No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

3 Web Cannot Be Accessed After eBackup Is Restarted

Publication Date:  2019-04-22 Views:  47 Downloads:  0
Issue Description

eBackup is deployed on physical machines onsite. If a server is faulty, the eBackup operating system restarts. After the restart, you cannot access the eBackup GUI on terminals.

Alarm Information

1. No alarm is generated.

Handling Process

1. The management IP address of eBackup can be pinged on the local computer and the eBackup CLI can be accessed through port SSH 22.

2. Check the eBackup service status (service hcp status). The service is running properly.

3. The local computer detects that the port is unreachable using telnet Management IP address of eBackup 8088. On the eBackup CLI, run the ssh Management IP address of eBackup 8088 command. The port can be accessed.

4. Run the vi /etc/sysconfig/iptables command, and there is no accpet record of the 8088 port. Run the iptables -nL | grep 8088 command, and there is no query result.

5. Use the script to configure the firewall policy again and run the cd /opt/huawei-data-protection/ebackup/bin command to go to the directory where the iptables script is stored. 

Run the sh iptablesHelper.sh accept HCPManagementPlane IP address (network segment) of the maintenance terminal where the browser resides IP address (network segment) of the backup management plane of eBackup command to add iptables rules. An example is as follows:

sh iptablesHelper.sh accept HCPManagementPlane 0.0.0.0/0  0.0.0.0/0

Then, execute the iptables-save script. After the iptables-save script is executed successfully, the record can be queried by running the iptables -nL | grep 8088 command.

6. The web page can be accessed properly. To verify that the configuration is saved successfully, the system is restarted. After the system is restarted, the web page cannot be accessed, and no record can be queried by running the iptables -nL |grep 8088 command.

After the SUSE system is restarted, the eBackup firewall policy is overwritten by iptables. In this case, you need to re-write the eBackup firewall policy to iptables.

iptables-restore < /etc/sysconfig/iptables

Root Cause

The firewall policy configured for eBackup is overwritten by the firewall of the system after the operating system is restarted.

Solution

Step 1 Check whether the firewall of the SUSE system is disabled.

/etc/init.d/SuSEfirewall2_setup stop

/etc/init.d/SuSEfirewall2_init stop

chkconfig SuSEfirewall2_setup off

chkconfig SuSEfirewall2_init off

Step 2 Check whether the accept record of port 8088 is added to the firewall configuration rules of eBackup. Run the iptables -nL |grep 8088 command to check whether the terminal IP address is within the range.If the record does not exist, run the eBackup script to add it.

cd /opt/huawei-data-protection/ebackup/bin

Run the sh iptablesHelper.sh accept HCPManagementPlane IP address (network segment) of the maintenance terminal where the browser resides IP address (network segment) of the backup management plane of eBackup command to add iptables rules.

Step 3 After the eBackup operating system is restarted, if the web page still cannot be accessed and no information can be queried by running the iptables -nL |grep 8088 command. Run the iptables-restore < /etc/sysconfig/iptables command to re-write the record.

Suggestions

Before deploying eBackup, disable the firewall of the system and configure the firewall policy using the eBackup script. If the configuration cannot be saved after the restart, run the iptables-restore < /etc/sysconfig/iptables command.

END