This article describes the possibility of managing the secondary node of a chassis cluster via the J-Web interface.
When in the JSRP (Junos Services Redundancy Protocol) chassis cluster mode on J-series or SRX-series platforms, J-Web management on the secondary node for the 0 redundancy group does not work.
J-Web management can be performed only on the primary node for the 0 redundancy group.
The reason is that daemons referenced by J-Web are not running on the secondary node.
Example
The following example shows output of syslog and system process on both node0 and node1 after RG0 was failed over from node1 to node0.
- On node1, web-management daemon (httpd-gk) was terminated (exited).
- On node0, web-management daemon (httpd-gk) was started.
- Two http related daemons; httpd-gk and httpd, run only on node0, which is the new primary node of RG0.
{secondary:node1}
root@SRX210HE-B> show chassis cluster status
Cluster ID: 1
Node Priority Status Preempt Manual failover
Redundancy group: 0 , Failover count: 1
node0 255 primary no yes
node1 1 secondary no yes
Redundancy group: 1 , Failover count: 1
node0 100 primary yes no
node1 1 secondary yes no
{secondary:node1}
root@SRX210HE-B> show log log-any | grep web-management
Jul 5 11:31:52 SRX210HE-B init: web-management (PID 9660) started
Jul 5 12:00:37 SRX210HE-B init: web-management (PID 9660) SIGTERM sent
Jul 5 12:00:37 SRX210HE-B init: web-management (PID 9660) exited with status=0 Normal Exit
{primary:node0}
root@SRX210HE-A> show log log-any | grep web-management
Jul 5 12:00:37 SRX210HE-A init: web-management (PID 9498) started
{primary:node0}
root@SRX210HE-A> show system processes extensive node 0 | grep http
9498 root 1 76 0 12916K 4604K select 0 0:00 0.00% httpd-gk
9535 nobody 1 90 0 8860K 3264K select 0 0:00 0.00% httpd
{primary:node0}
root@SRX210HE-A> show system processes extensive node 1 | grep http
=> No httpd-gk and httpd processes running on node 1 (secondary node)
This limits remote procedure calls (RPCs) from J-Web logic and, subsequently, pages that can be issued from the secondary node. Therefore, J-Web management of the secondary node is not allowed.
CLI access (SSH, telnet, console) is available for the secondary node.