Nexeed
    • Introduction
    • User manual
      • Basic operation
      • Getting started
      • User
      • Groups
      • Roles
      • Organizations
      • Contracts
      • Modules
      • Identity providers
        • General Settings for the Identity Provider
        • Mapper Overview
      • Reports
      • Activity log
      • My Account
        • Overview: Login Tab
      • Configuration
        • Contents of the configuration file
        • How to work with the configuration file
    • Operations manual
      • Overview
      • System Architecture and Interfaces
      • System Requirements
        • macma/macma-webapp-backend
        • macma/macma-core
        • macma/macma-keycloak-mssql
      • Migration from Previous Versions
        • Migration to 1.37+
        • Migration to 1.34+
        • Migration to 1.33+
        • Migration to 1.32+
        • Migration to 1.31+
        • Migration to 1.29+
        • Migration to 1.28+
        • Migration to 1.27+
        • Migration to 1.26+
        • Migration to 1.25+
        • Migration to 1.21+
        • Migration to 1.20+
        • Migration to 1.19+
        • Migration to 1.18+
        • Migration to 1.17+
        • Migration to 1.16.0
        • Migration to 1.15.0
      • Setup and Configuration
        • Helm Configuration
        • macma/macma-core Configuration
        • macma/macma-keycloak-mssql Configuration
        • macma/macma-webapp-backend Configuration
        • Installation guide
        • Identity provider integration
        • Optional Configuration
        • Recommendations
        • Module Health Verification Endpoints and K8S Probes
      • Start and Shutdown
      • Regular Operations
        • Registering a new application in MACMA
          • Allowing application to use other applications
        • Change client secret of an application
      • Logging and Monitoring
        • Required Monitoring
        • Security Logging
          • Macma Security Events
          • Keycloak Security Events
          • Security Logging Format
        • Activity Logging
          • Activity Log Events
      • Known Limitations
        • Performance
        • General
        • Allowed characters and Internationalization
    • Developer documentation
      • Concepts
        • Authentication
        • Authorization
        • Resources
        • Roles
        • Sharing
      • Getting started
        • Registration
        • Authentication
        • Authorization
        • Multitenancy
      • How-to
        • Get & handle tokens
        • OAuth 2.0 for Mobile and Native Apps
        • Evolve authorization in your application lifecycle
        • Use Web Core for user login
        • Handle our integration events
        • Frequent How-To Questions for Application Developers
        • Do automated testing
        • Advertise things to colleagues
        • Integrate with additional environments
      • Deep dives
        • OAuth2 and its flows
        • OpenID Connect endpoints
    • Troubleshooting
      • Startup and availability
      • Identity provider integration
      • Resource deletion
      • Authentication
      • Authorization
    • API documentation
      • HTTP API
      • Event API
    • Glossary
Multitenant Access Control
  • Industrial Application System
  • Core Services
    • Block Management
    • Deviation Processor
    • ID Builder
    • Multitenant Access Control
    • Notification Service
    • Ticket Management
    • Web Portal
  • Shopfloor Management
    • Andon Live
    • Global Production Overview
    • KPI Reporting
    • Operational Routines
    • Shift Book
    • Shopfloor Management Administration
  • Product & Quality
    • Product Setup Management
    • Part Traceability
    • Process Quality
    • Setup Specs
  • Execution
    • Line Control
    • Material Management
    • Order Management
    • Packaging Control
    • Rework Control
  • Intralogistics
    • AGV Control Center
    • Stock Management
    • Transport Management
  • Machine & Equipment
    • Condition Monitoring
    • Device Portal
    • Maintenance Management
    • Tool Management
  • Enterprise & Shopfloor Integration
    • Archiving Bridge
    • Data Publisher
    • Direct Data Link
    • Engineering UI
    • ERP Connectivity
    • Gateway
    • Information Router
    • Master Data Management
    • Orchestrator

Nexeed Learning Portal
  • Multitenant Access Control
  • Troubleshooting
  • Startup and availability
1.37.1 1.37.0

Startup and availability

MACMA Core fails to start due to locked database

Context: Application does not become available when the database is locked. This error can occur, if the application has been stopped abruptly during database migration, thus a database lock has not removed properly.

Symptoms: 502 Bad Gateway errors, e.g. when trying to create application resources. Repeated restarts in short succession.

Solution: Check the logs for the macma-core-deployment pods. The logs may contain one of the following messages

Waiting for changelog lock....
liquibase.exception.LockException: Could not acquire change log lock
Application run failed

If you don’t expect partial database migrations you can lift the lock, otherwise the database has to be repaired manually. To lift the lock, connect to the database used for MACMA Core and execute to following SQL-command:

SELECT * FROM IAM_DATABASECHANGELOGLOCK

Verify, that the returned result set has one entry and the LOCKED is set to 1.
To release the lock, run the following SQL-command:

UPDATE IAM_DATABASECHANGELOGLOCK SET LOCKED=0, LOCKGRANTED=null, LOCKEDBY=null where ID=1

MACMA Core should recover itself and be available again.

Logs about MACMA being potentially unhealthy, but MACMA is available

Context: Some services monitor availability of dependencies.

Symptoms: Multiple but not all service instances fail to reach MACMA and thus determine that it is unhealthy. But at the same time MACMA is running just fine and not showing any signs of health issues. The other modules typically also log timeouts or task cancellations rather than gateway errors.

Solution: Check the firewall logs, potentially there was a foul component or an attacker in the system, causing the firewall to block certain IPs. These blocked IPs may affect multiple service instances of other modules in the cluster.

Calls to MACMA Core lead to infinite redirects (status code 302)

Context: When opening MACMA Webapp or calling the APIs directly.

Symptoms: Infinite loop of 302 redirect status codes.

Solution: Set JAVA_TLS_DISABLE accordingly when terminating TLS and thus only HTTP calls reach the backend service, otherwise it will redirect the caller to HTTPS for security reasons.

Contents

© Robert Bosch Manufacturing Solutions GmbH 2023-2025, all rights reserved

Changelog Corporate information Legal notice Data protection notice Third party licenses