I have had this working before with PM 1.8 servers, and we are just completing updating to PM 3.1. We have two data centers, each with about 3-4 PM servers in there. I want to be able to have all servers as part of the one cluster. Right now we can do this within the data centers with ease. But when attempting to attach servers between data centers, we are running into trouble.
The data centers each have their own local subnet and we are using IPSEC VPN to connect them together. Each subnet can freely see devices on the other subnet (and vice versa). There isn't any known issues with MULTICAST as ifconfig is reporting each network as MULTICAST compatible. This would be further supported by the fact that we have had this working before.
When we attach a node to the cluster, we get quorum issues. It basically times out waiting for quorum. I think I may have found the issues here. It would seem that the problem is due to SSL keys not being correctly copied between hosts. I managed to verify this by attempting a SSH as root from one PM host to another in a different data center, and it requested a password. I would expect that if the keys were correctly copied it would not do this, and therefore I'm assuming that this may be the core issue. I can manually fix this by just copying the keys over and setting them as authorized.
But what I'm not sure is whether this has to be done on ALL PM hosts in the cluster, or does it only need to be done on the device that you identify as the IP address of the cluster to connect to, when you do a pvecm add <IPADDRESS>?
Or am I missing something fundamental here as well?
Myles
The data centers each have their own local subnet and we are using IPSEC VPN to connect them together. Each subnet can freely see devices on the other subnet (and vice versa). There isn't any known issues with MULTICAST as ifconfig is reporting each network as MULTICAST compatible. This would be further supported by the fact that we have had this working before.
When we attach a node to the cluster, we get quorum issues. It basically times out waiting for quorum. I think I may have found the issues here. It would seem that the problem is due to SSL keys not being correctly copied between hosts. I managed to verify this by attempting a SSH as root from one PM host to another in a different data center, and it requested a password. I would expect that if the keys were correctly copied it would not do this, and therefore I'm assuming that this may be the core issue. I can manually fix this by just copying the keys over and setting them as authorized.
But what I'm not sure is whether this has to be done on ALL PM hosts in the cluster, or does it only need to be done on the device that you identify as the IP address of the cluster to connect to, when you do a pvecm add <IPADDRESS>?
Or am I missing something fundamental here as well?
Myles