Login dialog poping-up in loop since cluster creation

B

beuc

New Member
Mar 29, 2012
7
0
1
Hi,

I installed PM2-rc1 from the Debian repository.
Everything works when I install the nodes independently.
When I created the cluster on joined the 2 nodes, I now get a login popup in loop on the web-interface:
- when I try to login to the slave
- when I try to access slave elements from the master
The authentication works otherwise well on the master (one login and then no more show up).

Surprisingly syslog tells me everything is OK:
Code: 
Mar 29 18:31:04 proxmox01-prd pvedaemon[12133]: <root@pam> successful auth for user 'root@pam'

Firebug shows that POST on /api2/extjs/access/ticket returns 200 with a success=1 message.
I get a "401 permission denied - invalid ticket" when accessing the slave page.

What's wrong?
Any tips for debugging? :)

Code: 
# pveversion -v
pve-manager: 2.0-45 (pve-manager/2.0/8c846a7b)
running kernel: 3.1.2-4-amd64-kvm-proxmox-snoop
pve-kernel-2.6.32-10-pve: 2.6.32-63
lvm2: 2.02.88-2pve2
clvm: 2.02.88-2pve2
corosync-pve: 1.4.1-1
openais-pve: 1.1.4-2
libqb: 0.10.1-2
redhat-cluster-pve: 3.1.8-3
resource-agents-pve: 3.9.2-3
fence-agents-pve: 3.1.7-1
pve-cluster: 1.0-25
qemu-server: 2.0-28
pve-firmware: 1.0-15
libpve-common-perl: 1.0-21
libpve-access-control: 1.0-17
libpve-storage-perl: 2.0-15
vncterm: 1.0-2
vzctl: not correctly installed
vzprocps: not correctly installed
vzquota: not correctly installed
 
Udo: I saw the other thread about inaccurate time and checked : both servers are synchronized using NTP and show a correct time. I forgot to mention it when posting :)

Tom: I'm currently installing this for a bank internal hosting within an security-audited environment. It is not possible to run the (non-audited) Proxmox ISO or kernel (btw the proxmox kernel doesn't seem to support the network card, even with the firmware installed). The base system is a Debian Squeeze though, I believe it should work. The same environment ran Proxmox 1.0 correctly.
 
beuc said:
Udo: I saw the other thread about inaccurate time and checked : both servers are synchronized using NTP and show a correct time. I forgot to mention it when posting :)

Tom: I'm currently installing this for a bank internal hosting within an security-audited environment. It is not possible to run the (non-audited) Proxmox ISO or kernel (btw the proxmox kernel doesn't seem to support the network card, even with the firmware installed). The base system is a Debian Squeeze though, I believe it should work. The same environment ran Proxmox 1.0 correctly.
Click to expand...

So the bank does not allow to run a default distribution used and tested by a lot of users - (btw, the kernel is based on RHEL62)? But allows to install a fully unsupported mix of Debian and Proxmox packages?

Sounds very funny to me as its by guarantee a system with ongoing issues.

If you have issues with the hardware support with our kernel, report it in a new thread.
 
Hi Tom.

I share your feeling about being restricted by security audit considerations, but as you can imagine this is a global decision that affects all hosting units in the banking group. It has its pros and its cons, so far it works for our few hundreds of servers, and such restrictions are common place in big enterprises. I don't intend to debate over this because I wouldn't be able change this situation.

I hope though that we can find a way to diagnose what is triggering this loop. I have a deep understanding of my system environment and decent programming skills, so it sounds possible to me, but I'll need help e.g. with how to debug the 17,000-lines javascript GUI ;)
 
beuc said:
I hope though that we can find a way to diagnose what is triggering this loop.
Click to expand...

I assume cluster communication work well? So you should have the same /etc/pve/authkey.pub on both nodes. Check with:

node1# md5sum /etc/pve/authkey.pub
node2# md5sum /etc/pve/authkey.pub

And please check system time again.
 
Hi dietmar,

The md5sum is identical on both nodes.
The time is the same on both nodes.

Do you have techniques to debug ext4js ?
 
Hi,
I've got same symptoms that the first post of the thread.

I've just updated a fresh install of proxmox 2.0 to 2.2. After that, i could login on web interface. This node was not part of cluster at this point.

So i join this node to my cluster (3 others nodes with promox 2.0), but pvecm status show error "cman not running", i go to the web interface, i click on services/cman start but this do nothing. I decided to force join with pvcem add MASTER-IP -force. The new node join the cluster, but i lost the config of one CT which was running on this new node. I resend the CT config to see my CT listed again on web interface. But if i can see it, i can't do nothing with it because i get always the login box appear with message "Permission denied : Invalid ticket (401)".

To resume i have this login box loop problem :
- when i try to login to web interface of the new node directly
- when i try to access sub-elements of this new node via the web interface on the master

md5sum /etc/pve/authkey.pub are same, dates seems ok as well, i can't find nothing in log files.

So is it possible to have cluster with proxmox 2.2 and 2.0 version ?
Or any idea about this ?

pveversion -v (new node)
Code: 
pve-manager: 2.2-32 (pve-manager/2.2/3089a616)
running kernel: 2.6.32-17-pve
proxmox-ve-2.6.32: 2.2-83
pve-kernel-2.6.32-11-pve: 2.6.32-66
pve-kernel-2.6.32-17-pve: 2.6.32-83
lvm2: 2.02.95-1pve2
clvm: 2.02.95-1pve2
corosync-pve: 1.4.4-1
openais-pve: 1.1.4-2
libqb: 0.10.1-2
redhat-cluster-pve: 3.1.93-2
resource-agents-pve: 3.9.2-3
fence-agents-pve: 3.1.9-1
pve-cluster: 1.0-34
qemu-server: 2.0-72
pve-firmware: 1.0-21
libpve-common-perl: 1.0-41
libpve-access-control: 1.0-25
libpve-storage-perl: 2.0-36
vncterm: 1.0-3
vzctl: 4.0-1pve2
vzprocps: 2.0.11-2
vzquota: 3.1-1
pve-qemu-kvm: 1.3-10
ksm-control-daemon: 1.1-1

pveversion -v (master)
Code: 
pve-manager: 2.2-32 (pve-manager/2.2/3089a616)
running kernel: 2.6.32-17-pve
proxmox-ve-2.6.32: 2.2-83
pve-kernel-2.6.32-11-pve: 2.6.32-66
pve-kernel-2.6.32-17-pve: 2.6.32-83
lvm2: 2.02.95-1pve2
clvm: 2.02.95-1pve2
corosync-pve: 1.4.4-1
openais-pve: 1.1.4-2
libqb: 0.10.1-2
redhat-cluster-pve: 3.1.93-2
resource-agents-pve: 3.9.2-3
fence-agents-pve: 3.1.9-1
pve-cluster: 1.0-34
qemu-server: 2.0-72
pve-firmware: 1.0-21
libpve-common-perl: 1.0-41
libpve-access-control: 1.0-25
libpve-storage-perl: 2.0-36
vncterm: 1.0-3
vzctl: 4.0-1pve2
vzprocps: 2.0.11-2
vzquota: 3.1-1
pve-qemu-kvm: 1.3-10
ksm-control-daemon: 1.1-1


EDIT : Finaly a simple reboot of the node solved the problem.
 
Last edited:
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back