<div dir="ltr">Hi,<br><br>I am new to using Corosync and Pacemaker. I have been following this tutorial: <br><br><a href="https://www.ateam-oracle.com/post/isv-implementation-details-part-4a-linux-clustering-with-pacemaker-and-corosync">https://www.ateam-oracle.com/post/isv-implementation-details-part-4a-linux-clustering-with-pacemaker-and-corosync</a><br><br>However, I am stuck in the auth part:<br><br>[root@z2-server-nat1 user1]# pcs --debug cluster auth z2-server-nat1 z2-server-nat2 -u hacluster -p xxxxxxxxxx --force<br>Running: /usr/bin/ruby -I/usr/lib/pcsd/ /usr/lib/pcsd/pcsd-cli.rb auth<br>Environment:<br>  GEM_HOME=/usr/lib/pcsd/vendor/bundle/ruby<br>  HISTSIZE=1000<br>  HOME=/root<br>  HOSTNAME=z2-server-nat1<br>  LANG=en_US.UTF-8<br>  LC_ALL=C<br>  LESSOPEN=||/usr/bin/lesspipe.sh %s<br>  LOGNAME=root<br>  LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=01;05;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=01;36:*.au=01;36:*.flac=01;36:*.mid=01;36:*.midi=01;36:*.mka=01;36:*.mp3=01;36:*.mpc=01;36:*.ogg=01;36:*.ra=01;36:*.wav=01;36:*.axa=01;36:*.oga=01;36:*.spx=01;36:*.xspf=01;36:<br>  MAIL=/var/spool/mail/user1<br>  PATH=/root/bin:/sbin:/bin:/usr/sbin:/usr/bin<br>  PCSD_DEBUG=true<br>  PCSD_NETWORK_TIMEOUT=60<br>  PWD=/home/user1<br>  SHELL=/bin/bash<br>  SHLVL=1<br>  SUDO_COMMAND=/bin/bash<br>  SUDO_GID=1000<br>  SUDO_UID=1000<br>  SUDO_USER=user1<br>  TERM=xterm<br>  USER=root<br>  USERNAME=root<br>  XDG_SESSION_ID=52<br>  _=/sbin/pcs<br>--Debug Input Start--<br>{"username": "hacluster", "local": false, "nodes": {"z2-server-nat2": null, "z2-server-nat1": null}, "password": "xxxxxxxxxx", "force": true}<br>--Debug Input End--<br><br>Finished running: /usr/bin/ruby -I/usr/lib/pcsd/ /usr/lib/pcsd/pcsd-cli.rb auth<br>Return value: 0<br>--Debug Stdout Start--<br>{<br>  "status": "ok",<br>  "data": {<br>    "auth_responses": {<br>      "z2-server-nat2": {<br>        "status": "noresponse"<br>      },<br>      "z2-server-nat1": {<br>        "status": "ok",<br>        "token": "4c1d7eb9-549a-4e53-9c8d-30b735276384"<br>      }<br>    },<br>    "sync_successful": true,<br>    "sync_nodes_err": [<br>      "z2-server-nat2"<br>    ],<br>    "sync_responses": {<br>      "z2-server-nat2": {<br>        "status": "notauthorized"<br>      },<br>      "z2-server-nat1": {<br>        "status": "ok",<br>        "result": {<br>          "tokens": "accepted"<br>        }<br>      }<br>    }<br>  },<br>  "log": [<br>    "I, [2022-04-05T09:16:12.482746 #15712]  INFO -- : PCSD Debugging enabled\n",<br>    "D, [2022-04-05T09:16:12.483179 #15712] DEBUG -- : Did not detect RHEL 6\n",<br>    "D, [2022-04-05T09:16:12.483213 #15712] DEBUG -- : Detected systemd is in use\n",<br>    "I, [2022-04-05T09:16:12.608604 #15712]  INFO -- : Running: /usr/sbin/corosync-cmapctl totem.cluster_name\n",<br>    "I, [2022-04-05T09:16:12.608727 #15712]  INFO -- : CIB USER: hacluster, groups: \n",<br>    "D, [2022-04-05T09:16:12.616468 #15712] DEBUG -- : [\"totem.cluster_name (str) = haproxy-cluseter0\\n\"]\n",<br>    "D, [2022-04-05T09:16:12.616601 #15712] DEBUG -- : []\n",<br>    "D, [2022-04-05T09:16:12.616642 #15712] DEBUG -- : Duration: 0.007706732s\n",<br>    "I, [2022-04-05T09:16:12.616763 #15712]  INFO -- : Return Value: 0\n",<br>    "I, [2022-04-05T09:16:12.627240 #15712]  INFO -- : No response from: z2-server-nat2 request: auth, error: couldnt_connect\n",<br>    "I, [2022-04-05T09:16:12.820609 #15712]  INFO -- : Running: /usr/sbin/pcs status nodes corosync\n",<br>    "I, [2022-04-05T09:16:12.820672 #15712]  INFO -- : CIB USER: hacluster, groups: \n",<br>    "D, [2022-04-05T09:16:13.029178 #15712] DEBUG -- : [\"Corosync Nodes:\\n\", \" Online: z2-server-nat1 z2-server-nat2\\n\", \" Offline:\\n\"]\n",<br>    "D, [2022-04-05T09:16:13.029316 #15712] DEBUG -- : []\n",<br>    "D, [2022-04-05T09:16:13.029351 #15712] DEBUG -- : Duration: 0.20848278s\n",<br>    "I, [2022-04-05T09:16:13.029514 #15712]  INFO -- : Return Value: 0\n",<br>    "I, [2022-04-05T09:16:13.029855 #15712]  INFO -- : Sending config 'tokens' version 31 505875ea7aca471f78f3de3d9d622c7996c1961a to nodes: z2-server-nat1, z2-server-nat2\n",<br>    "I, [2022-04-05T09:16:13.030258 #15712]  INFO -- : SRWT Node: z2-server-nat1 Request: set_configs\n",<br>    "I, [2022-04-05T09:16:13.030884 #15712]  INFO -- : SRWT Node: z2-server-nat2 Request: set_configs\n",<br>    "E, [2022-04-05T09:16:13.030945 #15712] ERROR -- : Unable to connect to node z2-server-nat2, no token available\n",<br>    "I, [2022-04-05T09:16:13.055544 #15712]  INFO -- : Sending config response from z2-server-nat2: {\"status\"=>\"notauthorized\"}\n",<br>    "I, [2022-04-05T09:16:13.055614 #15712]  INFO -- : Sending config response from z2-server-nat1: {\"status\"=>\"ok\", \"result\"=>{\"tokens\"=>\"accepted\"}}\n"<br>  ]<br>}<br><br>--Debug Stdout End--<br>--Debug Stderr Start--<br><br>--Debug Stderr End--<br><br>Error: Unable to communicate with z2-server-nat2<br>z2-server-nat1: Authorized<br>Error: Unable to synchronize and save tokens on nodes: z2-server-nat2. Are they authorized?<br><br><br>------------------------------------------------------------------------------------------------------------------------<br><br>I've also applied the iptables:<br><br>[root@z2-server-nat1 user1]# sudo iptables -S<br>......<br>-A IN_public_allow -p udp -m udp --dport 5404 -m conntrack --ctstate NEW,UNTRACKED -j ACCEPT<br>-A IN_public_allow -p udp -m udp --dport 5405 -m conntrack --ctstate NEW,UNTRACKED -j ACCEPT<br>-A IN_public_allow -p udp -m udp --dport 5406 -m conntrack --ctstate NEW,UNTRACKED -j ACCEPT<br><br>------------------------------------------------------------------------------------------------------------------------<br><br>I've also made sure that the nodes see each other:<br><br>[root@z2-server-nat1 user1]# ping z2-server-nat2<br>PING z2-server-nat2 (10.0.0.3) 56(84) bytes of data.<br>64 bytes from z2-server-nat2 (10.0.0.3): icmp_seq=1 ttl=64 time=0.427 ms<br>64 bytes from z2-server-nat2 (10.0.0.3): icmp_seq=2 ttl=64 time=0.387 ms<br>64 bytes from z2-server-nat2 (10.0.0.3): icmp_seq=3 ttl=64 time=0.398 ms<br><br>------------------------------------------------------------------------------------------------------------------------<br><br>I've also made sure that hostnames are in /etc/hosts of both server:<br><br>[root@z2-server-nat1 user1]# cat /etc/hosts<br>...<br>...<br>x.x.x.3 z2-server-nat2<br>x.x.x.2 z2-server-nat1<br>...<br>...<br><br>------------------------------------------------------------------------------------------------------------------------<br><br>I've also made sure the service is up:<br><br>[user1@z2-server-nat2 ~]$ systemctl status pcsd.service<br>● pcsd.service - PCS GUI and remote configuration interface<br>   Loaded: loaded (/usr/lib/systemd/system/pcsd.service; enabled; vendor preset: disabled)<br>   Active: active (running) since Tue 2022-04-05 04:29:16 GMT; 3h 24min ago<br>     Docs: man:pcsd(8)<br>           man:pcs(8)<br> Main PID: 856 (pcsd)<br>   Memory: 28.6M<br>   CGroup: /system.slice/pcsd.service<br>           └─856 /usr/bin/ruby /usr/lib/pcsd/pcsd<br><br>Apr 05 04:29:16 z2-server-nat2 systemd[1]: Starting PCS GUI and remote configuration interface...<br>Apr 05 04:29:16 z2-server-nat2 systemd[1]: Started PCS GUI and remote configuration interface.<br><br>------------------------------------------------------------------------------------------------------------------------<br><br>Am I missing something in making the nodes able to communicate with each other? How do I proceed from here?<br><br>Regards,<br>Chariot<br></div>