cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Dynatrace install fails, cannot connect to ports

scott_williamso
Participant

I am able to install Dynatrace on the primary cluster seed node. But now, when I try to install a new cluster node using a proxy I get "Cannot connect to Cassandra and Elasticsearch ports on seed node". Console output:

/bin/sh managed-installer.sh --seed-auth XeQs-88ETTqGcWnWg1RHe --network-proxy https://10.178.8.131:3128

Starting Dynatrace 1.158.117.20190104-104301 installer ... OK

Verifying system compatibility ... OK

Verifying RAM size ... OK

Type the full path to your directory for Dynatrace binaries [/opt/dynatrace-managed]?

Type the full path to your directory for Dynatrace data [/var/opt/dynatrace-managed]?

...

Verifying disk space ... OK

Network proxy used for this installation: https://10.178.8.131:3128 Testing connection to Dynatrace Mission Control ... OK

Verifying system connectivity ... OK

Testing connection to Dynatrace cluster ... OK

Preparing Dynatrace cluster for extension ...

Installation failed, with status: system verified after 53 seconds. Exit code: 3

Errors:

Cannot connect to Cassandra ports on seed node: 7000, 9042

Cannot connect to Elasticsearch ports on seed node: 9200, 9300

More details in log file: "/var/log/dynatrace/install.log"

avatar imagePatrick H. Scott W. 7 hours ago 0

Not related to mission control, I would ask this as a new question.

Most likely problem is a firewall blocking traffic between the nodes on the mentioned ports.

avatar imageBabar Q. Scott W. 7 hours ago 0 Like Reply Share

Hello @Scott W.

I am going through with the same situation to one of our cluster node. If I get any success then will share with you.

Regards,

Babar


6 REPLIES 6

scott_williamso
Participant

Reposted this, with comments from the other question...


scott_williamso
Participant

I have been investigating this with our network team. They assert that there are no firewall rules preventing access to ports since the servers are on the same subnet (network segment).

Also, I have confirmed that the Dynatrace (iptables) fw rules are working and that port 7000 is open on the seed node:

iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp multiport ports 443,8021:8022,8443
ACCEPT tcp -- 10.54.224.41 0.0.0.0/0 tcp multiport ports 5701:5711,7000:7001,7199,8019:8020,9042,9200,9300,9998
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match src-type LOCAL tcp multiport ports 443,5701:5711,7000:7001,7199,8018:8022,8443,9042,9200,9300,9998
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp multiport ports 443,5701:5711,7000:7001,7199,8018:8022,8443,9042,9200,9300,9998

Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp multiport ports 443,5701:5711,7000:7001,7199,8018:8022,8443,9042,9200,9300,9998

netstat -vatn | grep 7000
tcp 0 0 10.54.224.41:7000 0.0.0.0:* LISTEN
tcp 0 0 10.54.224.41:64547 10.54.224.41:7000 ESTABLISHED
tcp 0 0 10.54.224.41:7000 10.54.224.41:64547 ESTABLISHED
tcp 0 0 10.54.224.41:7000 10.54.224.41:61284 ESTABLISHED
tcp 0 0 10.54.224.41:61284 10.54.224.41:7000 ESTABLISHED

Radoslaw_Szulgo
Dynatrace Leader
Dynatrace Leader

For such cases please open a support ticket. We will help you to troubleshoot that.

If you cannot connect to Cassandra, first what is needed is to check if Cassandra is running fine on the seed node.


Technical Product Manager,
Dynatrace Managed expert

Hi Radoslaw,

Okay, I will open a ticket...

Scott


I also faced the same thing one day ago, still troubleshooting.

In my case, also no firewall in between but still, saying cannot connect to Active Gate ports on 8443. (but 8443 isn't needed by Managed Node, it is only needed for OneAgent isn't it?)


Also finally, one interesting is that for the elasticsearch and cassandra ports, they are to be telnet if I use telnet command using localhost, but when telnet from node 1 to node 2 it can't pass through although the 2 nodes are in fact already joined as a cluster!


what exactly message you received? Telnet port is closed between nodes. Refer to the doc page to see what ports are opened for communication between elasticsearch and Cassandra.


Technical Product Manager,
Dynatrace Managed expert