Thanks Luca,
I read that same file on Friday and noted that those ports were only opened for
high-availability interfaces, which I had not defined. So, I configured all the
management interfaces as high-availability and resynced the nodes, then
database synchronization worked perfectly!
Thanks for your help and hints,
--
Jason Trinklein
Wireless Engineering Manager
College of Charleston
81 St. Philip Street | Office 311D | Charleston, SC 29403
[email protected]<mailto:[email protected]> | (843) 300–8009
From: luca comes via PacketFence-users <[email protected]>
Reply-To: "[email protected]"
<[email protected]>
Date: Monday, January 29, 2018 at 5:05 AM
To: "Trinklein, Jason R via PacketFence-users"
<[email protected]>
Cc: luca comes <[email protected]>
Subject: [PacketFence-users] R: R: R: Can't synchronize new cluster databases
Hi Jason,
I didn't remember to tell you the same. I also had to change iptables settings
because as default ports for galera sync are opened only on the high
availability interface but every node point to the real management Ip instead.
So I added on each node two lines in /usl/loca/pf/conf/ipatbles.conf:
-A input-management-if --protocol tcp --match tcp --dport 4567 --jump ACCEPT
-A input-management-if --protocol tcp --match tcp --dport 4444 --jump ACCEPT
After that I restarted iptables with /usr/loca/pf/bin/pfcmd service iptables
restart on each node and the synchronization was fine.
I hope this will help you.
Luca
Inviato da
Outlook<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Faka.ms%2Fweboutlook&data=02%7C01%7C%7C14677f0251384b6603c908d566ffdb3d%7Ce285d438dbba4a4c941c593ba422deac%7C0%7C0%7C636528171449881162&sdata=bkhS655qN6qKK5mXeW2PNYSmpw%2BavAdBfkMRhJ3ka1g%3D&reserved=0>
Da: Trinklein, Jason R via PacketFence-users
<[email protected]>
Inviato: giovedì 25 gennaio 2018 23:23
A: [email protected]
Cc: Trinklein, Jason R
Oggetto: Re: [PacketFence-users] R: R: Can't synchronize new cluster databases
Ok I’ve figured out what’s going on to some extent with this failed database
replication. Evidently, iptables on the master host is blocking the connection.
When I pfcmd service iptables stop, the connection suddenly synchronizes and is
happy. As soon as iptables comes back online, the connection drops.
I have two interfaces:
Eth0: portal
Eth1: Management
I’ve configured this all to work over eth1’s subnet and IPs. How do I fix pf’s
firewall? I thought this solution was supposed to manage the firewall
automagically.
--
Jason Trinklein
Wireless Engineering Manager
College of Charleston
81 St. Philip Street | Office 311D | Charleston, SC 29403
[email protected]<mailto:[email protected]> | (843) 300–8009
From: luca comes via PacketFence-users <[email protected]>
Reply-To: "[email protected]"
<[email protected]>
Date: Monday, January 22, 2018 at 6:22 AM
To: "[email protected]"
<[email protected]>
Cc: luca comes <[email protected]>
Subject: [PacketFence-users] R: R: Can't synchronize new cluster databases
Hi Jason,
it depends on the error you can see inside your guest2 error file. Anyway in my
case I had a misconfiguration when I first start the master node the other
memebers had packetfence and mariadb started. So I restored a mysql dump from
the old standalone server and rebuilt the mysql configuration (mainly the users
part). Also I checked that on the other memebers all services were shutted
down. After the master synced correctly to the group (you can see that in the
.err file) with --force-new-cluster option activated I started the two other
nodes paying attention on what Fabrice said before (/var/lib/mysql/ emptied)
and all things went well.
Luca
Da: Durand fabrice via PacketFence-users
<[email protected]>
Inviato: sabato 20 gennaio 2018 03:24
A: [email protected]
Cc: Durand fabrice
Oggetto: Re: [PacketFence-users] R: Can't synchronize new cluster databases
What i can also recommend is to remove the content of /var/lib/mysql on the
other server (not the master one of course) and restart packetfence-mariadb
Regards
Fabrice
Le 2018-01-19 à 04:38, luca comes via PacketFence-users a écrit :
Hi Jason,
I had the same problem last week. First check on your master server if it is
joined and synced with the cluster you can do that reading the file .err in
/var/lib/mysql/ and in the database with the query show status like 'wsrep%' as
stated in the clustering guide.
Luca
Da: Trinklein, Jason R via PacketFence-users
<[email protected]><mailto:[email protected]>
Inviato: giovedì 18 gennaio 2018 20:19
A: Rafael Rocha via PacketFence-users
Cc: Trinklein, Jason R
Oggetto: [PacketFence-users] Can't synchronize new cluster databases
I’m setting up a new cluster with three total members.
Server1 is running with /usr/local/pf/sbin/pf-mariadb --force-new-cluster
Server2 runs systemctl restart packetfence-mariadb
But fails with:
Job for packetfence-mariadb.service failed because a timeout was exceeded. See
"systemctl status packetfence-mariadb.service" and "journalctl -xe" for details.
And journalctl shows:
https://pastebin.com/pWn6Nr1D<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpastebin.com%2FpWn6Nr1D&data=02%7C01%7C%7C3b755b7c2ab543e9d6ff08d5618a6323%7Ce285d438dbba4a4c941c593ba422deac%7C0%7C1%7C636522169367059754&sdata=vQXwV%2Fp1k9wl9kBwrCHIQOKrhB%2BbI%2FAPq4rV4ehyeoM%3D&reserved=0>
The systems can ping each other and tcpdump shows mysql packets being sent and
received by both hosts. There is no firewall between them and they are on the
same network.
Any ideas?
Thanks,
--
Jason Trinklein
Wireless Engineering Manager
College of Charleston
81 St. Philip Street | Office 311D | Charleston, SC 29403
[email protected]<mailto:[email protected]> | (843) 300–8009
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org!
http://sdm.link/slashdot<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fsdm.link%2Fslashdot&data=02%7C01%7C%7C3b755b7c2ab543e9d6ff08d5618a6323%7Ce285d438dbba4a4c941c593ba422deac%7C0%7C1%7C636522169367059754&sdata=d%2BIC4%2B9Mhsjp8axfLe7nsxjHD61uRfKMLr5BqB4G5%2FE%3D&reserved=0>
_______________________________________________
PacketFence-users mailing list
[email protected]<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/packetfence-users<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.sourceforge.net%2Flists%2Flistinfo%2Fpacketfence-users&data=02%7C01%7C%7C3b755b7c2ab543e9d6ff08d5618a6323%7Ce285d438dbba4a4c941c593ba422deac%7C0%7C1%7C636522169367059754&sdata=a0lt5ga0Hz24lNV%2BJ0M3K04fV%2B7JJUW1ho3J0HbotT0%3D&reserved=0>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
