Basic two host replication scenario, SSL failure
Ivan Lezhnjov Jr.
ivan.lezhnjov.jr at gmail.com
Mon Jul 11 10:20:16 EDT 2011
On Mon, Jul 11, 2011 at 3:47 PM, Bron Gondwana <brong at fastmail.fm> wrote:
>> Jul 11 11:21:14 imapsite-master syncserver[14019]: SSL_accept() timed
>> out -> fail
>> Jul 11 11:21:14 imapsite-master syncserver[14019]: STARTTLS failed:
>> imapsite-replica [10.10.0.188]
>
> Sounds like broken authentication.
>
>> ============================== B switched to master
>>
>> Jul 11 11:33:45 imapsite-replica sync_client[29199]: couldn't
>> authenticate to backend server: no mechanism available
>> Jul 11 11:33:45 imapsite-replica sync_client[29479]: couldn't
>> authenticate to backend server: no mechanism available
>
> And that's definitely broken authentication or different
> configurations.
>
>> > Yeah, of course. You're doing it wrong[tm]. In theory the sync system
>> > can recover from an accidental split brain like this, but it's not
>> > ideal.
>>
>> I'd be happy to learn what I'm doing exactly wrong :)
>
> Changing stuff under the cyrus instances by rsyncing stuff around.
I really want to make this clear. I didn't rsync anything in all of
this examples today. Forget it, that was just an experiment out of
desperation of sorts.
Nothing in these outputs shown, attached to the messages is affected
by rsync, okay? :)
> And it looks like not having the same authentication details or
> configs at each end (modulo the bits that actually start and stop
> the sync_client).
I've sent the configs for both hosts in a previous message, they look
OK to me. Is there anything wrong with them?
I've tried to pass -p 1 explicitly in the A switched to replica's
cyrus.conf, like this:
syncserver cmd="/usr/lib/cyrus-imapd/sync_server -p 1" listen="csync"
Didn't change a thing. Incidentally, that strace output looks alright
to me too, but I'm still bad at interpreting the ouput of strace yet
:)
More information about the Info-cyrus
mailing list