Gateway unable to start due to "duplicate entry for key nodeid"
search cancel

Gateway unable to start due to "duplicate entry for key nodeid"


Article ID: 42957


Updated On:


STARTER PACK-7 CA Rapid App Security CA API Gateway




The CA API Gateway uses a UUID to uniquely identify members of a Gateway cluster. It is imperative that nodes in a cluster possess unique identifiers for this purpose. These identifiers are called?node IDs?and are dynamically generated when the Gateway node is configured for the first time. If the identifiers are not unique across all cluster members then one or more Gateway nodes may fail to initialize.

This issue most commonly occurs when an existing node is cloned into a new node or an existing Gateway backup is restored to a new Gateway node. The appropriate method of creating new cluster nodes is to deploy a new appliance and use the?ssgmigrate?script to migrate an existing configuration to a new host.?ssgbackup?and?ssgrestore?should not be used to perform migrations.


The following log entry will be generated in the Gateway log file for a node that is unable to start because the node ID is already used by another cluster member. If this issue occurs then the node ID will need to be changed.

Error 'Duplicate entry 'dc32f76de7ca49fd8a66d8d8defb37a0--1-0-1360784450000' for key 'nodeid'' on query. Default database: 'ssg'.


  1. Log in to the impacted CA API Gateway as the?ssgconfig?user
  2. Select Option #3: Use a privileged shell (root)
  3. Open the node configuration file in a text editor: vi /opt/SecureSpan/Gateway/node/default/etc/conf/
  4. Change the value of a different value
  5. Stop the Gateway service on each node in the cluster: service ssg stop
  6. Log in to the Gateway serving as the primary database node as the?ssgconfig?user
  7. Select Option #3: Use a privileged shell (root)
  8. Erase the existing Gateway membership roll: mysql -e "truncate ssg.cluster_info"
  9. Start the Gateway service: service ssg start

Each node in the cluster should be started sequentially. Start a node only after the other node has completely finished initializing. This will allow the cluster membership table to be rebuilt.



Component: APIGTW