AWS Thinkbox Discussion Forums

DL10 Automatic update

I updated from DL10.0.3 to 10.0.4.
But some of my render PCs does not automatic update. Even if I restart those machines.
I’m using service mode for these PCs and launcher and slave was start correctly(can check through DL-monitor). But it was not updated.
Actually, about 25% of PCs did not update. Those PCs are all different spec.

So, I found one thing for these PCs.
When I force stop deadline10service for a PC, but deadlinelauncherservice.exe was not closed. And if I restart deadline service again, another deadlinelauncher.exe was started.
Then I force End Process for launcherservice.exe after force stop deadline10service, and restart service, automatic update was started.

On the other hand, some PCs slave does not start correctly sometime(PC was started through power-management). It happens randomly.
At this time, deadline service and launcherservice.exe looks started. But it does not connect to repo.
If I restart PC or restart service, it will be started.

I used from DL6 but these thing never happened. So, current launcherservice.exe has something problem???

thanks

Hmm. There are a number of different tests and factors here.

I think rebooting should have solved the service not killing the Launcher. That’s a problem in its own right and we should isolate that if we can.

The second and third pieces are multiple launchers and Slaves not start, which should also be handled. This should also be isolated.

I think we’ll start with the Launchers not being able to connect to the Repository which is where they should be determining Repo version. Would you be able to provide the launcher logs for those machines and that time? If you’re willing you can provide me all of the Launcher logs for a machine which had problem and I can isolate when their version transitioned or when they had errors. I’m hoping to find something within these logs to be the start of the investigation.

If you’d prefer, you can also e-mail these to support@thinkboxsoftware.com instead of posting the here.

Edwin,

About missing start thing, I checked my log when I got problem.
Log said(I modified my network path),

2017-10-17 10:11:00: Error occurred while updating Repository Options: Error encountered when loading the configured DB Client Certificate (\xxxxxxx\x\xxxxxxx\xxxxxxxxxxxxxx\certs\Deadline10Client.pfx). It is likely either an invalid x.509 certificate, or the wrong passphrase was provided.
2017-10-17 10:11:00: Full Error:
2017-10-17 10:11:00: The specified network password is not correct.
2017-10-17 10:11:00: (Deadline.Configuration.DeadlineConfigException)

So, I think it has something problem with SSH at boot timing.
And when I stop service and restart it, It has no error every time. Therefore, password was not incorrect.


About Auto update thing,
I think “deadlinelaunchernew-PC name-0000.log” is autoupdate log, right??
This log said,

2017-10-13 13:50:22: Deadline Launcher 10.0 [v10.0.3.2 Release (072d054c6)]
2017-10-13 13:50:22: deadlinelaunchernew is running
2017-10-13 13:50:52: Failed to connect to Repository: The Default Repository ‘\xxxxxxxx\x\xxxxxxxxx\DeadlineRepository10’ is not reachable.
2017-10-13 13:50:52: Error during launcher startup: Object reference not set to an instance of an object. (System.NullReferenceException)

And after I restart service, 0001.log was made and it looks worked.

thanks

Client Cert Error:

This is especially mysterious. It’s read some of the data from Repository directory, but the cert data didn’t make it over (I’m assuming).

Auto Update:

I’m wondering if the access to the Repository takes a while to settle like it did in this forum thread:
forums.thinkboxsoftware.com/vie … 11&t=15666

If you increase the timeout in deadline.ini, will it get past this problem? I wonder if there is a service we can be dependent on to know when file shares will be available on boot. I don’t expect that will help the client cert error, because it’s managed to connect to the Repo to read the connection.ini file to know it must use SSL.

I’m wondering if this is all related to connections when the machine boots. The fact that they are UNC paths means that Windows should have access to them immediately. Are they password protected shares? Perhaps Active Directory needs to settle first.

My repository is on the windows server.
And I use Active Directory for my network. And DL launcher service is using AD-Administrator account for execute.
And I don’t use password for any folders.

As I said before, this Cert error happens randomly when PCs are starting up. Some PC happens, some PC not happens, but next time, it will be change for the situation.
All deadline client install setting was exact same. And when I used DL8, these problems were not happens.

thanks

I have a feeling that we may just be asking for the certificate too quickly, hence the test of delaying the Slave from connecting. I’m hoping it will either prove me right or prove me wrong (I’m find with either :slight_smile:).

If you don’t feel you need to use the database encryption which we added in 9.0 (and which carried forward to 10.0) you can remove it. The affect this has is that anyone who has access to the database inside your network could make changes to the raw data, though if the client certificate isn’t secured at the moment you’re in the same situation. The reason for this is that anyone who can copy the certificate could modify the database. The choice to remove the encryption is yours and I can explain in greater detail if you are at all unsure.

The steps to remove authentication are fairly quick but require editing two files. The first is the database configuration file. You will comment out these lines in the “C:\DeadlineDatabase10\mongo\data\config.conf” file to read like so:

...

#  ssl:
#    # SSL/TLS options
#    mode: requireSSL
#    PEMKeyFile: C:\DeadlineDatabase10\certs/YWG-9902945189.ant.amazon.com.pem
#    CAFile: C:\DeadlineDatabase10\certs/ca.crt

...

#security:
#  authorization: enabled

These “#” marks will stop the database from using encryption, so you will just have to stop and start the database for it to pull the new configuration. You can do this from the “Services” tool in Windows.

The second change is to “[repo]/settings/connection.ini” to disable it for the clients. You will change these two lines to read:

Authenticate=False
EnableSSL=False

This will take affect when you start the Monitor again. You can choose to change the Repository in the Monitor and remove references to your certificate.

Privacy | Site terms | Cookie preferences