Hi all
I've been trying a multitude of different configurations to mongodump the database that gets installed automatically with DeadlineRepository-10.2.1.1-linux-x64-installer.run but I seem to fail already at the SSL handshake stage (at least I believe).
I installed the DeadlineRepository with the following command:
# ./DeadlineRepository-10.2.1.1-linux-x64-installer.run \
--mode unattended \
--prefix /opt/Thinkbox/DeadlineRepository10 \
--setpermissions true \
--dbtype MongoDB \
--installmongodb true \
--dbInstallationType downloadDB \
--dbLicenseAcceptance accept \
--mongodir /opt/Thinkbox/DeadlineDatabase10 \
--dbListeningPort 27100 \
--dbname deadline10db \
--secretsAdminName SecretsAdmin \
--secretsAdminPassword %ecretsPassw0rd! \
--requireSSL true \
--certgen_outdir /opt/Thinkbox/DeadlineDatabase10/certs \
--certgen_password 1234 \
--dbclientcert true \
--createX509dbuser true \
--installSecretsManagement true \
--importrepositorysettings false
The resulting certificates are placed as expected:
# ls -al /opt/Thinkbox/DeadlineDatabase10/certs/
total 24
drwxr-xr-x 2 root root 4096 Apr 4 23:24 .
drwxr-xr-x 4 root root 4096 Apr 4 23:24 ..
-r-------- 1 root root 1208 Apr 4 23:24 ca.crt
-r-------- 1 root root 3313 Apr 4 23:24 Deadline10Client.pfx
-r-------- 1 root root 2868 Apr 4 23:24 miniboss.farm.pem
-r-------- 1 root root 3026 Apr 4 23:24 mongo_client.pem
Also, the next step - installing DeadlineClient-10.2.1.1-linux-x64-installer.run works like a charm. I can confirm that Deadline Launcher successfully connects to the repository/RCS using the supplied arguments:
# ./DeadlineClient-10.2.1.1-linux-x64-installer.run \
--mode unattended \
--prefix /opt/Thinkbox/Deadline10 \
--setpermissionsclient true \
--repositorydir /opt/Thinkbox/DeadlineRepository10 \
--dbsslcertificate /opt/Thinkbox/DeadlineDatabase10/certs/Deadline10Client.pfx \
--dbsslpassword 1234 \
--InitializeSecretsManagementServer true \
--osUsername root \
--secretsAdminName SecretsAdmin \
--secretsAdminPassword %ecretsPassw0rd! \
--masterKeyName defaultKey \
--launcherdaemon true \
--enable-components proxyconfig \
--daemonuser root \
--connserveruser root \
--httpport 8080 \
--tlsport 4433 \
--enabletls true \
--proxyalwaysrunning true \
--tlscertificates generate \
--generatedcertdir /opt/Thinkbox/Deadline10/certs \
--clientcert_pass 4321
All connected clients can communicate successfully so far.
Now to the mongodump part:
I'm getting database-tools from https://www.mongodb.com/docs/database-tools/installation/installation-linux/
(compatible with version 4.4+. My assumption would be that the command I'd have to issue would look something like this:
/usr/bin/mongodump \
--port=27100 \
--ssl \
--sslPEMKeyFile=/opt/Thinkbox/DeadlineDatabase10/certs/mongo_client.pem \
--sslPEMKeyPassword=1234 \
--sslCAFile=/opt/Thinkbox/DeadlineDatabase10/certs/ca.crt \
--gzip \
--out=/root/mongo/dump_$(date -d "today" +"%Y-%m-%d_%H-%M-%S")
But I get nothing but timeouts. To be honest, I have no clue which certificate file is doing what as I have never dealt with encryption etc. I assume that the correct command arguments lie just in front of my eyes but I've been missing the right combination many, many times. Please help if you can spot something.
Cheers,
Michael
AWS OFFICIALUpdated 5 months ago
