Skip to content
  • There are no suggestions because the search field is empty.

NWSETUP-TUI mistakenly run on the RSA NetWitness Platform Admin Server

Issue

Note: The following steps will be explained with NW version 11.3.x for reference

Upgrade fails for any node.

Running an upgrade using CLI on the NetWitness Admin Server results in a similar error as below:
 
[2020-02-28T23:11:21+00:00] <98045> (ERROR) Command line upgrade can only be executed on the NW Server (please re-run from the NW Server).

Missing /var/netwitness/common/repo/ folder - no repo files

Running orchestration-cli-client update-admin-node on the NetWitness Admin server fails with errors.

Cause

nwsetup-tui was run by mistake on the NetWitness Admin node

Usually happens when user has the habit of doing ssh from the head unit connecting to the other hosts. Sometimes thinking they are already ssh'd to the target host, and run nwsetup-tui to initiate the node configuration.

Workaround

To re-create the repo folder and files:
  • Download the corresponding NetWitness update packages, for example, netwitness-11.3.0.2.zip, netwitness-11.3.2.0.zip from RSA Link.
    • Up to and depending on your current version
  • SCP/Copy the zip files to a temp directory on your NetWitness Admin with enough filesystem disk space
  • Manually create the corresponding repository directories:
    mkdir -p /var/netwitness/common/repo/11.3.0.2/OS
    mkdir -p /var/netwitness/common/repo/11.3.0.2/RSA

    mkdir -p /var/netwitness/common/repo/11.3.2.0/OS
    mkdir -p /var/netwitness/common/repo/11.3.2.0/RSA
     
  • Unzip the NetWitness update packages to their corresponding repository directories.
  • Restore the file from backup, depends if you have taken a backup previously.  It should be in /var/netwitness/backup/files/etc/netwitness/platform/resolv.dnsmasq.tgz.
     tar -xvzf /var/netwitness/backup/files/etc/netwitness/platform/resolv.dnsmasq.tgz -C /etc/netwitness/platform/

    Or just re-create the file again using vi,  /etc/netwitness/platform/resolv.dnsmasq with the correct DNS entries.
     
  • Using vi, edit the /etc/netwitness/platform/nw-node-type file to show 'node-zero' instead of 'node-x'
  • Ensure in mongo db that the nw-node-zero host UUID has the parameter -  "node-zero" : true
    Sample:
     
    On node-zero ssh:
    # cat /etc/salt/minion   ---note the UUID of node-zero
    # mongo admin -u deploy_admin 
    Enter password:
    > show dbs
    > use orchestration-server
    > show collections
    >  db.host.find({_id:"ba847be4-afca-4df4-beca-e6df7ac3a228"}).pretty()
    {
            "_id" : "ba847be4-afca-4df4-beca-e6df7ac3a228",
            "hostname" : "192.168.2.102",
            "displayName" : "nwadmin1",
            "version" : {
                    "major" : 11,
                    "minor" : 3,
                    "servicePack" : 1,
                    "patch" : 1,
                    "snapshot" : false,
                    "rawVersion" : "11.3.1.1"
            },
            "thirdParty" : false,
            "installedServices" : [
                    "AdminServer"
            ],
            "meta" : {
                    "node-zero" : true
            },
            "_class" : "com.rsa.asoc.orchestration.host.HostEntity"
    }
    >
    > exit

    Note: If value "node-zero" : false" is seen, contact RSA Support for assistance.
  • Run the command 'orchestration-cli-client --update-admin-node' until there are no errors and it completes successfully.



Resolution

On the NetWitness Admin server (nw-node-zero):
  • Re-create the repo folders, and copy/unzip the update files.
  • Re-create /etc/netwitness/platform/resolv.dnsmasq file with correct DNS server.
  • Edit the /etc/netwitness/platform/nw-node-type to show 'node-zero'.
  • Ensure in mongo db that the nw-node-zero host UUID has the parameter -  "node-zero" : true.
  • Run orchestration-cli-client --update-admin-node until there are no errors and it completes successfully.

Product Details

RSA Product Set: NetWitness Platform
RSA Product/Service Type: NetWitness Platform/Nw Admin Server
RSA Version/Condition: 11.x, 12,x
Platform: CentOS
O/S Version: EL7

Summary

When nwsetup-tui is run by accident on the NetWitness Admin Server, it wipes out the entire repo folder (/var/netwitness/common/repo/) on the head unit and changes the node-type of the node-zero to node-x, rendering all upgrade attempts impossible and causes other instability issues on the head unit. It also deletes the file /etc/netwitness/platform/resolv.dnsmasq, which is used by orchestration to implement DNS resolution to an external DNS server.


Approval Reviewer Queue

Technical approval queue