See screenshot. It's not renewing as it should. How can I handle this, I tried search several times with no luck.
Time sensitive as it expired today.
Thank you!
I thought it was fine. But no longer remember as that is when everything started breaking, lol...
OK, let me try remove and re-add.
04:40 PM [pve]~ root # pvecm qdevice remove
Synchronizing state of corosync-qdevice.service with SysV service script with /lib/systemd/systemd-sysv-install...
Ok, removed from pve and pve2.
[pbs-ifire] # journalctl -xe|grep coro
Mar 03 16:31:56 pbs-ifire.ifire.net corosync-qnetd[1157]: Unhandled error when reading from client. Disconnecting client (-12271): SSL peer cannot verify your certificate.
Mar 03 16:31:57 pbs-ifire.ifire.net...
Tailscale has nothing to do with it, ignore me bringing it up.
ChatGPT suggests this:
From the error message `SSL peer cannot verify your certificate`, it appears that the issue is related to the SSL certificate used by the corosync-qnetd service.
Here are steps to diagnose this issue:
1...
On the qdevice node:
Mar 03 16:26:26 pbs-ifire.ifire.net corosync-qnetd[1157]: Unhandled error when reading from client. Disconnecting client (-12271): SSL peer cannot verify your certificate.
Repeated in logs.
on node [pbs-ifire] # apt install corosync-qnetd
That was to setup qdevice on pbs-ifire. It's a PBS install and running qdevice outside of that. IP is 192.168.1.253.
Then I installed on both cluster nodes: #
# apt install corosync-qdevice corosync-qnetd
# pvecm qdevice setup 192.168.1.253...
Perhaps my logic error. I use ProxyJump when connecting to VM's so I jump from pve node to vm's. the .ssh/config has those defined.
it had definitions for IP address as well with custom port, not sure at what point that became so but somewhere I was landing on port 22 and I needed it to...
Solved! ChatGPT found the error right away. LOL
My .ssh/config had entry 'HostName' instead of 'Host' when I added qdevice that happened.
I am so thankful for your time @esi_y -- if you can give me a link to your favorite charity, I will make a donation in your honor.
Thank you!
host "pve" is 192.168.1.251
host "pve2" is 192.168.1.252
host "pbs-ifire" is 192.168.1.253
I am just using posts to debug for a second. When I am on pve, and ssh to pve2 or pbs-ifire, early on in the process it "resolves" the IP to .251 even though I am explicitly using an IP (and not a name)...
This for example makes no sense to me. Asking for .253 but early on getting .251
04:00 PM [pve]~ root # "ssh" -vvv 192.168.1.253
OpenSSH_9.2p1 Debian-2+deb12u2, OpenSSL 3.0.11 19 Sep 2023
debug1: Reading configuration data /root/.ssh/config
debug1: /root/.ssh/config line 2: Applying options...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.