<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Error "Instance is not ready for HA" when Adding a Worker Node to HA in OAG
Jun 24, 2025
Access Gateway
Okta Classic Engine
Okta Identity Engine
Overview

When admins set up HA in OAG via the Management Console, they may get an error like:

Instance is not ready for HA.

There could be multiple reasons why it can happen. The article shows two of the common scenarios with the solution.
 

Applies To
  • Okta Access Gateway (OAG)
  • High Availability (HA)
Cause
  • The worker node cannot resolve its hostname; that is, SSH to the same host does not work. In that case, the error will look like the following:
Checking HA readiness for host <worker_hostname>  Instance is not ready for HA. See details below:
SSH connectivity is blocked to masterNode: <worker_hostname>
Exiting.
FAILURE RC=1
 
  • The worker node cannot resolve the admin node, OR SSH connectivity is blocked to/from the admin node. In that case, the error will look like the following:
Enter the authorization token displayed on admin node: <admin_hostname>:<auth_code>
Checking HA readiness for host  <admin_hostname>  Instance is not ready for HA. See details below:
Unable to resolve masterNode:  <admin_hostname>
Fix DNS or add to local hosts file
Exiting.
FAILURE RC=1
 
Solution
  1. Make sure the complete string is copied from the admin that was generated by the Prepare Admin option. It will be in the format <hostname>:<authorization_code>.
  2. Make sure the hostname is set on the new node.
    • This will create the needed loopback entries in the host file. 
  3. Make sure the admin and worker nodes are resolvable from each other through DNS, and SSH connectivity is not blocked between the two.
    In case DNS entries cannot be made, then the following steps can be used to add IP and Hostname in /etc/hosts on both admin and worker nodes:
    1. From the Management Console, press 1 - Network
    2. Press 3 - Edit /etc/hosts
    3. Press a > [a]dd entry
    4. Enter the IP address > ENTER > enter the hostname > ENTER
    5. Press c > [c]ommit changes
    6. Repeat the same for other node(s)
  4. Make sure HTTPS connectivity is not blocked from the worker node to the Admin.
  5. Try to set up High Availability again.

 

Related References

Recommended content

Still looking for help?
Loading
Okta Support - Error "Instance is not ready for HA" when Adding a Worker Node to HA in OAG