Hi,
I have the following architecture (10.4.0.2 from 10.3.4):
- One Security Analytics appliance
- One hybrid appliance (log collector / decoder / concentrator)
- One Remote Log collector VM) on a customer site
- Its IP is NAT'ed from the Security Analytics Appliance
- The IP of the Security Analytics appliance is NAT'ed from this Log collector
The provisioning of the Remote Log collector fails because the IP of the SA is not the NAT'ed IP in /etc/mcollective/server.cfg and this configuration file is always override by the puppet agent.
How override the sa_server value on the Security Analytics(Puppet Master) for this Log Collector ?
(I guess that's in the mongodb node definition..)
1: Manually change the IP address in csr_attributes.yaml file.
2: Change the value for sa server IP parameter to actual IP in following file on SA server:
/etc/puppet/modules/mcollective/templates/server.erb
change the value for plugin.rabbitmq.pool.1.host = <actual IP> instead of parameter and save the file.,
This is the file that gets deployed.
Now once you change this, actual SA IP that should be used will get deployed instead of NAT'ed IP.