Hello, everyone!
Today I'm going to introduce you FI Manager. It helps beginners learn about FI faster.
Applicable Versions
6.5.x
Symptom
1. A user fails to log in to FusionInsight Manager after entering the username and password, and the following error message is displayed:
The credentials you provided cannot be determined to be authentic.
On any node in the cluster, the user can successfully run the following command as user omm:
kinit admin
2. After the username and password are entered for login, the password change page is displayed indicating that the password has expired. After a new password is successfully set, login using the new password fails and the following error message is displayed:
The credentials you provided cannot be determined to be authentic.
If the old password is used for login, the password change page is displayed.
Impact and Severity
Login to FusionInsight Manager fails.
Estimated Restoration Time
30 minutes
Prerequisites
Prepare the following items before the restoration.
Items to be prepared before the restoration
No. | Item | Operation |
---|---|---|
1 | Cluster account information | Apply for the password of cluster user admin. |
2 | Node account information | Apply for the passwords of users omm and root of cluster nodes. |
3 | SSH remote login tool | Prepare tools such as PuTTY or SecureCRT. |
Log in to the nodes running LdapServer and run the following command to check whether the LDAP process exists:
ps -ef | grep slapd | grep -v grep omm 48719 1 0 2016 ? 01:31:14 /usr/lib/openldap/slapd -h ldaps://xx.xx.10.10:21780 -f /opt/huawei/Bigdata/FusionInsight-ldapserver-2.5.0/ldapserver/local/script/../conf/slapd.conf -o slp=off
Fault Handling
Use LDAP data to restore OLDAP data.
Solution
1. Log in to the active OMS node as user omm and run the following command to disable the active/standby switchover:
C50: /opt/huawei/Bigdata/OMSV100R001C00x8664/workspace0/ha/module/hacom/tools/ha_client_tool --forbidswitch --name=product --time=60
C60: /opt/huawei/Bigdata/OMSV100R001C00x8664/workspace0/ha/module/hacom/tools/ha_client_tool --forbidswitch --name=product --time=60
C70SPC20*: /opt/huawei/Bigdata/FusionInsight_BASE_V100R002C70SPC200/install/FusionInsight-dbservice-2.7.0/ha/module/hacom/tools/ha_client_tool --forbidswitch --name=product --time=60
C80SPC20*: /opt/huawei/Bigdata/om-server_V100R002C80SPC200/OMSV100R001C00x8664/workspace0/ha/module/hacom/tools/ha_client_tool --forbidswitch --name=product --time=60
6.5.*: /opt/huawei/Bigdata/om-server/OMS/workspace0/ha/module/hacom/tools/ha_client_tool --forbidswitch --name=product --time=60
You can change the path to CX0SPC20X in the patch version.
If the following information is displayed, the command execution is successful:
execute command forbidswitch successfully.
2. Log in to the standby OMS node as user omm and execute the following script to stop the standby OMS:
C50, C60: sh /opt/huawei/Bigdata/om-0.0.1/sbin/stop-oms.sh
C70, C80: sh /opt/huawei/Bigdata/om-server/om/sbin/stop-oms.sh
3. Go to the following directory, delete the OLDAP data of the standby OMS node, and perform the following operations:
The LDAP data of C50 and C60 is stored in the following path:
cd /opt/huawei/Bigdata/om-0.0.1/ldapserver/ldapserver/local/
cp data data_bak
cd data
rm -f *
cp ../data_bak/DB_CONFIG .
The LDAP data of C70 and C80 is stored in the following path:
LDAP data location of the cluster: /srv/BigData/ldapData/ldapserver
OMSldap data location: /srv/BigData/ldapData/oldap/
cp data data_bak
cd data
rm -f *
cp ../data_bak/DB_CONFIG
4. Run the following command to start the standby OMS node:
Versions earlier than C70: sh /opt/huawei/Bigdata/om-0.0.1/sbin/start-oms.sh
C70 or later versions: sh /opt/huawei/Bigdata/om-server/om/sbin/start-oms.sh
5. Log in to the active OMS node as user omm and repeat Step 2 to Step 4.
Verification
1. Clear the browser cache.
2. Log in to FusionInsight Manager. If the login is successful, OLDAP data has been restored.
That's all, thanks!