Unable to communicate with pacemaker host while authorising

linux centos7 cluster pacemaker

Solution 1:

I typically don't use pcsd in my clusters, but the times that I have, I recall setting up the authentication after I had a working cluster; function first, frill later.

I would try using the following commands from both nodes to create the corosync configuration and start the cluster, before setting up your authentication: 

# pcs cluster setup --local --name haproxy-cluster0 vm_haproxy1 vm_haproxy2
# systemctl start corosync
# systemctl start pacemaker

Once you see your nodes online in the output of crm_mon, try your steps for setting up the node authentication.

Solution 2:

I had this issue. In my case I tracked it down to the environment variables for proxies being set.

To check this: first run the command with --debug enabled:

pcs --debug cluster auth clua club cluc

In the debug output I could see:

Sending HTTP Request to: https://club:2224/remote/check_auth
Data: None
Response Reason: Tunnel connection failed: 404 Not Found
...
"I, [2017-04-05T10:54:21.333320 #6755]  INFO -- : No response from: cluc request: /auth, exception: 404 \"Not Found\"\n",
"I, [2017-04-05T10:54:21.334344 #6755]  INFO -- : No response from: club request: /auth, exception: 404 \"Not Found\"\n",
"I, [2017-04-05T10:54:21.334852 #6755]  INFO -- : No response from: clua request: /auth, exception: 404 \"Not Found\"\n"

Running curl towards the URL it was trying to use gave more explicit information:

# curl https://club:2224/remote/check_auth
curl: (56) Received HTTP code 404 from proxy after CONNECT

Unsetting http_proxy and https_proxy enabled it to work.

If you don't have too many nodes, you can list them in the no_proxy environment variable. Otherwise it's a bit painful - you need to ensure you always run the pcs commands with no proxy environment variables set. I have so far not found any way to configured pcs not to use these variables.

You could write a little wrapper that unsets the variables and then calls pcs.

Solution 3:

If you are using CentOS 7, check:

systemctl start pcsd.service 
systemctl enable pcsd.service

The start will run it now. If that produces any error messages those should be addressed. The enable cause it to start automatically on the next boot.

Related

"Windows cannot find the Microsoft Software License Terms" when installing Windows Server 2016 in a VM
apache2 sends corrupt responses when using a cifs-share
How do I check if Log4j is installed on my server?
Is there a way to stop the AWS Elasticsearch?
How to detect if ANY block is broken using command blocks in Minecraft
Do external coolers really help with noise?
Fez: Does anyone know how to unlock the second gamerpic on Xbox 360?
What does Gift Of Blood / blood lightning do?
Cheapest mystic forge recipes?
How do I get access to edit a config file in a WindowsApps Folder?
How do I give myself blocks that can only be placed on red wool? [duplicate]
Legality of ripping ISOs from Wii disk [closed]