Troubleshooting
Problem
The migration of applications from console to App Host results in failure to migrate, and failure to roll back apps to Console, with error message:
"Error Code (33806): There was a problem stopping apps on source host [Unable to stop all apps.]"
"Error Code (33806): There was a problem stopping apps on source host [Unable to stop all apps.]"
Symptom
The following errors are displayed while migrating applications from console to App Host:
- From the web UI > Admin > System and License Management > Click to change where apps are run > App Host, produces error:
"Error Code (33806): There was a problem stopping apps on source host [Unable to stop all apps.]" - The following error message is displayed in System and License Management:
"An error occured while migrating apps and migration has been stopped. (..)"
"Rollback to apphost was attempted but encountered a problem [33809: there was a problem starting apps on target host [Unable to sync service on host (..)"
Diagnosing The Problem
The migration can fail because of the various reasons.
Check whether it is a certificate-related issue
- Log in to QRadar console server as the root user.
- Run the following command to check whether it is a certificate-related issue.
journalctl -u conman
- Run the following command to check the status of the certificate.
for i in $(/opt/qradar/ca/bin/si-qradarca list -print | awk -F, '{print $4}'| sort |uniq); do echo $i; openssl verify -CAfile /etc/pki/tls/cert.pem $i;done
Check the docker registry
- Log in to QRadar console server as the root user.
- Run the following command on app host or console.
docker ps -a
-
If there are any apps listed in the output from the docker ps -a in the first command, get the internal hostname for the host. You can get the internal hostname by checking the host file.
-
Type the following command:
curl -v --cert /etc/tomcat/tls/traefik/tomcat-client-traefik.cert --key/etc/tomcat/tls/traefik/tomcat-client-traefik.key https://<console>:14433/qapp-appid>/flask/debug
-
Run the command and check for any errors.
Check whether the certificate registry is broken
- Log in to QRadar console server as the root user.
- Run the following command on app host or console.
curl --cert /etc/docker-distribution/tls/docker-distribution.cert --key /etc/docker-distribution/tls/docker-distribution.key -L -H 'Accept: application/vnd.docker.distribution.manifest.v2+json' -v -X GET https://<console>.localdeployment:5000/v2/_catalog | jq -r
Resolving The Problem
To resolve the certificate issues, repair the certificate:
- Log in to the QRadar console server as the root user.
- Backup certificates:
mkdir -p /store/TN6997533 cp -p /opt/qradar/ca/certs/* /store/TN6997533/
- Run the following command:
/opt/qradar/support/clear_csr.py
ps -ef | grep reset-qradar-ca
- Wait for clear_csr.py to complete, then run the following command:
nohup rm -rf /opt/qradar/ca/certs/*; /opt/qradar/ca/bin/reset-qradar-ca.sh all --reset &
Note: reset-qradar-ca.sh cantake more than 30 minutes to complete. - Restart the services.
systemctl stop hostcontext; systemctl restart tomcat; systemctl start hostcontext
- Check with qappmanager command whether the apps are running.
/opt/qradar/support/qappmanager
- Restart all the applications in qappmanager with option 24 then option 23, so the status of the applications is running.
Result
These instructions can resolve most issues with applications migration. If these instructions do not resolve the issue, contact IBM QRadar support.
Related Information
Document Location
Worldwide
[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"ARM Category":[{"code":"a8m0z000000cwsyAAA","label":"Admin Tasks"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
26 May 2023
UID
ibm16997533