pacemaker_remote resource fails to start with error "Client tls handshake failed for server hostname:3121. Disconnecting"

Solution Verified - Updated -

Issue

In pacemaker cluster the pacemaker_remote resource fails to start due to authentication failure:

Cluster node:

Apr 11 15:47:52 [555775] node1       crmd: ( lrm_state.c:576   )   trace: lrm_state_remote_connect_async:  initiating remote connection to (null) at 0 with timeout 10000
Apr 11 15:47:52 [555775] node1       crmd: (    remote.c:854   )   debug: crm_remote_tcp_connect_async:    Looking up remote_node2
Apr 11 15:47:52 [555775] node1       crmd: (    remote.c:876   )   debug: crm_remote_tcp_connect_async:    Got address remote_node2 for remote_node2
Apr 11 15:47:52 [555775] node1       crmd: (    remote.c:895   )    info: crm_remote_tcp_connect_async:    Attempting to connect to remote server at 10.20.30.40:3121
Apr 11 15:47:52 [555775] node1       crmd: (    remote.c:803   )   trace: internal_tcp_connect_async:  fd 15: scheduling to check if connect finished in 500ms second
Apr 11 15:47:53 [555775] node1       crmd: (    remote.c:687   )   trace: check_connect_finished:  fd 15: checking to see if connect finished
Apr 11 15:47:53 [555775] node1       crmd: (    remote.c:710   )   trace: check_connect_finished:  fd 15: select returned success
Apr 11 15:47:53 [555775] node1       crmd: (    remote.c:735   )   trace: check_connect_finished:  fd 15: connected
Apr 11 15:47:53 [555775] node1       crmd: (    remote.c:164   )   trace: crm_initiate_client_tls_handshake:   gnutls_handshake() failed with -110
Apr 11 15:47:53 [555775] node1       crmd: (lrmd_client.:1169  ) warning: lrmd_tcp_connect_cb: Client tls handshake failed for server remote_node2:3121. Disconnecting
Apr 11 15:47:53 [555775] node1       crmd: (lrmd_client.:526   )    info: lrmd_tls_connection_destroy: TLS connection destroyed

Remote node:

Apr 11 16:04:02 [652615] remote_node2 pacemaker_remoted: (      main.c:627   )    info: main:    Starting
Apr 11 16:04:02 [652615] remote_node2 pacemaker_remoted: (    remote.c:975   )    info: crm_remote_accept:   New remote connection from ::ffff:10.20.30.40
Apr 11 16:04:02 [652615] remote_node2 pacemaker_remoted: (tls_backend.:221   )  notice: lrmd_remote_listen:  LRMD client connection established. 0x55dec5cb5870 id: 6ba11a19-f712-4d74-969d-230b99797376
Apr 11 16:04:03 [652615] remote_node2 pacemaker_remoted: (tls_backend.:70    )   error: lrmd_remote_client_msg:  Remote lrmd tls handshake failed
Apr 11 16:04:03 [652615] remote_node2 pacemaker_remoted: (tls_backend.:154   )  notice: lrmd_remote_client_destroy:  LRMD client disconnecting remote client - name: <unknown> id: 6ba11a19-f712-4d74-969d-230b99797376

Environment

  • Red Hat Enterprise Linux 7
  • Pacemaker cluster with pacemaker_remote resource
  • Red Hat OpenStack Platform 12.0

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In