Synchronization of common agent container security files

Solaris Cluster uses common agent container as part of its management infrastructure. The common agent container (CAC) uses public key mechanisms for encryption and authentication. Here is the complete guide that explains CAC in lot more detail.

In Solaris Cluster, the CAC keys must be the same on all the nodes of the cluster, so that the management infrastructure can communicate with all the cluster nodes. Cluster software ensures that these keys are same on all the cluster nodes. However there could be scenarios when these keys go out of sync. When that happens, you will start seeing errors like below,

             ERROR: Unable to connect to the common agent container on node
             pneta1. Ensure that the common agent container is running and you
             have the required authorizations to connect to the common agent
             container on this node.

    Press RETURN to continue


 Here are the steps to correct this situation.

1. Stop CAC on all the cluster nodes

   #/usr/sbin/cacaoadm stop 


2. Copy the CAC security files from one node of the cluster to all the other nodes of the cluster.

    On any one node do, 

   cd /etc/cacao/instances/default/

   tar cf /tmp/SECURITY.tar security

   then transfer the SECURITY.tar to all the nodes and do,

   cd /etc/cacao/instances/default/

   tar xf /tmp/SECURITY.tar

   You can now remove all the copies of SECURITY.tar


3. Restart the CAC on all the cluster nodes

    /usr/sbin/cacaoadm start

 This procedure is explained in detail here. Join our communities around CAC and Solaris Cluster for more.