Quantcast
Channel: Apache Timeline
Viewing all articles
Browse latest Browse all 5648

SASL mechanism issue with HA

April 11, 2014, 10:24 am
$
0
0
Hi,
I have an active-passive HA setup currently configured without any
authentication (auth=no) and allow all in the ACL and things work as
expected.
However, when I enable authentication and configure ACL, I find the
following error messages from the C++ broker.
I was wondering if I am missing something or if my configuration is
incorrect.

===error message ===
Apr 11 11:53:09 guest-3 qpidd[26319]: No worthy mechs found
Apr 11 11:53:09 guest-3 qpidd[26319]: 2014-04-11 11:53:09 [HA] info
Checking status of amqp:tcp:192.168.10.194:5672: internal-error: Sasl
error: SASL(-4): no mechanism available: No worthy mechs found
(qpid/SaslFactory.cpp:280)

===configuration===
i) Qpid version: 0.18

ii) Qpid configuration (/etc/qpidd.conf)
acl-file=/etc/qpid/qpidd.acl
auth=yes
realm=QPID
load-module=/usr/lib64/qpid/daemon/acl.so
load-module=/usr/lib64/qpid/daemon/ssl.so
load-module=/usr/lib64/qpid/daemon/ha.so
no-data-dir=yes
log-to-stderr=no
log-enable=debug+:HA
log-to-syslog=yes
ha-cluster=yes
ha-brokers-url=192.168.10.194
ha-public-url=192.168.10.195
ha-replicate=all
ha-queue-replication=yes
ha-username=test
ha-password=test
ha-mechanism=PLAIN

iii) ACL file (/etc/qpid/qpidd.acl)
acl allow test [ at ] QPID all all

iv) SASL config file (/etc/sasl2/qpidd.conf)
pwcheck_method: auxprop
auxprop_plugin: sasldb
sasldb_path: /var/lib/qpidd/qpidd.sasldb
#mech_list: ANONYMOUS DIGEST-MD5 EXTERNAL PLAIN
mech_list: PLAIN

v) user entry in sasldb
# saslpasswd2 -f /var/lib/qpidd/qpidd.sasldb -u QPID test
# sasldblistusers2 -f /var/lib/qpidd/qpidd.sasldb
test [ at ] QPID: userPassword

vi) permissions/ownership of sasldb (/var/lib/qpidd/qpidd.sasldb)
-rw-------. 1 qpidd qpidd 12288 Apr 10 18:26 /var/lib/qpidd/qpidd.sasldb

===complete log ====
Apr 11 13:20:37 guest-1 kernel: DLM (built Aug 28 2013 17:20:52) installed
Apr 11 13:20:37 guest-1 corosync[28310]: [MAIN ] Corosync Cluster
Engine ('1.4.1'): started and ready to provide service.
Apr 11 13:20:37 guest-1 corosync[28310]: [MAIN ] Corosync built-in
features: nss dbus rdma snmp
Apr 11 13:20:37 guest-1 corosync[28310]: [MAIN ] Successfully read
config from /etc/cluster/cluster.conf
Apr 11 13:20:37 guest-1 corosync[28310]: [MAIN ] Successfully parsed
cman config
Apr 11 13:20:37 guest-1 corosync[28310]: [TOTEM ] Initializing
transport (UDP/IP Multicast).
Apr 11 13:20:37 guest-1 corosync[28310]: [TOTEM ] Initializing
transmit/receive security: libtomcrypt SOBER128/SHA1HMAC (mode 0).
Apr 11 13:20:37 guest-1 corosync[28310]: [TOTEM ] The network
interface [192.168.10.125] is now up.
Apr 11 13:20:37 guest-1 corosync[28310]: [QUORUM] Using quorum
provider quorum_cman
Apr 11 13:20:37 guest-1 corosync[28310]: [SERV ] Service engine
loaded: corosync cluster quorum service v0.1
Apr 11 13:20:37 guest-1 corosync[28310]: [CMAN ] CMAN 3.0.12.1 (built
Dec 9 2013 10:48:35) started
Apr 11 13:20:37 guest-1 corosync[28310]: [SERV ] Service engine
loaded: corosync CMAN membership service 2.90
Apr 11 13:20:37 guest-1 corosync[28310]: [SERV ] Service engine
loaded: openais checkpoint service B.01.01
Apr 11 13:20:37 guest-1 corosync[28310]: [SERV ] Service engine
loaded: corosync extended virtual synchrony service
Apr 11 13:20:37 guest-1 corosync[28310]: [SERV ] Service engine
loaded: corosync configuration service
Apr 11 13:20:37 guest-1 corosync[28310]: [SERV ] Service engine
loaded: corosync cluster closed process group service v1.01
Apr 11 13:20:37 guest-1 corosync[28310]: [SERV ] Service engine
loaded: corosync cluster config database access v1.01
Apr 11 13:20:37 guest-1 corosync[28310]: [SERV ] Service engine
loaded: corosync profile loading service
Apr 11 13:20:37 guest-1 corosync[28310]: [QUORUM] Using quorum
provider quorum_cman
Apr 11 13:20:37 guest-1 corosync[28310]: [SERV ] Service engine
loaded: corosync cluster quorum service v0.1
Apr 11 13:20:37 guest-1 corosync[28310]: [MAIN ] Compatibility mode
set to whitetank. Using V1 and V2 of the synchronization engine.
Apr 11 13:20:37 guest-1 corosync[28310]: [TOTEM ] A processor joined
or left the membership and a new membership was formed.
Apr 11 13:20:37 guest-1 corosync[28310]: [QUORUM] Members[1]: 1
Apr 11 13:20:37 guest-1 corosync[28310]: [QUORUM] Members[1]: 1
Apr 11 13:20:37 guest-1 corosync[28310]: [CPG ] chosen downlist:
sender r(0) ip(192.168.10.125) ; members(old:0 left:0)
Apr 11 13:20:37 guest-1 corosync[28310]: [MAIN ] Completed service
synchronization, ready to provide service.
Apr 11 13:20:41 guest-1 corosync[28310]: [TOTEM ] A processor joined
or left the membership and a new membership was formed.
Apr 11 13:20:41 guest-1 corosync[28310]: [CMAN ] quorum regained,
resuming activity
Apr 11 13:20:41 guest-1 corosync[28310]: [QUORUM] This node is within
the primary component and will provide service.
Apr 11 13:20:41 guest-1 corosync[28310]: [QUORUM] Members[2]: 1 2
Apr 11 13:20:41 guest-1 corosync[28310]: [QUORUM] Members[2]: 1 2
Apr 11 13:20:41 guest-1 corosync[28310]: [CPG ] chosen downlist:
sender r(0) ip(192.168.10.125) ; members(old:1 left:0)
Apr 11 13:20:41 guest-1 corosync[28310]: [MAIN ] Completed service
synchronization, ready to provide service.
Apr 11 13:20:41 guest-1 fenced[28366]: fenced 3.0.12.1 started
Apr 11 13:20:41 guest-1 dlm_controld[28383]: dlm_controld 3.0.12.1 started
Apr 11 13:20:41 guest-1 gfs_controld[28435]: gfs_controld 3.0.12.1 started
Apr 11 13:20:42 guest-1 kernel: dlm: Using TCP for communications
Apr 11 13:20:42 guest-1 modclusterd: startup succeeded
Apr 11 13:20:42 guest-1 ricci: startup succeeded
Apr 11 13:20:44 guest-1 corosync[28310]: [TOTEM ] A processor joined
or left the membership and a new membership was formed.
Apr 11 13:20:44 guest-1 corosync[28310]: [QUORUM] Members[3]: 1 2 3
Apr 11 13:20:44 guest-1 corosync[28310]: [QUORUM] Members[3]: 1 2 3
Apr 11 13:20:44 guest-1 corosync[28310]: [CPG ] chosen downlist:
sender r(0) ip(192.168.10.125) ; members(old:2 left:0)
Apr 11 13:20:44 guest-1 corosync[28310]: [MAIN ] Completed service
synchronization, ready to provide service.
Apr 11 13:20:47 guest-1 fenced[28366]: fencing node guest-3
Apr 11 13:20:47 guest-1 fenced[28366]: fence guest-3 dev 0.0 agent none
result: error no method
Apr 11 13:20:47 guest-1 fenced[28366]: fence guest-3 failed
Apr 11 13:20:50 guest-1 kernel: dlm: connecting to 3
Apr 11 13:20:50 guest-1 kernel: dlm: connecting to 2
Apr 11 13:20:50 guest-1 kernel: dlm: got connection from 3
Apr 11 13:20:50 guest-1 kernel: dlm: got connection from 2
Apr 11 13:20:50 guest-1 rgmanager[28530]: I am node #1
Apr 11 13:20:50 guest-1 rgmanager[28530]: Resource Group Manager Starting
Apr 11 13:20:50 guest-1 rgmanager[28530]: Loading Service Data
Apr 11 13:20:52 guest-1 rgmanager[28530]: Initializing Services
Apr 11 13:20:52 guest-1 rgmanager[29521]: [script] Executing
/etc/init.d/qpidd stop
Apr 11 13:20:52 guest-1 rgmanager[29562]: [script] Executing
/etc/init.d/qpidd stop
Apr 11 13:20:52 guest-1 rgmanager[29610]: [script] Executing
/etc/init.d/qpidd stop
Apr 11 13:20:52 guest-1 rgmanager[29621]: [script] Executing
/etc/init.d/qpidd-primary stop
Apr 11 13:20:52 guest-1 rgmanager[28530]: Services Initialized
Apr 11 13:20:53 guest-1 rgmanager[28530]: State change: Local UP
Apr 11 13:20:53 guest-1 rgmanager[28530]: State change: guest-2 UP
Apr 11 13:20:53 guest-1 rgmanager[28530]: Starting stopped service
service:guest-1-qpidd-service
Apr 11 13:20:53 guest-1 rgmanager[29767]: [script] Executing
/etc/init.d/qpidd start
Apr 11 13:20:53 guest-1 rgmanager[28530]: Marking
service:guest-3-qpidd-service as stopped: Restricted domain unavailable
Apr 11 13:20:53 guest-1 qpidd[29794]: 2014-04-11 13:20:53 [HA] info
Registered replication exchange
Apr 11 13:20:53 guest-1 qpidd[29794]: 2014-04-11 13:20:53 [HA] notice
Broker: Initializing: guest-1:5672(joining)
Apr 11 13:20:53 guest-1 qpidd[29794]: 2014-04-11 13:20:53 [HA] info
Backup: Connecting to cluster, broker URL: amqp:tcp:192.168.10.194:5672
Apr 11 13:20:53 guest-1 qpidd[29794]: 2014-04-11 13:20:53 [HA] info
Broker: Brokers URL set to: amqp:tcp:192.168.10.194:5672
Apr 11 13:20:53 guest-1 qpidd[29794]: 2014-04-11 13:20:53 [HA] info
Broker: Membership: guest-1:5672(joining)
Apr 11 13:20:53 guest-1 qpidd[29794]: 2014-04-11 13:20:53 [HA] info
Replication queue panic overflow disabled
Apr 11 13:20:53 guest-1 rgmanager[28530]: State change: guest-3 UP
Apr 11 13:20:53 guest-1 rgmanager[28530]: Service
service:guest-1-qpidd-service started
Apr 11 13:20:56 guest-1 qpidd[29794]: No worthy mechs found
Apr 11 13:20:56 guest-1 qpidd[29794]: 2014-04-11 13:20:56 [HA] info
Checking status of amqp:tcp:192.168.10.194:5672: internal-error: Sasl
error: SASL(-4): no mechanism available: No worthy mechs found
(qpid/SaslFactory.cpp:280)
Apr 11 13:21:23 guest-1 rgmanager[29854]: [script] Executing
/etc/init.d/qpidd status
Apr 11 13:21:25 guest-1 rgmanager[28530]: Recovering failed service
service:qpidd-primary-service
Apr 11 13:21:25 guest-1 rgmanager[29932]: [ip] Adding IPv4 address
192.168.10.194/24 to eth0
Apr 11 13:21:28 guest-1 rgmanager[30052]: [ip] Adding IPv4 address
192.168.10.195/24 to eth0
Apr 11 13:21:31 guest-1 rgmanager[30129]: [script] Executing
/etc/init.d/qpidd-primary start
Apr 11 13:21:31 guest-1 python: No worthy mechs found
Apr 11 13:21:31 guest-1 rgmanager[30192]: [script] script:qpidd-primary:
start of /etc/init.d/qpidd-primary failed (returned 1)
Apr 11 13:21:31 guest-1 rgmanager[28530]: start on script
"qpidd-primary" returned 1 (generic error)
Apr 11 13:21:32 guest-1 rgmanager[28530]: #68: Failed to start
service:qpidd-primary-service; return value: 1
Apr 11 13:21:32 guest-1 rgmanager[28530]: Stopping service
service:qpidd-primary-service
Apr 11 13:21:32 guest-1 rgmanager[30221]: [script] Executing
/etc/init.d/qpidd-primary stop
Apr 11 13:21:32 guest-1 qpidd[29794]: 2014-04-11 13:21:32 [HA] notice
Broker: Shut down
Apr 11 13:21:32 guest-1 rgmanager[30288]: [ip] Removing IPv4 address
192.168.10.195/24 from eth0
Apr 11 13:21:42 guest-1 rgmanager[30352]: [ip] Removing IPv4 address
192.168.10.194/24 from eth0
Apr 11 13:21:52 guest-1 rgmanager[28530]: Service
service:qpidd-primary-service is recovering
Apr 11 13:21:53 guest-1 rgmanager[30404]: [script] Executing
/etc/init.d/qpidd status
Apr 11 13:21:53 guest-1 rgmanager[30432]: [script] script:qpidd: status
of /etc/init.d/qpidd failed (returned 3)
Apr 11 13:21:53 guest-1 rgmanager[28530]: status on script "qpidd"
returned 1 (generic error)
Apr 11 13:21:53 guest-1 rgmanager[28530]: Stopping service
service:guest-1-qpidd-service
Apr 11 13:21:53 guest-1 rgmanager[30461]: [script] Executing
/etc/init.d/qpidd stop
Apr 11 13:21:53 guest-1 rgmanager[28530]: Service
service:guest-1-qpidd-service is recovering
Apr 11 13:21:53 guest-1 rgmanager[28530]: Recovering failed service
service:guest-1-qpidd-service
Apr 11 13:21:53 guest-1 rgmanager[30504]: [script] Executing
/etc/init.d/qpidd start
Apr 11 13:21:53 guest-1 qpidd[30530]: 2014-04-11 13:21:53 [HA] info
Registered replication exchange
Apr 11 13:21:53 guest-1 qpidd[30530]: 2014-04-11 13:21:53 [HA] notice
Broker: Initializing: guest-1:5672(joining)
Apr 11 13:21:53 guest-1 qpidd[30530]: 2014-04-11 13:21:53 [HA] info
Backup: Connecting to cluster, broker URL: amqp:tcp:192.168.10.194:5672
Apr 11 13:21:53 guest-1 qpidd[30530]: 2014-04-11 13:21:53 [HA] info
Broker: Brokers URL set to: amqp:tcp:192.168.10.194:5672
Apr 11 13:21:53 guest-1 qpidd[30530]: 2014-04-11 13:21:53 [HA] info
Broker: Membership: guest-1:5672(joining)
Apr 11 13:21:53 guest-1 qpidd[30530]: 2014-04-11 13:21:53 [HA] info
Replication queue panic overflow disabled
Apr 11 13:21:53 guest-1 rgmanager[28530]: Service
service:guest-1-qpidd-service started
Apr 11 13:21:56 guest-1 qpidd[30530]: No worthy mechs found
Apr 11 13:21:56 guest-1 qpidd[30530]: 2014-04-11 13:21:56 [HA] info
Checking status of amqp:tcp:192.168.10.194:5672: internal-error: Sasl
error: SASL(-4): no mechanism available: No worthy mechs found
(qpid/SaslFactory.cpp:280)
Apr 11 13:22:23 guest-1 rgmanager[30589]: [script] Executing
/etc/init.d/qpidd status

Any ideas?

Thanks,
--Hari
Search
Viewing all articles
Browse latest Browse all 5648

Trending Articles

RAMAYAMPET Mandal Sarpanch | Upa-Sarpanch | Ward member Mobile Numbers Medak...

May 24, 2017, 2:00 am

लड़कियां सेक्स के दौरान क्यों करती है उह! आह!लड़कियां सेक्स के दौरान क्यों करती...

May 19, 2016, 1:54 am

Neem Baba Extra Questions Answer Class 6 English Poorvi

February 1, 2025, 5:19 am

Throw Back: 4×4 — Sikilitele (Ft Castro) Prod by JQ

March 5, 2015, 8:24 am

Rajasthan Board 10th Result 2016 Roll No wise & Name Wise

August 20, 2016, 5:13 pm

Lowe faces four theft charges

November 14, 2017, 6:52 pm

Practice Sheet of Right form of verbs for HSC Students

September 22, 2019, 11:40 pm

Mafia, Murder & Mayhem In The Motor City: Detroit Mob Hit Timeline (1937-2007)

December 7, 2016, 3:57 pm

The 10 Tennessee Cities With The Largest Black Population For 2021

December 21, 2020, 10:12 am

Materials Around Us Class 6 Worksheet Science Chapter 6

October 3, 2024, 5:20 am

デスクトップ ヒープの枯渇

January 18, 2018, 8:31 pm

Best Suvichar in Hindi |बेस्ट सुविचार |शुभ विचार हिंदी में

March 7, 2020, 11:19 pm

Kanulanu Thaake Lyrics and translation | Manam (2014)

May 9, 2014, 5:45 am

Korean Sex Porn Videos: XXX Videos & Free Porn Movies

May 30, 2025, 9:29 pm

Teen Shot In Miami Drive-By Dies From Injuries

August 8, 2011, 1:16 pm

Download: IQ Muzatasha feat Shy D & Pmj – Ulesi NiFertilizer Yamavuto

March 22, 2018, 7:23 pm

Mahakal Attitude Status

February 29, 2020, 9:52 am

Property developer set up cannabis factory to help pay off debts...

August 3, 2015, 2:29 am

July 11, 2015, 6:15 am

KB: How to troubleshoot issues when adding a Hyper-V host in System Center...

August 14, 2012, 10:05 am
Search