Oracle Linux: PaceMaker Cluster Fails To Authorize: "Error: Unable to communicate with <node>"

(Doc ID 2393647.1)

Last updated on MAY 18, 2018

Applies to:

Linux OS - Version Oracle Linux 7.4 with Unbreakable Enterprise Kerne [4.1.12] and later
Linux x86-64

Symptoms

Configuring a PaceMaker cluster fails because the authorization does not complete.  The firewalld ports had been opened and authorization continued to fail.  Authorization still failed with the firewall disabled.

$ sudo pcs cluster auth node1 node2
Username: hacluster
Password:
Error: Operation timed out
node1: Authorized
Error: Unable to communicate with node2

 

Node2 responds to ping(1) attempts and nc(1) can connect to host2 port 2224.  Connection to the authorization still fails by timing out:

$ unset http_proxy
$ unset https_proxy
$ curl --insecure https://node2:2224/remote/check_auth

curl: (28) Operation timed out after 300363 milliseconds with 0 out of 0 bytes received

 

# unset http_proxy
# unset https_proxy
# curl --insecure https://node2:2224/remote/check_auth
{"notauthorized":"true"}


Changes

 This is a new deployment of a two-node Corosync/Pacemaker cluster.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms