The HA code unfortunately makes assumptions about the machine only having a single relevant IP. The current assumptions are these:
- Connections to the other node will be done using one of the addresses in /vsmserver/HA/nodes
- Connections to 192.168.1.1 will be done using one of the addresses in /vsmserver/HA/nodes
These assumptions break under two circumstances:
- When a different IP (e.g. the shared IP) ends up being the one used for outgoing connections
- When the machine is multi-homed and HA connections uses a different interface than for 192.168.1.1
We need to rethink the design here so it is more robust. One component of this could be to move away from IP based security and use something like a shared key instead.
we also ran in to this bug last night and would like to see a future fix.
- Two servers which are both multi homed.
- Both servers have hostname assiciatedwith external ip.
- We want to keep xmlrpc communication between servers on internal network.
In my opinion "/vsmserver/HA/nodes" should be matched against names and aliases for all local interfaces.
- Replace gethostname() with hardcoded name in sessionstore.py.
Regards / Fredrik, NSC