pacemaker_remote resource fails to start with error "Client tls handshake failed for server hostname:3121. Disconnecting"

Solution Verified - Updated -

Issue

In pacemaker cluster the pacemaker_remote resource fails to start due to authentication failure:

Cluster node:

Apr 11 15:47:52 [555775] node1       crmd: ( lrm_state.c:576   )   trace: lrm_state_remote_connect_async:  initiating remote connection to (null) at 0 with timeout 10000
Apr 11 15:47:52 [555775] node1       crmd: (    remote.c:854   )   debug: crm_remote_tcp_connect_async:    Looking up remote_node2
Apr 11 15:47:52 [555775] node1       crmd: (    remote.c:876   )   debug: crm_remote_tcp_connect_async:    Got address remote_node2 for remote_node2
Apr 11 15:47:52 [555775] node1       crmd: (    remote.c:895   )    info: crm_remote_tcp_connect_async:    Attempting to connect to remote server at 10.20.30.40:3121
Apr 11 15:47:52 [555775] node1       crmd: (    remote.c:803   )   trace: internal_tcp_connect_async:  fd 15: scheduling to check if connect finished in 500ms second
Apr 11 15:47:53 [555775] node1       crmd: (    remote.c:687   )   trace: check_connect_finished:  fd 15: checking to see if connect finished
Apr 11 15:47:53 [555775] node1       crmd: (    remote.c:710   )   trace: check_connect_finished:  fd 15: select returned success
Apr 11 15:47:53 [555775] node1       crmd: (    remote.c:735   )   trace: check_connect_finished:  fd 15: connected
Apr 11 15:47:53 [555775] node1       crmd: (    remote.c:164   )   trace: crm_initiate_client_tls_handshake:   gnutls_handshake() failed with -110
Apr 11 15:47:53 [555775] node1       crmd: (lrmd_client.:1169  ) warning: lrmd_tcp_connect_cb: Client tls handshake failed for server remote_node2:3121. Disconnecting
Apr 11 15:47:53 [555775] node1       crmd: (lrmd_client.:526   )    info: lrmd_tls_connection_destroy: TLS connection destroyed

Remote node:

Apr 11 16:04:02 [652615] remote_node2 pacemaker_remoted: (      main.c:627   )    info: main:    Starting
Apr 11 16:04:02 [652615] remote_node2 pacemaker_remoted: (    remote.c:975   )    info: crm_remote_accept:   New remote connection from ::ffff:10.20.30.40
Apr 11 16:04:02 [652615] remote_node2 pacemaker_remoted: (tls_backend.:221   )  notice: lrmd_remote_listen:  LRMD client connection established. 0x55dec5cb5870 id: 6ba11a19-f712-4d74-969d-230b99797376
Apr 11 16:04:03 [652615] remote_node2 pacemaker_remoted: (tls_backend.:70    )   error: lrmd_remote_client_msg:  Remote lrmd tls handshake failed
Apr 11 16:04:03 [652615] remote_node2 pacemaker_remoted: (tls_backend.:154   )  notice: lrmd_remote_client_destroy:  LRMD client disconnecting remote client - name: <unknown> id: 6ba11a19-f712-4d74-969d-230b99797376

Environment

  • Red Hat Enterprise Linux 7
  • Pacemaker cluster with pacemaker_remote resource
  • Red Hat OpenStack Platform 12.0

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content