question

JanNuaman-2253 avatar image
0 Votes"
JanNuaman-2253 asked vipullag-MSFT answered

SAP HANA Cluster on Suse with Pacemaker

Hi Experts,
I am doing setup for pacemaker cluster for SAP HANA using this article: https://docs.microsoft.com/en-us/azure/virtual-machines/workloads/sap/high-availability-guide-suse-pacemaker#install-the-cluster

Step 13. [2] Add the node to the cluster.
Is failing, as it ask for root user password, instead of using ssh key generated earlier in the steps.

As we all know, there is no root password in Azure Linux VM.

Would you mind testing the steps and advice what is wrong.

I am really fade up reading and going over this article.

Thanks,

azure-sap
· 2
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

vipullag-MSFT avatar image vipullag-MSFT ·

@JanNuaman-2253

Based on the details shared, looks like the ssh keys exchange was perhaps not done properly at the previous step.

Can you confirm if you are able to ssh from vm1 to vm2 and ssh from vm2 to vm1 successfully (without being prompted for a password)?

0 Votes 0 ·
JanNuaman-2253 avatar image JanNuaman-2253 ·

@vipullag-MSFT I tried ssh to node 1 from node2 and from node 2 to 1, it asked me to provide my password in both trys.

Output:
ssh az-hana02
The authenticity of the host az-hana-02 (10.114.4.5) can't be established.
ECDSA key fingerprint is SHA256:iRvN6etc.

Are you sure you want to continue connecting (yes, no)? Yes
Warning: Permanent added 'az-hana-02,10.114.4.5 (ECDSA) to the list of unknown hosts.
root@az-hana-02's password:
And here, there is no root account password on azure.

Both nodes use account azroot, I sign to both nodes using azure bastion and azroot with the password, so, I didn't find it strange.

What is your opinion?

Would you mind advising how to troubleshoot ssh keys?

0 Votes 0 ·

1 Answer

vipullag-MSFT avatar image
0 Votes"
vipullag-MSFT answered

@JanNuaman-2253

Apologies in delayed response on this.

Exchange of keys procedure described in Step 6, 7 and 8 in document needs to be performed using root user.
You need to sudo its user to root and perform steps described in the doc.

Once the exchange of keys is fixed, cluster won’t prompt for password when joining the node.

Node 1- Step 6:

194541-image.png

Node 2- Step 7:

Copy content from /root/.ssh/id_rsa.pub from NODE 1 to /root/.ssh/authorized_keys in NODE2.

194478-image.png


Node 1- Step 8:

Copy content from /root/.ssh/id_rsa.pub from NODE 2 to /root/.ssh/authorized_keys in NODE1.

194542-image.png

Verification: Perform ssh to Node 2. It won’t ask any password.

194532-image.png


Hope that helps.
Please 'Accept as answer' if it helped, so that it can help others in the community looking for help on similar topics.


image.png (131.1 KiB)
image.png (49.2 KiB)
image.png (2.8 KiB)
image.png (36.6 KiB)
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.