Page MenuHomeClusterLabs Projects
Files F4512528

No OneTemporary
Actions

View Options

diff --git a/doc/Clusters_from_Scratch/en-US/Ap-Configuration.txt b/doc/Clusters_from_Scratch/en-US/Ap-Configuration.txt
index 0cbfeec0f7..5852e7eb04 100644
--- a/doc/Clusters_from_Scratch/en-US/Ap-Configuration.txt
+++ b/doc/Clusters_from_Scratch/en-US/Ap-Configuration.txt
@@ -1,498 +1,498 @@
[appendix]
== Configuration Recap ==
=== Final Cluster Configuration ===
ifdef::pcs[]
[source,C]
----
# pcs resource
Master/Slave Set: WebDataClone [WebData]
Masters: [ pcmk-2 pcmk-1 ]
Clone Set: dlm-clone [dlm]
Started: [ pcmk-2 pcmk-1 ]
Clone Set: ClusterIP-clone [ClusterIP] (unique)
ClusterIP:0 (ocf::heartbeat:IPaddr2) Started
ClusterIP:1 (ocf::heartbeat:IPaddr2) Started
Clone Set: WebFS-clone [WebFS]
Started: [ pcmk-1 pcmk-2 ]
Clone Set: WebSite-clone [WebSite]
Started: [ pcmk-1 pcmk-2 ]
-# pcs resource defaults
+# pcs resource rsc defaults
resource-stickiness: 100
# pcs resource op defaults
timeout: 240s
# pcs stonith
impi-fencing (stonith:fence_ipmilan) Started
# pcs property
dc-version: 1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0
cluster-infrastructure: corosync
no-quorum-policy: ignore
stonith-enabled: true
# pcs constraint
Location Constraints:
Ordering Constraints:
ClusterIP-clone then WebSite-clone
WebDataClone then WebSite-clone
WebFS-clone then WebSite-clone
Colocation Constraints:
WebSite-clone with ClusterIP-clone
WebFS-clone with WebDataClone (with-rsc-role:Master)
WebSite-clone with WebFS-clone
#
# pcs status
Last updated: Fri Sep 14 13:45:34 2012
Last change: Fri Sep 14 13:43:13 2012 via cibadmin on pcmk-1
Stack: corosync
Current DC: pcmk-1 (1) - partition with quorum
Version: 1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0
2 Nodes configured, unknown expected votes
11 Resources configured.
Online: [ pcmk-1 pcmk-2 ]
Full list of resources:
Master/Slave Set: WebDataClone [WebData]
Masters: [ pcmk-2 pcmk-1 ]
Clone Set: dlm-clone [dlm]
Started: [ pcmk-1 pcmk-2 ]
Clone Set: ClusterIP-clone [ClusterIP] (unique)
ClusterIP:0 (ocf::heartbeat:IPaddr2): Started pcmk-1
ClusterIP:1 (ocf::heartbeat:IPaddr2): Started pcmk-2
Clone Set: WebFS-clone [WebFS]
Started: [ pcmk-1 pcmk-2 ]
Clone Set: WebSite-clone [WebSite]
Started: [ pcmk-1 pcmk-2 ]
impi-fencing (stonith:fence_ipmilan): Started
----
In xml it should look similar to this.
[source,XML]
----
<cib admin_epoch="0" cib-last-written="Fri Sep 14 13:43:13 2012" crm_feature_set="3.0.6" dc-uuid="1" epoch="47" have-quorum="1" num_updates="50" update-client="cibadmin" update-origin="pcmk-1" validate-with="pacemaker-1.2">
<configuration>
<crm_config>
<cluster_property_set id="cib-bootstrap-options">
<nvpair id="cib-bootstrap-options-dc-version" name="dc-version" value="1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0"/>
<nvpair id="cib-bootstrap-options-cluster-infrastructure" name="cluster-infrastructure" value="corosync"/>
<nvpair id="cib-bootstrap-options-no-quorum-policy" name="no-quorum-policy" value="ignore"/>
<nvpair id="cib-bootstrap-options-stonith-enabled" name="stonith-enabled" value="true"/>
</cluster_property_set>
</crm_config>
<nodes>
<node id="1" type="normal" uname="pcmk-1"/>
<node id="2" type="normal" uname="pcmk-2"/>
</nodes>
<resources>
<master id="WebDataClone">
<primitive class="ocf" id="WebData" provider="linbit" type="drbd">
<instance_attributes id="WebData-instance_attributes">
<nvpair id="WebData-instance_attributes-drbd_resource" name="drbd_resource" value="wwwdata"/>
</instance_attributes>
<operations>
<op id="WebData-interval-60s" interval="60s" name="monitor"/>
</operations>
</primitive>
<meta_attributes id="WebDataClone-meta_attributes">
<nvpair id="WebDataClone-meta_attributes-master-node-max" name="master-node-max" value="1"/>
<nvpair id="WebDataClone-meta_attributes-clone-max" name="clone-max" value="2"/>
<nvpair id="WebDataClone-meta_attributes-clone-node-max" name="clone-node-max" value="1"/>
<nvpair id="WebDataClone-meta_attributes-notify" name="notify" value="true"/>
<nvpair id="WebDataClone-meta_attributes-master-max" name="master-max" value="2"/>
</meta_attributes>
</master>
<clone id="dlm-clone">
<primitive class="ocf" id="dlm" provider="pacemaker" type="controld">
<instance_attributes id="dlm-instance_attributes"/>
<operations>
<op id="dlm-interval-60s" interval="60s" name="monitor"/>
</operations>
</primitive>
<meta_attributes id="dlm-clone-meta">
<nvpair id="dlm-clone-max" name="clone-max" value="2"/>
<nvpair id="dlm-clone-node-max" name="clone-node-max" value="1"/>
</meta_attributes>
</clone>
<clone id="ClusterIP-clone">
<primitive class="ocf" id="ClusterIP" provider="heartbeat" type="IPaddr2">
<instance_attributes id="ClusterIP-instance_attributes">
<nvpair id="ClusterIP-instance_attributes-ip" name="ip" value="192.168.0.120"/>
<nvpair id="ClusterIP-instance_attributes-cidr_netmask" name="cidr_netmask" value="32"/>
<nvpair id="ClusterIP-instance_attributes-clusterip_hash" name="clusterip_hash" value="sourceip"/>
</instance_attributes>
<operations>
<op id="ClusterIP-interval-30s" interval="30s" name="monitor"/>
</operations>
</primitive>
<meta_attributes id="ClusterIP-clone-meta">
<nvpair id="ClusterIP-globally-unique" name="globally-unique" value="true"/>
<nvpair id="ClusterIP-clone-max" name="clone-max" value="2"/>
<nvpair id="ClusterIP-clone-node-max" name="clone-node-max" value="2"/>
</meta_attributes>
</clone>
<clone id="WebFS-clone">
<primitive class="ocf" id="WebFS" provider="heartbeat" type="Filesystem">
<instance_attributes id="WebFS-instance_attributes">
<nvpair id="WebFS-instance_attributes-device" name="device" value="/dev/drbd/by-res/wwwdata"/>
<nvpair id="WebFS-instance_attributes-directory" name="directory" value="/var/www/html"/>
<nvpair id="WebFS-instance_attributes-fstype" name="fstype" value="gfs2"/>
</instance_attributes>
<meta_attributes id="WebFS-meta_attributes"/>
</primitive>
<meta_attributes id="WebFS-clone-meta"/>
</clone>
<clone id="WebSite-clone">
<primitive class="ocf" id="WebSite" provider="heartbeat" type="apache">
<instance_attributes id="WebSite-instance_attributes">
<nvpair id="WebSite-instance_attributes-configfile" name="configfile" value="/etc/httpd/conf/httpd.conf"/>
<nvpair id="WebSite-instance_attributes-statusurl" name="statusurl" value="http://localhost/server-status"/>
</instance_attributes>
<operations>
<op id="WebSite-interval-1min" interval="1min" name="monitor"/>
</operations>
</primitive>
<meta_attributes id="WebSite-clone-meta"/>
</clone>
<primitive class="stonith" id="impi-fencing" type="fence_ipmilan">
<instance_attributes id="impi-fencing-instance_attributes">
<nvpair id="impi-fencing-instance_attributes-pcmk_host_list" name="pcmk_host_list" value="pcmk-1 pcmk-2"/>
<nvpair id="impi-fencing-instance_attributes-ipaddr" name="ipaddr" value="10.0.0.1"/>
<nvpair id="impi-fencing-instance_attributes-login" name="login" value="testuser"/>
<nvpair id="impi-fencing-instance_attributes-passwd" name="passwd" value="acd123"/>
</instance_attributes>
<operations>
<op id="impi-fencing-interval-60s" interval="60s" name="monitor"/>
</operations>
</primitive>
</resources>
<constraints>
<rsc_colocation id="colocation-WebSite-ClusterIP-INFINITY" rsc="WebSite-clone" score="INFINITY" with-rsc="ClusterIP-clone"/>
<rsc_order first="ClusterIP-clone" first-action="start" id="order-ClusterIP-WebSite-mandatory" then="WebSite-clone" then-action="start"/>
<rsc_colocation id="colocation-WebFS-WebDataClone-INFINITY" rsc="WebFS-clone" score="INFINITY" with-rsc="WebDataClone" with-rsc-role="Master"/>
<rsc_colocation id="colocation-WebSite-WebFS-INFINITY" rsc="WebSite-clone" score="INFINITY" with-rsc="WebFS-clone"/>
<rsc_order first="WebFS-clone" id="order-WebFS-WebSite-mandatory" then="WebSite-clone"/>
<rsc_order first="WebDataClone" first-action="promote" id="order-WebDataClone-WebFS-mandatory" then="WebFS-clone" then-action="start"/>
</constraints>
<rsc_defaults>
<meta_attributes id="rsc_defaults-options">
<nvpair id="rsc_defaults-options-resource-stickiness" name="resource-stickiness" value="100"/>
</meta_attributes>
</rsc_defaults>
<op_defaults>
<meta_attributes id="op_defaults-options">
<nvpair id="op_defaults-options-timeout" name="timeout" value="240s"/>
</meta_attributes>
</op_defaults>
</configuration>
</cib>
----
endif::[]
ifdef::crmsh[]
.....
# crm configure show
node pcmk-1
node pcmk-2
primitive WebData ocf:linbit:drbd \
params drbd_resource="wwwdata" \
op monitor interval="60s"
primitive WebFS ocf:heartbeat:Filesystem \
params device="/dev/drbd/by-res/wwwdata" directory="/var/www/html" fstype="gfs2"
primitive WebSite ocf:heartbeat:apache \
params configfile="/etc/httpd/conf/httpd.conf" \
op monitor interval="1min"
primitive ClusterIP ocf:heartbeat:IPaddr2 \
params ip="192.168.122.101" cidr_netmask="32" clusterip_hash="sourceip" \
op monitor interval="30s"
primitive ipmi-fencing stonith::fence_ipmilan \
params pcmk_host_list="pcmk-1 pcmk-2" ipaddr=10.0.0.1 login=testuser passwd=abc123 \
op monitor interval="60s"
ms WebDataClone WebData \
meta master-max="2" master-node-max="1" clone-max="2" clone-node-max="1" notify="true"
clone WebFSClone WebFS
clone WebIP ClusterIP \
meta globally-unique="true" clone-max="2" clone-node-max="2"
clone WebSiteClone WebSite
colocation WebSite-with-WebFS inf: WebSiteClone WebFSClone
colocation fs_on_drbd inf: WebFSClone WebDataClone:Master
colocation website-with-ip inf: WebSiteClone WebIP
order WebFS-after-WebData inf: WebDataClone:promote WebFSClone:start
order WebSite-after-WebFS inf: WebFSClone WebSiteClone
order apache-after-ip inf: WebIP WebSiteClone
property $id="cib-bootstrap-options" \
dc-version="1.1.5-bdd89e69ba545404d02445be1f3d72e6a203ba2f" \
cluster-infrastructure="openais" \
expected-quorum-votes="2" \
stonith-enabled="true" \
no-quorum-policy="ignore"
rsc_defaults $id="rsc-options" \
resource-stickiness="100"
.....
endif::[]
=== Node List ===
The list of cluster nodes is automatically populated by the cluster.
ifdef::pcs[]
.....
Pacemaker Nodes:
Online: [ pcmk-1 pcmk-2 ]
.....
endif::[]
ifdef::crmsh[]
.....
node pcmk-1
node pcmk-2
.....
endif::[]
=== Cluster Options ===
This is where the cluster automatically stores some information about
the cluster
* dc-version - the version (including upstream source-code hash) of Pacemaker used on the DC
* cluster-infrastructure - the cluster infrastructure being used (heartbeat or openais)
* expected-quorum-votes - the maximum number of nodes expected to be part of the cluster
and where the admin can set options that control the way the cluster
operates
* stonith-enabled=true - Make use of STONITH
* no-quorum-policy=ignore - Ignore loss of quorum and continue to host resources.
ifdef::pcs[]
[source,C]
----
# pcs property
dc-version: 1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0
cluster-infrastructure: corosync
no-quorum-policy: ignore
stonith-enabled: true
----
endif::[]
ifdef::crmsh[]
.....
property $id="cib-bootstrap-options" \
dc-version="1.1.5-bdd89e69ba545404d02445be1f3d72e6a203ba2f" \
cluster-infrastructure="openais" \
expected-quorum-votes="2" \
stonith-enabled="true" \
no-quorum-policy="ignore"
.....
endif::[]
=== Resources ===
==== Default Options ====
Here we configure cluster options that apply to every resource.
ifdef::pcs[]
* resource-stickiness - Specify the aversion to moving resources to other machines
[source,C]
----
-# pcs resource defaults
+# pcs resource rsc defaults
resource-stickiness: 100
----
endif::[]
ifdef::crmsh[]
* resource-stickiness - Specify the aversion to moving resources to other machines
.....
rsc_defaults $id="rsc-options" \
resource-stickiness="100"
.....
endif::[]
==== Fencing ====
ifdef::pcs[]
[source,C]
----
# pcs stonith show
impi-fencing (stonith:fence_ipmilan) Started
# pcs stonith show impi-fencing
Resource: impi-fencing
pcmk_host_list: pcmk-1 pcmk-2
ipaddr: 10.0.0.1
login: testuser
passwd: acd123
----
endif::[]
ifdef::crmsh[]
.....
primitive ipmi-fencing stonith::fence_ipmilan \
params pcmk_host_list="pcmk-1 pcmk-2" ipaddr=10.0.0.1 login=testuser passwd=abc123 \
op monitor interval="60s"
clone Fencing rsa-fencing
.....
endif::[]
==== Service Address ====
Users of the services provided by the cluster require an unchanging
address with which to access it. Additionally, we cloned the address so
it will be active on both nodes. An iptables rule (created as part of the
resource agent) is used to ensure that each request only gets processed by one
of the two clone instances. The additional meta options tell the cluster
that we want two instances of the clone (one "request bucket" for each
node) and that if one node fails, then the remaining node should hold
both.
ifdef::pcs[]
[source,C]
----
# pcs resource show ClusterIP-clone
Resource: ClusterIP-clone
ip: 192.168.0.120
cidr_netmask: 32
clusterip_hash: sourceip
globally-unique: true
clone-max: 2
clone-node-max: 2
op monitor interval=30s
----
endif::[]
ifdef::crmsh[]
.....
primitive ClusterIP ocf:heartbeat:IPaddr2 \
params ip="192.168.122.101" cidr_netmask="32" clusterip_hash="sourceip" \
op monitor interval="30s"
clone WebIP ClusterIP
meta globally-unique="true" clone-max="2" clone-node-max="2"
.....
endif::[]
[NOTE]
=======
TODO: The RA should check for globally-unique=true when cloned
=======
==== DRBD - Shared Storage ====
Here we define the DRBD service and specify which DRBD resource (from
drbd.conf) it should manage. We make it a master/slave resource and, in
order to have an active/active setup, allow both instances to be promoted
by specifying master-max=2. We also set the notify option so that the
cluster will tell DRBD agent when it's peer changes state.
ifdef::pcs[]
[source,C]
----
# pcs resource show WebDataClone
Resource: WebDataClone
drbd_resource: wwwdata
master-node-max: 1
clone-max: 2
clone-node-max: 1
notify: true
master-max: 2
op monitor interval=60s
# pcs constraint ref WebDataClone
Resource: WebDataClone
colocation-WebFS-WebDataClone-INFINITY
order-WebDataClone-WebFS-mandatory
----
endif::[]
ifdef::crmsh[]
.....
primitive WebData ocf:linbit:drbd \
params drbd_resource="wwwdata" \
op monitor interval="60s"
ms WebDataClone WebData \
meta master-max="2" master-node-max="1" clone-max="2" clone-node-max="1" notify="true"
.....
endif::[]
==== Cluster Filesystem ====
The cluster filesystem ensures that files are read and written correctly.
We need to specify the block device (provided by DRBD), where we want it
mounted and that we are using GFS2. Again it is a clone because it is
intended to be active on both nodes. The additional constraints ensure
that it can only be started on nodes with active gfs-control and drbd
instances.
ifdef::pcs[]
[source,C]
----
# pcs resource show WebFS-clone
Resource: WebFS-clone
device: /dev/drbd/by-res/wwwdata
directory: /var/www/html
fstype: gfs2
# pcs constraint ref WebFS-clone
Resource: WebFS-clone
colocation-WebFS-WebDataClone-INFINITY
colocation-WebSite-WebFS-INFINITY
order-WebFS-WebSite-mandatory
order-WebDataClone-WebFS-mandatory
----
endif::[]
ifdef::crmsh[]
.....
primitive WebFS ocf:heartbeat:Filesystem \
params device="/dev/drbd/by-res/wwwdata" directory="/var/www/html" fstype="gfs2"
clone WebFSClone WebFS
colocation WebFS-with-gfs-control inf: WebFSClone gfs-clone
colocation fs_on_drbd inf: WebFSClone WebDataClone:Master
order WebFS-after-WebData inf: WebDataClone:promote WebFSClone:start
order start-WebFS-after-gfs-control inf: gfs-clone WebFSClone
.....
endif::[]
==== Apache ====
Lastly we have the actual service, Apache. We need only tell the cluster
where to find it's main configuration file and restrict it to running on
nodes that have the required filesystem mounted and the IP address
active.
ifdef::pcs[]
[source,C]
----
# pcs resource show WebSite-clone
Resource: WebSite-clone
configfile: /etc/httpd/conf/httpd.conf
statusurl: http://localhost/server-status
master-max: 2
op monitor interval=1min
# pcs constraint ref WebSite-clone
Resource: WebSite-clone
colocation-WebSite-ClusterIP-INFINITY
colocation-WebSite-WebFS-INFINITY
order-ClusterIP-WebSite-mandatory
order-WebFS-WebSite-mandatory
----
endif::[]
ifdef::crmsh[]
.....
primitive WebSite ocf:heartbeat:apache \
params configfile="/etc/httpd/conf/httpd.conf" \
op monitor interval="1min"
clone WebSiteClone WebSite
colocation WebSite-with-WebFS inf: WebSiteClone WebFSClone
colocation website-with-ip inf: WebSiteClone WebIP
order apache-after-ip inf: WebIP WebSiteClone
order WebSite-after-WebFS inf: WebFSClone WebSiteClone
.....
endif::[]
diff --git a/doc/Clusters_from_Scratch/en-US/Ch-Active-Active.txt b/doc/Clusters_from_Scratch/en-US/Ch-Active-Active.txt
index 5943c190dc..714a0d3158 100644
--- a/doc/Clusters_from_Scratch/en-US/Ch-Active-Active.txt
+++ b/doc/Clusters_from_Scratch/en-US/Ch-Active-Active.txt
@@ -1,755 +1,755 @@
= Conversion to Active/Active =
== Requirements ==
The primary requirement for an Active/Active cluster is that the data
required for your services is available, simultaneously, on both
machines. Pacemaker makes no requirement on how this is achieved, you
could use a SAN if you had one available, however since DRBD supports
multiple Primaries, we can also use that.
The only hitch is that we need to use a cluster-aware filesystem. The
one we used earlier with DRBD, ext4, is not one of those. Both OCFS2
and GFS2 are supported, however here we will use GFS2 which comes with
Fedora 17.
=== Installing the required Software ===
[source,C]
# yum install -y gfs2-utils dlm kernel-modules-extra
.....
Loaded plugins: langpacks, presto, refresh-packagekit
Resolving Dependencies
--> Running transaction check
---> Package dlm.x86_64 0:3.99.4-1.fc17 will be installed
---> Package gfs2-utils.x86_64 0:3.1.4-3.fc17 will be installed
---> Package kernel-modules-extra.x86_64 0:3.4.4-3.fc17 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
dlm x86_64 3.99.4-1.fc17 updates 83 k
gfs2-utils x86_64 3.1.4-3.fc17 fedora 214 k
kernel-modules-extra x86_64 3.4.4-3.fc17 updates 1.7 M
Transaction Summary
================================================================================
Install 3 Packages
Total download size: 1.9 M
Installed size: 7.7 M
Downloading Packages:
(1/3): dlm-3.99.4-1.fc17.x86_64.rpm | 83 kB 00:00
(2/3): gfs2-utils-3.1.4-3.fc17.x86_64.rpm | 214 kB 00:00
(3/3): kernel-modules-extra-3.4.4-3.fc17.x86_64.rpm | 1.7 MB 00:01
--------------------------------------------------------------------------------
Total 615 kB/s | 1.9 MB 00:03
Running Transaction Check
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : kernel-modules-extra-3.4.4-3.fc17.x86_64 1/3
Installing : gfs2-utils-3.1.4-3.fc17.x86_64 2/3
Installing : dlm-3.99.4-1.fc17.x86_64 3/3
Verifying : dlm-3.99.4-1.fc17.x86_64 1/3
Verifying : gfs2-utils-3.1.4-3.fc17.x86_64 2/3
Verifying : kernel-modules-extra-3.4.4-3.fc17.x86_64 3/3
Installed:
dlm.x86_64 0:3.99.4-1.fc17
gfs2-utils.x86_64 0:3.1.4-3.fc17
kernel-modules-extra.x86_64 0:3.4.4-3.fc17
Complete!
.....
== Create a GFS2 Filesystem ==
[[GFS2_prep]]
=== Preparation ===
Before we do anything to the existing partition, we need to make sure it
is unmounted. We do this by telling the cluster to stop the WebFS resource.
This will ensure that other resources (in our case, Apache) using WebFS
are not only stopped, but stopped in the correct order.
ifdef::pcs[]
[source,C]
----
# pcs resource disable WebFS
# pcs resource
ClusterIP (ocf::heartbeat:IPaddr2) Started
WebSite (ocf::heartbeat:apache) Stopped
Master/Slave Set: WebDataClone [WebData]
Masters: [ pcmk-2 ]
Slaves: [ pcmk-1 ]
WebFS (ocf::heartbeat:Filesystem) Stopped
----
endif::[]
ifdef::crmsh[]
[source,C]
-----
# crm resource disable WebFS
# crm_mon -1
============
Last updated: Tue Apr 3 14:07:36 2012
Last change: Tue Apr 3 14:07:15 2012 via cibadmin on pcmk-1
Stack: corosync
Current DC: pcmk-1 (1702537408) - partition with quorum
Version: 1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff
2 Nodes configured, unknown expected votes
5 Resources configured.
============
Online: [ pcmk-1 pcmk-2 ]
ClusterIP (ocf::heartbeat:IPaddr2): Started pcmk-2
Master/Slave Set: WebDataClone [WebData]
Masters: [ pcmk-2 ]
Slaves: [ pcmk-1 ]
-----
endif::[]
[NOTE]
=======
Note that both Apache and WebFS have been stopped.
=======
=== Create and Populate an GFS2 Partition ===
Now that the cluster stack and integration pieces are running smoothly,
we can create an GFS2 partition.
[WARNING]
=========
This will erase all previous content stored on the DRBD device. Ensure
you have a copy of any important data.
=========
We need to specify a number of additional parameters when creating a
GFS2 partition.
First we must use the -p option to specify that we want to use the the
Kernel's DLM. Next we use -j to indicate that it should reserve enough
space for two journals (one per node accessing the filesystem).
ifdef::pcs[]
Lastly, we use -t to specify the lock table name. The format for this
field is +clustername:fsname+. For the +fsname+, we need to use the same
value as specified in 'corosync.conf' for +cluster_name+. If you setup
corosync with the same cluster name we used in this tutorial, cluster
name will be 'mycluster'. If you are unsure what your cluster name is,
open up /etc/corosync/corosync.conf, or execute the command
'pcs cluster corosync pcmk-1' to view the corosync config. The cluster
name will be in the +totem+ block.
endif::[]
ifdef::crmsh[]
Lastly, we use -t to specify the lock table name. The format for this
field is +clustername:fsname+. For the +fsname+, we need to use the same
value as specified in 'corosync.conf' for +cluster_name+. Just pick
something unique and descriptive and add somewhere inside the +totem+
block. For example:
.....
totem {
version: 2
# cypto_cipher and crypto_hash: Used for mutual node authentication.
# If you choose to enable this, then do remember to create a shared
# secret with "corosync-keygen".
crypto_cipher: none
crypto_hash: none
cluster_name: mycluster
...
.....
[IMPORTANT]
===========
Do this on each node in the cluster and be sure to restart them before
continuing.
===========
endif::[]
[IMPORTANT]
===========
We must run the next command on whichever node last had '/dev/drbd'
mounted. Otherwise you will receive the message:
-----
/dev/drbd1: Read-only file system
-----
===========
[source,C]
-----
# ssh pcmk-2 -- mkfs.gfs2 -p lock_dlm -j 2 -t mycluster:web /dev/drbd1
This will destroy any data on /dev/drbd1.
It appears to contain: Linux rev 1.0 ext4 filesystem data, UUID=dc45fff3-c47a-4db2-96f7-a8049a323fe4 (extents) (large files) (huge files)
Are you sure you want to proceed? [y/n]y
Device: /dev/drbd1
Blocksize: 4096
Device Size 0.97 GB (253935 blocks)
Filesystem Size: 0.97 GB (253932 blocks)
Journals: 2
Resource Groups: 4
Locking Protocol: "lock_dlm"
Lock Table: "mycluster"
UUID: ed293a02-9eee-3fa3-ed1c-435ef1fd0116
-----
ifdef::pcs[]
[source,C]
----
# pcs cluster cib dlm_cfg
# pcs -f dlm_cfg resource create dlm ocf:pacemaker:controld op monitor interval=60s
# pcs -f dlm_cfg resource clone dlm clone-max=2 clone-node-max=1
# pcs -f dlm_cfg resource show
ClusterIP (ocf::heartbeat:IPaddr2) Started
WebSite (ocf::heartbeat:apache) Stopped
Master/Slave Set: WebDataClone [WebData]
Masters: [ pcmk-2 ]
Slaves: [ pcmk-1 ]
WebFS (ocf::heartbeat:Filesystem) Stopped
Clone Set: dlm-clone [dlm]
Stopped: [ dlm:0 dlm:1 ]
-# pcs cluster cib-push dlm_cfg
+# pcs cluster push cib dlm_cfg
CIB updated
# pcs status
Last updated: Fri Sep 14 12:54:50 2012
Last change: Fri Sep 14 12:54:43 2012 via cibadmin on pcmk-1
Stack: corosync
Current DC: pcmk-1 (1) - partition with quorum
Version: 1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0
2 Nodes configured, unknown expected votes
7 Resources configured.
Online: [ pcmk-1 pcmk-2 ]
Full list of resources:
ClusterIP (ocf::heartbeat:IPaddr2): Started pcmk-2
WebSite (ocf::heartbeat:apache): Stopped
Master/Slave Set: WebDataClone [WebData]
Masters: [ pcmk-2 ]
Slaves: [ pcmk-1 ]
WebFS (ocf::heartbeat:Filesystem): Stopped
Clone Set: dlm-clone [dlm]
Started: [ pcmk-1 pcmk-2 ]
----
endif::[]
ifdef::crmsh[]
[source,C]
-----
# crm
crm(live)# cib new dlm
INFO: dlm shadow CIB created
crm(dlm)# configure primitive dlm ocf:pacemaker:controld \
op monitor interval=60s
crm(dlm)# configure clone dlm_clone dlm meta clone-max=2 clone-node-max=1
crm(dlm)# configure show
node $id="1702537408" pcmk-1 \
attributes standby="off"
node $id="1719314624" pcmk-2
primitive ClusterIP ocf:heartbeat:IPaddr2 \
params ip="192.168.122.120" cidr_netmask="32" \
op monitor interval="30s"
primitive WebData ocf:linbit:drbd \
params drbd_resource="wwwdata" \
op monitor interval="60s"
primitive WebFS ocf:heartbeat:Filesystem \
params device="/dev/drbd/by-res/wwwdata" directory="/var/www/html" fstype="ext4" \
meta target-role="Stopped"
primitive WebSite ocf:heartbeat:apache \
params configfile="/etc/httpd/conf/httpd.conf" \
op monitor interval="1min"
primitive dlm ocf:pacemaker:controld \
op monitor interval="60s"
ms WebDataClone WebData \
meta master-max="1" master-node-max="1" clone-max="2" clone-node-max="1" notify="true"
clone dlm_clone dlm \
meta clone-max="2" clone-node-max="1"
location prefer-pcmk-1 WebSite 50: pcmk-1
colocation WebSite-with-WebFS inf: WebSite WebFS
colocation fs_on_drbd inf: WebFS WebDataClone:Master
colocation website-with-ip inf: WebSite ClusterIP
order WebFS-after-WebData inf: WebDataClone:promote WebFS:start
order WebSite-after-WebFS inf: WebFS WebSite
order apache-after-ip inf: ClusterIP WebSite
property $id="cib-bootstrap-options" \
dc-version="1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff" \
cluster-infrastructure="corosync" \
stonith-enabled="false" \
no-quorum-policy="ignore" \
last-lrm-refresh="1333446866"
rsc_defaults $id="rsc-options" \
resource-stickiness="100"
op_defaults $id="op-options" \
timeout="240s"
crm(dlm)# cib commit dlm
INFO: commited 'dlm' shadow CIB to the cluster
crm(dlm)# quit
bye
# crm_mon -1
============
Last updated: Wed Apr 4 01:15:11 2012
Last change: Wed Apr 4 00:50:11 2012 via crmd on pcmk-1
Stack: corosync
Current DC: pcmk-1 (1702537408) - partition with quorum
Version: 1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff
2 Nodes configured, unknown expected votes
7 Resources configured.
============
Online: [ pcmk-1 pcmk-2 ]
ClusterIP (ocf::heartbeat:IPaddr2): Started pcmk-1
Master/Slave Set: WebDataClone [WebData]
Masters: [ pcmk-1 ]
Slaves: [ pcmk-2 ]
Clone Set: dlm_clone [dlm]
Started: [ pcmk-1 pcmk-2 ]
-----
endif::[]
Then (re)populate the new filesystem with data (web pages). For now we'll
create another variation on our home page.
[source,C]
-----
# mount /dev/drbd1 /mnt/
# cat <<-END >/mnt/index.html
<html>
<body>My Test Site - GFS2</body>
</html>
END
# umount /dev/drbd1
# drbdadm verify wwwdata
-----
== Reconfigure the Cluster for GFS2 ==
ifdef::pcs[]
With the WebFS resource stopped, lets update the configuration.
[source,C]
----
# pcs resource show WebFS
Resource: WebFS
device: /dev/drbd/by-res/wwwdata
directory: /var/www/html
fstype: ext4
target-role: Stopped
----
The fstype option needs to be updated to gfs2 instead of ext4.
[source,C]
----
# pcs resource update WebFS fstype=gfs2
# pcs resource show WebFS
Resource: WebFS
device: /dev/drbd/by-res/wwwdata
directory: /var/www/html
fstype: gfs2
target-role: Stopped
CIB updated
----
endif::[]
ifdef::crmsh[]
[source,C]
-----
# crm
crm(live) # cib new GFS2
INFO: GFS2 shadow CIB created
crm(GFS2) # configure delete WebFS
crm(GFS2) # configure primitive WebFS ocf:heartbeat:Filesystem params device="/dev/drbd/by-res/wwwdata" directory="/var/www/html" fstype="gfs2"
-----
Now that we've recreated the resource, we also need to recreate all the
constraints that used it. This is because the shell will automatically
remove any constraints that referenced WebFS.
[source,C]
-----
crm(GFS2) # configure colocation WebSite-with-WebFS inf: WebSite WebFS
crm(GFS2) # configure colocation fs_on_drbd inf: WebFS WebDataClone:Master
crm(GFS2) # configure order WebFS-after-WebData inf: WebDataClone:promote WebFS:start
crm(GFS2) # configure order WebSite-after-WebFS inf: WebFS WebSite
crm(GFS2) # configure show
node pcmk-1
node pcmk-2
primitive WebData ocf:linbit:drbd \
params drbd_resource="wwwdata" \
op monitor interval="60s"
primitive WebFS ocf:heartbeat:Filesystem \
params device="/dev/drbd/by-res/wwwdata" directory="/var/www/html" fstype="gfs2"
primitive WebSite ocf:heartbeat:apache \
params configfile="/etc/httpd/conf/httpd.conf" \
op monitor interval="1min"
primitive ClusterIP ocf:heartbeat:IPaddr2 \
params ip="192.168.122.101" cidr_netmask="32" \
op monitor interval="30s"
ms WebDataClone WebData \
meta master-max="1" master-node-max="1" clone-max="2" clone-node-max="1" notify="true"
colocation WebSite-with-WebFS inf: WebSite WebFS
colocation fs_on_drbd inf: WebFS WebDataClone:Master
colocation website-with-ip inf: WebSite ClusterIP
order WebFS-after-WebData inf: WebDataClone:promote WebFS:start
order WebSite-after-WebFS inf: WebFS WebSite
order apache-after-ip inf: ClusterIP WebSite
property $id="cib-bootstrap-options" \
dc-version="1.1.5-bdd89e69ba545404d02445be1f3d72e6a203ba2f" \
cluster-infrastructure="openais" \
expected-quorum-votes="2" \
stonith-enabled="false" \
no-quorum-policy="ignore"
rsc_defaults $id="rsc-options" \
resource-stickiness="100"
-----
Review the configuration before uploading it to the cluster, quitting the
shell and watching the cluster's response
[source,C]
-----
crm(GFS2) # cib commit GFS2
INFO: commited 'GFS2' shadow CIB to the cluster
crm(GFS2) # quit
bye
# crm_mon
============
Last updated: Thu Sep 3 20:49:54 2009
Stack: openais
Current DC: pcmk-2 - partition with quorum
Version: 1.1.5-bdd89e69ba545404d02445be1f3d72e6a203ba2f
2 Nodes configured, 2 expected votes
6 Resources configured.
============
Online: [ pcmk-1 pcmk-2 ]
WebSite (ocf::heartbeat:apache): Started pcmk-2
Master/Slave Set: WebDataClone
Masters: [ pcmk-1 ]
Slaves: [ pcmk-2 ]
ClusterIP (ocf::heartbeat:IPaddr): Started pcmk-2WebFS (ocf::heartbeat:Filesystem): Started pcmk-1
-----
endif::[]
== Reconfigure Pacemaker for Active/Active ==
Almost everything is in place. Recent versions of DRBD are capable of
operating in Primary/Primary mode and the filesystem we're using is
cluster aware. All we need to do now is reconfigure the cluster to take
advantage of this.
ifdef::pcs[]
This will involve a number of changes, so we'll want work with a
local cib file.
[source,C]
----
# pcs cluster cib active_cfg
----
endif::[]
ifdef::crmsh[]
This will involve a number of changes, so we'll again use interactive
mode.
[source,C]
-----
# crm
# cib new active
-----
endif::[]
There's no point making the services active on both locations if we can't
reach them, so lets first clone the IP address. Cloned IPaddr2 resources
use an iptables rule to ensure that each request only gets processed by one of
the two clone instances. The additional meta options tell the cluster how
many instances of the clone we want (one "request bucket" for each node)
and that if all other nodes fail, then the remaining node should hold all
of them. Otherwise the requests would be simply discarded.
ifdef::pcs[]
----
# pcs -f active_cfg resource clone ClusterIP \
globally-unique=true clone-max=2 clone-node-max=2
----
Notice when the ClusterIP becomes a clone, the constraints
referencing ClusterIP now reference the clone. This is
done automatically by pcs.
endif::[]
ifdef::pcs[]
[source,C]
----
# pcs -f active_cfg constraint
Location Constraints:
Ordering Constraints:
start ClusterIP-clone then start WebSite
WebFS then WebSite
promote WebDataClone then start WebFS
Colocation Constraints:
WebSite with ClusterIP-clone
WebFS with WebDataClone (with-rsc-role:Master)
WebSite with WebFS
----
endif::[]
ifdef::crmsh[]
[source,C]
-----
# configure clone WebIP ClusterIP \
meta globally-unique="true" clone-max="2" clone-node-max="2"
-----
endif::[]
Now we must tell the ClusterIP how to decide which requests are
processed by which hosts. To do this we must specify the
clusterip_hash parameter.
ifdef::pcs[]
[source,C]
----
# pcs -f active_cfg resource update ClusterIP clusterip_hash=sourceip
----
endif::[]
ifdef::crmsh[]
Open the ClusterIP resource
[source,C]
-----
# configure edit ClusterIP
-----
And add the following to the params line
.....
clusterip_hash="sourceip"
.....
So that the complete definition looks like:
.....
primitive ClusterIP ocf:heartbeat:IPaddr2 \
params ip="192.168.122.101" cidr_netmask="32" clusterip_hash="sourceip" \
op monitor interval="30s"
.....
Here is the full transcript
[source,C]
-----
# crm crm(live)
# cib new active
INFO: active shadow CIB created
crm(active) # configure clone WebIP ClusterIP \
meta globally-unique="true" clone-max="2" clone-node-max="2"
crm(active) # configure shownode pcmk-1
node pcmk-2
primitive WebData ocf:linbit:drbd \
params drbd_resource="wwwdata" \
op monitor interval="60s"
primitive WebFS ocf:heartbeat:Filesystem \
params device="/dev/drbd/by-res/wwwdata" directory="/var/www/html" fstype="gfs2"
primitive WebSite ocf:heartbeat:apache \
params configfile="/etc/httpd/conf/httpd.conf" \
op monitor interval="1min"
primitive ClusterIP ocf:heartbeat:IPaddr2 \
params ip="192.168.122.101" cidr_netmask="32" clusterip_hash="sourceip" \
op monitor interval="30s"
ms WebDataClone WebData \
meta master-max="1" master-node-max="1" clone-max="2" clone-node-max="1" notify="true"
clone WebIP ClusterIP \
meta globally-unique="true" clone-max="2" clone-node-max="2"
colocation WebSite-with-WebFS inf: WebSite WebFS
colocation fs_on_drbd inf: WebFS WebDataClone:Master
colocation website-with-ip inf: WebSite WebIPorder WebFS-after-WebData inf: WebDataClone:promote WebFS:start
order WebSite-after-WebFS inf: WebFS WebSiteorder apache-after-ip inf: WebIP WebSite
property $id="cib-bootstrap-options" \
dc-version="1.1.5-bdd89e69ba545404d02445be1f3d72e6a203ba2f" \
cluster-infrastructure="openais" \
expected-quorum-votes="2" \
stonith-enabled="false" \
no-quorum-policy="ignore"
rsc_defaults $id="rsc-options" \
resource-stickiness="100"
-----
Notice how any constraints that referenced ClusterIP have been updated
to use WebIP instead. This is an additional benefit of using the crm
shell.
endif::[]
Next we need to convert the filesystem and Apache resources into
clones.
ifdef::pcs[]
Notice how pcs automatically updates the relevant constraints again.
[source,C]
----
# pcs -f active_cfg resource clone WebFS
# pcs -f active_cfg resource clone WebSite
# pcs -f active_cfg constraint
Location Constraints:
Ordering Constraints:
start ClusterIP-clone then start WebSite-clone
WebFS-clone then WebSite-clone
promote WebDataClone then start WebFS-clone
Colocation Constraints:
WebSite-clone with ClusterIP-clone
WebFS-clone with WebDataClone (with-rsc-role:Master)
WebSite-clone with WebFS-clone
----
endif::[]
ifdef::crmsh[]
Again, the shell will automatically update any relevant
constraints.
[source,C]
-----
crm(active) # configure clone WebFSClone WebFS
crm(active) # configure clone WebSiteClone WebSite
-----
endif::[]
The last step is to tell the cluster that it is now allowed to promote
both instances to be Primary (aka. Master).
ifdef::pcs[]
[source,C]
-----
# pcs -f active_cfg resource update WebDataClone master-max=2
-----
endif::[]
ifdef::crmsh[]
[source,C]
-----
crm(active) # configure edit WebDataClone
-----
Change master-max to 2
[source,C]
-----
crm(active) # configure show
node pcmk-1
node pcmk-2
primitive WebData ocf:linbit:drbd \
params drbd_resource="wwwdata" \
op monitor interval="60s"
primitive WebFS ocf:heartbeat:Filesystem \
params device="/dev/drbd/by-res/wwwdata" directory="/var/www/html" fstype="gfs2"
primitive WebSite ocf:heartbeat:apache \
params configfile="/etc/httpd/conf/httpd.conf" \
op monitor interval="1min"
primitive ClusterIP ocf:heartbeat:IPaddr2 \
params ip="192.168.122.101" cidr_netmask="32" clusterip_hash="sourceip" \
op monitor interval="30s"
ms WebDataClone WebData \
meta master-max="2" master-node-max="1" clone-max="2" clone-node-max="1" notify="true"
clone WebFSClone WebFSclone WebIP ClusterIP \
meta globally-unique="true" clone-max="2" clone-node-max="2"
clone WebSiteClone WebSitecolocation WebSite-with-WebFS inf: WebSiteClone WebFSClone
colocation fs_on_drbd inf: WebFSClone WebDataClone:Master
colocation website-with-ip inf: WebSiteClone WebIP
order WebFS-after-WebData inf: WebDataClone:promote WebFSClone:start
order WebSite-after-WebFS inf: WebFSClone WebSiteClone
order apache-after-ip inf: WebIP WebSiteClone
property $id="cib-bootstrap-options" \
dc-version="1.1.5-bdd89e69ba545404d02445be1f3d72e6a203ba2f" \
cluster-infrastructure="openais" \
expected-quorum-votes="2" \
stonith-enabled="false" \
no-quorum-policy="ignore"
rsc_defaults $id="rsc-options" \
resource-stickiness="100"
-----
endif::[]
Review the configuration before uploading it to the cluster, quitting the
shell and watching the cluster's response
ifdef::pcs[]
[source,C]
-----
-# pcs cluster cib-push active_cfg
+# pcs cluster push cib active_cfg
# pcs resource enable WebFS
-----
After all the processes are started the status should look
similar to this.
[source,C]
-----
# pcs resource
Master/Slave Set: WebDataClone [WebData]
Masters: [ pcmk-2 pcmk-1 ]
Clone Set: dlm-clone [dlm]
Started: [ pcmk-2 pcmk-1 ]
Clone Set: ClusterIP-clone [ClusterIP] (unique)
ClusterIP:0 (ocf::heartbeat:IPaddr2) Started
ClusterIP:1 (ocf::heartbeat:IPaddr2) Started
Clone Set: WebFS-clone [WebFS]
Started: [ pcmk-1 pcmk-2 ]
Clone Set: WebSite-clone [WebSite]
Started: [ pcmk-1 pcmk-2 ]
-----
endif::[]
ifdef::crmsh[]
[source,C]
-----
crm(active) # cib commit active
INFO: commited 'active' shadow CIB to the cluster
crm(active) # quit
bye
# crm_mon
============
Last updated: Thu Sep 3 21:37:27 2009
Stack: openais
Current DC: pcmk-2 - partition with quorum
Version: 1.1.5-bdd89e69ba545404d02445be1f3d72e6a203ba2f
2 Nodes configured, 2 expected votes
6 Resources configured.
============
Online: [ pcmk-1 pcmk-2 ]
Master/Slave Set: WebDataClone
Masters: [ pcmk-1 pcmk-2 ]
Clone Set: WebIP Started: [ pcmk-1 pcmk-2 ]
Clone Set: WebFSClone Started: [ pcmk-1 pcmk-2 ]
Clone Set: WebSiteClone Started: [ pcmk-1 pcmk-2 ]
Clone Set: dlm_clone Started: [ pcmk-1 pcmk-2 ]
-----
endif::[]
=== Testing Recovery ===
[NOTE]
=======
TODO: Put one node into standby to demonstrate failover
=======
diff --git a/doc/Clusters_from_Scratch/en-US/Ch-Active-Passive.txt b/doc/Clusters_from_Scratch/en-US/Ch-Active-Passive.txt
index c91647b60e..7da8fca2d9 100644
--- a/doc/Clusters_from_Scratch/en-US/Ch-Active-Passive.txt
+++ b/doc/Clusters_from_Scratch/en-US/Ch-Active-Passive.txt
@@ -1,683 +1,683 @@
= Creating an Active/Passive Cluster =
== Exploring the Existing Configuration ==
When Pacemaker starts up, it automatically records the number and details
of the nodes in the cluster as well as which stack is being used and the
version of Pacemaker being used.
This is what the base configuration should look like.
ifdef::pcs[]
[source,C]
----
# pcs status
Last updated: Fri Sep 14 10:12:01 2012
Last change: Fri Sep 14 09:51:55 2012 via crmd on pcmk-2
Stack: corosync
Current DC: pcmk-1 (1) - partition with quorum
Version: 1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0
2 Nodes configured, unknown expected votes
0 Resources configured.
Online: [ pcmk-1 pcmk-2 ]
Full list of resources:
----
endif::[]
ifdef::crmsh[]
[source,C]
----
# crm configure show
node $id="1702537408" pcmk-1
node $id="1719314624" pcmk-2
property $id="cib-bootstrap-options" \
dc-version="1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff" \
cluster-infrastructure="corosync"
----
endif::[]
ifdef::pcs[]
For those that are not of afraid of XML, you can see the raw cluster
configuration and status by using the +pcs cluster cib+ command.
.The last XML you'll see in this document
======
[source,C]
----
# pcs cluster cib
----
[source,XML]
----
<cib epoch="4" num_updates="19" admin_epoch="0" validate-with="pacemaker-1.2" crm_feature_set="3.0.6" update-origin="pcmk-1" update-client="crmd" cib-last-written="Wed Aug 1 16:08:52 2012" have-quorum="1" dc-uuid="1">
<configuration>
<crm_config>
<cluster_property_set id="cib-bootstrap-options">
<nvpair id="cib-bootstrap-options-dc-version" name="dc-version" value="1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0"/>
<nvpair id="cib-bootstrap-options-cluster-infrastructure" name="cluster-infrastructure" value="corosync"/>
</cluster_property_set>
</crm_config>
<nodes>
<node id="1" uname="pcmk-1" type="normal"/>
<node id="2" uname="pcmk-2" type="normal"/>
</nodes>
<resources/>
<constraints/>
</configuration>
<status>
<node_state id="2" uname="pcmk-2" ha="active" in_ccm="true" crmd="online" join="member" expected="member" crm-debug-origin="do_state_transition" shutdown="0">
<lrm id="2">
<lrm_resources/>
</lrm>
<transient_attributes id="2">
<instance_attributes id="status-2">
<nvpair id="status-2-probe_complete" name="probe_complete" value="true"/>
</instance_attributes>
</transient_attributes>
</node_state>
<node_state id="1" uname="pcmk-1" ha="active" in_ccm="true" crmd="online" join="member" expected="member" crm-debug-origin="do_state_transition" shutdown="0">
<lrm id="1">
<lrm_resources/>
</lrm>
<transient_attributes id="1">
<instance_attributes id="status-1">
<nvpair id="status-1-probe_complete" name="probe_complete" value="true"/>
</instance_attributes>
</transient_attributes>
</node_state>
</status>
</cib>
----
======
endif::[]
ifdef::crmsh[]
For those that are not of afraid of XML, you can see the raw configuration by appending "xml" to the previous command.
.The last XML you'll see in this document
======
[source,C]
----
# crm configure show xml
----
[source,XML]
----
<?xml version="1.0" ?>
<cib admin_epoch="0" cib-last-written="Tue Apr 3 09:26:21 2012" crm_feature_set="3.0.6" dc-uuid="1702537408" epoch="4" have-quorum="1" num_updates="14" update-client="crmd" update-origin="pcmk-1" validate-with="pacemaker-1.2">
<configuration>
<crm_config>
<cluster_property_set id="cib-bootstrap-options">
<nvpair id="cib-bootstrap-options-dc-version" name="dc-version" value="1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff"/>
<nvpair id="cib-bootstrap-options-cluster-infrastructure" name="cluster-infrastructure" value="corosync"/>
</cluster_property_set>
</crm_config>
<nodes>
<node id="1719314624" type="normal" uname="pcmk-2"/>
<node id="1702537408" type="normal" uname="pcmk-1"/>
</nodes>
<resources/>
<constraints/>
</configuration>
</cib>
----
======
endif::[]
Before we make any changes, its a good idea to check the validity of
the configuration.
[source,C]
----
# crm_verify -L -V
error: unpack_resources: Resource start-up disabled since no STONITH resources have been defined
error: unpack_resources: Either configure some or disable STONITH with the stonith-enabled option
error: unpack_resources: NOTE: Clusters with shared data need STONITH to ensure data integrity
Errors found during check: config not valid
-V may provide more details
----
As you can see, the tool has found some errors.
In order to guarantee the safety of your data
footnote:[If the data is corrupt, there is little point in continuing to make it available]
, the default for STONITH
footnote:[A common node fencing mechanism. Used to ensure data integrity by powering off "bad" nodes]
in Pacemaker is +enabled+. However it also knows when no STONITH configuration has been
supplied and reports this as a problem (since the cluster would not be
able to make progress if a situation requiring node fencing arose).
For now, we will disable this feature and configure it later in the
Configuring STONITH section. It is important to note that the use of
STONITH is highly encouraged, turning it off tells the cluster to
simply pretend that failed nodes are safely powered off. Some vendors
will even refuse to support clusters that have it disabled.
To disable STONITH, we set the _stonith-enabled_ cluster option to
false.
ifdef::pcs[]
[source,C]
----
# pcs property set stonith-enabled=false
# crm_verify -L
----
endif::[]
ifdef::crmsh[]
[source,C]
----
# crm configure property stonith-enabled=false
# crm_verify -L
----
endif::[]
With the new cluster option set, the configuration is now valid.
[WARNING]
=========
The use of stonith-enabled=false is completely inappropriate for a
production cluster. We use it here to defer the discussion of its
configuration which can differ widely from one installation to the
next. See <<_what_is_stonith>> for information on why STONITH is important
and details on how to configure it.
=========
== Adding a Resource ==
The first thing we should do is configure an IP address. Regardless of
where the cluster service(s) are running, we need a consistent address
to contact them on. Here I will choose and add 192.168.122.120 as the
floating address, give it the imaginative name ClusterIP and tell the
cluster to check that its running every 30 seconds.
[IMPORTANT]
===========
The chosen address must not be one already associated with
a physical node
===========
////
No syntax highlighting here to avoid line munging with source,C
////
ifdef::pcs[]
----
# pcs resource create ClusterIP ocf:heartbeat:IPaddr2 \
ip=192.168.0.120 cidr_netmask=32 op monitor interval=30s
----
endif::[]
ifdef::crmsh[]
----
# crm configure primitive ClusterIP ocf:heartbeat:IPaddr2 \
params ip=192.168.122.120 cidr_netmask=32 \
op monitor interval=30s
----
endif::[]
The other important piece of information here is ocf:heartbeat:IPaddr2.
This tells Pacemaker three things about the resource you want to
add. The first field, ocf, is the standard to which the resource
script conforms to and where to find it. The second field is specific
to OCF resources and tells the cluster which namespace to find the
resource script in, in this case heartbeat. The last field indicates
the name of the resource script.
ifdef::pcs[]
To obtain a list of the available resource standards (the ocf part of
ocf:heartbeat:IPaddr2), run
[source,C]
----
# pcs resource standards
ocf
lsb
service
systemd
stonith
----
To obtain a list of the available ocf resource providers (the heartbeat
part of ocf:heartbeat:IPaddr2), run
[source,C]
----
# pcs resource providers
heartbeat
linbit
pacemaker
redhat
----
Finally, if you want to see all the resource agents available for
a specific ocf provider (the IPaddr2 part of ocf:heartbeat:IPaddr2), run
[source,C]
----
# pcs resource agents ocf:heartbeat
AoEtarget
AudibleAlarm
CTDB
ClusterMon
Delay
Dummy
.
. (skipping lots of resources to save space)
.
IPaddr2
.
.
.
symlink
syslog-ng
tomcat
vmware
----
endif::[]
ifdef::crmsh[]
To obtain a list of the available resource classes, run
[source,C]
----
# crm ra classes
heartbeat
lsb
ocf / heartbeat pacemaker
stonith
----
To then find all the OCF resource agents provided by Pacemaker and
Heartbeat, run
[source,C]
----
# crm ra list ocf pacemaker
ClusterMon Dummy HealthCPU HealthSMART Stateful SysInfo
SystemHealth controld o2cb ping pingd
# crm ra list ocf heartbeat
AoEtarget AudibleAlarm CTDB ClusterMon
Delay Dummy EvmsSCC Evmsd
Filesystem ICP IPaddr IPaddr2
IPsrcaddr IPv6addr LVM LinuxSCSI
MailTo ManageRAID ManageVE Pure-FTPd
Raid1 Route SAPDatabase SAPInstance
SendArp ServeRAID SphinxSearchDaemon Squid
Stateful SysInfo VIPArip VirtualDomain
WAS WAS6 WinPopup Xen
Xinetd anything apache conntrackd
db2 drbd eDir88 ethmonitor
exportfs fio iSCSILogicalUnit iSCSITarget
ids iscsi jboss ldirectord
lxc mysql mysql-proxy nfsserver
nginx oracle oralsnr pgsql
pingd portblock postfix proftpd
rsyncd scsi2reservation sfex symlink
syslog-ng tomcat vmware
----
endif::[]
Now verify that the IP resource has been added and display the cluster's
status to see that it is now active.
ifdef::pcs[]
[source,C]
----
# pcs status
Last updated: Fri Sep 14 10:17:00 2012
Last change: Fri Sep 14 10:15:48 2012 via cibadmin on pcmk-1
Stack: corosync
Current DC: pcmk-1 (1) - partition with quorum
Version: 1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0
2 Nodes configured, unknown expected votes
1 Resources configured.
Online: [ pcmk-1 pcmk-2 ]
Full list of resources:
ClusterIP (ocf::heartbeat:IPaddr2): Started pcmk-1
----
endif::[]
ifdef::crmsh[]
[source,C]
----
# crm configure show
node $id="1702537408" pcmk-1
node $id="1719314624" pcmk-2
primitive ClusterIP ocf:heartbeat:IPaddr2 \
params ip="192.168.122.120" cidr_netmask="32" \
op monitor interval="30s"
property $id="cib-bootstrap-options" \
dc-version="1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff" \
cluster-infrastructure="corosync" \
stonith-enabled="false"
# crm_mon -1
============
Last updated: Tue Apr 3 09:56:50 2012
Last change: Tue Apr 3 09:54:37 2012 via cibadmin on pcmk-1
Stack: corosync
Current DC: pcmk-1 (1702537408) - partition with quorum
Version: 1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff
2 Nodes configured, unknown expected votes
1 Resources configured.
============
Online: [ pcmk-1 pcmk-2 ]
ClusterIP (ocf::heartbeat:IPaddr2): Started pcmk-1
----
endif::[]
== Perform a Failover ==
Being a high-availability cluster, we should test failover of our new
resource before moving on.
First, find the node on which the IP address is running.
ifdef::pcs[]
[source,C]
----
# pcs status
Last updated: Fri Sep 14 10:17:00 2012
Last change: Fri Sep 14 10:15:48 2012 via cibadmin on pcmk-1
Stack: corosync
Current DC: pcmk-1 (1) - partition with quorum
Version: 1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0
2 Nodes configured, unknown expected votes
1 Resources configured.
Online: [ pcmk-1 pcmk-2 ]
Full list of resources:
ClusterIP (ocf::heartbeat:IPaddr2): Started pcmk-1
----
endif::[]
ifdef::crmsh[]
[source,C]
----
# crm resource status ClusterIP
resource ClusterIP is running on: pcmk-1
----
endif::[]
Shut down Pacemaker and Corosync on that machine.
ifdef::pcs[]
[source,C]
----
#pcs cluster stop pcmk-1
Stopping Cluster...
----
Once Corosync is no longer running, go to the other node and check the
cluster status.
[source,C]
----
# pcs status
Last updated: Fri Sep 14 10:31:01 2012
Last change: Fri Sep 14 10:15:48 2012 via cibadmin on pcmk-1
Stack: corosync
Current DC: pcmk-2 (2) - partition WITHOUT quorum
Version: 1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0
2 Nodes configured, unknown expected votes
1 Resources configured.
Online: [ pcmk-2 ]
OFFLINE: [ pcmk-1 ]
Full list of resources:
ClusterIP (ocf::heartbeat:IPaddr2): Stopped
----
endif::[]
ifdef::crmsh[]
[source,C]
----
# ssh pcmk-1 -- service pacemaker stop
# ssh pcmk-1 -- service corosync stop
----
Once Corosync is no longer running, go to the other node and check the
cluster status with crm_mon.
[source,C]
----
# crm_mon -1
============
Last updated: Tue Apr 3 10:01:28 2012
Last change: Tue Apr 3 09:54:39 2012 via cibadmin on pcmk-1
Stack: corosync
Current DC: pcmk-2 (1719314624) - partition WITHOUT quorum
Version: 1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff
2 Nodes configured, unknown expected votes
1 Resources configured.
============
Online: [ pcmk-2 ]
OFFLINE: [ pcmk-1 ]
----
endif::[]
There are three things to notice about the cluster's current
state. The first is that, as expected, +pcmk-1+ is now offline. However
we can also see that +ClusterIP+ isn't running anywhere!
=== Quorum and Two-Node Clusters ===
This is because the cluster no longer has quorum, as can be seen by
the text "partition WITHOUT quorum" in the status output. In order
to reduce the possibility of data corruption, Pacemaker's default
behavior is to stop all resources if the cluster does not have quorum.
A cluster is said to have quorum when more than half the known or
expected nodes are online, or for the mathematically inclined,
whenever the following equation is true:
....
total_nodes < 2 * active_nodes
....
Therefore a two-node cluster only has quorum when both nodes are
running, which is no longer the case for our cluster. This would
normally make the creation of a two-node cluster pointless
footnote:[Actually some would argue that two-node clusters are always pointless, but that is an argument for another time]
, however it is possible to control how Pacemaker behaves when quorum
is lost. In particular, we can tell the cluster to simply ignore
quorum altogether.
ifdef::pcs[]
[source,C]
----
# pcs property set no-quorum-policy=ignore
# pcs property
dc-version: 1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0
cluster-infrastructure: corosync
stonith-enabled: false
no-quorum-policy: ignore
----
endif::[]
ifdef::crmsh[]
[source,C]
----
# crm configure property no-quorum-policy=ignore
# crm configure show
node $id="1702537408" pcmk-1
node $id="1719314624" pcmk-2
primitive ClusterIP ocf:heartbeat:IPaddr2 \
params ip="192.168.122.120" cidr_netmask="32" \
op monitor interval="30s"
property $id="cib-bootstrap-options" \
dc-version="1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff" \
cluster-infrastructure="corosync" \
stonith-enabled="false" \
no-quorum-policy="ignore"
----
endif::[]
After a few moments, the cluster will start the IP address on the
remaining node. Note that the cluster still does not have quorum.
ifdef::pcs[]
[source,C]
----
# pcs status
Last updated: Fri Sep 14 10:38:11 2012
Last change: Fri Sep 14 10:37:53 2012 via cibadmin on pcmk-2
Stack: corosync
Current DC: pcmk-2 (2) - partition WITHOUT quorum
Version: 1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0
2 Nodes configured, unknown expected votes
1 Resources configured.
Online: [ pcmk-2 ]
OFFLINE: [ pcmk-1 ]
Full list of resources:
ClusterIP (ocf::heartbeat:IPaddr2): Started pcmk-2
----
endif::[]
ifdef::crmsh[]
[source,C]
----
# crm_mon -1
============
Last updated: Tue Apr 3 10:02:46 2012
Last change: Tue Apr 3 10:02:08 2012 via cibadmin on pcmk-2
Stack: corosync
Current DC: pcmk-2 (1719314624) - partition WITHOUT quorum
Version: 1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff
2 Nodes configured, unknown expected votes
1 Resources configured.
============
Online: [ pcmk-2 ]
OFFLINE: [ pcmk-1 ]
ClusterIP (ocf::heartbeat:IPaddr2): Started pcmk-2
----
endif::[]
Now simulate node recovery by restarting the cluster stack on +pcmk-1+ and
check the cluster's status. Note, if you get an authentication error with
the 'pcs cluster start pcmk-1' command, you must authenticate on the node
using the 'pcs cluster auth pcmk pcmk-1 pcmk-2' command discussed earlier.
ifdef::pcs[]
[source,C]
----
# pcs cluster start pcmk-1
Starting Cluster...
# pcs status
Last updated: Fri Sep 14 10:42:56 2012
Last change: Fri Sep 14 10:37:53 2012 via cibadmin on pcmk-2
Stack: corosync
Current DC: pcmk-2 (2) - partition with quorum
Version: 1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0
2 Nodes configured, unknown expected votes
1 Resources configured.
Online: [ pcmk-1 pcmk-2 ]
Full list of resources:
ClusterIP (ocf::heartbeat:IPaddr2): Started pcmk-2
----
endif::[]
ifdef::crmsh[]
[source,C]
----
# service corosync start
Starting Corosync Cluster Engine (corosync): [ OK ]
# service pacemaker start
Starting Pacemaker Cluster Manager: [ OK ]
# crm_mon
============
Last updated: Fri Aug 28 15:32:13 2009
Stack: openais
Current DC: pcmk-2 - partition with quorum
Version: 1.1.5-bdd89e69ba545404d02445be1f3d72e6a203ba2f
2 Nodes configured, 2 expected votes
1 Resources configured.
============
Online: [ pcmk-1 pcmk-2 ]
ClusterIP (ocf::heartbeat:IPaddr): Started pcmk-2
----
endif::[]
[NOTE]
======
In the dark days, the cluster may have moved the IP back to its
original location (+pcmk-1+). Usually this is no longer the case.
======
=== Prevent Resources from Moving after Recovery ===
In most circumstances, it is highly desirable to prevent healthy
resources from being moved around the cluster. Moving resources almost
always requires a period of downtime. For complex services like Oracle
databases, this period can be quite long.
To address this, Pacemaker has the concept of resource stickiness
which controls how much a service prefers to stay running where it
is. You may like to think of it as the "cost" of any downtime. By
default, Pacemaker assumes there is zero cost associated with moving
resources and will do so to achieve "optimal"
footnote:[It should be noted that Pacemaker's definition of
optimal may not always agree with that of a human's. The order in which
Pacemaker processes lists of resources and nodes creates implicit
preferences in situations where the administrator has not explicitly
specified them]
resource placement. We can specify a different stickiness for every
resource, but it is often sufficient to change the default.
ifdef::pcs[]
[source,C]
----
-# pcs resource defaults resource-stickiness=100
-# pcs resource defaults
+# pcs resource rsc defaults resource-stickiness=100
+# pcs resource rsc defaults
resource-stickiness: 100
----
endif::[]
ifdef::crmsh[]
[source,C]
----
# crm configure rsc_defaults resource-stickiness=100
# crm configure show
node $id="1702537408" pcmk-1
node $id="1719314624" pcmk-2
primitive ClusterIP ocf:heartbeat:IPaddr2 \
params ip="192.168.122.120" cidr_netmask="32" \
op monitor interval="30s"
property $id="cib-bootstrap-options" \
dc-version="1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff" \
cluster-infrastructure="corosync" \
stonith-enabled="false" \
no-quorum-policy="ignore"
rsc_defaults $id="rsc-options" \
resource-stickiness="100"
----
endif::[]
diff --git a/doc/Clusters_from_Scratch/en-US/Ch-Apache.txt b/doc/Clusters_from_Scratch/en-US/Ch-Apache.txt
index 71777dbb26..5833f43760 100644
--- a/doc/Clusters_from_Scratch/en-US/Ch-Apache.txt
+++ b/doc/Clusters_from_Scratch/en-US/Ch-Apache.txt
@@ -1,795 +1,795 @@
= Apache - Adding More Services =
== Forward ==
Now that we have a basic but functional active/passive two-node cluster,
we're ready to add some real services. We're going to start with Apache
because its a feature of many clusters and relatively simple to
configure.
== Installation ==
Before continuing, we need to make sure Apache is installed on both
hosts. We also need the wget tool in order for the cluster to be able to check
the status of the Apache server.
[source,C]
# yum install -y httpd wget
.....
Loaded plugins: langpacks, presto, refresh-packagekit
fedora/metalink | 2.6 kB 00:00
updates/metalink | 3.2 kB 00:00
updates-testing/metalink | 41 kB 00:00
Resolving Dependencies
--> Running transaction check
---> Package httpd.x86_64 0:2.2.22-3.fc17 will be installed
--> Processing Dependency: httpd-tools = 2.2.22-3.fc17 for package: httpd-2.2.22-3.fc17.x86_64
--> Processing Dependency: apr-util-ldap for package: httpd-2.2.22-3.fc17.x86_64
--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.2.22-3.fc17.x86_64
--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.2.22-3.fc17.x86_64
--> Running transaction check
---> Package apr.x86_64 0:1.4.6-1.fc17 will be installed
---> Package apr-util.x86_64 0:1.4.1-2.fc17 will be installed
---> Package apr-util-ldap.x86_64 0:1.4.1-2.fc17 will be installed
---> Package httpd-tools.x86_64 0:2.2.22-3.fc17 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
=====================================================================================
Package Arch Version Repository Size
=====================================================================================
Installing:
httpd x86_64 2.2.22-3.fc17 updates-testing 823 k
wget x86_64 1.13.4-2.fc17 fedora 495 k
Installing for dependencies:
apr x86_64 1.4.6-1.fc17 fedora 99 k
apr-util x86_64 1.4.1-2.fc17 fedora 78 k
apr-util-ldap x86_64 1.4.1-2.fc17 fedora 17 k
httpd-tools x86_64 2.2.22-3.fc17 updates-testing 74 k
Transaction Summary
=====================================================================================
Install 1 Package (+4 Dependent packages)
Total download size: 1.1 M
Installed size: 3.5 M
Downloading Packages:
(1/6): apr-1.4.6-1.fc17.x86_64.rpm | 99 kB 00:00
(2/6): apr-util-1.4.1-2.fc17.x86_64.rpm | 78 kB 00:00
(3/6): apr-util-ldap-1.4.1-2.fc17.x86_64.rpm | 17 kB 00:00
(4/6): httpd-2.2.22-3.fc17.x86_64.rpm | 823 kB 00:01
(5/6): httpd-tools-2.2.22-3.fc17.x86_64.rpm | 74 kB 00:00
(6/6): wget-1.13.4-2.fc17.x86_64.rpm | 495 kB 00:01
-------------------------------------------------------------------------------------
Total 238 kB/s | 1.1 MB 00:04
Running Transaction Check
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : apr-1.4.6-1.fc17.x86_64 1/6
Installing : apr-util-1.4.1-2.fc17.x86_64 2/6
Installing : apr-util-ldap-1.4.1-2.fc17.x86_64 3/6
Installing : httpd-tools-2.2.22-3.fc17.x86_64 4/6
Installing : httpd-2.2.22-3.fc17.x86_64 5/6
Installing : wget-1.13.4-2.fc17.x86_64 6/6
Verifying : apr-util-ldap-1.4.1-2.fc17.x86_64 1/6
Verifying : httpd-tools-2.2.22-3.fc17.x86_64 2/6
Verifying : apr-util-1.4.1-2.fc17.x86_64 3/6
Verifying : apr-1.4.6-1.fc17.x86_64 4/6
Verifying : httpd-2.2.22-3.fc17.x86_64 5/6
Verifying : wget-1.13.4-2.fc17.x86_64 6/6
Installed:
httpd.x86_64 0:2.2.22-3.fc17 wget.x86_64 0:1.13.4-2.fc17
Dependency Installed:
apr.x86_64 0:1.4.6-1.fc17 apr-util.x86_64 0:1.4.1-2.fc17
apr-util-ldap.x86_64 0:1.4.1-2.fc17 httpd-tools.x86_64 0:2.2.22-3.fc17
Complete!
.....
== Preparation ==
First we need to create a page for Apache to serve up. On Fedora the
default Apache docroot is /var/www/html, so we'll create an index file
there.
[source,C]
-----
# cat <<-END >/var/www/html/index.html
<html>
<body>My Test Site - pcmk-1</body>
</html>
END
-----
For the moment, we will simplify things by serving up only a static site
and manually sync the data between the two nodes. So run the command
again on pcmk-2.
[source,C]
-----
[root@pcmk-2 ~]# cat <<-END >/var/www/html/index.html
<html>
<body>My Test Site - pcmk-2</body>
</html>
END
-----
== Enable the Apache status URL ==
In order to monitor the health of your Apache instance, and recover it if
it fails, the resource agent used by Pacemaker assumes the server-status
URL is available. Look for the following in '/etc/httpd/conf/httpd.conf'
and make sure it is not disabled or commented out:
[source,Apache Configuration]
-----
<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Location>
-----
== Update the Configuration ==
At this point, Apache is ready to go, all that needs to be done is to
add it to the cluster. Lets call the resource WebSite. We need to use
an OCF script called apache in the heartbeat namespace
footnote:[Compare the key used here ocf:heartbeat:apache with the one we used earlier for the IP address: ocf:heartbeat:IPaddr2]
, the only required parameter is the path to the main Apache
configuration file and we'll tell the cluster to check once a
minute that apache is still running.
ifdef::pcs[]
////
source,C doesn't deal well with \'s
////
-----
pcs resource create WebSite ocf:heartbeat:apache \
configfile=/etc/httpd/conf/httpd.conf \
statusurl="http://localhost/server-status" op monitor interval=1min
-----
By default, the operation timeout for all resource's start, stop, and monitor
operations is 20 seconds. In many cases this timeout period is less than
the advised timeout period. For the purposes of this tutorial, we will
adjust the global operation timeout default to 240 seconds.
[source,C]
-----
# pcs resource op defaults timeout=240s
# pcs resource op defaults
timeout: 240s
-----
endif::[]
ifdef::crmsh[]
[source,Bash]
-----
# crm configure primitive WebSite ocf:heartbeat:apache \
params configfile=/etc/httpd/conf/httpd.conf \
statusurl="http://localhost/server-status" \
op monitor interval=1min
WARNING: WebSite: default timeout 20s for start is smaller than the advised 40s
WARNING: WebSite: default timeout 20s for stop is smaller than the advised 60s
-----
The easiest way resolve this, is to change the default:
[source,Bash]
-----
# crm configure op_defaults timeout=240s
# crm configure show
node $id="1702537408" pcmk-1
node $id="1719314624" pcmk-2
primitive ClusterIP ocf:heartbeat:IPaddr2 \
params ip="192.168.122.120" cidr_netmask="32" \
op monitor interval="30s"
primitive WebSite ocf:heartbeat:apache \
params configfile="/etc/httpd/conf/httpd.conf" \
op monitor interval="1min"
property $id="cib-bootstrap-options" \
dc-version="1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff" \
cluster-infrastructure="corosync" \
stonith-enabled="false" \
no-quorum-policy="ignore"
rsc_defaults $id="rsc-options" \
resource-stickiness="100"
op_defaults $id="op-options" \
timeout="240s"
-----
endif::[]
After a short delay, we should see the cluster start apache
ifdef::pcs[]
[source,C]
-----
# pcs status
Last updated: Fri Sep 14 10:51:27 2012
Last change: Fri Sep 14 10:50:46 2012 via crm_attribute on pcmk-1
Stack: corosync
Current DC: pcmk-2 (2) - partition with quorum
Version: 1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0
2 Nodes configured, unknown expected votes
2 Resources configured.
Online: [ pcmk-1 pcmk-2 ]
Full list of resources:
ClusterIP (ocf::heartbeat:IPaddr2): Started pcmk-2
WebSite (ocf::heartbeat:apache): Started pcmk-1
-----
endif::[]
ifdef::crmsh[]
[source,C]
-----
# crm_mon -1
============
Last updated: Tue Apr 3 11:54:29 2012
Last change: Tue Apr 3 11:54:26 2012 via crmd on pcmk-1
Stack: corosync
Current DC: pcmk-1 (1702537408) - partition with quorum
Version: 1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff
2 Nodes configured, unknown expected votes
2 Resources configured.
============
Online: [ pcmk-1 pcmk-2 ]
ClusterIP (ocf:heartbeat:IPaddr2): Started pcmk-2
WebSite (ocf:heartbeat:apache): Started pcmk-1
-----
endif::[]
Wait a moment, the WebSite resource isn't running on the same host as our
IP address!
ifdef::pcs[]
[NOTE]
======
If, in the `pcs status` output, you see the WebSite resource has
failed to start, then you've likely not enabled the status URL correctly.
You can check if this is the problem by running:
....
wget http://127.0.0.1/server-status
....
If you see +Connection refused+ in the output, then this is indeed the
problem. Check to ensure that +Allow from 127.0.0.1+ is present for
the +<Location /server-status>+ block.
======
endif::[]
ifdef::crmsh[]
[NOTE]
======
If, in the `crm_mon` output, you see:
....
Failed actions:
WebSite_start_0 (node=pcmk-2, call=301, rc=1, status=complete): unknown error
....
Then you've likely not enabled the status URL correctly.
You can check if this is the problem by running:
....
wget http://127.0.0.1/server-status
....
If you see +Connection refused+ in the output, then this is indeed the
problem. Check to ensure that +Allow from 127.0.0.1+ is present for
the +<Location /server-status>+ block.
======
endif::[]
== Ensuring Resources Run on the Same Host ==
To reduce the load on any one machine, Pacemaker will generally try to
spread the configured resources across the cluster nodes. However we
can tell the cluster that two resources are related and need to run on
the same host (or not at all). Here we instruct the cluster that
WebSite can only run on the host that ClusterIP is active on.
ifdef::pcs[]
To achieve this we use a colocation constraint that indicates it is
mandatory for WebSite to run on the same node as ClusterIP. The
"mandatory" part of the colocation constraint is indicated by using a
score of INFINITY. The INFINITY score also means that if ClusterIP is not
active anywhere, WebSite will not be permitted to run.
endif::[]
ifdef::crmsh[]
For the constraint, we need a name (choose something descriptive like
website-with-ip), indicate that its mandatory (so that if ClusterIP is
not active anywhere, WebSite will not be permitted to run anywhere
either) by specifying a score of INFINITY and finally list the two
resources.
endif::[]
[NOTE]
=======
If ClusterIP is not active anywhere, WebSite will not be permitted to run
anywhere.
=======
[IMPORTANT]
===========
Colocation constraints are "directional", in that they imply certain
things about the order in which the two resources will have a location
chosen. In this case we're saying +WebSite+ needs to be placed on the
same machine as +ClusterIP+, this implies that we must know the
location of +ClusterIP+ before choosing a location for +WebSite+.
===========
ifdef::pcs[]
[source,C]
-----
# pcs constraint colocation add WebSite ClusterIP INFINITY
# pcs constraint
Location Constraints:
Ordering Constraints:
Colocation Constraints:
WebSite with ClusterIP
# pcs status
Last updated: Fri Sep 14 11:00:44 2012
Last change: Fri Sep 14 11:00:25 2012 via cibadmin on pcmk-1
Stack: corosync
Current DC: pcmk-2 (2) - partition with quorum
Version: 1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0
2 Nodes configured, unknown expected votes
2 Resources configured.
Online: [ pcmk-1 pcmk-2 ]
Full list of resources:
ClusterIP (ocf::heartbeat:IPaddr2): Started pcmk-2
WebSite (ocf::heartbeat:apache): Started pcmk-2
-----
endif::[]
ifdef::crmsh[]
[source,C]
-----
# crm configure colocation website-with-ip INFINITY: WebSite ClusterIP
# crm configure show
node $id="1702537408" pcmk-1
node $id="1719314624" pcmk-2
primitive ClusterIP ocf:heartbeat:IPaddr2 \
params ip="192.168.122.120" cidr_netmask="32" \
op monitor interval="30s"
primitive WebSite ocf:heartbeat:apache \
params configfile="/etc/httpd/conf/httpd.conf" \
op monitor interval="1min"
colocation website-with-ip inf: WebSite ClusterIP
property $id="cib-bootstrap-options" \
dc-version="1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff" \
cluster-infrastructure="corosync" \
stonith-enabled="false" \
no-quorum-policy="ignore" \
last-lrm-refresh="1333446866"
rsc_defaults $id="rsc-options" \
resource-stickiness="100"
op_defaults $id="op-options" \
timeout="240s"
# crm_mon -1
============
Last updated: Tue Apr 3 11:57:13 2012
Last change: Tue Apr 3 11:56:10 2012 via cibadmin on pcmk-1
Stack: corosync
Current DC: pcmk-2 (1719314624) - partition with quorum
Version: 1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff
2 Nodes configured, unknown expected votes
2 Resources configured.
============
Online: [ pcmk-1 pcmk-2 ]
ClusterIP (ocf:heartbeat:IPaddr2): Started pcmk-2
WebSite (ocf:heartbeat:apache): Started pcmk-2
-----
endif::[]
== Controlling Resource Start/Stop Ordering ==
When Apache starts, it binds to the available IP addresses. It doesn't
know about any addresses we add afterwards, so not only do they need to
run on the same node, but we need to make sure ClusterIP is already
active before we start WebSite. We do this by adding an ordering
constraint.
ifdef::pcs[]
By default all order constraints are mandatory constraints unless
otherwise configured. This means that the recovery of ClusterIP will
also trigger the recovery of WebSite.
[source,C]
-----
# pcs constraint order ClusterIP then WebSite
Adding ClusterIP WebSite (kind: Mandatory) (Options: first-action=start then-action=start)
# pcs constraint
Location Constraints:
Ordering Constraints:
start ClusterIP then start WebSite
Colocation Constraints:
WebSite with ClusterIP
-----
endif::[]
ifdef::crmsh[]
We need to give it a name (choose something descriptive like
apache-after-ip), indicate that its mandatory (so that any recovery for
ClusterIP will also trigger recovery of WebSite) and list the two
resources in the order we need them to start.
[source,C]
-----
# crm configure order apache-after-ip mandatory: ClusterIP WebSite
# crm configure show
node $id="1702537408" pcmk-1
node $id="1719314624" pcmk-2
primitive ClusterIP ocf:heartbeat:IPaddr2 \
params ip="192.168.122.120" cidr_netmask="32" \
op monitor interval="30s"
primitive WebSite ocf:heartbeat:apache \
params configfile="/etc/httpd/conf/httpd.conf" \
op monitor interval="1min"
colocation website-with-ip inf: WebSite ClusterIP
order apache-after-ip inf: ClusterIP WebSite
property $id="cib-bootstrap-options" \
dc-version="1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff" \
cluster-infrastructure="corosync" \
stonith-enabled="false" \
no-quorum-policy="ignore" \
last-lrm-refresh="1333446866"
rsc_defaults $id="rsc-options" \
resource-stickiness="100"
op_defaults $id="op-options" \
timeout="240s"
-----
endif::[]
== Specifying a Preferred Location ==
Pacemaker does not rely on any sort of hardware symmetry between nodes,
so it may well be that one machine is more powerful than the other. In
such cases it makes sense to host the resources there if it is available.
To do this we create a location constraint.
ifdef::pcs[]
In the location constraint below, we are saying the WebSite resource
prefers the node pcmk-1 with a score of 50. The score here indicates
how badly we'd like the resource to run somewhere.
[source,C]
-----
# pcs constraint location WebSite prefers pcmk-1=50
# pcs constraint
Location Constraints:
Resource: WebSite
Enabled on: pcmk-1 (score:50)
Ordering Constraints:
start ClusterIP then start WebSite
Colocation Constraints:
WebSite with ClusterIP
# pcs status
Last updated: Fri Sep 14 11:06:37 2012
Last change: Fri Sep 14 11:06:26 2012 via cibadmin on pcmk-1
Stack: corosync
Current DC: pcmk-2 (2) - partition with quorum
Version: 1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0
2 Nodes configured, unknown expected votes
2 Resources configured.
Online: [ pcmk-1 pcmk-2 ]
Full list of resources:
ClusterIP (ocf::heartbeat:IPaddr2): Started pcmk-2
WebSite (ocf::heartbeat:apache): Started pcmk-2
-----
endif::[]
ifdef::crmsh[]
Again we give it a descriptive name (prefer-pcmk-1), specify the resource we
want to run there (WebSite), how badly we'd like it to run there (we'll use
50 for now, but in a two-node situation almost any value above 0 will do) and
the host's name.
[source,C]
-----
# crm configure location prefer-pcmk-1 WebSite 50: pcmk-1
WARNING: prefer-pcmk-1: referenced node pcmk-1 does not exist
-----
This warning should be ignored.
[source,C]
-----
# crm configure show
node $id="1702537408" pcmk-1
node $id="1719314624" pcmk-2
primitive ClusterIP ocf:heartbeat:IPaddr2 \
params ip="192.168.122.120" cidr_netmask="32" \
op monitor interval="30s"
primitive WebSite ocf:heartbeat:apache \
params configfile="/etc/httpd/conf/httpd.conf" \
op monitor interval="1min"
location prefer-pcmk-1 WebSite 50: pcmk-1
colocation website-with-ip inf: WebSite ClusterIP
order apache-after-ip inf: ClusterIP WebSite
property $id="cib-bootstrap-options" \
dc-version="1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff" \
cluster-infrastructure="corosync" \
stonith-enabled="false" \
no-quorum-policy="ignore" \
last-lrm-refresh="1333446866"
rsc_defaults $id="rsc-options" \
resource-stickiness="100"
op_defaults $id="op-options" \
timeout="240s"
# crm_mon -1
============
Last updated: Tue Apr 3 12:02:14 2012
Last change: Tue Apr 3 11:59:42 2012 via cibadmin on pcmk-1
Stack: corosync
Current DC: pcmk-2 (1719314624) - partition with quorum
Version: 1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff
2 Nodes configured, unknown expected votes
2 Resources configured.
============
Online: [ pcmk-1 pcmk-2 ]
ClusterIP (ocf:heartbeat:IPaddr2): Started pcmk-2
WebSite (ocf:heartbeat:apache): Started pcmk-2
-----
endif::[]
Wait a minute, the resources are still on pcmk-2!
Even though we now prefer pcmk-1 over pcmk-2, that preference is
(intentionally) less than the resource stickiness (how much we
preferred not to have unnecessary downtime).
To see the current placement scores, you can use a tool called crm_simulate
[source,C]
----
# crm_simulate -sL
Current cluster status:
Online: [ pcmk-1 pcmk-2 ]
ClusterIP (ocf:heartbeat:IPaddr2): Started pcmk-2
WebSite (ocf:heartbeat:apache): Started pcmk-2
Allocation scores:
native_color: ClusterIP allocation score on pcmk-1: 50
native_color: ClusterIP allocation score on pcmk-2: 200
native_color: WebSite allocation score on pcmk-1: -INFINITY
native_color: WebSite allocation score on pcmk-2: 100
Transition Summary:
----
== Manually Moving Resources Around the Cluster ==
ifdef::pcs[]
There are always times when an administrator needs to override the
cluster and force resources to move to a specific location. By
updating our previous location constraint with a score of INFINITY,
WebSite will be forced to move to pcmk-1.
[source,C]
-----
# pcs constraint location WebSite prefers pcmk-1=INFINITY
-# pcs constraint --full
+# pcs constraint all
Location Constraints:
Resource: WebSite
Enabled on: pcmk-1 (score:INFINITY) (id:location-WebSite-pcmk-1-INFINITY)
Ordering Constraints:
start ClusterIP then start WebSite (Mandatory) (id:order-ClusterIP-WebSite-mandatory)
Colocation Constraints:
WebSite with ClusterIP (INFINITY) (id:colocation-WebSite-ClusterIP-INFINITY)
# pcs status
Last updated: Fri Sep 14 11:16:26 2012
Last change: Fri Sep 14 11:16:18 2012 via cibadmin on pcmk-1
Stack: corosync
Current DC: pcmk-2 (2) - partition with quorum
Version: 1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0
2 Nodes configured, unknown expected votes
2 Resources configured.
Online: [ pcmk-1 pcmk-2 ]
Full list of resources:
ClusterIP (ocf::heartbeat:IPaddr2): Started pcmk-1
WebSite (ocf::heartbeat:apache): Started pcmk-1
-----
endif::[]
ifdef::crmsh[]
There are always times when an administrator needs to override the
cluster and force resources to move to a specific location. Underneath we
use location constraints like the one we created above, happily you don't
need to care. Just provide the name of the resource and the intended
location, we'll do the rest.
[source,C]
-----
# crm resource move WebSite pcmk-1
# crm_mon -1
============
Last updated: Tue Apr 3 12:03:41 2012
Last change: Tue Apr 3 12:03:37 2012 via crm_resource on pcmk-1
Stack: corosync
Current DC: pcmk-2 (1719314624) - partition with quorum
Version: 1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff
2 Nodes configured, unknown expected votes
2 Resources configured.
============
Online: [ pcmk-1 pcmk-2 ]
ClusterIP (ocf:heartbeat:IPaddr2): Started pcmk-1
WebSite (ocf:heartbeat:apache): Started pcmk-1
-----
Notice how the colocation rule we created has ensured that ClusterIP was also moved to pcmk-1.
For the curious, we can see the effect of this command by examining the configuration
[source,C]
-----
# crm configure show
node $id="1702537408" pcmk-1
node $id="1719314624" pcmk-2
primitive ClusterIP ocf:heartbeat:IPaddr2 \
params ip="192.168.122.120" cidr_netmask="32" \
op monitor interval="30s"
primitive WebSite ocf:heartbeat:apache \
params configfile="/etc/httpd/conf/httpd.conf" \
op monitor interval="1min"
location cli-prefer-WebSite WebSite \
rule $id="cli-prefer-rule-WebSite" inf: #uname eq pcmk-1
location prefer-pcmk-1 WebSite 50: pcmk-1
colocation website-with-ip inf: WebSite ClusterIP
order apache-after-ip inf: ClusterIP WebSite
property $id="cib-bootstrap-options" \
dc-version="1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff" \
cluster-infrastructure="corosync" \
stonith-enabled="false" \
no-quorum-policy="ignore" \
last-lrm-refresh="1333446866"
rsc_defaults $id="rsc-options" \
resource-stickiness="100"
op_defaults $id="op-options" \
timeout="240s"
-----
The automated constraint used to move the resources to +pcmk-1+ is the
line beginning with +location cli-prefer-WebSite+.
endif::[]
=== Giving Control Back to the Cluster ===
Once we've finished whatever activity that required us to move the
resources to pcmk-1, in our case nothing, we can then allow the cluster
to resume normal operation with the unmove command. Since we previously
configured a default stickiness, the resources will remain on pcmk-1.
ifdef::pcs[]
[source,C]
-----
# pcs constraint all
Location Constraints:
Resource: WebSite
Enabled on: pcmk-1 (score:INFINITY) (id:location-WebSite-pcmk-1-INFINITY)
Ordering Constraints:
start ClusterIP then start WebSite (Mandatory) (id:order-ClusterIP-WebSite-mandatory)
Colocation Constraints:
WebSite with ClusterIP (INFINITY) (id:colocation-WebSite-ClusterIP-INFINITY)
-# pcs constraint remove location-WebSite-pcmk-1-INFINITY
+# pcs constraint rm location-WebSite-pcmk-1-INFINITY
# pcs constraint
Location Constraints:
Ordering Constraints:
start ClusterIP then start WebSite
Colocation Constraints:
WebSite with ClusterIP
-----
endif::[]
ifdef::crmsh[]
[source,C]
-----
# crm resource unmove WebSite
# crm configure show
node $id="1702537408" pcmk-1
node $id="1719314624" pcmk-2
primitive ClusterIP ocf:heartbeat:IPaddr2 \
params ip="192.168.122.120" cidr_netmask="32" \
op monitor interval="30s"
primitive WebSite ocf:heartbeat:apache \
params configfile="/etc/httpd/conf/httpd.conf" \
op monitor interval="1min"
location prefer-pcmk-1 WebSite 50: pcmk-1
colocation website-with-ip inf: WebSite ClusterIP
order apache-after-ip inf: ClusterIP WebSite
property $id="cib-bootstrap-options" \
dc-version="1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff" \
cluster-infrastructure="corosync" \
stonith-enabled="false" \
no-quorum-policy="ignore" \
last-lrm-refresh="1333446866"
rsc_defaults $id="rsc-options" \
resource-stickiness="100"
op_defaults $id="op-options" \
timeout="240s"
-----
endif::[]
Note that the constraint is now gone. If we check the cluster
status, we can also see that as expected the resources are still active
on pcmk-1.
ifdef::pcs[]
[source,C]
-----
# pcs status
Last updated: Fri Sep 14 11:57:12 2012
Last change: Fri Sep 14 11:57:03 2012 via cibadmin on pcmk-1
Stack: corosync
Current DC: pcmk-2 (2) - partition with quorum
Version: 1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0
2 Nodes configured, unknown expected votes
2 Resources configured.
Online: [ pcmk-1 pcmk-2 ]
Full list of resources:
ClusterIP (ocf::heartbeat:IPaddr2): Started pcmk-1
WebSite (ocf::heartbeat:apache): Started pcmk-1
-----
endif::[]
ifdef::crmsh[]
[source,C]
-----
# crm_mon
============
Last updated: Tue Apr 3 12:05:08 2012
Last change: Tue Apr 3 12:03:37 2012 via crm_resource on pcmk-1
Stack: corosync
Current DC: pcmk-2 (1719314624) - partition with quorum
Version: 1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff
2 Nodes configured, unknown expected votes
2 Resources configured.
============
Online: [ pcmk-1 pcmk-2 ]
ClusterIP (ocf:heartbeat:IPaddr2): Started pcmk-1
WebSite (ocf:heartbeat:apache): Started pcmk-1
-----
endif::[]
diff --git a/doc/Clusters_from_Scratch/en-US/Ch-Installation.txt b/doc/Clusters_from_Scratch/en-US/Ch-Installation.txt
index cf47602bc0..aa0b4b96f7 100644
--- a/doc/Clusters_from_Scratch/en-US/Ch-Installation.txt
+++ b/doc/Clusters_from_Scratch/en-US/Ch-Installation.txt
@@ -1,639 +1,651 @@
= Installation =
== OS Installation ==
Detailed instructions for installing Fedora are available at
http://docs.fedoraproject.org/en-US/Fedora/20/html/Installation_Guide/ in a number of
languages. The abbreviated version is as follows...
Point your browser to http://fedoraproject.org/en/get-fedora-all,
locate the +Install Media+ section and download the install DVD that
matches your hardware.
Burn the disk image to a DVD
footnote:[http://docs.fedoraproject.org/en-US/Fedora/20/html/Burning_ISO_images_to_disc/index.html]
and boot from it, or use the image to boot a virtual machine.
After clicking through the welcome screen, select your language,
keyboard layout
footnote:[http://docs.fedoraproject.org/en-US/Fedora/20/html/Installation_Guide/language-selection-x86.html]
At this point you get a chance to tweak the default installation options.
In the +Network Configuration+ section you'll want to:
- Assign your machine a host name
I happen to control the clusterlabs.org domain name, so I will use
that here.
- Assign a fixed IP address
[IMPORTANT]
===========
Do not accept the default network settings.
Cluster machines should never obtain an IP address via DHCP.
If you miss this step, this can easily be configured after installation. You will have
to navigate to +system settings+ and select +network+. From there you can select
what device to configure.
===========
In the +Software Selection+ section (try saying that 10 times
quickly), choose +Minimal Install+ so that we see everything that gets
installed. Don't enable updates yet, we'll do that (and install any
extra software we need) later.
[IMPORTANT]
===========
By default Fedora uses LVM for partitioning which allows us to
dynamically change the amount of space allocated to a given partition.
However, by default it also allocates all free space to the +/+
(aka. +root+) partition which cannot be dynamically _reduced_ in size
(dynamic increases are fine by-the-way).
So if you plan on following the DRBD or GFS2 portions of this guide,
you should reserve at least 1Gb of space on each machine from which to
create a shared volume. To do so, enter the +Installation
Destination+ section where you are be given an opportunity to reduce
the size of the +root+ partition (after chosing which hard drive you
wish to install to).
===========
It is highly recommended to enable NTP on your cluster nodes. Doing so
ensures all nodes agree on the current time and makes reading log files
significantly easier. You can do this in the +Date & Time+ section.
footnote:[http://docs.fedoraproject.org/en-US/Fedora/20/html/Installation_Guide/s1-timezone-x86.html]
Once the node reboots, you'll see a (possibly mangled) login prompt on
the console. Login using +root+ and the password you created earlier.
image::images/Console.png["Initial Console",align="center",scaledwidth="65%"]
[NOTE]
======
From here on in we're going to be working exclusively from the terminal.
======
== Post Installation Tasks ==
=== Networking ===
Check the machine has the static IP address you configured earlier
[source,C]
-----
# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:d7:d6:08 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.101/24 brd 192.168.122.255 scope global eth0
inet6 fe80::5054:ff:fed7:d608/64 scope link
valid_lft forever preferred_lft forever
-----
[NOTE]
=====
If you ever need to change the node's IP address from the command line follow these instructions:
....
# manually edit /etc/sysconfig/network-scripts/ifcfg-${device}
# nmcli dev disconnect ${device}
# nmcli con reload ${device}
# nmcli con up ${device}
....
This makes +NetworkManager+ aware that a change was made on the config file.
=====
Next, check the routes are ok:
[source,C]
-----
[root@pcmk-1 ~]# ip route
default via 192.168.122.1 dev eth0
192.168.122.0/24 dev eth0 proto kernel scope link src 192.168.122.101
-----
If there is no line beginning with +default via+, then you may need to add a line such as
[source,Bash]
GATEWAY=192.168.122.1
to '/etc/sysconfig/network' and restart the network.
Now check for connectivity to the outside world. Start small by
testing if we can read the gateway we configured.
[source,C]
-----
# ping -c 1 192.168.122.1
PING 192.168.122.1 (192.168.122.1) 56(84) bytes of data.
64 bytes from 192.168.122.1: icmp_req=1 ttl=64 time=0.249 ms
--- 192.168.122.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.249/0.249/0.249/0.000 ms
-----
Now try something external, choose a location you know will be available.
[source,C]
-----
# ping -c 1 www.google.com
PING www.l.google.com (173.194.72.106) 56(84) bytes of data.
64 bytes from tf-in-f106.1e100.net (173.194.72.106): icmp_req=1 ttl=41 time=167 ms
--- www.l.google.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 167.618/167.618/167.618/0.000 ms
-----
=== Leaving the Console ===
The console isn't a very friendly place to work from, we will now
switch to accessing the machine remotely via SSH where we can
use copy&paste etc.
First we check we can see the newly installed at all:
[source,C]
-----
beekhof@f16 ~ # ping -c 1 192.168.122.101
PING 192.168.122.101 (192.168.122.101) 56(84) bytes of data.
64 bytes from 192.168.122.101: icmp_req=1 ttl=64 time=1.01 ms
--- 192.168.122.101 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 1.012/1.012/1.012/0.000 ms
-----
Next we login via SSH
[source,C]
-----
beekhof@f16 ~ # ssh -l root 192.168.122.11
root@192.168.122.11's password:
Last login: Fri Mar 30 19:41:19 2012 from 192.168.122.1
[root@pcmk-1 ~]#
-----
=== Security Shortcuts ===
To simplify this guide and focus on the aspects directly connected to
clustering, we will now disable the machine's firewall and SELinux
installation.
[WARNING]
===========
Both of these actions create significant security issues
and should not be performed on machines that will be exposed to the
outside world.
===========
[IMPORTANT]
===========
TODO: Create an Appendix that deals with (at least) re-enabling the firewall.
===========
+[source,C]
+----
+# setenforce 0
+# sed -i.bak "s/SELINUX=enforcing/SELINUX=permissive/g" /etc/selinux/config
+# systemctl disable firewalld.service
+# systemctl stop firewalld.service
+----
+
+or (on older Fedora)
+
[source,C]
----
# setenforce 0
# sed -i.bak "s/SELINUX=enforcing/SELINUX=permissive/g" /etc/selinux/config
# systemctl disable iptables.service
# rm '/etc/systemd/system/basic.target.wants/iptables.service'
# systemctl stop iptables.service
----
+
+
=== Short Node Names ===
During installation, we filled in the machine's fully qualified domain
name (FQDN) which can be rather long when it appears in cluster logs and
status output. See for yourself how the machine identifies itself:
(((Nodes, short name)))
[source,C]
----
# uname -n
pcmk-1.clusterlabs.org
# dnsdomainname
clusterlabs.org
----
(((Nodes, Domain name (Query))))
The output from the second command is fine, but we really don't need the
domain name included in the basic host details. To address this, we need
to use the +hostnamectl+ tool to strip off the domain name.
[source,C]
----
# hostnamectl set-hostname $(uname -n | sed s/\\..*//)'
----
(((Nodes, Domain name (Remove from host name))))
Now check the machine is using the correct names
[source,C]
----
# uname -n
pcmk-1
# dnsdomainname
clusterlabs.org
----
If it concerns you that the shell prompt has not been updated, simply
log out and back in again.
== Before You Continue ==
Repeat the Installation steps so far, so that you have two Fedora
nodes ready to have the cluster software installed.
For the purposes of this document, the additional node is called
pcmk-2 with address 192.168.122.102.
=== Finalize Networking ===
Confirm that you can communicate between the two new nodes:
[source,C]
----
# ping -c 3 192.168.122.102
PING 192.168.122.102 (192.168.122.102) 56(84) bytes of data.
64 bytes from 192.168.122.102: icmp_seq=1 ttl=64 time=0.343 ms
64 bytes from 192.168.122.102: icmp_seq=2 ttl=64 time=0.402 ms
64 bytes from 192.168.122.102: icmp_seq=3 ttl=64 time=0.558 ms
--- 192.168.122.102 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.343/0.434/0.558/0.092 ms
----
Now we need to make sure we can communicate with the machines by their
name. If you have a DNS server, add additional entries for the two
machines. Otherwise, you'll need to add the machines to '/etc/hosts' .
Below are the entries for my cluster nodes:
[source,C]
----
# grep pcmk /etc/hosts
192.168.122.101 pcmk-1.clusterlabs.org pcmk-1
192.168.122.102 pcmk-2.clusterlabs.org pcmk-2
----
We can now verify the setup by again using ping:
[source,C]
----
# ping -c 3 pcmk-2
PING pcmk-2.clusterlabs.org (192.168.122.101) 56(84) bytes of data.
64 bytes from pcmk-1.clusterlabs.org (192.168.122.101): icmp_seq=1 ttl=64 time=0.164 ms
64 bytes from pcmk-1.clusterlabs.org (192.168.122.101): icmp_seq=2 ttl=64 time=0.475 ms
64 bytes from pcmk-1.clusterlabs.org (192.168.122.101): icmp_seq=3 ttl=64 time=0.186 ms
--- pcmk-2.clusterlabs.org ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 0.164/0.275/0.475/0.141 ms
----
=== Configure SSH ===
SSH is a convenient and secure way to copy files and perform commands
remotely. For the purposes of this guide, we will create a key without a
password (using the -N option) so that we can perform remote actions
without being prompted.
(((SSH)))
[WARNING]
=========
Unprotected SSH keys, those without a password, are not recommended for servers exposed to the outside world.
We use them here only to simplify the demo.
=========
Create a new key and allow anyone with that key to log in:
.Creating and Activating a new SSH Key
[source,C]
----
# ssh-keygen -t dsa -f ~/.ssh/id_dsa -N ""
Generating public/private dsa key pair.
Your identification has been saved in /root/.ssh/id_dsa.
Your public key has been saved in /root/.ssh/id_dsa.pub.
The key fingerprint is:
91:09:5c:82:5a:6a:50:08:4e:b2:0c:62:de:cc:74:44 root@pcmk-1.clusterlabs.org
The key's randomart image is:
+--[ DSA 1024]----+
|==.ooEo.. |
|X O + .o o |
| * A + |
| + . |
| . S |
| |
| |
| |
| |
+-----------------+
# cp .ssh/id_dsa.pub .ssh/authorized_keys
----
(((Creating and Activating a new SSH Key)))
Install the key on the other nodes and test that you can now run commands
remotely, without being prompted
.Installing the SSH Key on Another Host
[source,C]
----
# scp -r .ssh pcmk-2:
The authenticity of host 'pcmk-2 (192.168.122.102)' can't be established.
RSA key fingerprint is b1:2b:55:93:f1:d9:52:2b:0f:f2:8a:4e:ae:c6:7c:9a.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'pcmk-2,192.168.122.102' (RSA) to the list of known hosts.root@pcmk-2's password:
id_dsa.pub 100% 616 0.6KB/s 00:00
id_dsa 100% 672 0.7KB/s 00:00
known_hosts 100% 400 0.4KB/s 00:00
authorized_keys 100% 616 0.6KB/s 00:00
# ssh pcmk-2 -- uname -n
pcmk-2
#
----
== Cluster Software Installation ==
=== Install the Cluster Software ===
Since version 12, Fedora comes with recent versions of everything you
need, so simply fire up a shell on all your nodes and run:
[source,C]
----
[ALL] # yum install -y pacemaker pcs
----
Now install the cluster software on the second node.
ifdef::pcs[]
=== Install the Cluster Management Software ===
The pcs cli command coupled with the pcs daemon creates a cluster
management system capable of managing all aspects of the cluster stack
across all nodes from a single location.
[source,C]
----
[ALL] # yum install -y pcs
----
Make sure to install the pcs packages on both nodes.
endif::[]
== Setup ==
ifdef::pcs[]
=== Enable pcs Daemon ===
Before the cluster can be configured, the pcs daemon must be started and enabled
to boot on startup on each node. This daemon works with the pcs cli command to manage
syncing the corosync configuration across all the nodes in the cluster.
Start and enable the daemon by issuing the following commands on each node.
[source,C]
----
# systemctl start pcsd.service
# systemctl enable pcsd.service
----
Now we need a way for `pcs` to talk to itself on other nodes in the
cluster. This is necessary in order to perform tasks such as syncing
the corosync config, or starting/stopping the cluster on remote nodes
While `pcs` can be used locally without setting up these user
accounts, this tutorial will make use of these remote access commands,
so we will set a password for the 'hacluster' user. Its probably best
if password is consistent across all the nodes.
As 'root', run:
[source,C]
----
# passwd hacluster
password:
----
Alternatively, to script this process or set the password on a
different machine to the one you're logged into, you can use
the `--stdin` option for `passwd`:
[source,C]
----
# ssh pcmk-2 -- 'echo redhat1 | passwd --stdin hacluster'
----
endif::[]
ifdef::crmsh[]
=== Preparation - Multicast ===
Choose a port number and
http://en.wikipedia.org/wiki/Multicast[multi-cast] address.
http://en.wikipedia.org/wiki/Multicast_address[]
Be sure that the values you chose do not conflict with any existing
clusters you might have. For this document, I have chosen port '4000'
and used '239.255.1.1' as the multi-cast address.
endif::[]
=== Notes on Multicast Address Assignment ===
There are several subtle points that often deserve consideration when
choosing/assigning multicast addresses for corosync.
footnote:[This information is borrowed from, the now defunct, http://web.archive.org/web/20101211210054/http://29west.com/docs/THPM/multicast-address-assignment.html]
. Avoid '224.0.0.x'
+
Traffic to addresses of the form '224.0.0.x' is often flooded to all
switch ports. This address range is reserved for link-local uses. Many
routing protocols assume that all traffic within this range will be
received by all routers on the network. Hence (at least all Cisco)
switches flood traffic within this range. The flooding behavior
overrides the normal selective forwarding behavior of a
multicast-aware switch (e.g. IGMP snooping, CGMP, etc.).
. Watch for '32:1' overlap
+
32 non-contiguous IP multicast addresses are mapped onto each Ethernet
multicast address. A receiver that joins a single IP multicast group
implicitly joins 31 others due to this overlap. Of course, filtering
in the operating system discards undesired multicast traffic from
applications, but NIC bandwidth and CPU resources are nonetheless
consumed discarding it. The overlap occurs in the 5 high-order bits,
so it's best to use the 23 low-order bits to make distinct multicast
streams unique. For example, IP multicast addresses in the range
'239.0.0.0' to '239.127.255.255' all map to unique Ethernet multicast
addresses. However, IP multicast address '239.128.0.0' maps to the
same Ethernet multicast address as '239.0.0.0', '239.128.0.1' maps to
the same Ethernet multicast address as '239.0.0.1', etc.
. Avoid 'x.0.0.y' and 'x.128.0.y'
+
Combining the above two considerations, it's best to avoid using IP
multicast addresses of the form 'x.0.0.y' and 'x.128.0.y' since they
all map onto the range of Ethernet multicast addresses that are
flooded to all switch ports.
. Watch for address assignment conflicts
+
http://www.iana.org/[IANA] administers
http://www.iana.org/assignments/multicast-addresses[Internet multicast
addresses]. Potential conflicts with Internet multicast address
assignments can be avoided by using
http://www.ietf.org/rfc/rfc3180.txt[GLOP addressing]
(http://en.wikipedia.org/wiki/Autonomous_system_%28Internet%29[AS]
required) or http://www.ietf.org/rfc/rfc2365.txt[administratively
scoped] addresses. Such addresses can be safely used on a network
connected to the Internet without fear of conflict with multicast
sources originating on the Internet. Administratively scoped addresses
are roughly analogous to the unicast address space for
http://www.ietf.org/rfc/rfc1918.txt[private internets]. Site-local
multicast addresses are of the form '239.255.x.y', but can grow down
to '239.252.x.y' if needed. Organization-local multicast addresses are
of the form '239.192-251.x.y', but can grow down to '239.x.y.z' if
needed.
For a more detailed treatment (57 pages!), see
http://www.cisco.com/en/US/tech/tk828/technologies_white_paper09186a00802d4643.shtml[Cisco's
Guidelines for Enterprise IP Multicast Address Allocation] paper.
=== Configuring Corosync ===
ifdef::pcs[]
In the past, at this point in the tutorial an explanation of how to
configure and propagate corosync's /etc/corosync.conf file would be
necessary. Using pcs with the pcs daemon greatly simplifies this
process by generating 'corosync.conf' across all the nodes in the
cluster with a single command. The only thing required to achieve
this is to authenticate as the pcs user 'hacluster' on one of the
nodes in the cluster, and then issue the 'pcs cluster setup' command
with a list of all the node names in the cluster.
[source,C]
----
# pcs cluster auth pcmk-1 pcmk-2
Username: hacluster
Password:
pcmk-1: Authorized
pcmk-2: Authorized
-# pcs cluster setup --name mycluster pcmk-1 pcmk-2
+# pcs cluster setup mycluster pcmk-1 pcmk-2
pcmk-1: Succeeded
pcmk-2: Succeeded
----
That's it. Corosync is configured across the cluster. If you
received an authorization error for either of those commands, make
sure you setup the 'hacluster' user account and password on every node
in the cluster with the same password.
endif::[]
ifdef::crmsh[]
[IMPORTANT]
===========
The instructions below only apply for a machine with a single NIC. If you
have a more complicated setup, you should edit the configuration
manually.
===========
[source,C]
----
# export ais_port=4000
# export ais_mcast=239.255.1.1
----
Next we automatically determine the hosts address. By not using the full
address, we make the configuration suitable to be copied to other nodes.
[source,Bash]
----
export ais_addr=`ip addr | grep "inet " | tail -n 1 | awk '{print $4}' | sed s/255/0/g`
----
Display and verify the configuration options
[source,Bash]
----
# env | grep ais_
ais_mcast=239.255.1.1
ais_port=4000
ais_addr=192.168.122.0
----
Once you're happy with the chosen values, update the Corosync
configuration
[source,C]
----
# cp /etc/corosync/corosync.conf.example /etc/corosync/corosync.conf
# sed -i.bak "s/.*mcastaddr:.*/mcastaddr:\ $ais_mcast/g" /etc/corosync/corosync.conf
# sed -i.bak "s/.*mcastport:.*/mcastport:\ $ais_port/g" /etc/corosync/corosync.conf
# sed -i.bak "s/.*\tbindnetaddr:.*/bindnetaddr:\ $ais_addr/g" /etc/corosync/corosync.conf
----
Lastly, you'll need to enable quorum
[source,Bash]
-----
cat << END >> /etc/corosync/corosync.conf
quorum {
provider: corosync_votequorum
expected_votes: 2
}
END
-----
endif::[]
The final /etc/corosync.conf configuration on each node should look
something like the sample in Appendix B, Sample Corosync Configuration.
[IMPORTANT]
===========
Pacemaker used to obtain membership and quorum from a custom Corosync plugin.
This plugin also had the capability to start Pacemaker automatically when Corosync was started.
Neither behavior is possible with Corosync 2.0 and beyond as support for plugins was removed.
Instead, Pacemaker must be started as a separate service.
Also, since Pacemaker made use of the plugin for message routing, a node using the plugin (Corosync prior to 2.0) cannot talk to one that isn't (Corosync 2.0+).
Rolling upgrades between these versions are therefor not possible and an alternate strategy footnote:[http://www.clusterlabs.org/doc/en-US/Pacemaker/1.1/html/Pacemaker_Explained/ap-upgrade.html] must be used.
===========
ifdef::crmsh[]
=== Propagate the Configuration ===
Now we need to copy the changes so far to the other node:
[source,C]
----
# for f in /etc/corosync/corosync.conf /etc/hosts; do scp $f pcmk-2:$f ; done
corosync.conf 100% 1528 1.5KB/s 00:00
hosts 100% 281 0.3KB/s 00:00
#
----
endif::[]
diff --git a/doc/Clusters_from_Scratch/en-US/Ch-Shared-Storage.txt b/doc/Clusters_from_Scratch/en-US/Ch-Shared-Storage.txt
index cc2cec6794..f6b50d91ee 100644
--- a/doc/Clusters_from_Scratch/en-US/Ch-Shared-Storage.txt
+++ b/doc/Clusters_from_Scratch/en-US/Ch-Shared-Storage.txt
@@ -1,778 +1,778 @@
= Replicated Storage with DRBD =
== Background ==
Even if you're serving up static websites, having to manually synchronize
the contents of that website to all the machines in the cluster is not
ideal. For dynamic websites, such as a wiki, it's not even an option. Not
everyone care afford network-attached storage but somehow the data needs
to be kept in sync. Enter DRBD which can be thought of as network based
RAID-1. See http://www.drbd.org/ for more details.
== Install the DRBD Packages ==
Since its inclusion in the upstream 2.6.33 kernel, everything needed
to use DRBD has shiped with Fedora since version 13. All you need to
do is install it:
[source,C]
# yum install -y drbd-pacemaker drbd-udev
.....
Loaded plugins: langpacks, presto, refresh-packagekit
Resolving Dependencies
--> Running transaction check
---> Package drbd-pacemaker.x86_64 0:8.3.11-5.fc17 will be installed
--> Processing Dependency: drbd-utils = 8.3.11-5.fc17 for package: drbd-pacemaker-8.3.11-5.fc17.x86_64
---> Package drbd-udev.x86_64 0:8.3.11-5.fc17 will be installed
--> Running transaction check
---> Package drbd-utils.x86_64 0:8.3.11-5.fc17 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
======================================================================================
Package Arch Version Repository Size
======================================================================================
Installing:
drbd-pacemaker x86_64 8.3.11-5.fc17 updates-testing 22 k
drbd-udev x86_64 8.3.11-5.fc17 updates-testing 6.4 k
Installing for dependencies:
drbd-utils x86_64 8.3.11-5.fc17 updates-testing 183 k
Transaction Summary
======================================================================================
Install 2 Packages (+1 Dependent package)
Total download size: 212 k
Installed size: 473 k
Downloading Packages:
(1/3): drbd-pacemaker-8.3.11-5.fc17.x86_64.rpm | 22 kB 00:00
(2/3): drbd-udev-8.3.11-5.fc17.x86_64.rpm | 6.4 kB 00:00
(3/3): drbd-utils-8.3.11-5.fc17.x86_64.rpm | 183 kB 00:00
--------------------------------------------------------------------------------------
Total 293 kB/s | 212 kB 00:00
Running Transaction Check
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : drbd-utils-8.3.11-5.fc17.x86_64 1/3
Installing : drbd-pacemaker-8.3.11-5.fc17.x86_64 2/3
Installing : drbd-udev-8.3.11-5.fc17.x86_64 3/3
Verifying : drbd-pacemaker-8.3.11-5.fc17.x86_64 1/3
Verifying : drbd-udev-8.3.11-5.fc17.x86_64 2/3
Verifying : drbd-utils-8.3.11-5.fc17.x86_64 3/3
Installed:
drbd-pacemaker.x86_64 0:8.3.11-5.fc17 drbd-udev.x86_64 0:8.3.11-5.fc17
Dependency Installed:
drbd-utils.x86_64 0:8.3.11-5.fc17
Complete!
.....
== Configure DRBD ==
Before we configure DRBD, we need to set aside some disk for it to use.
=== Create A Partition for DRBD ===
If you have more than 1Gb free, feel free to use it. For this guide
however, 1Gb is plenty of space for a single html file and sufficient for
later holding the GFS2 metadata.
[source,C]
----
# vgdisplay | grep -e Name -e Free
VG Name vg_pcmk1
Free PE / Size 31 / 992.00 MiB
# lvs
LV VG Attr LSize Pool Origin Data% Move Log Copy% Convert
lv_root vg_pcmk1 -wi-ao-- 8.56g
lv_swap vg_pcmk1 -wi-ao-- 960.00m
# lvcreate -n drbd-demo -L 1G vg_pcmk1
Logical volume "drbd-demo" created
# lvs
LV VG Attr LSize Pool Origin Data% Move Log Copy% Convert
drbd-demo vg_pcmk1 -wi-a--- 1.00G
lv_root vg_pcmk1 -wi-ao-- 8.56g
lv_swap vg_pcmk1 -wi-ao-- 960.00m
----
Repeat this on the second node, be sure to use the same size partition.
[source,C]
----
# ssh pcmk-2 -- lvs
LV VG Attr LSize Origin Snap% Move Log Copy% Convert
lv_root vg_pcmk1 -wi-ao-- 8.56g
lv_swap vg_pcmk1 -wi-ao-- 960.00m
# ssh pcmk-2 -- lvcreate -n drbd-demo -L 1G vg_pcmk1
Logical volume "drbd-demo" created
# ssh pcmk-2 -- lvs
LV VG Attr LSize Origin Snap% Move Log Copy% Convert
drbd-demo vg_pcmk1 -wi-a--- 1.00G
lv_root vg_pcmk1 -wi-ao-- 8.56g
lv_swap vg_pcmk1 -wi-ao-- 960.00m
----
=== Write the DRBD Config ===
There is no series of commands for building a DRBD configuration, so simply
copy the configuration below to /etc/drbd.conf
Detailed information on the directives used in this configuration (and
other alternatives) is available from
http://www.drbd.org/users-guide/ch-configure.html
[WARNING]
=========
Be sure to use the names and addresses of your nodes if they differ from
the ones used in this guide.
=========
....
global {
usage-count yes;
}
common {
protocol C;
}
resource wwwdata {
meta-disk internal;
device /dev/drbd1;
syncer {
verify-alg sha1;
}
net {
allow-two-primaries;
}
on pcmk-1 {
disk /dev/vg_pcmk1/drbd-demo;
address 192.168.122.101:7789;
}
on pcmk-2 {
disk /dev/vg_pcmk1/drbd-demo;
address 192.168.122.102:7789;
}
}
....
[NOTE]
=======
TODO: Explain the reason for the allow-two-primaries option
=======
=== Initialize and Load DRBD ===
With the configuration in place, we can now perform the DRBD
initialization
[source,C]
----
# drbdadm create-md wwwdata
Writing meta data...
initializing activity log
NOT initialized bitmap
New drbd meta data block successfully created.
success
----
Now load the DRBD kernel module and confirm that everything is sane
[source,C]
----
# modprobe drbd
# drbdadm up wwwdata
# cat /proc/drbd
version: 8.3.11 (api:88/proto:86-96)
srcversion: 0D2B62DEDB020A425130935
1: cs:Connected ro:Secondary/Secondary ds:Inconsistent/Inconsistent C r-----
ns:0 nr:0 dw:0 dr:0 al:0 bm:0 lo:0 pe:0 ua:0 ap:0 ep:1 wo:f oos:1015740
----
Repeat on the second node
[source,C]
----
# ssh pcmk-2 -- drbdadm --force create-md wwwdata
Writing meta data...
initializing activity log
NOT initialized bitmap
New drbd meta data block successfully created.
success
# ssh pcmk-2 -- modprobe drbd
WARNING: Deprecated config file /etc/modprobe.conf, all config files belong into /etc/modprobe.d/.
# ssh pcmk-2 -- drbdadm up wwwdata
# ssh pcmk-2 -- cat /proc/drbd
version: 8.3.11 (api:88/proto:86-96)
srcversion: 0D2B62DEDB020A425130935
1: cs:Connected ro:Secondary/Secondary ds:Inconsistent/Inconsistent C r-----
ns:0 nr:0 dw:0 dr:0 al:0 bm:0 lo:0 pe:0 ua:0 ap:0 ep:1 wo:f oos:1015740
----
Now we need to tell DRBD which set of data to use. Since both sides
contain garbage, we can run the following on pcmk-1:
[source,C]
----
# drbdadm -- --overwrite-data-of-peer primary wwwdata
# cat /proc/drbd
version: 8.3.11 (api:88/proto:86-96)
srcversion: 0D2B62DEDB020A425130935
1: cs:SyncSource ro:Primary/Secondary ds:UpToDate/Inconsistent C r-----
ns:8064 nr:0 dw:0 dr:8728 al:0 bm:0 lo:0 pe:1 ua:0 ap:0 ep:1 wo:f oos:1007804
[>....................] sync'ed: 0.9% (1007804/1015740)K
finish: 0:12:35 speed: 1,320 (1,320) K/sec
----
After a while, the sync should finish and you'll see:
[source,C]
----
# cat /proc/drbd
version: 8.3.11 (api:88/proto:86-96)
srcversion: 0D2B62DEDB020A425130935
1: cs:Connected ro:Primary/Secondary ds:UpToDate/UpToDate C r-----
ns:1015740 nr:0 dw:0 dr:1016404 al:0 bm:62 lo:0 pe:0 ua:0 ap:0 ep:1 wo:f oos:0
----
pcmk-1 is now in the Primary state which allows it to be written to.
Which means it's a good point at which to create a filesystem and populate
it with some data to serve up via our WebSite resource.
=== Populate DRBD with Data ===
[source,C]
----
# mkfs.ext4 /dev/drbd1
mke2fs 1.42 (29-Nov-2011)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
63488 inodes, 253935 blocks
12696 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=260046848
8 block groups
32768 blocks per group, 32768 fragments per group
7936 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376
Allocating group tables: done
Writing inode tables: done
Creating journal (4096 blocks): done
Writing superblocks and filesystem accounting information: done
----
Now mount the newly created filesystem so we can create our index file
[source,C]
----
# mount /dev/drbd1 /mnt/
# cat <<-END >/mnt/index.html
<html>
<body>My Test Site - drbd</body>
</html>
END
# umount /dev/drbd1
----
== Configure the Cluster for DRBD ==
ifdef::pcs[]
One handy feature pcs has is the ability to queue up several changes
into a file and commit those changes atomically. To do this, start by
populating the file with the current raw xml config from the cib. This
can be done using the following command.
[source,C]
----
# pcs cluster cib drbd_cfg
----
Now using the pcs -f option, make changes to the configuration saved
in the drbd_cfg file. These changes will not be seen by the cluster until
the drbd_cfg file is pushed into the live cluster's cib later on.
////
source,C doesn't do well with \'s
////
----
# pcs -f drbd_cfg resource create WebData ocf:linbit:drbd \
drbd_resource=wwwdata op monitor interval=60s
# pcs -f drbd_cfg resource master WebDataClone WebData \
master-max=1 master-node-max=1 clone-max=2 clone-node-max=1 \
notify=true
----
[source,C]
----
# pcs -f drbd_cfg resource show
ClusterIP (ocf::heartbeat:IPaddr2) Started
WebSite (ocf::heartbeat:apache) Started
Master/Slave Set: WebDataClone [WebData]
Stopped: [ WebData:0 WebData:1 ]
----
After you are satisfied with all the changes, you can commit all
the changes at once by pushing the drbd_cfg file into the live
cib.
[source,C]
----
-# pcs cluster cib-push drbd_cfg
+# pcs cluster push cib drbd_cfg
CIB updated
# pcs status
Last updated: Fri Sep 14 12:19:49 2012
Last change: Fri Sep 14 12:19:13 2012 via cibadmin on pcmk-1
Stack: corosync
Current DC: pcmk-2 (2) - partition with quorum
Version: 1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0
2 Nodes configured, unknown expected votes
4 Resources configured.
Online: [ pcmk-1 pcmk-2 ]
Full list of resources:
ClusterIP (ocf::heartbeat:IPaddr2): Started pcmk-1
WebSite (ocf::heartbeat:apache): Started pcmk-1
Master/Slave Set: WebDataClone [WebData]
Masters: [ pcmk-1 ]
Slaves: [ pcmk-2 ]
----
endif::[]
ifdef::crmsh[]
One handy feature of the crm shell is that you can use it in
interactive mode to make several changes atomically.
First we launch the shell. The prompt will change to indicate you're
in interactive mode.
[source,C]
----
# crm
crm(live) #
----
Next we must create a working copy of the current configuration. This is
where all our changes will go. The cluster will not see any of them until
we say it's ok. Notice again how the prompt changes, this time to indicate
that we're no longer looking at the live cluster.
[source,C]
----
cib crm(live) # cib new drbd
INFO: drbd shadow CIB created
crm(drbd) #
----
Now we can create our DRBD clone and display the revised configuration.
[source,C]
----
crm(drbd) # configure primitive WebData ocf:linbit:drbd params drbd_resource=wwwdata \
op monitor interval=60s
crm(drbd) # configure ms WebDataClone WebData meta master-max=1 master-node-max=1 \
clone-max=2 clone-node-max=1 notify=true
crm(drbd) # configure show
node $id="1702537408" pcmk-1
node $id="1719314624" pcmk-2
primitive ClusterIP ocf:heartbeat:IPaddr2 \
params ip="192.168.122.120" cidr_netmask="32" \
op monitor interval="30s"
primitive WebData ocf:linbit:drbd \
params drbd_resource="wwwdata" \
op monitor interval="60s"
primitive WebSite ocf:heartbeat:apache \
params configfile="/etc/httpd/conf/httpd.conf" \
op monitor interval="1min"
ms WebDataClone WebData \
meta master-max="1" master-node-max="1" clone-max="2" clone-node-max="1" notify="true"
location prefer-pcmk-1 WebSite 50: pcmk-1
colocation website-with-ip inf: WebSite ClusterIP
order apache-after-ip inf: ClusterIP WebSite
property $id="cib-bootstrap-options" \
dc-version="1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff" \
cluster-infrastructure="corosync" \
stonith-enabled="false" \
no-quorum-policy="ignore" \
last-lrm-refresh="1333446866"
rsc_defaults $id="rsc-options" \
resource-stickiness="100"
op_defaults $id="op-options" \
timeout="240s"
----
Once we're happy with the changes, we can tell the cluster to start using
them and use crm_mon to check everything is functioning.
[source,C]
----
crm(drbd) # cib commit drbd
INFO: commited 'drbd' shadow CIB to the cluster
crm(drbd) # quit
bye
# crm_mon -1
============
Last updated: Tue Apr 3 13:50:01 2012
Last change: Tue Apr 3 13:49:46 2012 via crm_shadow on pcmk-1
Stack: corosync
Current DC: pcmk-1 (1702537408) - partition with quorum
Version: 1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff
2 Nodes configured, unknown expected votes
4 Resources configured.
============
Online: [ pcmk-1 pcmk-2 ]
ClusterIP (ocf::heartbeat:IPaddr2): Started pcmk-1
WebSite (ocf::heartbeat:apache): Started pcmk-1
Master/Slave Set: WebDataClone [WebData]
Masters: [ pcmk-1 ]
Slaves: [ pcmk-2 ]
----
endif::[]
[NOTE]
=======
TODO: Include details on adding a second DRBD resource
=======
Now that DRBD is functioning we can configure a Filesystem resource to
use it. In addition to the filesystem's definition, we also need to
tell the cluster where it can be located (only on the DRBD Primary)
and when it is allowed to start (after the Primary was promoted).
ifdef::pcs[]
We are going to take a shortcut when creating the resource this time though.
Instead of explicitly saying we want the 'ocf:heartbeat:Filesystem' script, we
are only going to ask for 'Filesystem'. We can do this because we know there is only
one resource script named 'Filesystem' available to pacemaker, and that pcs is smart
enough to fill in the 'ocf:heartbeat' portion for us correctly in the configuration.
If there were multiple 'Filesystem' scripts from different ocf providers, we would need
to specify the exact one we wanted to use.
Once again we will queue up our changes to a file and then push the
new configuration to the cluster as the final step.
----
# pcs cluster cib fs_cfg
# pcs -f fs_cfg resource create WebFS Filesystem \
device="/dev/drbd/by-res/wwwdata" directory="/var/www/html" \
fstype="ext4"
----
[source,C]
----
# pcs -f fs_cfg constraint colocation add WebFS WebDataClone INFINITY with-rsc-role=Master
# pcs -f fs_cfg constraint order promote WebDataClone then start WebFS
Adding WebDataClone WebFS (kind: Mandatory) (Options: first-action=promote then-action=start)
----
We also need to tell the cluster that Apache needs to run on the same
machine as the filesystem and that it must be active before Apache can
start.
[source,C]
----
# pcs -f fs_cfg constraint colocation add WebSite WebFS INFINITY
# pcs -f fs_cfg constraint order WebFS then WebSite
----
Now review the updated configuration.
[source,C]
----
# pcs -f fs_cfg constraint
Location Constraints:
Ordering Constraints:
start ClusterIP then start WebSite
WebFS then WebSite
promote WebDataClone then start WebFS
Colocation Constraints:
WebSite with ClusterIP
WebFS with WebDataClone (with-rsc-role:Master)
WebSite with WebFS
# pcs -f fs_cfg resource show
ClusterIP (ocf::heartbeat:IPaddr2) Started
WebSite (ocf::heartbeat:apache) Started
Master/Slave Set: WebDataClone [WebData]
Masters: [ pcmk-1 ]
Slaves: [ pcmk-2 ]
WebFS (ocf::heartbeat:Filesystem) Stopped
----
endif::[]
ifdef::crmsh[]
Once again we'll use the shell's interactive mode
[source,C]
----
# crm
crm(live) # cib new fs
INFO: fs shadow CIB created
crm(fs) # configure primitive WebFS ocf:heartbeat:Filesystem \
params device="/dev/drbd/by-res/wwwdata" directory="/var/www/html" fstype="ext4"
crm(fs) # configure colocation fs_on_drbd inf: WebFS WebDataClone:Master
crm(fs) # configure order WebFS-after-WebData inf: WebDataClone:promote WebFS:start
----
We also need to tell the cluster that Apache needs to run on the same
machine as the filesystem and that it must be active before Apache can
start.
[source,C]
----
crm(fs) # configure colocation WebSite-with-WebFS inf: WebSite WebFS
crm(fs) # configure order WebSite-after-WebFS inf: WebFS WebSite
----
Time to review the updated configuration:
[source,C]
----
crm(fs) # configure show
node $id="1702537408" pcmk-1
node $id="1719314624" pcmk-2
primitive ClusterIP ocf:heartbeat:IPaddr2 \
params ip="192.168.122.120" cidr_netmask="32" \
op monitor interval="30s"
primitive WebData ocf:linbit:drbd \
params drbd_resource="wwwdata" \
op monitor interval="60s"
primitive WebFS ocf:heartbeat:Filesystem \
params device="/dev/drbd/by-res/wwwdata" directory="/var/www/html" fstype="ext4"
primitive WebSite ocf:heartbeat:apache \
params configfile="/etc/httpd/conf/httpd.conf" \
op monitor interval="1min"
ms WebDataClone WebData \
meta master-max="1" master-node-max="1" clone-max="2" clone-node-max="1" notify="true"
location prefer-pcmk-1 WebSite 50: pcmk-1
colocation WebSite-with-WebFS inf: WebSite WebFS
colocation fs_on_drbd inf: WebFS WebDataClone:Master
colocation website-with-ip inf: WebSite ClusterIP
order WebFS-after-WebData inf: WebDataClone:promote WebFS:start
order WebSite-after-WebFS inf: WebFS WebSite
order apache-after-ip inf: ClusterIP WebSite
property $id="cib-bootstrap-options" \
dc-version="1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff" \
cluster-infrastructure="corosync" \
stonith-enabled="false" \
no-quorum-policy="ignore" \
last-lrm-refresh="1333446866"
rsc_defaults $id="rsc-options" \
resource-stickiness="100"
op_defaults $id="op-options" \
timeout="240s"
----
endif::[]
After reviewing the new configuration, we again upload it and watch the
cluster put it into effect.
ifdef::pcs[]
[source,C]
----
-# pcs cluster cib-push fs_cfg
+# pcs cluster push cib fs_cfg
CIB updated
# pcs status
Last updated: Fri Aug 10 12:47:01 2012
Last change: Fri Aug 10 12:46:55 2012 via cibadmin on pcmk-1
Stack: corosync
Current DC: pcmk-1 (1) - partition with quorum
Version: 1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0
2 Nodes configured, unknown expected votes
5 Resources configured.
Online: [ pcmk-1 pcmk-2 ]
Full list of resources:
ClusterIP (ocf::heartbeat:IPaddr2): Started pcmk-1
WebSite (ocf::heartbeat:apache): Started pcmk-1
Master/Slave Set: WebDataClone [WebData]
Masters: [ pcmk-1 ]
Slaves: [ pcmk-2 ]
WebFS (ocf::heartbeat:Filesystem): Started pcmk-1
----
endif::[]
ifdef::crmsh[]
[source,C]
----
crm(fs) # cib commit fs
INFO: commited 'fs' shadow CIB to the cluster
crm(fs) # quit
bye
# crm_mon -1
============
Last updated: Tue Apr 3 13:52:21 2012
Last change: Tue Apr 3 13:52:06 2012 via crm_shadow on pcmk-1
Stack: corosync
Current DC: pcmk-1 (1702537408) - partition with quorum
Version: 1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff
2 Nodes configured, unknown expected votes
5 Resources configured.
============
Online: [ pcmk-1 pcmk-2 ]
ClusterIP (ocf::heartbeat:IPaddr2): Started pcmk-1
WebSite (ocf::heartbeat:apache): Started pcmk-1
Master/Slave Set: WebDataClone [WebData]
Masters: [ pcmk-1 ]
Slaves: [ pcmk-2 ]
WebFS (ocf::heartbeat:Filesystem): Started pcmk-1
----
endif::[]
=== Testing Migration ===
We could shut down the active node again, but another way to safely
simulate recovery is to put the node into what is called "standby
mode". Nodes in this state tell the cluster that they are not allowed
to run resources. Any resources found active there will be moved
elsewhere. This feature can be particularly useful when updating the
resources' packages.
Put the local node into standby mode and observe the cluster move all
the resources to the other node. Note also that the node's status will
change to indicate that it can no longer host resources.
ifdef::pcs[]
[source,C]
----
# pcs cluster standby pcmk-1
# pcs status
Last updated: Fri Sep 14 12:41:12 2012
Last change: Fri Sep 14 12:41:08 2012 via crm_attribute on pcmk-1
Stack: corosync
Current DC: pcmk-1 (1) - partition with quorum
Version: 1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0
2 Nodes configured, unknown expected votes
5 Resources configured.
Node pcmk-1 (1): standby
Online: [ pcmk-2 ]
Full list of resources:
ClusterIP (ocf::heartbeat:IPaddr2): Started pcmk-2
WebSite (ocf::heartbeat:apache): Started pcmk-2
Master/Slave Set: WebDataClone [WebData]
Masters: [ pcmk-2 ]
Stopped: [ WebData:1 ]
WebFS (ocf::heartbeat:Filesystem): Started pcmk-2
----
endif::[]
ifdef::crmsh[]
[source,C]
----
# crm node standby
# crm_mon -1
============
Last updated: Tue Apr 3 13:59:14 2012
Last change: Tue Apr 3 13:52:36 2012 via crm_attribute on pcmk-1
Stack: corosync
Current DC: pcmk-1 (1702537408) - partition with quorum
Version: 1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff
2 Nodes configured, unknown expected votes
5 Resources configured.
============
Node pcmk-1 (1702537408): standby
Online: [ pcmk-2 ]
ClusterIP (ocf::heartbeat:IPaddr2): Started pcmk-2
WebSite (ocf::heartbeat:apache): Started pcmk-2
Master/Slave Set: WebDataClone [WebData]
Masters: [ pcmk-2 ]
Stopped: [ WebData:1 ]
WebFS (ocf::heartbeat:Filesystem): Started pcmk-2
----
endif::[]
Once we've done everything we needed to on pcmk-1 (in this case nothing,
we just wanted to see the resources move), we can allow the node to be a
full cluster member again.
ifdef::pcs[]
[source,C]
----
# pcs cluster unstandby pcmk-1
# pcs status
Last updated: Fri Sep 14 12:43:02 2012
Last change: Fri Sep 14 12:42:57 2012 via crm_attribute on pcmk-1
Stack: corosync
Current DC: pcmk-1 (1) - partition with quorum
Version: 1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0
2 Nodes configured, unknown expected votes
5 Resources configured.
Online: [ pcmk-1 pcmk-2 ]
Full list of resources:
ClusterIP (ocf::heartbeat:IPaddr2): Started pcmk-2
WebSite (ocf::heartbeat:apache): Started pcmk-2
Master/Slave Set: WebDataClone [WebData]
Masters: [ pcmk-2 ]
Slaves: [ pcmk-1 ]
WebFS (ocf::heartbeat:Filesystem): Started pcmk-2
----
endif::[]
ifdef::crmsh[]
[source,C]
----
# crm node online
# crm_mon -1
============
Last updated: Tue Apr 3 14:00:06 2012
Last change: Tue Apr 3 14:00:00 2012 via crm_attribute on pcmk-1
Stack: corosync
Current DC: pcmk-1 (1702537408) - partition with quorum
Version: 1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff
2 Nodes configured, unknown expected votes
5 Resources configured.
============
Online: [ pcmk-1 pcmk-2 ]
ClusterIP (ocf::heartbeat:IPaddr2): Started pcmk-2
WebSite (ocf::heartbeat:apache): Started pcmk-2
Master/Slave Set: WebDataClone [WebData]
Masters: [ pcmk-2 ]
Slaves: [ pcmk-1 ]
WebFS (ocf::heartbeat:Filesystem): Started pcmk-2
----
endif::[]
Notice that our resource stickiness settings prevent the services from
migrating back to pcmk-1.
diff --git a/doc/Clusters_from_Scratch/en-US/Ch-Stonith.txt b/doc/Clusters_from_Scratch/en-US/Ch-Stonith.txt
index 9518fc252e..123bd4b361 100644
--- a/doc/Clusters_from_Scratch/en-US/Ch-Stonith.txt
+++ b/doc/Clusters_from_Scratch/en-US/Ch-Stonith.txt
@@ -1,308 +1,308 @@
= Configure STONITH =
== What Is STONITH ==
STONITH is an acronym for Shoot-The-Other-Node-In-The-Head and it
protects your data from being corrupted by rogue nodes or concurrent
access.
Just because a node is unresponsive, this doesn't mean it isn't
accessing your data. The only way to be 100% sure that your data is
safe, is to use STONITH so we can be certain that the node is truly
offline, before allowing the data to be accessed from another node.
STONITH also has a role to play in the event that a clustered service
cannot be stopped. In this case, the cluster uses STONITH to force the
whole node offline, thereby making it safe to start the service
elsewhere.
== What STONITH Device Should You Use ==
It is crucial that the STONITH device can allow the cluster to
differentiate between a node failure and a network one.
The biggest mistake people make in choosing a STONITH device is to
use remote power switch (such as many on-board IMPI controllers) that
shares power with the node it controls. In such cases, the cluster
cannot be sure if the node is really offline, or active and suffering
from a network fault.
Likewise, any device that relies on the machine being active (such as
SSH-based "devices" used during testing) are inappropriate.
== Configuring STONITH ==
ifdef::pcs[]
. Find the correct driver: +pcs stonith list+
. Find the parameters associated with the device: +pcs stonith describe <agent name>+
. Create a local config to make changes to +pcs cluster cib stonith_cfg+
. Create the fencing resource using +pcs -f stonith_cfg stonith create <stonith_id>
<stonith device type> [stonith device options]+
. Set stonith-enable to true. +pcs -f stonith_cfg property set stonith-enabled=true+
endif::[]
ifdef::crmsh[]
. Find the correct driver: +stonith_admin --list-installed+
. Since every device is different, the parameters needed to configure
it will vary. To find out the parameters associated with the device,
run: +stonith_admin --metadata --agent type+
The output should be XML formatted text containing additional
parameter descriptions. We will endevor to make the output more
friendly in a later version.
. Enter the shell crm Create an editable copy of the existing
configuration +cib new stonith+ Create a fencing resource containing a
primitive resource with a class of stonith, a type of type and a
parameter for each of the values returned in step 2: +configure
primitive ...+
endif::[]
. If the device does not know how to fence nodes based on their uname,
you may also need to set the special +pcmk_host_map+ parameter. See
+man stonithd+ for details.
. If the device does not support the list command, you may also need
to set the special +pcmk_host_list+ and/or +pcmk_host_check+
parameters. See +man stonithd+ for details.
. If the device does not expect the victim to be specified with the
port parameter, you may also need to set the special
+pcmk_host_argument+ parameter. See +man stonithd+ for details.
ifdef::crmsh[]
. Upload it into the CIB from the shell: +cib commit stonith+
endif::[]
ifdef::pcs[]
-. Commit the new configuration. +pcs cluster cib-push stonith_cfg+
+. Commit the new configuration. +pcs cluster push cib stonith_cfg+
endif::[]
. Once the stonith resource is running, you can test it by executing:
+stonith_admin --reboot nodename+. Although you might want to stop the
cluster on that machine first.
== Example ==
Assuming we have an chassis containing four nodes and an IPMI device
active on 10.0.0.1, then we would chose the fence_ipmilan driver in step
2 and obtain the following list of parameters
.Obtaining a list of STONITH Parameters
ifdef::pcs[]
[source,C]
----
# pcs stonith describe fence_ipmilan
Stonith options for: fence_ipmilan
auth: IPMI Lan Auth type (md5, password, or none)
ipaddr: IPMI Lan IP to talk to
passwd: Password (if required) to control power on IPMI device
passwd_script: Script to retrieve password (if required)
lanplus: Use Lanplus
login: Username/Login (if required) to control power on IPMI device
action: Operation to perform. Valid operations: on, off, reboot, status, list, diag, monitor or metadata
timeout: Timeout (sec) for IPMI operation
cipher: Ciphersuite to use (same as ipmitool -C parameter)
method: Method to fence (onoff or cycle)
power_wait: Wait X seconds after on/off operation
delay: Wait X seconds before fencing is started
privlvl: Privilege level on IPMI device
verbose: Verbose mode
----
endif::[]
ifdef::crmsh[]
[source,C]
----
# stonith_admin --metadata -a fence_ipmilan
----
[source,XML]
----
<?xml version="1.0" ?>
<resource-agent name="fence_ipmilan" shortdesc="Fence agent for IPMI over LAN">
<longdesc>
fence_ipmilan is an I/O Fencing agent which can be used with machines controlled by IPMI. This agent calls support software using ipmitool (http://ipmitool.sf.net/).
To use fence_ipmilan with HP iLO 3 you have to enable lanplus option (lanplus / -P) and increase wait after operation to 4 seconds (power_wait=4 / -T 4)</longdesc>
<parameters>
<parameter name="auth" unique="1">
<getopt mixed="-A" />
<content type="string" />
<shortdesc lang="en">IPMI Lan Auth type (md5, password, or none)</shortdesc>
</parameter>
<parameter name="ipaddr" unique="1">
<getopt mixed="-a" />
<content type="string" />
<shortdesc lang="en">IPMI Lan IP to talk to</shortdesc>
</parameter>
<parameter name="passwd" unique="1">
<getopt mixed="-p" />
<content type="string" />
<shortdesc lang="en">Password (if required) to control power on IPMI device</shortdesc>
</parameter>
<parameter name="passwd_script" unique="1">
<getopt mixed="-S" />
<content type="string" />
<shortdesc lang="en">Script to retrieve password (if required)</shortdesc>
</parameter>
<parameter name="lanplus" unique="1">
<getopt mixed="-P" />
<content type="boolean" />
<shortdesc lang="en">Use Lanplus</shortdesc>
</parameter>
<parameter name="login" unique="1">
<getopt mixed="-l" />
<content type="string" />
<shortdesc lang="en">Username/Login (if required) to control power on IPMI device</shortdesc>
</parameter>
<parameter name="action" unique="1">
<getopt mixed="-o" />
<content type="string" default="reboot"/>
<shortdesc lang="en">Operation to perform. Valid operations: on, off, reboot, status, list, diag, monitor or metadata</shortdesc>
</parameter>
<parameter name="timeout" unique="1">
<getopt mixed="-t" />
<content type="string" />
<shortdesc lang="en">Timeout (sec) for IPMI operation</shortdesc>
</parameter>
<parameter name="cipher" unique="1">
<getopt mixed="-C" />
<content type="string" />
<shortdesc lang="en">Ciphersuite to use (same as ipmitool -C parameter)</shortdesc>
</parameter>
<parameter name="method" unique="1">
<getopt mixed="-M" />
<content type="string" default="onoff"/>
<shortdesc lang="en">Method to fence (onoff or cycle)</shortdesc>
</parameter>
<parameter name="power_wait" unique="1">
<getopt mixed="-T" />
<content type="string" default="2"/>
<shortdesc lang="en">Wait X seconds after on/off operation</shortdesc>
</parameter>
<parameter name="delay" unique="1">
<getopt mixed="-f" />
<content type="string" />
<shortdesc lang="en">Wait X seconds before fencing is started</shortdesc>
</parameter>
<parameter name="verbose" unique="1">
<getopt mixed="-v" />
<content type="boolean" />
<shortdesc lang="en">Verbose mode</shortdesc>
</parameter>
</parameters>
<actions>
<action name="on" />
<action name="off" />
<action name="reboot" />
<action name="status" />
<action name="diag" />
<action name="list" />
<action name="monitor" />
<action name="metadata" />
</actions>
</resource-agent>
----
endif::[]
from which we would create a STONITH resource fragment that might look
like this
.Sample STONITH Resource
ifdef::pcs[]
----
# pcs cluster cib stonith_cfg
# pcs -f stonith_cfg stonith create impi-fencing fence_ipmilan \
pcmk_host_list="pcmk-1 pcmk-2" ipaddr=10.0.0.1 login=testuser \
passwd=acd123 op monitor interval=60s
----
[source,C]
----
# pcs -f stonith_cfg stonith
impi-fencing (stonith:fence_ipmilan) Stopped
----
endif::[]
ifdef::crmsh[]
[source,C]
----
# crm crm(live)# cib new stonith
INFO: stonith shadow CIB created
crm(stonith)# configure primitive impi-fencing stonith::fence_ipmilan \
params pcmk_host_list="pcmk-1 pcmk-2" ipaddr=10.0.0.1 login=testuser passwd=abc123 \
op monitor interval="60s"
----
endif::[]
And finally, since we disabled it earlier, we need to re-enable STONITH.
At this point we should have the following configuration.
ifdef::pcs[]
[source,C]
----
# pcs -f stonith_cfg property set stonith-enabled=true
# pcs -f stonith_cfg property
dc-version: 1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0
cluster-infrastructure: corosync
no-quorum-policy: ignore
stonith-enabled: true
----
endif::[]
Now push the configuration into the cluster.
ifdef::pcs[]
[source,C]
----
-# pcs cluster cib-push stonith_cfg
+# pcs cluster push cib stonith_cfg
----
endif::[]
ifdef::crmsh[]
[source,C]
----
crm(stonith)# configure property stonith-enabled="true"
crm(stonith)# configure shownode pcmk-1
node pcmk-2
primitive WebData ocf:linbit:drbd \
params drbd_resource="wwwdata" \
op monitor interval="60s"
primitive WebFS ocf:heartbeat:Filesystem \
params device="/dev/drbd/by-res/wwwdata" directory="/var/www/html" fstype="gfs2"
primitive WebSite ocf:heartbeat:apache \
params configfile="/etc/httpd/conf/httpd.conf" \
op monitor interval="1min"
primitive ClusterIP ocf:heartbeat:IPaddr2 \
params ip="192.168.122.101" cidr_netmask="32" clusterip_hash="sourceip" \
op monitor interval="30s"primitive ipmi-fencing stonith::fence_ipmilan \ params pcmk_host_list="pcmk-1 pcmk-2" ipaddr=10.0.0.1 login=testuser passwd=abc123 \ op monitor interval="60s"ms WebDataClone WebData \
meta master-max="2" master-node-max="1" clone-max="2" clone-node-max="1" notify="true"
clone WebFSClone WebFS
clone WebIP ClusterIP \
meta globally-unique="true" clone-max="2" clone-node-max="2"
clone WebSiteClone WebSite
colocation WebSite-with-WebFS inf: WebSiteClone WebFSClone
colocation fs_on_drbd inf: WebFSClone WebDataClone:Master
colocation website-with-ip inf: WebSiteClone WebIP
order WebFS-after-WebData inf: WebDataClone:promote WebFSClone:start
order WebSite-after-WebFS inf: WebFSClone WebSiteClone
order apache-after-ip inf: WebIP WebSiteClone
property $id="cib-bootstrap-options" \
dc-version="1.1.5-bdd89e69ba545404d02445be1f3d72e6a203ba2f" \
cluster-infrastructure="openais" \
expected-quorum-votes="2" \
stonith-enabled="true" \
no-quorum-policy="ignore"
rsc_defaults $id="rsc-options" \
resource-stickiness="100"
crm(stonith)# cib commit stonithINFO: commited 'stonith' shadow CIB to the cluster
crm(stonith)# quit
bye
----
endif::[]
diff --git a/doc/Clusters_from_Scratch/en-US/Ch-Verification.txt b/doc/Clusters_from_Scratch/en-US/Ch-Verification.txt
index 530e37b322..c62cae4ecd 100644
--- a/doc/Clusters_from_Scratch/en-US/Ch-Verification.txt
+++ b/doc/Clusters_from_Scratch/en-US/Ch-Verification.txt
@@ -1,293 +1,300 @@
= Verify Cluster Installation =
ifdef::pcs[]
== Start the Cluster ==
Now that corosync is configured, it is time to start the cluster.
The command below will start corosync and pacemaker on both nodes
in the cluster. If you are issuing the start command from a different
node than the one you ran the 'pcs cluster auth' command on earlier, you
must authenticate on current node you are logged into before you will
be allowed to start the cluster.
[source,C]
----
# pcs cluster start --all
pcmk-1: Starting Cluster...
pcmk-2: Starting Cluster...
----
An alternative to using the 'pcs cluster startall' command
is to issue either of the below commands on each node in the
cluster by hand.
[source,C]
----
# pcs cluster start
Starting Cluster...
----
or
[source,C]
----
# systemctl start corosync.service
# systemctl start pacemaker.service
----
endif::[]
== Verify Corosync Installation ==
ifdef::crmsh[]
Start Corosync on the first node
[source,C]
----
# systemctl start corosync.service
----
endif::[]
The first thing to check is if cluster communication is happy, for
that we use `corosync-cfgtool`.
ifdef::crmsh[]
[source,C]
----
# corosync-cfgtool -s
Printing ring status.
Local node ID 1702537408
RING ID 0
id = 192.168.122.101
status = ring 0 active with no faults
----
endif::[]
ifdef::pcs[]
[source,C]
----
# corosync-cfgtool -s
Printing ring status.
Local node ID 1
RING ID 0
id = 192.168.122.101
status = ring 0 active with no faults
----
endif::[]
We can see here that everything appears normal with our fixed IP
address, not a 127.0.0.x loopback address, listed as the +id+ and +no
faults+ for the status.
If you see something different, you might want to start by checking
the node's network, firewall and selinux configurations.
Next we check the membership and quorum APIs:
ifdef::pcs[]
[source,C]
----
# corosync-cmapctl | grep members
runtime.totem.pg.mrp.srp.members.1.ip (str) = r(0) ip(192.168.122.101)
runtime.totem.pg.mrp.srp.members.1.join_count (u32) = 1
runtime.totem.pg.mrp.srp.members.1.status (str) = joined
runtime.totem.pg.mrp.srp.members.2.ip (str) = r(0) ip(192.168.122.102)
runtime.totem.pg.mrp.srp.members.2.join_count (u32) = 1
runtime.totem.pg.mrp.srp.members.2.status (str) = joined
# pcs status corosync
Membership information
--------------------------
Nodeid Votes Name
1 1 pcmk-1 (local)
2 1 pcmk-2
----
You should see both nodes have joined the cluster.
endif::[]
ifdef::crmsh[]
[source,C]
----
# corosync-cmapctl | grep members
runtime.totem.pg.mrp.srp.members.1702537408.ip (str) = r(0) ip(192.168.122.101)
runtime.totem.pg.mrp.srp.members.1702537408.join_count (u32) = 1
runtime.totem.pg.mrp.srp.members.1702537408.status (str) = joined
# corosync-quorumtool -l
Membership information
--------------------------
Nodeid Votes Name
1702537408 1 pcmk-1
----
The node see's itself in both locations which is a good sign.
If the node list is empty when you call `corosync-quorumtool`, then
you've not correctly quorum in 'corosync.conf'.
With everything looking healthy, we start Corosync on the second node
and run the same communications check.
[source,C]
----
# ssh pcmk-2 -- systemctl start corosync.service
# ssh pcmk-2 -- corosync-cfgtool -s
Printing ring status.
Local node ID 1719314624
RING ID 0
id = 192.168.122.102
status = ring 0 active with no faults
----
Everything appears to look ok from +pcmk-2+, time to re-run the
membership and quorum checks to see if it shows up there too.
Again, if you see something different to the above, check for the
usual suspects: network, firewall and selinux.
[source,C]
----
# corosync-cmapctl | grep members
runtime.totem.pg.mrp.srp.members.1702537408.ip (str) = r(0) ip(192.168.122.101)
runtime.totem.pg.mrp.srp.members.1702537408.join_count (u32) = 1
runtime.totem.pg.mrp.srp.members.1702537408.status (str) = joined
runtime.totem.pg.mrp.srp.members.1719314624.ip (str) = r(0) ip(192.168.122.102)
runtime.totem.pg.mrp.srp.members.1719314624.join_count (u32) = 1
runtime.totem.pg.mrp.srp.members.1719314624.status (str) = joined
# corosync-quorumtool -l
Membership information
--------------------------
Nodeid Votes Name
1702537408 1 pcmk-1
1719314624 1 pcmk-2
----
endif::[]
All good!
== Verify Pacemaker Installation ==
ifdef::pcs[]
Now that we have confirmed that Corosync is functional we can check
the rest of the stack. Pacemaker has already been started, so verify
the necessary processes are running.
[source,C]
----
# ps axf
PID TTY STAT TIME COMMAND
2 ? S 0:00 [kthreadd]
...lots of processes...
28019 ? Ssl 0:03 /usr/sbin/corosync
28047 ? Ss 0:00 /usr/sbin/pacemakerd -f
28048 ? Ss 0:00 \_ /usr/libexec/pacemaker/cib
28049 ? Ss 0:00 \_ /usr/libexec/pacemaker/stonithd
28050 ? Ss 0:00 \_ /usr/lib64/heartbeat/lrmd
28051 ? Ss 0:00 \_ /usr/libexec/pacemaker/attrd
28052 ? Ss 0:00 \_ /usr/libexec/pacemaker/pengine
28053 ? Ss 0:00 \_ /usr/libexec/pacemaker/crmd
----
If that looks ok, check the pcs status output.
[source,C]
----
# pcs status
Last updated: Fri Sep 14 09:52:25 2012
Last change: Fri Sep 14 09:51:55 2012 via crmd on pcmk-2
Stack: corosync
Current DC: pcmk-2 (2) - partition with quorum
Version: 1.1.8-1.el7-60a19ed12fdb4d5c6a6b6767f52e5391e447fec0
2 Nodes configured, unknown expected votes
0 Resources configured.
Online: [ pcmk-1 pcmk-2 ]
Full list of resources:
----
Next, check for any ERRORs during startup - there shouldn't be any.
[source,C]
----
# grep -i error /var/log/messages
----
+or (on Fedora 20)
+
+[source,C]
+----
+# journalctl | grep -i error
+----
+
Repeat these checks on the other node. The results should be the same.
endif::[]
ifdef::crmsh[]
Now that we have confirmed that Corosync is functional we can check
the rest of the stack. Start Pacemaker and check the necessary
processes have been started.
[source,C]
----
# systemctl start pacemaker.service
# ps axf
PID TTY STAT TIME COMMAND
2 ? S 0:00 [kthreadd]
...lots of processes...
28019 ? Ssl 0:03 /usr/sbin/corosync
28047 ? Ss 0:00 /usr/sbin/pacemakerd -f
28048 ? Ss 0:00 \_ /usr/libexec/pacemaker/cib
28049 ? Ss 0:00 \_ /usr/libexec/pacemaker/stonithd
28050 ? Ss 0:00 \_ /usr/lib64/heartbeat/lrmd
28051 ? Ss 0:00 \_ /usr/libexec/pacemaker/attrd
28052 ? Ss 0:00 \_ /usr/libexec/pacemaker/pengine
28053 ? Ss 0:00 \_ /usr/libexec/pacemaker/crmd
----
If that looks ok, check the logs and crm_mon.
[source,C]
----
# grep pacemakerd /var/log/messages | grep -e get_cluster_type -e read_config
Apr 3 09:19:32 pcmk-1 pacemakerd[28047]: info: get_cluster_type: Detected an active 'corosync' cluster
Apr 3 09:19:32 pcmk-1 pacemakerd[28047]: info: read_config: Reading configure for stack: corosync
# crm_mon -1
============
Last updated: Tue Apr 3 09:21:37 2012
Last change: Tue Apr 3 09:19:54 2012 via crmd on pcmk-1
Stack: corosync
Current DC: pcmk-1 (1702537408) - partition with quorum
Version: 1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff
1 Nodes configured, unknown expected votes
0 Resources configured.
============
Online: [ pcmk-1 ]
----
Next, check for any ERRORs during startup - there shouldn't be any.
[source,C]
----
# grep -i error /var/log/messages
----
Repeat on the other node and display the cluster's status.
[source,C]
----
# ssh pcmk-2 -- systemctl start pacemaker.service
# crm_mon -1
============
Last updated: Tue Apr 3 09:26:23 2012
Last change: Tue Apr 3 09:26:21 2012 via crmd on pcmk-1
Stack: corosync
Current DC: pcmk-1 (1702537408) - partition with quorum
Version: 1.1.7-2.fc17-ee0730e13d124c3d58f00016c3376a1de5323cff
2 Nodes configured, unknown expected votes
0 Resources configured.
============
Online: [ pcmk-1 pcmk-2 ]
----
endif::[]

File Metadata

Mime Type
text/x-diff
Expires
Wed, Jun 25, 5:39 AM (1 d, 39 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
1952337
Default Alt Text
(152 KB)

Event Timeline