When you are using Deadline's feature "Secrets Management" and the Worker log (accessible from the right click menu of the Worker> Connect to Worker logs) throws an error like below:
2020-11-09 15:07:13: POST https://10.128.2.4:4433/rcs/v1/getSecret returned Forbidden ""Access denied."" (Deadline.Net.Clients.Http.DeadlineHttpRequestException) 2020-11-09 15:07:13: at Deadline.Net.Clients.Http.HttpClient.b(HttpRequestMessage bpf) 2020-11-09 15:07:13: at Deadline.Net.Clients.Http.HttpClient.SendRequestForStream(String method, String uri, String contentType, Dictionary`2 headers, HttpContent httpContent) 2020-11-09 15:07:13: at Deadline.Net.Clients.Http.HttpClient.SendRequest(String method, String uri, String contentType, Dictionary`2 headers, HttpContent httpContent) 2020-11-09 15:07:13: at Deadline.Net.Clients.Http.HttpClient.Post(String uri, Object body, String contentType, Dictionary`2 headers) 2020-11-09 15:07:13: at Deadline.Net.Clients.Http.HttpClient.Post[TRequest,TResponse](String uri, TRequest body, String contentType, Dictionary`2 headers) 2020-11-09 15:07:13: at Deadline.Controllers.RemoteSecretsManagementController.GetSecret(String secretId) 2020-11-09 15:07:13: Scheduler Thread - Unexpected Error Occurred 2020-11-09 15:07:13: Scheduler Thread - Failed to retrieve the secret (/admin/ublsettings/UsageBasedURL), this operation was forbidden. Please ensure you have been granted access to this resource, or contact your Administrator to ensure Secrets Management was correctly configured. Please see Server's application log for further information. (System.InvalidOperationException) 2020-11-09 15:07:17: POST https://10.128.2.4:4433/rcs/v1/getSecret returned Forbidden ""Access denied."" (Deadline.Net.Clients.Http.DeadlineHttpRequestException)
Or the Workers are unable to checkout UBL (Usage Based Licensing) due to similar errors, follow here to add and register the clients machines with the client role and Remote Connection Server as the server role in the Monitor.
If the issue still persist after defining the correct roles to client and server and you are using AWS portal follow below for the workaround.
You will need to connect with the AWS Portal component called the Gateway Instance.
- SSH onto the Gateway machine by following these instructions
- Create a backup of
/etc/nginx/conf.d/cache.conf
file by runningcp /etc/nginx/conf.d/cache.conf /home/cache_backup.conf
- Now open this file by running:
sudo vim /etc/nginx/conf.d/cache.conf
- Change the line:
proxy_set_header Host $host;
=>proxy_set_header Host $http_host;
- Then, restarting nginx by running:
sudo service nginx restart
You should be good to go. The issue can re-appear if the infrastructure is recreated. The fix will be released in the next version of Deadline (ETA on the release cannot be shared).
If the above process fails create a support ticket.
Comments
0 comments
Please sign in to leave a comment.