edit the /etc/netwitness/platform/nw-node-type to show 'node-zero'.
  • Ensure in mongo db that the nw-node-zero host UUID has the parameter -  "node-zero" : true.
  • Run orchestration-cli-client --update-admin-node until there are no errors and it completes successfully.
WorkaroundTo re-create the repo folder and files:
  • Download the corresponding NetWitness update packages, for example, netwitness-11.3.0.2.zip, netwitness-11.3.2.0.zip from RSA Link.
    • Up to and depending on your current version
  • SCP/Copy the zip files to a temp directory on your NetWitness Admin with enough filesystem disk space

  • Manually create the corresponding repository directories:
    mkdir -p /var/netwitness/common/repo/11.3.0.2/OS
    mkdir -p /var/netwitness/common/repo/11.3.0.2/RSA

    mkdir -p /var/netwitness/common/repo/11.3.2.0/OS
    mkdir -p /var/netwitness/common/repo/11.3.2.0/RSA

     
  • Unzip the NetWitness update packages to their corresponding repository directories.

  • Restore the file from backup, depends if you have taken a backup previously.  It should be in /var/netwitness/backup/files/etc/netwitness/platform/resolv.dnsmasq.tgz.
     tar -xvzf /var/netwitness/backup/files/etc/netwitness/platform/resolv.dnsmasq.tgz -C /etc/netwitness/platform/

    Or just re-create the file again using vi,  /etc/netwitness/platform/resolv.dnsmasq with the correct DNS entries.
     
  • Using vi, edit the /etc/netwitness/platform/nw-node-type file to show 'node-zero' instead of 'node-x'

  • Ensure in mongo db that the nw-node-zero host UUID has the parameter -  "node-zero" : true
    Sample:
     

    On node-zero ssh:
    # cat /etc/salt/minion   ---note the UUID of node-zero
    # mongo admin -u deploy_admin 
    Enter password:
    > show dbs
    > use orchestration-server
    > show collections
    >  db.host.find({_id:"ba847be4-afca-4df4-beca-e6df7ac3a228"}).pretty()
    {
            "_id" : "ba847be4-afca-4df4-beca-e6df7ac3a228",
            "hostname" : "192.168.2.102",
            "displayName" : "nwadmin1",
            "version" : {
                    "major" : 11,
                    "minor" : 3,
                    "servicePack" : 1,
                    "patch" : 1,
                    "snapshot" : false,
                    "rawVersion" : "11.3.1.1"
            },
            "thirdParty" : false,
            "installedServices" : [
                    "AdminServer"
            ],
            "meta" : {
                    "node-zero" : true
            },
            "_class" : "com.rsa.asoc.orchestration.host.HostEntity"
    }
    >
    > exit


    Note: If value "node-zero" : false" is seen, contact RSA Support for assistance.

  • Run the command 'orchestration-cli-client --update-admin-node' until there are no errors and it completes successfully.


 

Attachments

    Outcomes