This post is more than 5 years old
2 Intern
•
522 Posts
0
2023
July 19th, 2016 09:00
Could not switch to cluster mode on upgrade. Failed loading the security module
Hello,
Has anyone gotten the failure above doing an upgrade of a ScaleIO cluster? We are going from 2.0.0.0 to 2.0.0.1 and the query and upload phases complete fine, but during the install process it throws an error about the security module failing to load. I can switch cluster modes manually so not sure what this is looking for and the logs are somewhat vague as is the upgrade process since the guides only have an upgrade from 1.32.4 or before.
thanks for any insight.
No Events found!
tomer__engineer
155 Posts
0
July 20th, 2016 01:00
Hi,
I have several question:
1. Which OS are you running? (we need to know the exact OS please, inc. minor version, e.g. RHEL6.6)
2. Do you have OpenSSL installed? which exact versions / libraries?
3. Which v2.0.0 version did you have installed? 2.0.5014 / 2.0.5019?
Reason I'm asking is because 2.0.0 was updated to 2.0.5019 that supports SLES11.3 security module for OpenSSL 1.0.1: https://www.suse.com/communities/blog/introducing-the-suse-linux-enterprise-11-security-module/
This is taken from 2.0.0 / 2.0.0.1 RNs:
Documentation Addendum Change in procedure to upgrade ESXi servers to v2.0:
This release introduces a new 2.0 SVM OVA that takes advantage of the SUSE 11 SP 3 OpenSSL package.
To upgrade SVMs with this software, pay attention to the following change:
When performing an upgrade, instead of installing the OpenSSL 1.0.2g package (as directed by the current ScaleIO Deployment Guide), install these packages (from the ISO) on each SVM to be upgraded:
◆ libopenssl1_0_0-1.0.1g-0.40.1.x86_64.rpm
◆ openssl1-1.0.1g-0.40.1.x86_64.rpm
echolaughmk
2 Intern
•
522 Posts
0
July 20th, 2016 06:00
Hi Tomer,
You nailed it. I fixed this last night, by installing the libopenssl on the MDM/TB SVMs and then I was able to get my cluster out of the "frozen" state it was in due to the failed upgrade. I will be retrying the upgrade momentarily. It took me some time to find that snippet in the release notes (and support wasn't aware of it either). The documentation in the deployment guide is rather weak and should have that snippet added to it versus the RN's in my opinion. I asked support to update the guide or send it to techpubs or something. The deployment guide also has no section for upgrading from 2.x to 2.0.x or in-family upgrades....everything is based on upgrading from 1.32.4.
Now I don't know if this will fix my upgrade when I try in a few moments, but it did allow me to get my cluster back online and out of the "frozen" mode.
I was at 2.0.5019 going to 2.0.6035 and I had only installed the openssl library as documented on the SVMs. Once I loaded the libopenssl rpm on the SVMs, I was able to bring it back to a 3 node cluster. I'll update this thread if the upgrade get's past this issue as well.
Thanks for your reply!
-Keith
tomer__engineer
155 Posts
0
July 21st, 2016 03:00
- This section is from the RN Addendum, meaning stuff that did not make it into the docs, since they were already closed, but is important enough to be added as Addendum. So it's not part of the long Known / Fixed issues tables.
- Documentation was already refreshed in 2.0.0.2 release and the upgrade section will state 1.32.4 (or higher) to make it clearer + The upgrade flow for VMware / ESX (SVMs) was corrected so this RN addendum seciton is now in the User guide upgrade section with the correct info.
Cheers!
echolaughmk
2 Intern
•
522 Posts
0
July 21st, 2016 05:00
great info...thanks Tomer!
And to close the thread, this resolved both the frozen cluster issue and the upgrade was redone to success once the library was on all the SVMs.
thank you