XMLRPC doesn't sync, CARP works

Derelict

The primary has to:

Have firewall rules on the secondary's sync interface for the initial sync to take place
the firewall rules on the sync interface on the primary must allow these same connections on the secondary after the initial sync
The admin interface must be the same credentials (admin/password) and the same port (http/https/customer port if set.)

This all works if it is configured correctly.

nanas3

Thanks @Derelict for the fast reply!

I don't think my configuration is "violating" any of those requirements. I even have everything set to "allow any".

Rules on sync interface on secondary:
alt text

Rules on sync interface on primary:
alt text

I have same username (admin) and port on both nodes WebUI, I'm using the same username to setup the XMLRPC sync section.

JeGr

Have you checked your sync net?
Pinged 192.168.91.252 from 192.168.91.251?
Vice Versa?

nanas3

Hi @JeGr, thanks for the answer. Yes, ping works across both nodes on their sync interfaces. Port test also works.

JeGr

@nanas3 Did you re-check that admin user/pass is correctly entered into the master node and is correct on the standby? But communication error seems more like the standby won't work on http via port 10080.

nanas3

Hi @JeGr yes, but I'll try again. I'll change my admin password on both nodes and see what happens.

I have seen, from others, errors where it indicates that there is something wrong with the username, but not in my case.
Is there a way to know more in detail what XMLRPC is doing because the message seems like a generic one.

Thanks in advance,
Olivia

[update] changing the admin password on both nodes, and putting the new one on the sync section of HA didn't did anything.

JeGr

Huh... Damn.
Did you check the system log on the standby node? Does it say anything in particular?

nanas3

Hi @JeGr, thanks for the reply.

The second system doesn't show anything on the system log > general when I initiate a sync from the primary.

The primary always shows something like:

A communications error occurred while attempting to call XMLRPC method host_firmware_version: @ 2019-06-03 19:13:15
A communications error occurred while attempting to call XMLRPC method host_firmware_version: @ 2019-06-03 19:13:25

It would be nice to know what "host_firmware_version: " means, and why is it empty.

Derelict

It is checking that the firmware versions match before it syncs because that can be bad. Those are logged because it cannot connect.

nanas3

Hi @Derelict, thank you.

Yes, I understand that, but in this case, they are VMs and it doesn't seem to show any data about it, it's like it's empty and because of it it's not syncing.

What I don't get is, how can't it connect to the other node if there is a connection between both nodes on that sync networks which works with ping and port probe, with rules to permit any traffic.
There must be something else that I can try.

Olivia

nanas3

[SOLVED]

OK everyone, this may be "funny" but after checking everything again and again (with reinstalls in between) I noticed that the port channel on the physical switch connecting to one of the ESXi hosts had an MTU of 1500 instead of 9000 like the the rest of the ports, since I had everything set to 9000 (physical switch ports, virtual switches, pfSense NICs (vNICs)) this miss match caused trouble.

Thanks to everyone who helped.

Olivia

Derelict

Glad you found it.