QDevice failed to remove...

D

docbobo

Member
Apr 24, 2019
6
2
8
48
Okay, I just tried to replace a QDevice and got the following when running "pvecm qdevice remove":

Code: 
Host key verification failed.
error during cfs-locked 'file-corosync_conf' operation: command 'ssh -o 'BatchMode=yes' -lroot <ip-address> -- rm -rf /etc/corosync/qdevice' failed: exit code 255

Now my system seems to be in a weird limbo state - executing this again gets me:

Code: 
error during cfs-locked 'file-corosync_conf' operation: No QDevice configured!

But adding a new one results in:

Code: 
pk12util: PKCS12 decode import bags failed: SEC_ERROR_REUSED_ISSUER_AND_SERIAL: You are attempting to import a cert with the same issuer/serial as an existing cert, but that is not the same cert.
command 'ssh -o 'BatchMode=yes' -lroot <ip-address> corosync-qdevice-net-certutil -m -c /etc/pve/qdevice-net-node.p12' failed: exit code 19

Any suggestion how to fix this?
 
Last edited:
Here's the output of pvecm status:

Code: 
Cluster information
-------------------
Name:             proxmox
Config Version:   4
Transport:        knet
Secure auth:      on

Quorum information
------------------
Date:             Wed Jan  6 17:05:28 2021
Quorum provider:  corosync_votequorum
Nodes:            2
Node ID:          0x00000001
Ring ID:          1.30
Quorate:          Yes

Votequorum information
----------------------
Expected votes:   2
Highest expected: 2
Total votes:      2
Quorum:           2
Flags:            Quorate Qdevice

Membership information
----------------------
    Nodeid      Votes    Qdevice Name
0x00000001          1  NA,NV,NMW 192.168.128.202 (local)
0x00000002          1  NA,NV,NMW 192.168.128.201
0x00000000          0            Qdevice (votes 0)
 
Okay, found a backup of corosync.conf that still had the QDevice in it. Reverted to that, executed pvecm qdevice remove again. Success.
 
I'm facing the exact same issue, except I don't have a backup of corosync.conf ...
How can I clear any records of existing certs ?
I've tried "rm /etc/pve/qdevice-net-node.p12" and "rm -r /etc/corosync/qnetd/nssdb" on all nodes including the pi, to no avail...
 
OK fixed. Had to "rm -r /etc/corosync/qdevice/net/nssdb/" on the proxmox nodes. Slightly different path to above. Success
 
  • Like
Reactions: majorgear
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back