Hi
I had to update the hostnames for all my nodes (4 server cluster)
Everything was working fine up until this point then the client decided they wanted the hostnames changed which I did by editing /etc/hostname andupdating /etc/hosts and rebooted
I had to run
service pve-cluster restart
as I couldn't login as all the /etc/pve/local/pve-ssl.key didnt exist and needed regenerating
Now the cluster can't seem to talk to any other nodes and I don't know how to update these certificates.
This is what I see in daemon.log
Mar 21 13:38:59 host-vm01 pveproxy[4160]: Could not verify remote node certificate 'F3:66:34:29:6C:B0:15:B5:F1:F0:97
3:9E:A8:89:9B:13:3E:50:71:22:F2:57:2C:29:B2:FD:5BB:73:05:C1' with list of pinned certificates, refreshing cache
Mar 21 13:39:08 host-vm01 pveproxy[4161]: Could not verify remote node certificate 'F3:66:34:29:6C:B0:15:B5:F1:F0:973:9E:A8:89:9B:13:3E:50:71:22:F2:57:2C:29:B2:FD:5BB:73:05:C1' with list of pinned certificates, refreshing cache
Mar 21 13:39:42 host-vm01 pveproxy[4159]: Could not verify remote node certificate 'F3:66:34:29:6C:B0:15:B5:F1:F0:973:9E:A8:89:9B:13:3E:50:71:22:F2:57:2C:29:B2:FD:5BB:73:05:C1' with list of pinned certificates, refreshing cache
Mar 21 13:39:45 host-vm01 pvestatd[2368]: status update time (600.041 seconds)
etc etc
root@host-vm01:/var/log# pvecm status
Quorum information
Date: Tue Mar 21 13:40:25 2017
Quorum provider: corosync_votequorum
Nodes: 4
Node ID: 0x00000001
Ring ID: 1/76
Quorate: Yes
Votequorum information
Expected votes: 4
Highest expected: 4
Total votes: 4
Quorum: 3
Flags: Quorate
Membership information
Nodeid Votes Name
0x00000001 1 172.16.60.1 (local)
0x00000002 1 172.16.60.2
0x00000003 1 172.16.60.3
0x00000004 1 172.16.60.4
How do I go about updating my certificates on all the nodes?
I had to update the hostnames for all my nodes (4 server cluster)
Everything was working fine up until this point then the client decided they wanted the hostnames changed which I did by editing /etc/hostname andupdating /etc/hosts and rebooted
I had to run
service pve-cluster restart
as I couldn't login as all the /etc/pve/local/pve-ssl.key didnt exist and needed regenerating
Now the cluster can't seem to talk to any other nodes and I don't know how to update these certificates.
This is what I see in daemon.log
Mar 21 13:38:59 host-vm01 pveproxy[4160]: Could not verify remote node certificate 'F3:66:34:29:6C:B0:15:B5:F1:F0:97
3:9E:A8:89:9B:13:3E:50:71:22:F2:57:2C:29:B2:FD:5BB:73:05:C1' with list of pinned certificates, refreshing cacheMar 21 13:39:08 host-vm01 pveproxy[4161]: Could not verify remote node certificate 'F3:66:34:29:6C:B0:15:B5:F1:F0:97
3:9E:A8:89:9B:13:3E:50:71:22:F2:57:2C:29:B2:FD:5BB:73:05:C1' with list of pinned certificates, refreshing cacheMar 21 13:39:42 host-vm01 pveproxy[4159]: Could not verify remote node certificate 'F3:66:34:29:6C:B0:15:B5:F1:F0:97
3:9E:A8:89:9B:13:3E:50:71:22:F2:57:2C:29:B2:FD:5BB:73:05:C1' with list of pinned certificates, refreshing cacheMar 21 13:39:45 host-vm01 pvestatd[2368]: status update time (600.041 seconds)
etc etc
root@host-vm01:/var/log# pvecm status
Quorum information
Date: Tue Mar 21 13:40:25 2017
Quorum provider: corosync_votequorum
Nodes: 4
Node ID: 0x00000001
Ring ID: 1/76
Quorate: Yes
Votequorum information
Expected votes: 4
Highest expected: 4
Total votes: 4
Quorum: 3
Flags: Quorate
Membership information
Nodeid Votes Name
0x00000001 1 172.16.60.1 (local)
0x00000002 1 172.16.60.2
0x00000003 1 172.16.60.3
0x00000004 1 172.16.60.4
How do I go about updating my certificates on all the nodes?