Failover validation

Business solution to host your own OpenVPN server with web management interface and bundled clients.
Post Reply
undejj
OpenVpn Newbie
Posts: 5
Joined: Mon Sep 12, 2011 12:49 pm

Failover validation

Post by undejj » Mon Sep 12, 2011 1:14 pm

I have two servers setup with OVPNAS. I went through the procedures to setup one server as the primary node and the other as the secondary node. However, when I attempt to Validate, the validation step fails. The LAN Model, Primary Node License and Secondary Node License are all returned as GOOD. Under Connectivity, here is a copy of the error:

Code: Select all

ERROR: 'COPY_SECONDARY: error copying test file from primary_node_ip to secondary_node_ip: Upon execvpe /usr/bin/rsync [\'rsync\', \'--timeout\', \'60\', \'--rsh=/usr/bin/ssh -p 22\', \'-z\', \'/usr/local/openvpn_as/etc/tmp/tmpgtVpvQ\', \'root@secondary_node_ip:/usr/local/openvpn_as/etc/tmp/fct-YghaQZqU7tHB.tmp\'] in environment id 41862112\r\n:Traceback (most recent call last):\r\n File "/usr/local/openvpn_as/lib/python2.6/site-packages/Twisted-9.0.0-py2.6-linux-x86_64.egg/twisted/internet/process.py", line 396, in _fork\r\n executable, args, environment)\r\n File "build/bdist.linux-x86_64/egg/pyovpn/svc/twprocess.py", line 173, in _execChild\r\n File "/usr/local/openvpn_as/lib/python2.6/os.py", line 353, in execvpe\r\n _execvpe(file, args, env)\r\n File "/usr/local/openvpn_as/lib/python2.6/os.py", line 368, in _execvpe\r\n func(file, *argrest)\r\nOSError: [Errno 2] No such file or directory\r\n': internet/defer:102,ssh/foctest:76,ssh/foctest:45 (pyovpn.ssh.foctest.Error)
How best to begin resolving this error to get Failover up and running successfully?

eappelboom
OpenVpn Newbie
Posts: 1
Joined: Tue Jul 26, 2011 12:54 am

Re: Failover validation

Post by eappelboom » Fri Sep 23, 2011 7:38 am

Hi I have the same error 1.8.3 build 122
Did you manage to resolve?

shecky
OpenVpn Newbie
Posts: 3
Joined: Fri Sep 30, 2011 3:04 am

Re: Failover validation

Post by shecky » Fri Sep 30, 2011 3:07 am

Similar problem here, but older version. 1.7.1.

ERROR: Primary node was unable to copy a file to secondary via rsync.

User avatar
swg0101
OpenVPN User
Posts: 23
Joined: Fri Sep 23, 2011 7:03 am

Re: Failover validation

Post by swg0101 » Fri Sep 30, 2011 7:30 am

Can you try going into the shell and executing this command?
apt-get install rsync
Good luck. :)
--- Sorry, I probably can't help you, so you can stop asking now... ;)

shecky
OpenVpn Newbie
Posts: 3
Joined: Fri Sep 30, 2011 3:04 am

Re: Failover validation

Post by shecky » Fri Sep 30, 2011 4:24 pm

Running an Ubuntu server and verified rsync is installed. I have not setup an rsyncd.conf file; not sure it's needed. :?:

I was able to get past the error posted above by giving my 'failover' user full access to db_push folder:

Code: Select all

drwxrwxr-x 2 ovpnvip    ovpnvip    4096 2011-09-30 10:52 db_push
I have also successfully tested an rsync command between primary and secondary node, but still receive errors when validating failover setup:

Code: Select all

sudo rsync --dry-run -avv -e ssh /usr/local/openvpn_as/etc/tmp/tmpPwthw ovpnvip@10.49.65.31:/usr/local/openvpn_as/etc/db_push/

ovpnvip@10.49.65.31's password: 
sending incremental file list
rsync: link_stat "/usr/local/openvpn_as/etc/tmp/tmpPwthw" failed: No such file or directory (2)
delta-transmission enabled
total: matches=0  hash_hits=0  false_alarms=0 data=0

sent 12 bytes  received 12 bytes  2.29 bytes/sec
total size is 0  speedup is 0.00 (DRY RUN)
rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1060) [sender=3.0.7]
I now get the following error (permissions issue):

Code: Select all

2011-09-30 11:16:38-0500 [-] PrepStandby error: failed to start standby openvpnas daemon on 10.49.65.31 (1, '[err=1] out=[] err=[]')
An earlier code indicates that I still have permission problems:

Code: Select all

2011-09-30 11:18:37-0500 [-] rsync: mkstemp "/usr/local/openvpn_as/etc/tmp/.fct-j4HecV07QcZ4.tmp.U8SMaW" failed: Permission denied (13)
2011-09-30 11:18:37-0500 [-] rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1060) [sender=3.0.7]
On secondary node there are 3 file in db_push folder:

Code: Select all

ovpnvip@linux-ovpn2:~$ ls -l /usr/local/openvpn_as/etc/db_push/
total 44
-rw------- 1 ovpnvip root 18025 2011-09-30 10:52 certs.db.dump
-rw------- 1 ovpnvip root 15877 2011-09-30 10:52 config.db.dump
-rw------- 1 ovpnvip root  6232 2011-09-30 10:52 user_prop.db.dump
Would server licenses cause problems? I have 10 concurrent on primary, but default 2 on secondary (for now).

shecky
OpenVpn Newbie
Posts: 3
Joined: Fri Sep 30, 2011 3:04 am

Re: Failover validation

Post by shecky » Fri Sep 30, 2011 5:39 pm

Problem solved, but probably not the best solution.
  • I added my 'failover' user to the root group on primary and secondary nodes (not ideal).
    I gave read & write access to root group for db_push and tmp folders on primary and secondary nodes.

    Code: Select all

    sudo ls -l /usr/local/openvpn_as/etc/
    total 56
    -rw-r--r-- 1 root       root       2998 2011-05-04 13:19 as.conf
    -rw-r--r-- 1 root       root       2979 2011-03-11 16:15 as_templ.conf
    drwxr-xr-x 2 root       root       4096 2011-05-04 13:12 backup
    -rw-r--r-- 1 root       root       1890 2011-05-04 13:19 config.json
    -rw-r--r-- 1 root       root       1623 2011-03-11 16:15 config_templ.json
    drwxr-xr-x 2 root       root       4096 2011-09-30 12:24 db
    drwxrwxr-x 2 root       root       4096 2011-09-30 12:28 db_push
    drwxr-xr-x 2 root       root       4096 2011-05-04 13:13 exe
    drwxr-xr-x 2 openvpn_as openvpn_as 4096 2011-08-24 15:35 licenses
    drwxr-xr-x 2 root       root       4096 2011-09-30 12:10 sock
    drwxrwxr-x 2 root       root       4096 2011-09-30 12:23 tmp
    drwxr-xr-x 2 root       root       4096 2011-04-03 13:57 upgrade-flags
    -rw-r--r-- 1 root       root         24 2011-03-11 16:15 VERSION
    drwxr-xr-x 2 root       root       4096 2011-05-04 13:19 web-ssl
    
My failover user is the service account configured in OpenVPN for rsync via SSH.

I will test reconfiguration of db_push and tmp folders using ovpnvip group so I can remove that user from root group. Will post results.

sthenral
OpenVpn Newbie
Posts: 2
Joined: Wed Sep 11, 2013 10:50 pm

Re: Failover validation

Post by sthenral » Wed Sep 11, 2013 10:55 pm

I am getting the below error while validating the Failover settings. any advice....

FailoverConnectivityTest: COPY_PRIMARY: error copying test file from 10.x.x.2 to 10.x.x.1: [err=255] root@10.x.x.1's password: : internet/defer:102,ssh/foctest:97,ssh/foctest:45 (pyovpn.ssh.foctest.Error)

Thanks,
ThenralMani

9krystian
OpenVpn Newbie
Posts: 5
Joined: Wed May 17, 2017 11:24 am

Re: Failover validation

Post by 9krystian » Fri May 19, 2017 1:38 pm

How did you solve below problem? I have the same error on both nodes every 30sec

I now get the following error (permissions issue):

Code: Select all

2011-09-30 11:16:38-0500 [-] PrepStandby error: failed to start standby openvpnas daemon on 10.49.65.31 (1, '[err=1] out=[] err=[]')

Post Reply