Running for HA does not sync the database

[asolomonbd]

Description
I am running the opennebula.deploy.main with just some FEs in the inventory, FEs are installed on VMs for HA capability. While running the role it finished with success installing all components and electing a leader and assigning the VIP. The issues is that when doing that after the leader is changed the oneadmin and the password set for it does not work anymore. Once the original FE is elected again everything starts to work

oned.log throws
Fri Dec 12 13:45:56 2025 [Z0][AuM][I]: Command execution failed (exit code: 255): /var/lib/one/remotes/auth/server_cipher/authenticate Fri Dec 12 13:45:56 2025 [Z0][AuM][I]: bad decrypt Fri Dec 12 13:45:56 2025 [Z0][AuM][D]: _authenticate: bad decrypt Fri Dec 12 13:45:56 2025 [Z0][AuM][E]: Auth Error: bad decrypt Fri Dec 12 13:45:56 2025 [Z0][ReM][D]: Req:9920 UID:-1 IP:127.0.0.1 one.vmpool.infoextended invoked , -2, -1, -1, -1, ""

After some research I found that Distribute DB backup (ha) and DB backup for leader are skipped and the serveradmin user is not synced from leader to followers and according to OpenNebula docs it should do it.

To Reproduce
Set just 3 FEs in the inventory and one_pass, run opennebula.deploy.main with no extra args.

Expected behavior
I would expect to check if the DB from leader is replicated to followers not just check the version and assume they are in sync. When a new FE is added to the cluster it needs the DB dump of the leader from that point

Details

• Ansible version: 2.20.1
• Linux OS distro in your cluster: Ubuntu 24.04
• Version: 1.3