QDevice Setup still harder than necessary :(

M

MrPete

Active Member
Aug 6, 2021
125
62
33
67
I have succeeded in getting a Raspberry Pi QDevice running, but tore out too much hair along the way.
Starting Point
  • Two Proxmox 7.1 nodes in a cluster
  • Brand new Raspberry Pi Zero W (hardwired ethernet)
Issue One: Software not installing
  • Resolution: Keep at it. Retry, reboot, etc. Clean out any partly-installed packages. Try again.
Issue Two: SSH keys
  • I kept getting complaints about SSH keys not working or having been changed
  • Resolution:
    • On every box, ensure /etc/hosts has correct entries for self and others
    • Delete stored keys in ~/.ssh/authorized_keys, ~/.ssh/known_hosts, /etc/ssh/ssh_known_hosts (the last one doesn't exist on Rasp Pi)
    • From each box, ssh to the others. approve connections. It should store keys. Exit and try again. Not done until you can ssh login without password
Issue Three: Stored Certs.
  • Database errors, or cert problems of various kinds
  • Resolution:
    • On the proxmox boxes, rm -r /etc/corosync/qdevice/net/nssdb/
After four days of frustration, it finally worked!
 
hi,

MrPete said:
/etc/ssh/ssh_known_hosts (the last one doesn't exist on Rasp Pi)
Click to expand...
that only exists when you use that box to ssh to somewhere :)

MrPete said:
I kept getting complaints about SSH keys not working or having been changed
Click to expand...
most likely it was an unrelated issue from before?

MrPete said:
From each box, ssh to the others. approve connections. It should store keys. Exit and try again. Not done until you can ssh login without password
Click to expand...
this is true for any PVE cluster. without your nodes being able to SSH to each other as root (no password and no interaction), your cluster won't work correctly.

MrPete said:
On the proxmox boxes, rm -r /etc/corosync/qdevice/net/nssdb/
Click to expand...
or pvecm qdevice remove (should wipe the whole /etc/corosync/qdevice dir)

MrPete said:
On every box, ensure /etc/hosts has correct entries for self and others
Click to expand...
actually not necessary, since you can use the IP address too.

MrPete said:
Raspberry Pi Zero W
Click to expand...
also make sure this is running the latest bullseye version available (to avoid package version conflicts between corosync-qnetd and corosync-qdevice)

but from my short test now, with a cleanly installed cluster and clean install of debian 11, i didn't have any problems setting up the qdevice for the cluster following the instructions on the wiki [0]

only thing that might be worth noting: edit /etc/ssh/sshd_config on your qdevice before the setup to allow PermitRootLogin yes to be able to ssh with a password.

hope this helps!

[0]: https://pve.proxmox.com/pve-docs/chapter-pvecm.html#_qdevice_net_setup
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom