Upgrading Cluster

AllCore James

New Member
Dec 20, 2018
11
0
1
50
Hello,

We built a small 3 server cluster to test PMG before we fully committed to it... we are pleased in general with the results.

We are in the process of rebuilding the cluster/upgrading it:

We have built all the new servers spread across different hardware on new SSD drives etc. We want to have the new servers promoted to be used so we can remove/delete the old servers.

the master right now is "pmg01" - we want to have the new master "portal" be upgraded/promoted to the new master... is there a way to do this so we don't lose our existing configs and whitelists? we want all mail sent out regarding the quarantine to come from this new server.

The next thing we need to do is re-apply the existing licenses we purchased to the new servers... can this be done as well or are those licenses lost?
 
We have built all the new servers spread across different hardware on new SSD drives etc. We want to have the new servers promoted to be used so we can remove/delete the old servers.

the master right now is "pmg01" - we want to have the new master "portal" be upgraded/promoted to the new master... is there a way to do this so we don't lose our existing configs and whitelists? we want all mail sent out regarding the quarantine to come from this new server.

From PMG Documentation Chapter 8.4.5:

Master Failure
• force another node to be master
Code:
pmgcm promote
• tell other nodes that master has changed
Code:
pmgcm sync --master_ip <master_ip>

The next thing we need to do is re-apply the existing licenses we purchased to the new servers... can this be done as well or are those licenses lost?

From PMG Subscription Agreement:

3.10. Server change – moving a subscription key to a new server
If you want to move your subscription key to a new server, for example because you have replaced your
hardware, you can request a reissue of the subscription key. This can be done 3 times per year without any
costs involved via the self service portal at https://shop.maurer-it.com (or via your reseller). If you need
more re-issues, request this from your reseller.
 
hello,

thanks for the email and advice. I have run the commands you suggested:..
I went to the new master server and ran the "pmgcm promote" command...
I ssh'd into each of the other servers and then also ran the pmgcm --sync command with the IP address for the new server

I rebooted the original 3 test servers... however I am seeing the following "errors" / "weirdness":

1. the new master server does not have all of the data on the dashboard... the old master is still way more up to date..
2. When I look at the cluster nodes, I see that the old master node is still listed as active and the new master node is "syncing" for some reason
 
Now on the new master I just got kicked out of the interface and also had the following error dumped on the screen in a pop up:


smtp163:
500 SSL_ca_file /etc/ssl/certs/ca-certificates.crt can't be used: Too many open files
smtp181:
500 SSL_ca_file /etc/ssl/certs/ca-certificates.crt can't be used: Too many open files
mx101:
500 SSL_ca_file /etc/ssl/certs/ca-certificates.crt can't be used: Too many open files
smtp161:
500 SSL_ca_file /etc/ssl/certs/ca-certificates.crt can't be used: Too many open files
smtp152:
500 SSL_ca_file /etc/ssl/certs/ca-certificates.crt can't be used: Too many open files
mx103:
500 SSL_ca_file /etc/ssl/certs/ca-certificates.crt can't be used: Too many open files
pmg02:
500 SSL_ca_file /etc/ssl/certs/ca-certificates.crt can't be used: Too many open files
pmg01:
500 SSL_ca_file /etc/ssl/certs/ca-certificates.crt can't be used: Too many open files
smtp162:
500 SSL_ca_file /etc/ssl/certs/ca-certificates.crt can't be used: Too many open files
smtp183:
500 SSL_ca_file /etc/ssl/certs/ca-certificates.crt can't be used: Too many open files
smtp153:
500 SSL_ca_file /etc/ssl/certs/ca-certificates.crt can't be used: Too many open files
mx102:
500 SSL_ca_file /etc/ssl/certs/ca-certificates.crt can't be used: Too many open files
smtp182:
500 SSL_ca_file /etc/ssl/certs/ca-certificates.crt can't be used: Too many open files


The strange part is we have not attempted to use any SSL yet...
 
Could you please post a redacted (strip any sensitive data like ip-addresses and domain-names) output of `journalctl --since 2019-02-01`)?
Additionally please check the log in `/var/log/pmgproxy/pmgproxy.log`.

With that description it's hard to know where the limit was hit.

It could be a bug in our stack - but we need more information to verify this
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!