After cluster issues, secondary node stopped recording sessions
Article ID: 191856
Updated On:
Products
CA Privileged Access Manager (PAM)
CA Privileged Access Manager - Cloakware Password Authority (PA)
CA Privileged Access Manager - Server Control (PAMSC)
Issue/Introduction
We experienced clustering issues and when clustering was restored, and secondary node Recording Share was found to be not mounted.
Environment
Release : 3.X
Component : PRIVILEGED ACCESS MANAGEMENT
Cause
Due to the clustering issues, no recordings were being made on secondary node, but primary node was Mounted and Good, secondary node was not.
Both nodes share the same storage and partition.
A node's connection to the recording share is independent of each other.
Eeach node needs to be setup, enabled and mounted separtely, and in a few different places.
Verify correct setup here:
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-privileged-access-management/privileged-access-manager/3-3-2/implementing/configuring-your-server/set-up-session-recording.html
Logs.bin was downloaded and sent to Support in a case. (Support would have to read these logs, they were not apparent in Tomcat or Session logs)
Two different logs pointing to the secondary node not seeing the recording share.
Jboss server log:
2020-05-21 08:34:20,389 ERROR [STDERR] 2020-05-21 08:34:20.389 [ERROR] VNCProcessor.67
Both nodes share the same storage and partition.
A node's connection to the recording share is independent of each other.
Eeach node needs to be setup, enabled and mounted separtely, and in a few different places.
Verify correct setup here:
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-privileged-access-management/privileged-access-manager/3-3-2/implementing/configuring-your-server/set-up-session-recording.html
Logs.bin was downloaded and sent to Support in a case. (Support would have to read these logs, they were not apparent in Tomcat or Session logs)
Two different logs pointing to the secondary node not seeing the recording share.
Jboss server log:
2020-05-21 08:34:20,389 ERROR [STDERR] 2020-05-21 08:34:20.389 [ERROR] VNCProcessor.67
Exception has happened during processing client to server traffic.Thus at playing some session problems might be arisen .
Reason: File with client to server traffic is empty, probably the destination host is shut down
Xcd_upd_handler.log:
2020-05-21 19:06:48 8112 ERROR openFile: Storage /opt/rpath/ is unavailable.
2020-05-21 19:06:48 8112 ERROR initSessionRecording: Network storage is unavailable. Cannot start session recording.
Resolution
To resolve this problem:
1- stop clustering and reboot secondary node
Mount recording share and wait for it to go Green and Available.
Similar issues have occurred with other customers and this resolution works most times for the errors that were found.
If this does not resolve the problem, it could be that the recording share needs to be restarted.
If restarting the recording share does not correct the problem, further investigation is needed by Support.
1- stop clustering and reboot secondary node
Mount recording share and wait for it to go Green and Available.
Similar issues have occurred with other customers and this resolution works most times for the errors that were found.
If this does not resolve the problem, it could be that the recording share needs to be restarted.
If restarting the recording share does not correct the problem, further investigation is needed by Support.
Feedback
Yes
No
Powered by
