Restart node from another cluster node

Business solution to host your own OpenVPN server with web management interface and bundled clients.
Post Reply
vlisnyi
OpenVpn Newbie
Posts: 9
Joined: Mon May 16, 2022 1:35 pm

Restart node from another cluster node

Post by vlisnyi » Tue Jul 05, 2022 8:04 pm

Is there any ability to restart cluster node from other node, something like

Code: Select all

/usr/local/openvpn_as/scripts/sacli start
but on another node of the cluster.

Also is there any command which can be executed on the node and show that "Restart pending on this Node".

vlisnyi
OpenVpn Newbie
Posts: 9
Joined: Mon May 16, 2022 1:35 pm

Re: Restart node from another cluster node

Post by vlisnyi » Thu Jul 07, 2022 12:47 pm

OpenVPN support helped me with this. Below you can find a needed solution.

Below is an example that was just tested in my Cluster with 2 Nodes:
+ Make sure that ""xmlrpc.relay_level" is set to 2 on the Destination Server:

Code: Select all

sudo su
cd /usr/local/openvpn_as/scripts
./sacli --key "xmlrpc.relay_level" --value 2 ConfigPut
./sacli start
+ Then run the below command from the Source Node to the Destination Node:

Code: Select all

curl -k -X POST -d '<?xml version="1.0"?><methodCall><methodName>RunStart</methodName><params><param><value><string>warm</string></value></param><param><value><nil/></value></param></params></methodCall>' https://openvpn:openpass@12.12.12.12/RPC2/
Where:

Source Node: The Node where you run the command
Destination Node: The Node where you want to apply the command

openvpn = Admin User on Destination Node
openpass = Admin Password on Destination Node
12.12.12.12 = Destination Node Access Server IP

The above command will run "./sacli start" on the Destination Node from the Source Node

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 1042
Joined: Tue Feb 16, 2021 10:41 am

Re: Restart node from another cluster node

Post by openvpn_inc » Thu Jul 07, 2022 2:18 pm

Hi vlisnyi,

Thanks for this. I was not sure. But I can give you another way to do the same thing.

If the other node is running sshd, and that node's sshd is reachable from the first node, and assuming ssh as root is not prohibited:

Code: Select all

ssh root@second.example /usr/local/openvpn_as/scripts/sacli start
Note that in Access Server version 2.10 and later, the path is not needed; the "sacli" script is in the $PATH for the root user.

This can of course be secured in various ways, but that's the core of it.

regards, rob0
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

Post Reply