[RTFACT-18863] "Circle of trust" breaks with the destruction of the HA primary node - JFrog JIRA

XML

Word

Printable

Details

Type: Bug
Status: Open
Priority: Normal
Resolution: Unresolved
Affects Version/s: 6.8.6
Fix Version/s: None
Component/s: Access Server, DR, HA, High Availability, Mission-Control, Upgrade
Labels:
None
Environment:
Hide

Master service/site:

OS: Ubuntu 17.10

Artifactory v6.8.6

Number of nodes: 3

Target service/site:

OS: Ubuntu 17.10

Artifactory v6.8.6

Number of nodes: 2

Mission Control:

OS: Ubuntu 16.04

Mission Control v3.4.2
Show
Master service/site: OS: Ubuntu 17.10 Artifactory v6.8.6 Number of nodes: 3 Target service/site: OS: Ubuntu 17.10 Artifactory v6.8.6 Number of nodes: 2 Mission Control: OS: Ubuntu 16.04 Mission Control v3.4.2

Description

According to this section in the Mission Control user guide https://www.jfrog.com/confluence/display/MC/Disaster+Recovery#DisasterRecovery-EstablishingaCircleofTrust-Artifactory6.3.0andabove a "circle of trust" must be established between the Master and Target services by copying each other's root.crt to each others $ARTIFACTORY_HOME/access/etc/keys/trusted folder. Assuming this task happens on the primary node for each service/site, the circle of trust will be broken upon the destruction of that primary node.

The folder mentioned isn't replicated amongst each node in an HA cluster like some other files are. Even if you recover the primary node back into the cluster using master.key you will still need to re-establish the circle of trust on that node as an additional step.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Felipe Ramirez

Votes:: 3 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 27/Mar/19 3:11 PM

Updated:: 10/May/19 10:29 PM