集群对等失败、并显示cppeer.psk。cluster-revoked：错误

最后更新
另存为PDF

Views:: 1

Visibility:: Public

Votes:: 0

Category:: ontap-9

Specialty:: dp

Last Updated:

适用场景

ONTAP 9.x
创建集群对等关系
密码套件

问题描述

新创建的集群对等处于不可用状态。

source::> cluster peer show

Peer Cluster Name Cluster Serial Number Availability Authentication

------------------------- --------------------- -------------- --------------

destination 1-80-xxxxxx Unavailable ok

destination::> cluster peer show

Peer Cluster Name Cluster Serial Number Availability Authentication

------------------------- --------------------- -------------- --------------

source 1-80-xxxxxx Unavailable ok

集群对等ping操作可从两个集群的所有节点相互访问。

source::*> cluster peer ping -destination-cluster destination

Node: source_node1 Destination Cluster: destination

Destination Node IP Address Count TTL RTT(ms) Status

---------------- ---------------- ----- ---- ------- -------------------------

destination_node1 10.xx.xx.xx 1 64 0.28 interface_reachable

destination_node2 10.xx.xx.xx 1 64 0.157 interface_reachable

Node: source_node2 Destination Cluster: destination

Destination Node IP Address Count TTL RTT(ms) Status

---------------- ---------------- ----- ---- ------- -------------------------

destination_node1 10.xx.xx.xx 1 64 0.137 interface_reachable

destination_node2 10.xx.xx.xx 1 64 0.189 interface_reachable

4 entries were displayed.

此外、还可以从源集群和目标集群访问端口11104和11105、但未找到任何网络或任何其他连接问题描述。
EMS日志中会显示以下警报：

Thu Apr 24 17:00:04 +0000 [source: cpeer.psk.cluster.revoked:error]: ONTAP received a TLS request to authenticate with the pre-shared key of remote cluster destination, but the relationship with the remote cluster has been revoked by the administrator of this cluster. The request was sent from address 10.xx.xx.xx in IPspace Default.

Thu Apr 24 17:00:06 +0000 [source: cpeer.psk.unknown.cluster:error]: ONTAP received a TLS request to authenticate with a remote cluster's pre-shared key, but the remote cluster UUID (36beed9a-6c84-11ec-868b-xxxxxxxxx) is unrecognized. The probe arrived from address 10.xx.xx.xx in IPspace Default.

Thu Apr 24 17:00:09 +0000 [source: cpeer.unavailable:alert]: Peer cluster destination is no longer available.

此外、EMS还会显示Ktls握手失败警报

Thu Apr 24 17:00:33 +0000 [source: ktls_handshakes: csm.connectionFailed:debug]: CSM failed to create a connection: localBladeUUID = source:dblade, remoteBladeUUID = 690257a8-xxx, uniquifier = 0e063389xxxxx, transportType = UNASSIGNED, sessionTag = CPEER, localVifId = 1028, remoteVifIP = 10.xx.xx.xx, CsmError = CSM_CONNABORTED, ctLoError = CTLO_ERR_UNKNOWN, socketError = 5, and TLSerror = 167772345.

Thu Apr 24 17:00:33 +0000 [stnpa3-02-st103: ktls_handshakes: csm.createSessionFailed:debug]: Cluster Session Manager (CSM) failed to create session (req=source:dblade, rsp=690257a8-ad3a-11eb-ad83-xxxxxxx, uniquifier=0e0633892xxxxxx) with transport type UNASSIGNED, session tag CPEER, record state STARTING, CSM error CSM_CONNABORTED, low-level error CTLO_ERR_OK, socket error 5, and TLS error 167772345.