This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
beneaton
Contributor
‎2020-04-09 03:13 AM

mgmt_cli / mgmt API - command failing

Hi,

 

On an MDS, just 1 CMA/Customer has a locked session causing an issue. It's a session that is not viewable from within the MDS Session OR the CMA Sessions, so not a case of just discarding it like normal.

1. This seemed to have happened when the customer/CMA reverted back to a previous installed policy.
I.e. They reverted back to a 2nd April 2020 Policy. The 2 objects we can see locked are Network Properties (eth1 and eth2) . This is causing a fairly big problem as those objects are locked, 2 things we're trying to are failing with errors - "Get Interfaces with/without Topology" or even manually add an interface in.

2. From the MDS, running a psql_client SEARCH command, the eth1 and eth2 objid's both show, and they both have the same lockingsessionid. So I've tried mgmt API command below to discard it:


[Expert@MDS:0]# mgmt_cli -s id.txt discard uid xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

 But we get error:

code: "generic_server_error"

message: "Management server failed to execute command"


Anyone able to advise of what we can try? Commands? Etc.

Because this is an MDS with a lot of customers, we can't simply reboot it.


Thank you in advance!

0 Kudos
Reply
9 Replies
Maik
Advisor
‎2020-04-09 06:36 AM

What does "api status" show you? Maybe simply restarting the API service is going to solve your problem.
0 Kudos
Reply
beneaton
Contributor
‎2020-04-21 07:53 AM
In response to Maik

Hi Maik,

Accessibility: Require all granted
Automatic Start: Enabled

Processes:
API  Started
CPM  Started
FWM  Started
APACHE  Started


I will discuss with the team that deals with our MDS about if an API service restart could be tried.

Thanks!

0 Kudos
Reply
PhoneBoy
Admin
Admin
‎2020-04-09 08:09 AM

If a restart or reboot doesn't clear the issue, then you may need to get the TAC involved.
0 Kudos
Reply
beneaton
Contributor
‎2020-04-21 07:50 AM
In response to PhoneBoy

Hi Phone Boy,

The MDS was rebooted (had planned work on it a few days after the issue) but no change.

I do have a ticket open with TAC now. They've got MDS backup and I believe they intend to replicate it

Thanks

0 Kudos
Reply
Daniel_Taney
Advisor
‎2020-04-21 07:57 AM
In response to beneaton

Is there any chance your server is listening on a port other than 443? I believe I ran into this once on an SMS that had Endpoint management installed and the WebUI/API port was moved to 4434? In which case, I believe I just had to specify the port number as a parameter on the mgmt_cli command.

 

R80 CCSA / CCSE
0 Kudos
Reply
beneaton
Contributor
‎2020-04-21 08:07 AM
In response to Daniel_Taney

Hi,

I do believe it's 443.
# api status shows Port Details: "APACHE Gaia Port: 443"

I also ran the command
# mgmt_cli --port 443 discard uid <UID>
and
#mgmt_cli --port 4434 discard uid <UID>

When I specified 4434 it advised "Couldn't connect to server".
Where as leaving as blank/default or setting to 443 it says "code: "generic_server_error"
message: "Management server failed to execute command".

Thanks for the reply!
0 Kudos
Reply
Daniel_Taney
Advisor
‎2020-04-21 08:09 AM
In response to beneaton

Oh well, was worth a shot! If only it could have been that easy 😤

R80 CCSA / CCSE
0 Kudos
Reply
beneaton
Contributor
‎2020-04-21 08:19 AM
In response to Daniel_Taney

Exactly - would have been nice! Thanks again
0 Kudos
Reply
Dyslexic155
Participant
‎2020-05-26 06:34 AM
In response to beneaton

Did you get a fix from their end ?

0 Kudos
Reply