[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
20210108: Conduit 3 connectivity issues with National Weather Service (cont.)
- Subject: 20210108: Conduit 3 connectivity issues with National Weather Service (cont.)
- Date: Fri, 08 Jan 2021 10:16:39 -0700
Hi Tony,
re:
>Okay, we totally 'flubbed' that one. We didn't see a time zone in the first
>email and we defaulted to EST.
OK, this may have been my fault as well.
re:
>I think we will need to look for times next
>week and make sure we agree on MST for whatever times you suggest. :) Sorry
>for the confusion.
I think that we could meet today between 13:30 and 14:30 EST if
that still works for you all. One of us has, our LDM developer, has
another meeting schedule for 12:30 MST, so he would have to leave
the meeting if it did not conclude by the time his other meeting
is scheduled to start.
Cheers,
Tom
>On Fri, Jan 8, 2021 at 4:10 PM Unidata User Support <
>address@hidden> wrote:
>
>> Hi Tony,
>>
>> re:
>> >Sorry for the late reply, it took some time to coordinate all our teams.
>>
>> I know what you mean! :-)
>>
>> re:
>> >Are you still able to support 1330 today?
>>
>> I am pretty sure that everyone on the Unidata side is still available
>> to meet today at 13:30 MST. Since everyone is CCed on this email, they
>> will be alerted and should chime in if anything has changed wrt their
>> schedule.
>>
>> What are you proposing for the meeting? We routinely do Google Meets,
>> and some of us do Zooms. I have done WebExs on various occasions, but
>> I can't speak for others in Unidata.
>>
>> Cheers,
>>
>> Tom
>>
>> >On Wed, Jan 6, 2021 at 8:15 PM Unidata User Support <
>> >address@hidden> wrote:
>> >
>> >> Hi Tony, Raymond and others,
>> >>
>> >> re:
>> >> >We have reports of your group not being able to connect with our
>> conduit3
>> >> >(test conduit) system.
>> >>
>> >> That is correct. All of my attempts to contact the LDM running on your
>> >> conduit3 machine have failed in exactly the same way - it does not
>> appear
>> >> that the connection that the LDM utility 'notifyme' is attempting is
>> >> making it to the LDM on conduit3. Our experience in situations like
>> >> this is that there is one or more blocks to the transaction attempt
>> >> between our machine(s) and conduit3. We can guarantee that we are _not_
>> >> blocking outbound traffic to port 388 on remote machines.
>> >>
>> >> re:
>> >> >Our networking and infrastructure groups have
>> >> >performed exhaustive testing on our side to no avail.
>> >>
>> >> Since our machine conduit.unidata.uxar.edu is allowed to REQUEST feeds
>> >> from the NCEP CONDUIT relay cluster, conduit.ncep.noaa.gov, it would
>> >> seem that one or more of the following is true:
>> >>
>> >> - there is a firewall setting on conduit3 that is blocking inbound
>> >> traffic on port 388
>> >>
>> >> - there is some extra security software running on conduit 3 that
>> >> is preventing the LDM on conduit3 from forking a new process to
>> >> handle the feed REQUESTs that were sent to it by all of the three
>> >> machines that we have tried to connect with (lead.unidata.ucar.edu,
>> >> atm.ucar.edu, conduit.unidata.ucar.edu)
>> >>
>> >> - there is a firewall/security perimeter setting upstream from
>> >> conduit3 that is blocking connection attempts to port 388
>> >> on conduit3
>> >>
>> >> The following may not have anything to do with the problem, but I will
>> >> add it anyway:
>> >>
>> >> We have recently had extensive exchanges with NOAA personnel in SPC
>> >> who reported a very strange situation being experienced on one of their
>> >> NOAAPort ingest machines. The symptoms of the problem were that the LDM
>> >> NOAAPort ingest module, noaaportIngester could not fork a new process.
>> >> It was eventually discovered that a RedHat security package that had
>> >> been installed on one of the two SPC NOAAPort ingest machines via an
>> >> RPM was causing the problem. The package in question was the RHSM
>> >> insights-client. An SPC system administrator discovered that when the
>> >> 'insights-client' was turned off, the LDM and NOAAPort ingest would
>> >> work correctly. If the 'insights-client' was turned back on, the LDM
>> >> and NOAAPort ingest would continue to work, but, if the LDM was then
>> >> stopped and restarted the NOAAPort ingest would not work.
>> >>
>> >> So, the question to your system administrator(s) is if the RHSM
>> >> 'insights-client' is installed and running on conduit3.
>> >>
>> >> Like I said, this may be a total red herring for the situation at hand.
>> >>
>> >> re:
>> >> >We would like to set
>> >> >up a time when your network and infrastructure group could join a
>> >> >call/tele-conference so we can collaborate on fixing this connectivity
>> so
>> >> >you are able to again receive data from the test system. Please let us
>> >> know
>> >> >your availability and we will schedule something.
>> >>
>> >> Looking that everyone's schedule for the rest of the week, I see that
>> >> there are two blocks of time where three of us from Undiata can meet:
>> >>
>> >> Friday, January 8 09:45 - 11:30
>> >> Friday, January 8 13:30 - 16:00
>> >>
>> >> If Friday doesn't work for your folks, please let us know when you could
>> >> Meet (or WebEx or Zoom) next week.
>> >>
>> >> Cheers,
>> >>
>> >> Tom Yoksas
>> >> Unidata User Support
>> >> --
>> >> ********************************************************************** <
>> >> Unidata User Support UCAR Unidata Program <
>> >> (303)497-8643 P.O. Box 3000 <
>> >> address@hidden Boulder, CO 80307
>> <
>> >> ---------------------------------------------------------------------- <
>> >> Unidata Web Support http://www.unidata.ucar.edu/support
>> <
>> >> ---------------------------------------------------------------------- <
>> >>
>> >
>> >
>> >--
>> >Tony Salemi - IT Specialist
>> >NCEP Central Operations
>> >Dataflow Analyst
>> >Contracting Officer Technical Representative
>> >5830 University Research Ct. Suite 1028
>> >College Park, MD 20740
>> >301-683-3908
>>
>> --
>> ********************************************************************** <
>> Unidata User Support UCAR Unidata Program <
>> (303)497-8643 P.O. Box 3000 <
>> address@hidden Boulder, CO 80307 <
>> ---------------------------------------------------------------------- <
>> Unidata Web Support http://www.unidata.ucar.edu/support <
>> ---------------------------------------------------------------------- <
>>
>
>
>--
>Tony Salemi - IT Specialist
>NCEP Central Operations
>Dataflow Analyst
>Contracting Officer Technical Representative
>5830 University Research Ct. Suite 1028
>College Park, MD 20740
>301-683-3908
>
>--0000000000008e63b905b866a2be
>Content-Type: text/html; charset="UTF-8"
>Content-Transfer-Encoding: quoted-printable
>
><div dir=3D"ltr"><div>Tom,</div><div><br></div><div>Okay, we totally 'f=
>lubbed' that one. We didn't see a time zone in the first email and =
>we defaulted to EST. I think we will need to look for times next week and m=
>ake sure we agree on MST for whatever times you suggest. :) Sorry for the c=
>onfusion. <br></div></div><br><div class=3D"gmail_quote"><div dir=3D"ltr" c=
>lass=3D"gmail_attr">On Fri, Jan 8, 2021 at 4:10 PM Unidata User Support <=
>;<a href=3D"mailto:address@hidden";>address@hidden</a>&g=
>t; wrote:<br></div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0p=
>x 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hi Ton=
>y,<br>
><br>
>re:<br>
>>Sorry for the late reply, it took some time to coordinate all our teams=
>.<br>
><br>
>I know what you mean! :-)<br>
><br>
>re:<br>
>>Are you still able to support 1330 today?<br>
><br>
>I am pretty sure that everyone on the Unidata side is still available<br>
>to meet today at 13:30 MST.=C2=A0 Since everyone is CCed on this email, the=
>y<br>
>will be alerted and should chime in if anything has changed wrt their<br>
>schedule.<br>
><br>
>What are you proposing for the meeting?=C2=A0 We routinely do Google Meets,=
><br>
>and some of us do Zooms.=C2=A0 I have done WebExs on various occasions, but=
><br>
>I can't speak for others in Unidata.<br>
><br>
>Cheers,<br>
><br>
>Tom<br>
><br>
>>On Wed, Jan 6, 2021 at 8:15 PM Unidata User Support <<br>
>><a href=3D"mailto:address@hidden"; target=3D"_blank">support@u=
>nidata.ucar.edu</a>> wrote:<br>
>><br>
>>> Hi Tony, Raymond and others,<br>
>>><br>
>>> re:<br>
>>> >We have reports of your group not being able to connect with o=
>ur conduit3<br>
>>> >(test conduit) system.<br>
>>><br>
>>> That is correct.=C2=A0 All of my attempts to contact the LDM runni=
>ng on your<br>
>>> conduit3 machine have failed in exactly the same way - it does not=
> appear<br>
>>> that the connection that the LDM utility 'notifyme' is att=
>empting is<br>
>>> making it to the LDM on conduit3.=C2=A0 Our experience in situatio=
>ns like<br>
>>> this is that there is one or more blocks to the transaction attemp=
>t<br>
>>> between our machine(s) and conduit3.=C2=A0 We can guarantee that w=
>e are _not_<br>
>>> blocking outbound traffic to port 388 on remote machines.<br>
>>><br>
>>> re:<br>
>>> >Our networking and infrastructure groups have<br>
>>> >performed exhaustive testing on our side to no avail.<br>
>>><br>
>>> Since our machine <a href=3D"http://conduit.unidata.uxar.edu"; rel=
>=3D"noreferrer" target=3D"_blank">conduit.unidata.uxar.edu</a> is allowed t=
>o REQUEST feeds<br>
>>> from the NCEP CONDUIT relay cluster, <a href=3D"http://conduit.nce=
>p.noaa.gov" rel=3D"noreferrer" target=3D"_blank">conduit.ncep.noaa.gov</a>,=
> it would<br>
>>> seem that one or more of the following is true:<br>
>>><br>
>>> - there is a firewall setting on conduit3 that is blocking inbound=
><br>
>>>=C2=A0 =C2=A0traffic on port 388<br>
>>><br>
>>> - there is some extra security software running on conduit 3 that<=
>br>
>>>=C2=A0 =C2=A0is preventing the LDM on conduit3 from forking a new p=
>rocess to<br>
>>>=C2=A0 =C2=A0handle the feed REQUESTs that were sent to it by all o=
>f the three<br>
>>>=C2=A0 =C2=A0machines that we have tried to connect with (<a href=
>=3D"http://lead.unidata.ucar.edu"; rel=3D"noreferrer" target=3D"_blank">lead=
>.unidata.ucar.edu</a>,<br>
>>>=C2=A0 =C2=A0<a href=3D"http://atm.ucar.edu"; rel=3D"noreferrer" tar=
>get=3D"_blank">atm.ucar.edu</a>, <a href=3D"http://conduit.unidata.ucar.edu=
>" rel=3D"noreferrer" target=3D"_blank">conduit.unidata.ucar.edu</a>)<br>
>>><br>
>>> - there is a firewall/security perimeter setting upstream from<br>
>>>=C2=A0 =C2=A0conduit3 that is blocking connection attempts to port =
>388<br>
>>>=C2=A0 =C2=A0on conduit3<br>
>>><br>
>>> The following may not have anything to do with the problem, but I =
>will<br>
>>> add it anyway:<br>
>>><br>
>>> We have recently had extensive exchanges with NOAA personnel in SP=
>C<br>
>>> who reported a very strange situation being experienced on one of =
>their<br>
>>> NOAAPort ingest machines.=C2=A0 The symptoms of the problem were t=
>hat the LDM<br>
>>> NOAAPort ingest module, noaaportIngester could not fork a new proc=
>ess.<br>
>>> It was eventually discovered that a RedHat security package that h=
>ad<br>
>>> been installed on one of the two SPC NOAAPort ingest machines via =
>an<br>
>>> RPM was causing the problem.=C2=A0 The package in question was the=
> RHSM<br>
>>> insights-client.=C2=A0 An SPC system administrator discovered that=
> when the<br>
>>> 'insights-client' was turned off, the LDM and NOAAPort ing=
>est would<br>
>>> work correctly.=C2=A0 If the 'insights-client' was turned =
>back on, the LDM<br>
>>> and NOAAPort ingest would continue to work, but, if the LDM was th=
>en<br>
>>> stopped and restarted the NOAAPort ingest would not work.<br>
>>><br>
>>> So, the question to your system administrator(s) is if the RHSM<br=
>>
>>> 'insights-client' is installed and running on conduit3.<br=
>>
>>><br>
>>> Like I said, this may be a total red herring for the situation at =
>hand.<br>
>>><br>
>>> re:<br>
>>> >We would like to set<br>
>>> >up a time when your network and infrastructure group could joi=
>n a<br>
>>> >call/tele-conference so we can collaborate on fixing this conn=
>ectivity so<br>
>>> >you are able to again receive data from the test system. Pleas=
>e let us<br>
>>> know<br>
>>> >your availability and we will schedule something.<br>
>>><br>
>>> Looking that everyone's schedule for the rest of the week, I s=
>ee that<br>
>>> there are two blocks of time where three of us from Undiata can me=
>et:<br>
>>><br>
>>> Friday, January 8 09:45 - 11:30<br>
>>> Friday, January 8 13:30 - 16:00<br>
>>><br>
>>> If Friday doesn't work for your folks, please let us know when=
> you could<br>
>>> Meet (or WebEx or Zoom) next week.<br>
>>><br>
>>> Cheers,<br>
>>><br>
>>> Tom Yoksas<br>
>>> Unidata User Support<br>
>>> --<br>
>>> ******************************************************************=
>**** <<br>
>>> Unidata User Support=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
>=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 UCAR Unidata Pr=
>ogram <<br>
>>> (303)497-8643=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
>=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 P.O. Box 3000 <<br>
>>> <a href=3D"mailto:address@hidden"; target=3D"_blank">supp=
>address@hidden</a>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =
>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0Boulder, CO 80307 &l=
>t;<br>
>>> ------------------------------------------------------------------=
>---- <<br>
>>> Unidata Web Support=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
>=A0 =C2=A0<a href=3D"http://www.unidata.ucar.edu/support"; rel=3D"noreferrer=
>" target=3D"_blank">http://www.unidata.ucar.edu/support</a>=C2=A0 <<br>
>>> ------------------------------------------------------------------=
>---- <<br>
>>><br>
>><br>
>><br>
>>-- <br>
>>Tony Salemi - IT Specialist<br>
>>NCEP Central Operations<br>
>>Dataflow Analyst<br>
>>Contracting Officer Technical Representative<br>
>>5830 University Research Ct. Suite 1028<br>
>>College Park, MD 20740<br>
>>301-683-3908<br>
><br>
>--<br>
>********************************************************************** <=
><br>
>Unidata User Support=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
> =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 UCAR Unidata Program <=
><br>
>(303)497-8643=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
> =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
>=A0 =C2=A0 =C2=A0 P.O. Box 3000 <<br>
><a href=3D"mailto:address@hidden"; target=3D"_blank">support@unida=
>ta.ucar.edu</a>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=
>=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0Boulder, CO 80307 <<br>
>---------------------------------------------------------------------- <=
><br>
>Unidata Web Support=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0<=
>a href=3D"http://www.unidata.ucar.edu/support"; rel=3D"noreferrer" target=3D=
>"_blank">http://www.unidata.ucar.edu/support</a>=C2=A0 <<br>
>---------------------------------------------------------------------- <=
><br>
></blockquote></div><br clear=3D"all"><br>-- <br><div dir=3D"ltr" class=3D"g=
>mail_signature"><div dir=3D"ltr"><div><div dir=3D"ltr"><div><div dir=3D"ltr=
>"><div><div dir=3D"ltr"><div><div dir=3D"ltr"><div><div dir=3D"ltr"><div><d=
>iv dir=3D"ltr"><div><div dir=3D"ltr"><div>Tony Salemi - IT Specialist</div>=
><div>NCEP Central Operations<br>Dataflow Analyst</div><div><span>Contractin=
>g Officer Technical Representative</span></div><div>5830 University Researc=
>h Ct. Suite 1028<br></div><div>College Park, MD 20740<br>301-683-3908<br></=
>div></div></div></div></div></div></div></div></div></div></div></div></div=
>></div></div></div></div>
>
>--0000000000008e63b905b866a2be--
>
--
********************************************************************** <
Unidata User Support UCAR Unidata Program <
(303)497-8643 P.O. Box 3000 <
address@hidden Boulder, CO 80307 <
---------------------------------------------------------------------- <
Unidata Web Support http://www.unidata.ucar.edu/support <
---------------------------------------------------------------------- <
NOTE: All email exchanges with Unidata User Support are recorded in the
Unidata inquiry tracking system and then made publicly available
through the web. If you do not want to have your interactions made
available in this way, you must let us know in each email you send to us.
