Hi all, we need to install privacyidea in HA mode both frontend (privacyidea web servers) and DB servers.
Documentation, tells only to use same secret, enckey, same audit keys, same pi_perrer and so on, but nothing on the installation side.
That i did was:
I followed the installation for Ubuntu (we use 22.04 LTS), so:
- added repository signature
- added repository
- installed privacyidea-apache2
it installed all that it needed (also mysql-server), create all the keys, create locally the DB.
I used ansible to do all the tasks, after that i configured the pi.cfg to use an external percona cluster (master-master), gives access to both privacyidea servers.
I copied enckey, secret, audit keys and all the needed from the first privacyidea server to the second (all with ansible).
On the percona cluster i create manually the db
CREATE DATABASE privacyidea;
then on the first server i execute
pi-manage createdb
and automatically all the tables were created on the percona cluster.
Is this enough to have privacyidea working, or the automatic installation process makes other steps ?
Can i remove mysql-server without problems using an external percona cluster ?
I had to fix permissions to 0644 on pi.cfg and public.pem and 0600 to private.pem (ansible used other default) i missed something ?
What else i have to do now ?
Because the web interface appears with login/password prompt but on the right side it tells in red 500 internal server error, i attached the screenshot
On the apache log i have:
[Fri Mar 31 18:54:08.399379 2023] [wsgi:error] [pid 43781:tid 139995924543040] The configuration name is: production
[Fri Mar 31 18:54:08.399463 2023] [wsgi:error] [pid 43781:tid 139995924543040] Additional configuration will be read from the file /etc/privacyidea/pi.cfg
[Fri Mar 31 18:54:08.527076 2023] [wsgi:error] [pid 43781:tid 139995924543040] Using PI_LOGLEVEL and PI_LOGFILE.
[Fri Mar 31 18:54:08.527126 2023] [wsgi:error] [pid 43781:tid 139995924543040] Using PI_LOGLEVEL 20.
[Fri Mar 31 18:54:08.527141 2023] [wsgi:error] [pid 43781:tid 139995924543040] Using PI_LOGFILE
/var/log/privacyidea/privacyidea.log.
[Fri Mar 31 19:14:13.583824 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] mod_wsgi (pid=43781): Exception occurred processing WSGI script '/etc/privacyidea/privacyideaapp.wsgi'.
[Fri Mar 31 19:14:13.585031 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] Traceback (most recent call last):
[Fri Mar 31 19:14:13.585119 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] File "/opt/privacyidea/lib/python3.10/site-packages/pymysql/connections.py", line 732, in _read_bytes
[Fri Mar 31 19:14:13.585165 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] data = self._rfile.read(num_bytes)
[Fri Mar 31 19:14:13.585203 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] File "/usr/lib/python3.10/socket.py", line 705, in readinto
[Fri Mar 31 19:14:13.585234 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] return self._sock.recv_into(b)
[Fri Mar 31 19:14:13.585276 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] ConnectionResetError: [Errno 104] Connection reset by peer
[Fri Mar 31 19:14:13.585334 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083]
[Fri Mar 31 19:14:13.585368 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] During handling of the above exception, another exception occurred:
[Fri Mar 31 19:14:13.585397 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083]
[Fri Mar 31 19:14:13.585442 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] Traceback (most recent call last):
[Fri Mar 31 19:14:13.585533 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] File "/opt/privacyidea/lib/python3.10/site-packages/sqlalchemy/engine/base.py", line 1276, in _execute_context
[Fri Mar 31 19:14:13.585575 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] self.dialect.do_execute(
[Fri Mar 31 19:14:13.585634 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] File "/opt/privacyidea/lib/python3.10/site-packages/sqlalchemy/engine/default.py", line 608, in do_execute
[Fri Mar 31 19:14:13.585666 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] cursor.execute(statement, parameters)
[Fri Mar 31 19:14:13.585704 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] File "/opt/privacyidea/lib/python3.10/site-packages/pymysql/cursors.py", line 148, in execute
[Fri Mar 31 19:14:13.585737 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] result = self._query(query)
[Fri Mar 31 19:14:13.585771 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] File "/opt/privacyidea/lib/python3.10/site-packages/pymysql/cursors.py", line 310, in _query
[Fri Mar 31 19:14:13.585814 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] conn.query(q)
[Fri Mar 31 19:14:13.585873 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] File "/opt/privacyidea/lib/python3.10/site-packages/pymysql/connections.py", line 548, in query
[Fri Mar 31 19:14:13.585919 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] self._affected_rows = self._read_query_result(unbuffered=unbuffered)
[Fri Mar 31 19:14:13.585974 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] File "/opt/privacyidea/lib/python3.10/site-packages/pymysql/connections.py", line 775, in _read_query_result
[Fri Mar 31 19:14:13.586011 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] result.read()
[Fri Mar 31 19:14:13.586046 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] File "/opt/privacyidea/lib/python3.10/site-packages/pymysql/connections.py", line 1156, in read
[Fri Mar 31 19:14:13.586076 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] first_packet = self.connection._read_packet()
[Fri Mar 31 19:14:13.586113 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] File "/opt/privacyidea/lib/python3.10/site-packages/pymysql/connections.py", line 692, in _read_packet
[Fri Mar 31 19:14:13.586144 2023] [wsgi:error] [pid 43781:tid 139995924543040] [remote XXX.XXX.XXX.XXX:50083] packet_header = self._read_bytes(4)
and go on
if i would replicate the automatic installation process, which script, or commands sequence would I use ?
Thanks for any help
Claudio