openGauss 3.1.0 集群执行gs_expansion在线扩容新增节点遇[GAUSS-51100] : Failed to verify SSH trust on these nodes

我来答

2022-11-12

部署了openGauss 3.1.0 一主两备集群，打算对该集群进行在线扩容，使用gs_expansion。
另外也使用gs_sshexkey 配置了 ssh 互信，root用户和omm也都可以ssh IP或者ssh 主机名。
[root@opengauss-db1 script]# vim hostIP.txt – 在该目录下编辑一内核所有节点IP文件，参照如下
192.168.17.113
192.168.17.139
192.168.17.159
192.168.17.112
– 执行gs_sshexkey 配置互信
[root@opengauss-db1 script]# ./gs_sshexkey -f /opt/software/openGauss/script/hostIP.txt -W {password}
Please enter password for current user[root].
Password: – 输入 root口令

但执行扩容就报如下错误
[root@opengauss-db1 script]# ./gs_expansion -U omm -G dbgrp -X /opt/software/openGauss/clusterconfig.xml -h 192.168.17.112
[GAUSS-51100] : Failed to verify SSH trust on these nodes:
opengauss-db1, opengauss-db2, opengauss-db3, opengauss-db4, 192.168.17.113, 192.168.17.139, 192.168.17.159, 192.168.17.112 by root
opengauss-db1, opengauss-db2, opengauss-db3, opengauss-db4, 192.168.17.113, 192.168.17.139, 192.168.17.159, 192.168.17.112 by individual user.

执行日志信息也没什么详细信息，只有[gs_expansion][DEBUG]:Checking environment variable.

我来答

添加附件

问题补充

5条回答

默认

最新

shunwahⓂ️

GAUSS-51100:"Failed to verify SSH trust on these nodes:

SQLSTATE: 无

错误原因：在各节点上核实SSH互信失败。

解决办法：检查确保各节点互信必须创建。

问题的方法1：步骤1 先把命令 sed -i '/^export[ ]*HOST_IP=/d' /etc/profile 单独拿到失败的机器上执行，如果不报错就考虑互信是否建立失败。步骤2 互信如果失败：自己自行建立互信场景的，每台节点自行逐个校验，如果是预安装过程中脚本自动建立的，考虑是否.ssh目录权限问题。步骤3 如果互信成功，考虑防火墙和selinux是否关闭。创建互信失败，可能是防火墙的原因导致的，也可以自己建好各个机器之间root和用户的互信，然后安装时候创建互信都选择no

问题的方法2：

尝试手动执行脚本中的检测命令

python3 /opt/enmo/wisequery/script/gspylib/pssh/bin/pssh -s -H 主机名 'pwd'

su - omm -c 'python3 /opt/enmo/wisequery/script/gspylib/pssh/bin/pssh -s -H ip地址 pwd'

如返回结果不为空值就说明解决此报错，否则请检查互信是否设置正确

有用 0

尚雷

题主

2022-11-12

root@opengauss-db1 ~]# cd /opt/software/openGauss/ [root@opengauss-db1 openGauss]# ./script/gs_expansion -U omm -G dbgrp -X /opt/software/openGauss/clusterconfig.xml -h 192.168.17.112 -L [GAUSS-51802] : Failed to obtain the environment variable "GAUSSHOME", please import environment variable. [root@opengauss-db1 openGauss]# source /home/omm/.bashrc [root@opengauss-db1 openGauss]# ssh 192.168.17.112 root@192.168.17.112's password: [root@opengauss-db1 openGauss]# more /home/omm/.bashrc # .bashrc # Source global definitions if [ -f /etc/bashrc ]; then . /etc/bashrc fi # Uncomment the following line if you don't like systemctl's auto-paging feature: # export SYSTEMD_PAGER= # User specific aliases and functions export GPHOME=/opt/gaussdb/gausstools/om export PATH=$GPHOME/script/gspylib/pssh/bin:$GPHOME/script:$PATH export LD_LIBRARY_PATH=$GPHOME/lib:$LD_LIBRARY_PATH export PYTHONPATH=$GPHOME/lib export GAUSSHOME=/opt/gaussdb/install/app export PATH=$GAUSSHOME/bin:$PATH export LD_LIBRARY_PATH=$GAUSSHOME/lib:$LD_LIBRARY_PATH export S3_CLIENT_CRT_FILE=$GAUSSHOME/lib/client.crt export GAUSS_VERSION=3.1.0 export PGHOST=/opt/gaussdb/tmp export GAUSSLOG=/opt/gaussdb/log/omm umask 077 export GAUSS_ENV=2 export GS_CLUSTER_NAME=openGSDB export SSH_AUTH_SOCK=/home/omm/gaussdb_tmp/gauss_socket_tmp export SSH_AGENT_PID=2647 [root@opengauss-db1 openGauss]# python3 /opt/software/openGauss/script/gspylib/pssh/bin/pssh -s -H opengauss-db4 'pwd' /root [root@opengauss-db1 openGauss]# su - omm -c 'python3 /opt/software/openGauss/script/gspylib/pssh/bin/pssh -s -H 192.168.17.112 pwd' /home/omm

尚雷

题主

2022-11-12

我执行你发的，结果是这样，有问题吗？

尚雷

题主

2022-11-12

我配置好互信后，在执行 gs_expansion 前执行了 source /home/omm/.bashrc 发现就不通。 /home/omm/.bashrc 文件的信息是 # User specific aliases and functions export GPHOME=/opt/gaussdb/gausstools/om export PATH=$GPHOME/script/gspylib/pssh/bin:$GPHOME/script:$PATH export LD_LIBRARY_PATH=$GPHOME/lib:$LD_LIBRARY_PATH export PYTHONPATH=$GPHOME/lib export GAUSSHOME=/opt/gaussdb/install/app export PATH=$GAUSSHOME/bin:$PATH export LD_LIBRARY_PATH=$GAUSSHOME/lib:$LD_LIBRARY_PATH export S3_CLIENT_CRT_FILE=$GAUSSHOME/lib/client.crt export GAUSS_VERSION=3.1.0 export PGHOST=/opt/gaussdb/tmp export GAUSSLOG=/opt/gaussdb/log/omm umask 077 export GAUSS_ENV=2 export GS_CLUSTER_NAME=openGSDB export SSH_AUTH_SOCK=/home/omm/gaussdb_tmp/gauss_socket_tmp export SSH_AGENT_PID=2647