Aravinda
2015-Jan-21 05:38 UTC
[Gluster-users] Geo-Replication push-pem actually does'nt append common_secret_pub.pem to authrorized_keys file
On 01/20/2015 11:01 PM, PEPONNET, Cyril N (Cyril) wrote:> Hi, > > I?m ready for new testing, I delete the geo-rep session between master and slace, remove the lines in authorized keys file on slave. > I also remove the common secret pem from slave, and from master. There is only the gsyncd_template.conf in /var/lib/gluster now. > > Here is our setup: > > Site A: gluster 3 nodes > Site B: gluster 1 node (for now, a second will come). > > I can issue > > gluster systen:: execute gsec_create > > what to check?common_secret.pem.pub is created in /var/lib/glusterd/geo-replication/common_secret.pem.pub, which should contain public keys from all Master nodes(Site A). Should match with contents of /var/lib/glusterd/geo-replication/secret.pem.pub and /var/lib/glusterd/geo-replication/tar_ssh.pem.pub.> > then > > gluster geo vol geo_test slave::geo_test create push-pem force (force is needed because the slave vol is smaller than the master vol). > > What to check ?Check for any errors in, /var/log/glusterfs/etc-glusterfs-glusterd.vol.log in rpm installation or in /var/log/glusterfs/usr-local-etc-glusterfs-glusterd.vol.log if source installation. In case of any errors related to hook execution, run directly the hook command copied from the log. From your previous mail I understand their is some issue while executing hook script. I will look into the issue in hook script.> > I want to use change_detector changelog and not rsync btw.change_detector is crawling mecanism. Available options are: changelog and xsync. xsync is FS Crawl. sync mecanisms available are: rsync and tarssh.> > Can you guide me to setup this but also debug why it?s not working out of the box ? > > If needed I can get in touch with you through IRC.Sure. IRC nickname is aravindavk.> > Thanks for your help. >-- regards Aravinda http://aravindavk.in
PEPONNET, Cyril N (Cyril)
2015-Jan-21 18:57 UTC
[Gluster-users] Geo-Replication push-pem actually does'nt append common_secret_pub.pem to authrorized_keys file
So, On master node of my 3 node setup: 1) gluster system:: execute gsec_create in /var/lib/glusterd/geo-replication/common_secret.pub I have pem pub key from master node A and node B (not node C). On node C in don?t have anything in /v/l/g/geo/ except the gsync template config. So here I have an issue. The only error I saw on node C is: [2015-01-21 18:36:41.179601] E [rpc-clnt.c:208:call_bail] 0-management: bailing out frame type(Peer mgmt) op(?(2)) xid = 0x23 sent = 2015-01-21 18:26:33.031937. timeout = 600 for xx.xx.xx.xx:24007 On node A, the cli.log looks like: [2015-01-21 18:49:49.878905] I [socket.c:3561:socket_init] 0-glusterfs: SSL support is NOT enabled [2015-01-21 18:49:49.878947] I [socket.c:3576:socket_init] 0-glusterfs: using system polling thread [2015-01-21 18:49:49.879085] I [socket.c:3561:socket_init] 0-glusterfs: SSL support is NOT enabled [2015-01-21 18:49:49.879095] I [socket.c:3576:socket_init] 0-glusterfs: using system polling thread [2015-01-21 18:49:49.951835] I [socket.c:2238:socket_event_handler] 0-transport: disconnecting now [2015-01-21 18:49:49.972143] I [input.c:36:cli_batch] 0-: Exiting with: 0 If I run gluster system:: execute gsec_create on node C or node B, the common pem key file contains my 3 nodes pem puk keys. So in some way node A is unable to get the key from node C. So let?s try to fix this one before going further. -- Cyril Peponnet On Jan 20, 2015, at 9:38 PM, Aravinda <avishwan at redhat.com<mailto:avishwan at redhat.com>> wrote: On 01/20/2015 11:01 PM, PEPONNET, Cyril N (Cyril) wrote: Hi, I?m ready for new testing, I delete the geo-rep session between master and slace, remove the lines in authorized keys file on slave. I also remove the common secret pem from slave, and from master. There is only the gsyncd_template.conf in /var/lib/gluster now. Here is our setup: Site A: gluster 3 nodes Site B: gluster 1 node (for now, a second will come). I can issue gluster systen:: execute gsec_create what to check? common_secret.pem.pub is created in /var/lib/glusterd/geo-replication/common_secret.pem.pub, which should contain public keys from all Master nodes(Site A). Should match with contents of /var/lib/glusterd/geo-replication/secret.pem.pub and /var/lib/glusterd/geo-replication/tar_ssh.pem.pub. then gluster geo vol geo_test slave::geo_test create push-pem force (force is needed because the slave vol is smaller than the master vol). What to check ? Check for any errors in, /var/log/glusterfs/etc-glusterfs-glusterd.vol.log in rpm installation or in /var/log/glusterfs/usr-local-etc-glusterfs-glusterd.vol.log if source installation. In case of any errors related to hook execution, run directly the hook command copied from the log. From your previous mail I understand their is some issue while executing hook script. I will look into the issue in hook script. I want to use change_detector changelog and not rsync btw. change_detector is crawling mecanism. Available options are: changelog and xsync. xsync is FS Crawl. sync mecanisms available are: rsync and tarssh. Can you guide me to setup this but also debug why it?s not working out of the box ? If needed I can get in touch with you through IRC. Sure. IRC nickname is aravindavk. Thanks for your help. -- regards Aravinda http://aravindavk.in -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.gluster.org/pipermail/gluster-users/attachments/20150121/3ceda9ad/attachment.html>
Aravinda
2015-Feb-02 10:07 UTC
[Gluster-users] Geo-Replication push-pem actually does'nt append common_secret_pub.pem to authrorized_keys file
Looks like node C is in diconnected state. Please let us know the output of `gluster peer status` from all the master nodes and slave nodes. -- regards Aravinda On 01/22/2015 12:27 AM, PEPONNET, Cyril N (Cyril) wrote:> So, > > On master node of my 3 node setup: > > 1) gluster system:: execute gsec_create > > in /var/lib/glusterd/geo-replication/common_secret.pub I have pem pub > key from master node A and node B (not node C). > > On node C in don?t have anything in /v/l/g/geo/ except the gsync > template config. > > So here I have an issue. > > The only error I saw on node C is: > > [2015-01-21 18:36:41.179601] E [rpc-clnt.c:208:call_bail] > 0-management: bailing out frame type(Peer mgmt) op(?(2)) xid > 0x23 sent = 2015-01-21 18:26:33.031937. timeout = 600 for > xx.xx.xx.xx:24007 > > > On node A, the cli.log looks like: > > [2015-01-21 18:49:49.878905] I [socket.c:3561:socket_init] > 0-glusterfs: SSL support is NOT enabled > [2015-01-21 18:49:49.878947] I [socket.c:3576:socket_init] > 0-glusterfs: using system polling thread > [2015-01-21 18:49:49.879085] I [socket.c:3561:socket_init] > 0-glusterfs: SSL support is NOT enabled > [2015-01-21 18:49:49.879095] I [socket.c:3576:socket_init] > 0-glusterfs: using system polling thread > [2015-01-21 18:49:49.951835] I > [socket.c:2238:socket_event_handler] 0-transport: disconnecting now > [2015-01-21 18:49:49.972143] I [input.c:36:cli_batch] 0-: Exiting > with: 0 > > > If I run gluster system:: execute gsec_create on node C or node B, the > common pem key file contains my 3 nodes pem puk keys. So in some way > node A is unable to get the key from node C. > > So let?s try to fix this one before going further. > > -- > Cyril Peponnet > >> On Jan 20, 2015, at 9:38 PM, Aravinda <avishwan at redhat.com >> <mailto:avishwan at redhat.com>> wrote: >> >> On 01/20/2015 11:01 PM, PEPONNET, Cyril N (Cyril) wrote: >>> Hi, >>> >>> I?m ready for new testing, I delete the geo-rep session between >>> master and slace, remove the lines in authorized keys file on slave. >>> I also remove the common secret pem from slave, and from master. >>> There is only the gsyncd_template.conf in /var/lib/gluster now. >>> >>> Here is our setup: >>> >>> Site A: gluster 3 nodes >>> Site B: gluster 1 node (for now, a second will come). >>> >>> I can issue >>> >>> gluster systen:: execute gsec_create >>> >>> what to check? >> common_secret.pem.pub is created in >> /var/lib/glusterd/geo-replication/common_secret.pem.pub, which should >> contain public keys from all Master nodes(Site A). Should match with >> contents of /var/lib/glusterd/geo-replication/secret.pem.pub and >> /var/lib/glusterd/geo-replication/tar_ssh.pem.pub. >> >>> >>> then >>> >>> gluster geo vol geo_test slave::geo_test create push-pem force >>> (force is needed because the slave vol is smaller than the master vol). >>> >>> What to check ? >> Check for any errors in, >> /var/log/glusterfs/etc-glusterfs-glusterd.vol.log in rpm installation >> or in /var/log/glusterfs/usr-local-etc-glusterfs-glusterd.vol.log if >> source installation. In case of any errors related to hook execution, >> run directly the hook command copied from the log. From your previous >> mail I understand their is some issue while executing hook script. I >> will look into the issue in hook script. >>> >>> I want to use change_detector changelog and not rsync btw. >> change_detector is crawling mecanism. Available options are: >> changelog and xsync. xsync is FS Crawl. >> sync mecanisms available are: rsync and tarssh. >>> >>> Can you guide me to setup this but also debug why it?s not working >>> out of the box ? >>> >>> If needed I can get in touch with you through IRC. >> Sure. IRC nickname is aravindavk. >>> >>> Thanks for your help. >>> >> >> -- >> regards >> Aravinda >> http://aravindavk.in >