Cari di RHE Linux 
     Red Hat Enterprise Linux Manual
Daftar Isi
(Sebelumnya) 12 : Chapter 2. Before Configu ...12 : Chapter 4. Managing Red H ... (Berikutnya)

Cluster Administration

Chapter 3. Configuring Red Hat High Availability Add-On With Conga

3.1. Configuration Tasks
3.2. Starting luci
3.3. Controlling Access to luci
3.4. Creating a Cluster
3.5. Global Cluster Properties
3.5.1. Configuring General Properties
3.5.2. Configuring Fence Daemon Properties
3.5.3. Network Configuration
3.5.4. Configuring Redundant Ring Protocol
3.5.5. Quorum Disk Configuration
3.5.6. Logging Configuration
3.6. Configuring Fence Devices
3.6.1. Creating a Fence Device
3.6.2. Modifying a Fence Device
3.6.3. Deleting a Fence Device
3.7. Configuring Fencing for Cluster Members
3.7.1. Configuring a Single Fence Device for a Node
3.7.2. Configuring a Backup Fence Device
3.7.3. Configuring a Node with Redundant Power
3.8. Configuring a Failover Domain
3.8.1. Adding a Failover Domain
3.8.2. Modifying a Failover Domain
3.8.3. Deleting a Failover Domain
3.9. Configuring Global Cluster Resources
3.10. Adding a Cluster Service to the Cluster
This chapter describes how to configure Red Hat High Availability Add-On software using Conga. For information on using Conga to manage a running cluster, see Chapter 4, Managing Red Hat High Availability Add-On With Conga.

Note

Conga is a graphical user interface that you can use to administer the Red Hat High Availability Add-On. Note, however, that in order to use this interface effectively you need to have a good and clear understanding of the underlying concepts. Learning about cluster configuration by exploring the available features in the user interface is not recommended, as it may result in a system that is not robust enough to keep all services running when components fail.
This chapter consists of the following sections:

3.1. Configuration Tasks

Configuring Red Hat High Availability Add-On software with Conga consists of the following steps:
  1. Configuring and running the Conga configuration user interface - the luci server. Refer to Section 3.2, "Starting luci".
  2. Creating a cluster. Refer to Section 3.4, "Creating a Cluster".
  3. Configuring global cluster properties. Refer to Section 3.5, "Global Cluster Properties".
  4. Configuring fence devices. Refer to Section 3.6, "Configuring Fence Devices".
  5. Configuring fencing for cluster members. Refer to Section 3.7, "Configuring Fencing for Cluster Members".
  6. Creating failover domains. Refer to Section 3.8, "Configuring a Failover Domain".
  7. Creating resources. Refer to Section 3.9, "Configuring Global Cluster Resources".
  8. Creating cluster services. Refer to Section 3.10, "Adding a Cluster Service to the Cluster".

3.2. Starting luci

Installing ricci

Using luci to configure a cluster requires that ricci be installed and running on the cluster nodes, as described in Section 2.13, "Considerations for ricci". As noted in that section, using ricci requires a password which luci requires you to enter for each cluster node when you create a cluster, as described in Section 3.4, "Creating a Cluster".
Before starting luci, ensure that the IP ports on your cluster nodes allow connections to port 11111 from the luci server on any nodes that luci will be communicating with. For information on enabling IP ports on cluster nodes, see Section 2.3.1, "Enabling IP Ports on Cluster Nodes".
To administer Red Hat High Availability Add-On with Conga, install and run luci as follows:
  1. Select a computer to host luci and install the luci software on that computer. For example:
    # yum install luci

    Note

    Typically, a computer in a server cage or a data center hosts luci; however, a cluster computer can host luci.
  2. Start luci using service luci start. For example:
    # service luci startStarting luci: generating https SSL certificates...  done   [  OK  ]Please, point your web browser to https://nano-01:8084 to access luci

    Note

    As of Red Hat Enterprise Linux release 6.1, you can configure some aspects of luci's behavior by means of the /etc/sysconfig/luci file, including the port and host parameters, as described in Section 2.4, "Configuring luci with /etc/sysconfig/luci". Modified port and host parameters will automatically be reflected in the URL displayed when the luci service starts.
  3. At a Web browser, place the URL of the luci server into the URL address box and click Go (or the equivalent). The URL syntax for the luci server is https://luci_server_hostname:luci_server_port. The default value of luci_server_port is 8084.
    The first time you access luci, a web browser specific prompt regarding the self-signed SSL certificate (of the luci server) is displayed. Upon acknowledging the dialog box or boxes, your Web browser displays the luci login page.
  4. Although any user able to authenticate on the system that is hosting luci can log in to luci, as of Red Hat Enterprise Linux 6.2 only the root user on the system that is running luci can access any of the luci components until an administrator (the root user or a user with administrator permission) sets permissions for that user. For information on setting luci permissions for users, refer to Section 3.3, "Controlling Access to luci".
    Logging in to luci displays the luci Homebase page, as shown in Figure 3.1, "luci Homebase page".
    luci Homebase page
    The luci Homebase page.

    Figure 3.1. luci Homebase page


Note

There is an idle timeout for luci that logs you out after 15 minutes of inactivity.

3.3. Controlling Access to luci

Since the initial release of Red Hat Enterprise Linux 6, the following features have been added to the Users and Permisions page.
  • As of Red Hat Enterprise Linux 6.2, the root user or a user who has been granted luci administrator permissions on a system running luci can control access to the various luci components by setting permissions for the individual users on a system.
  • As of Red Hat Enterprise Linux 6.3, the root user or a user who has been granted luci administrator permissions can also use the luci interface to add users to the system.
  • As of Red Hat Enterprise Linux 6.4, the root user or a user who has been granted luci administrator permissions can also use the luci interface to delete users from the system.
To add users, delete users, or set the user permissions, log in to luci as root or as a user who has previously been granted administrator permissions and click the Admin selection in the upper right corner of the luci screen. This brings up the Users and Permissions page, which displays the existing users.
To delete users, select the user or users and click on Delete Selected.
To add a user, click on Add a User and enter the name of the user to add.
To set or change permissions for a user, select the user from the dropdown menu under User Permissions. This allows you to set the following permissions:
Luci Administrator
Grants the user the same permissions as the root user, with full permissions on all clusters and the ability to set or remove permissions on all other users except root, whose permissions cannot be restricted.
Can Create Clusters
Allows the user to create new clusters, as described in Section 3.4, "Creating a Cluster".
Can Import Existing Clusters
Allows the user to add an existing cluster to the luci interface, as described in Section 4.1, "Adding an Existing Cluster to the luci Interface".
For each cluster that has been created or imported to luci, you can set the following permissions for the indicated user:
Can View This Cluster
Allows the user to view the specified cluster.
Can Change the Cluster Configuration
Allows the user to modify the configuration for the specified cluster, with the exception of adding and removing cluster nodes.
Can Enable, Disable, Relocate, and Migrate Service Groups
Allows the user to manage high-availability services, as described in Section 4.5, "Managing High-Availability Services".
Can Stop, Start, and Reboot Cluster Nodes
Allows the user to manage the individual nodes of a cluster, as described in Section 4.3, "Managing Cluster Nodes".
Can Add and Delete Nodes
Allows the user to add and delete nodes from a cluster, as described in Section 3.4, "Creating a Cluster".
Can Remove This Cluster from Luci
Allows the user to remove a cluster from the luci interface, as described in Section 4.4, "Starting, Stopping, Restarting, and Deleting Clusters".
Click Submit for the permissions to take affect, or click Reset to return to the initial values.

3.4. Creating a Cluster

Creating a cluster with luci consists of naming a cluster, adding cluster nodes to the cluster, entering the ricci passwords for each node, and submitting the request to create a cluster. If the node information and passwords are correct, Conga automatically installs software into the cluster nodes (if the appropriate software packages are not currently installed) and starts the cluster. Create a cluster as follows:
  1. Click Manage Clusters from the menu on the left side of the luci Homebase page. The Clusters screen appears, as shown in Figure 3.2, "luci cluster management page".
    luci cluster management page
    The luci cluster management page.

    Figure 3.2. luci cluster management page


  2. Click Create. The Create New Cluster dialog box appears, as shown in Figure 3.3, "luci cluster creation dialog box".
    luci cluster creation dialog box
    The luci cluster creation dialog box.

    Figure 3.3. luci cluster creation dialog box


  3. Enter the following parameters on the Create New Cluster dialog box, as necessary:
    • At the Cluster Name text box, enter a cluster name. The cluster name cannot exceed 15 characters.
    • If each node in the cluster has the same ricci password, you can check Use the same password for all nodes to autofill the password field as you add nodes.
    • Enter the node name for a node in the cluster in the Node Name column and enter the ricci password for the node in the Password column.
    • If your system is configured with a dedicated private network that is used only for cluster traffic, you may want to configure luci to communicate with ricci on an address that is different from the address to which the cluster node name resolves. You can do this by entering that address as the Ricci Hostname.
    • If you are using a different port for the ricci agent than the default of 11111, you can change that parameter.
    • Click on Add Another Node and enter the node name and ricci password for each additional node in the cluster.
    • If you do not want to upgrade the cluster software packages that are already installed on the nodes when you create the cluster, leave the Use locally installed packages option selected. If you want to upgrade all cluster software packages, select the Download Packages option.

      Note

      Whether you select the Use locally installed packages or the Download Packages option, if any of the base cluster components are missing (cman, rgmanager, modcluster and all their dependencies), they will be installed. If they cannot be installed, the node creation will fail.
    • Select Reboot nodes before joining cluster if desired.
    • Select Enable shared storage support if clustered storage is required; this downloads the packages that support clustered storage and enables clustered LVM. You should select this only when you have access to the Resilient Storage Add-On or the Scalable File System Add-On.
  4. Click Create Cluster. Clicking Create Cluster causes the following actions:
    1. If you have selected Download Packages, the cluster software packages are downloaded onto the nodes.
    2. Cluster software is installed onto the nodes (or it is verified that the appropriate software packages are installed).
    3. The cluster configuration file is updated and propagated to each node in the cluster.
    4. The added nodes join the cluster.
    A message is displayed indicating that the cluster is being created. When the cluster is ready, the display shows the status of the newly created cluster, as shown in Figure 3.4, "Cluster node display". Note that if ricci is not running on any of the nodes, the cluster creation will fail.
    Cluster node display
    The luci cluster node display

    Figure 3.4. Cluster node display


  5. After clicking Create Cluster to create the cluster, you can add or delete nodes from the cluster by clicking the Add or Delete function from the menu at the top of the cluster node display page. Unless you are deleting an entire cluster, nodes must be stopped before being deleted. For information on deleting a node from an existing cluster that is currently in operation, see Section 4.3.4, "Deleting a Member from a Cluster".

    Note

    Removing a cluster node from the cluster is a destructive operation that cannot be undone.

3.5. Global Cluster Properties

When you select a cluster to configure, a cluster-specific page is displayed. The page provides an interface for configuring cluster-wide properties. You can configure cluster-wide properties by clicking on Configure along the top of the cluster display. This yields a tabbed interface which provides the following tabs: General, Fence Daemon, Network, Redundant Ring, QDisk and Logging. To configure the parameters in those tabs, follow the steps in the following sections. If you do not need to configure parameters in a tab, skip the section for that tab.

3.5.1. Configuring General Properties

Clicking on the General tab displays the General Properties page, which provides an interface for modifying the configuration version.
  • The Cluster Name text box displays the cluster name; it does not accept a cluster name change. The only way to change the name of a cluster is to create a new cluster configuration with the new name.
  • The Configuration Version value is set to 1 at the time of cluster creation and is automatically incremented each time you modify your cluster configuration. However, if you need to set it to another value, you can specify it at the Configuration Version text box.
If you have changed the Configuration Version value, click Apply for this change to take effect.

3.5.2. Configuring Fence Daemon Properties

Clicking on the Fence Daemon tab displays the Fence Daemon Properties page, which provides an interface for configuring Post Fail Delay and Post Join Delay. The values you configure for these parameters are general fencing properties for the cluster. To configure specific fence devices for the nodes of the cluster, use the Fence Devices menu item of the cluster display, as described in Section 3.6, "Configuring Fence Devices".
  • The Post Fail Delay parameter is the number of seconds the fence daemon (fenced) waits before fencing a node (a member of the fence domain) after the node has failed. The Post Fail Delay default value is 0. Its value may be varied to suit cluster and network performance.
  • The Post Join Delay parameter is the number of seconds the fence daemon (fenced) waits before fencing a node after the node joins the fence domain. The Post Join Delay default value is 6. A typical setting for Post Join Delay is between 20 and 30 seconds, but can vary according to cluster and network performance.
Enter the values required and click Apply for changes to take effect.

Note

For more information about Post Join Delay and Post Fail Delay, refer to the fenced(8) man page.

3.5.3. Network Configuration

Clicking on the Network tab displays the Network Configuration page, which provides an interface for configuring the network transport type.
You can use this tab to select one of the following options:
  • UDP Multicast and Let Cluster Choose the Multicast Address
    This is the default setting. With this option selected, the Red Hat High Availability Add-On software creates a multicast address based on the cluster ID. It generates the lower 16 bits of the address and appends them to the upper portion of the address according to whether the IP protocol is IPv4 or IPv6:
    • For IPv4 - The address formed is 239.192. plus the lower 16 bits generated by Red Hat High Availability Add-On software.
    • For IPv6 - The address formed is FF15:: plus the lower 16 bits generated by Red Hat High Availability Add-On software.

    Note

    The cluster ID is a unique identifier that cman generates for each cluster. To view the cluster ID, run the cman_tool status command on a cluster node.
  • UDP Multicast and Specify the Multicast Address Manually
    If you need to use a specific multicast address, select this option enter a multicast address into the Multicast Address text box.
    If you do specify a multicast address, you should use the 239.192.x.x series (or FF15:: for IPv6) that cman uses. Otherwise, using a multicast address outside that range may cause unpredictable results. For example, using 224.0.0.x (which is "All hosts on the network") may not be routed correctly, or even routed at all by some hardware.
    If you specify or modify a multicast address, you must restart the cluster for this to take effect. For information on starting and stopping a cluster with Conga, refer to Section 4.4, "Starting, Stopping, Restarting, and Deleting Clusters".

    Note

    If you specify a multicast address, make sure that you check the configuration of routers that cluster packets pass through. Some routers may take a long time to learn addresses, seriously impacting cluster performance.
  • UDP Unicast (UDPU)
    As of the Red Hat Enterprise Linux 6.2 release, the nodes in a cluster can communicate with each other using the UDP Unicast transport mechanism. It is recommended, however, that you use IP multicasting for the cluster network. UDP Unicast is an alternative that can be used when IP multicasting is not available. For GFS2 deployments using UDP Unicast is not recommended.
Click Apply. When changing the transport type, a cluster restart is necessary for the changes to take effect.

3.5.4. Configuring Redundant Ring Protocol

As of Red Hat Enterprise Linux 6.4, the Red Hat High Availability Add-On supports the configuration of redundant ring protocol. When using redundant ring protocol, there are a variety of considerations you must take into account, as described in Section 7.6, "Configuring Redundant Ring Protocol".
Clicking on the Redundant Ring tab displays the Redundant Ring Protocol Configuration page. This page displays all of the nodes that are currently configured for the cluster. If you are configuring a system to use redundant ring protocol, you must specify the Alternate Name for each node for the second ring.
The Redundant Ring Protocol Configuration page optionally allows you to specify the Alternate Ring Multicast Address, the Alternate Ring CMAN Port, and the Alternate Ring Multicast Packet TTL for the second ring.
If you specify a multicast address for the second ring, either the alternate multicast address or the alternate port must be different from the multicast address for the first ring. If you specify an alternate port, the port numbers of the first ring and the second ring must differ by at least two, since the system itself uses port and port-1 to perform operations. If you do not specify an alternate multicast address, the system will automatically use a different multicast address for the second ring.

3.5.5. Quorum Disk Configuration

Clicking on the QDisk tab displays the Quorum Disk Configuration page, which provides an interface for configuring quorum disk parameters to configure if you need to use a quorum disk.

Important

Quorum disk parameters and heuristics depend on the site environment and the special requirements needed. To understand the use of quorum disk parameters and heuristics, refer to the qdisk(5) man page. If you require assistance understanding and using quorum disk, contact an authorized Red Hat support representative.
The Do Not Use a Quorum Disk parameter is enabled by default. If you need to use a quorum disk, click Use a Quorum Disk, enter quorum disk parameters, click Apply, and restart the cluster for the changes to take effect.
Table 3.1, "Quorum-Disk Parameters" describes the quorum disk parameters.

Table 3.1. Quorum-Disk Parameters

ParameterDescription
Specify Physical Device: By Device LabelSpecifies the quorum disk label created by the mkqdisk utility. If this field is used, the quorum daemon reads the /proc/partitions file and checks for qdisk signatures on every block device found, comparing the label against the specified label. This is useful in configurations where the quorum device name differs among nodes.
Heuristics
Path to Program - The program used to determine if this heuristic is available. This can be anything that can be executed by /bin/sh -c. A return value of 0 indicates success; anything else indicates failure. This field is required.
Interval - The frequency (in seconds) at which the heuristic is polled. The default interval for every heuristic is 2 seconds.
Score - The weight of this heuristic. Be careful when determining scores for heuristics. The default score for each heuristic is 1.
TKO - The number of consecutive failures required before this heuristic is declared unavailable.
Minimum Total ScoreThe minimum score for a node to be considered "alive". If omitted or set to 0, the default function, floor((n+1)/2), is used, where n is the sum of the heuristics scores. The Minimum Total Score value must never exceed the sum of the heuristic scores; otherwise, the quorum disk cannot be available.

Note

Clicking Apply on the QDisk Configuration tab propagates changes to the cluster configuration file (/etc/cluster/cluster.conf) in each cluster node. However, for the quorum disk to operate or for any modifications you have made to the quorum disk parameters to take effect, you must restart the cluster (refer to Section 4.4, "Starting, Stopping, Restarting, and Deleting Clusters"), ensuring that you have restarted the qdiskd daemon on each node.

3.5.6. Logging Configuration

Clicking on the Logging tab displays the Logging Configuration page, which provides an interface for configuring logging settings.
You can configure the following settings for global logging configuration:
  • Checking Log Debugging Messages enables debugging messages in the log file.
  • Checking Log Messages to Syslog enables messages to syslog. You can select the Syslog Message Facility and the Syslog Message Priority. The Syslog Message Priority setting indicates that messages at the selected level and higher are sent to syslog.
  • Checking Log Messages to Log File enables messages to the log file. You can specify the Log File Path name. The logfile message priority setting indicates that messages at the selected level and higher are written to the log file.
You can override the global logging settings for specific daemons by selecting one of the daemons listed beneath the Daemon-specific Logging Overrides heading at the bottom of the Logging Configuration page. After selecting the daemon, you can check whether to log the debugging messages for that particular daemon. You can also specify the syslog and log file settings for that daemon.
Click Apply for the logging configuration changes you have specified to take effect.

3.6. Configuring Fence Devices

Configuring fence devices consists of creating, updating, and deleting fence devices for the cluster. You must configure the fence devices in a cluster before you can configure fencing for the nodes in the cluster.
Creating a fence device consists of selecting a fence device type and entering parameters for that fence device (for example, name, IP address, login, and password). Updating a fence device consists of selecting an existing fence device and changing parameters for that fence device. Deleting a fence device consists of selecting an existing fence device and deleting it.
This section provides procedures for the following tasks:
From the cluster-specific page, you can configure fence devices for that cluster by clicking on Fence Devices along the top of the cluster display. This displays the fence devices for the cluster and displays the menu items for fence device configuration: Add and Delete. This is the starting point of each procedure described in the following sections.

Note

If this is an initial cluster configuration, no fence devices have been created, and therefore none are displayed.
Figure 3.5, "luci fence devices configuration page" shows the fence devices configuration screen before any fence devices have been created.
luci fence devices configuration page
The luci fence devices configuration page.

Figure 3.5. luci fence devices configuration page


3.6.1. Creating a Fence Device

To create a fence device, follow these steps:
  1. From the Fence Devices configuration page, click Add. Clicking Add displays the Add Fence Device (Instance) dialog box. From this dialog box, select the type of fence device to configure.
  2. Specify the information in the Add Fence Device (Instance) dialog box according to the type of fence device. Refer to Appendix A, Fence Device Parameters for more information about fence device parameters. In some cases you will need to specify additional node-specific parameters for the fence device when you configure fencing for the individual nodes, as described in Section 3.7, "Configuring Fencing for Cluster Members".
  3. Click Submit.
After the fence device has been added, it appears on the Fence Devices configuration page.

3.6.2. Modifying a Fence Device

To modify a fence device, follow these steps:
  1. From the Fence Devices configuration page, click on the name of the fence device to modify. This displays the dialog box for that fence device, with the values that have been configured for the device.
  2. To modify the fence device, enter changes to the parameters displayed. Refer to Appendix A, Fence Device Parameters for more information.
  3. Click Apply and wait for the configuration to be updated.

3.6.3. Deleting a Fence Device

Note

Fence devices that are in use cannot be deleted. To delete a fence device that a node is currently using, first update the node fence configuration for any node using the device and then delete the device.
To delete a fence device, follow these steps:
  1. From the Fence Devices configuration page, check the box to the left of the fence device or devices to select the devices to delete.
  2. Click Delete and wait for the configuration to be updated. A message appears indicating which devices are being deleted.
When the configuration has been updated, the deleted fence device no longer appears in the display.

3.7. Configuring Fencing for Cluster Members

Once you have completed the initial steps of creating a cluster and creating fence devices, you need to configure fencing for the cluster nodes. To configure fencing for the nodes after creating a new cluster and configuring the fencing devices for the cluster, follow the steps in this section. Note that you must configure fencing for each node in the cluster.
The following sections provide procedures for configuring a single fence device for a node, configuring a node with a backup fence device, and configuring a node with redundant power supplies:

3.7.1. Configuring a Single Fence Device for a Node

Use the following procedure to configure a node with a single fence device.
  1. From the cluster-specific page, you can configure fencing for the nodes in the cluster by clicking on Nodes along the top of the cluster display. This displays the nodes that constitute the cluster. This is also the default page that appears when you click on the cluster name beneath Manage Clusters from the menu on the left side of the luci Homebase page.
  2. Click on a node name. Clicking a link for a node causes a page to be displayed for that link showing how that node is configured.
    The node-specific page displays any services that are currently running on the node, as well as any failover domains of which this node is a member. You can modify an existing failover domain by clicking on its name. For information on configuring failover domains, see Section 3.8, "Configuring a Failover Domain".
  3. On the node-specific page, under Fence Devices, click Add Fence Method. This displays the Add Fence Method to Node dialog box.
  4. Enter a Method Name for the fencing method that you are configuring for this node. This is an arbitrary name that will be used by Red Hat High Availability Add-On; it is not the same as the DNS name for the device.
  5. Click Submit. This displays the node-specific screen that now displays the method you have just added under Fence Devices.
  6. Configure a fence instance for this method by clicking the Add Fence Instance button that appears beneath the fence method. This displays the Add Fence Device (Instance) drop-down menu from which you can select a fence device you have previously configured, as described in Section 3.6.1, "Creating a Fence Device".
  7. Select a fence device for this method. If this fence device requires that you configure node-specific parameters, the display shows the parameters to configure. For information on fencing parameters, refer to Appendix A, Fence Device Parameters.

    Note

    For non-power fence methods (that is, SAN/storage fencing), Unfencing is selected by default on the node-specific parameters display. This ensures that a fenced node's access to storage is not re-enabled until the node has been rebooted. For information on unfencing a node, refer to the fence_node(8) man page.
  8. Click Submit. This returns you to the node-specific screen with the fence method and fence instance displayed.

3.7.2. Configuring a Backup Fence Device

You can define multiple fencing methods for a node. If fencing fails using the first method, the system will attempt to fence the node using the second method, followed by any additional methods you have configured.
Use the following procedure to configure a backup fence device for a node.
  1. Use the procedure provided in Section 3.7.1, "Configuring a Single Fence Device for a Node" to configure the primary fencing method for a node.
  2. Beneath the display of the primary method you defined, click Add Fence Method.
  3. Enter a name for the backup fencing method that you are configuring for this node and click Submit. This displays the node-specific screen that now displays the method you have just added, below the primary fence method.
  4. Configure a fence instance for this method by clicking Add Fence Instance. This displays a drop-down menu from which you can select a fence device you have previously configured, as described in Section 3.6.1, "Creating a Fence Device".
  5. Select a fence device for this method. If this fence device requires that you configure node-specific parameters, the display shows the parameters to configure. For information on fencing parameters, refer to Appendix A, Fence Device Parameters.
  6. Click Submit. This returns you to the node-specific screen with the fence method and fence instance displayed.
You can continue to add fencing methods as needed. You can rearrange the order of fencing methods that will be used for this node by clicking on Move Up and Move Down.

3.7.3. Configuring a Node with Redundant Power

If your cluster is configured with redundant power supplies for your nodes, you must be sure to configure fencing so that your nodes fully shut down when they need to be fenced. If you configure each power supply as a separate fence method, each power supply will be fenced separately; the second power supply will allow the system to continue running when the first power supply is fenced and the system will not be fenced at all. To configure a system with dual power supplies, you must configure your fence devices so that both power supplies are shut off and the system is taken completely down. When configuring your system using Conga, this requires that you configure two instances within a single fencing method.
To configure fencing for a node with dual power supplies, follow the steps in this section.
  1. Before you can configure fencing for a node with redundant power, you must configure each of the power switches as a fence device for the cluster. For information on configuring fence devices, see Section 3.6, "Configuring Fence Devices".
  2. From the cluster-specific page, click on Nodes along the top of the cluster display. This displays the nodes that constitute the cluster. This is also the default page that appears when you click on the cluster name beneath Manage Clusters from the menu on the left side of the luci Homebase page.
  3. Click on a node name. Clicking a link for a node causes a page to be displayed for that link showing how that node is configured.
  4. On the node-specific page, click Add Fence Method.
  5. Enter a name for the fencing method that you are configuring for this node.
  6. Click Submit. This displays the node-specific screen that now displays the method you have just added under Fence Devices.
  7. Configure the first power supply as a fence instance for this method by clicking Add Fence Instance. This displays a drop-down menu from which you can select one of the power fencing devices you have previously configured, as described in Section 3.6.1, "Creating a Fence Device".
  8. Select one of the power fence devices for this method and enter the appropriate parameters for this device.
  9. Click Submit. This returns you to the node-specific screen with the fence method and fence instance displayed.
  10. Under the same fence method for which you have configured the first power fencing device, click Add Fence Instance. This displays a drop-down menu from which you can select the second power fencing devices you have previously configured, as described in Section 3.6.1, "Creating a Fence Device".
  11. Select the second of the power fence devices for this method and enter the appropriate parameters for this device.
  12. Click Submit. This returns you to the node-specific screen with the fence methods and fence instances displayed, showing that each device will power the system off in sequence and power the system on in sequence. This is shown in Figure 3.6, "Dual-Power Fencing Configuration".
    Dual-Power Fencing Configuration
    Dual-power fencing configuration

    Figure 3.6. Dual-Power Fencing Configuration


3.8. Configuring a Failover Domain

A failover domain is a named subset of cluster nodes that are eligible to run a cluster service in the event of a node failure. A failover domain can have the following characteristics:
  • Unrestricted - Allows you to specify that a subset of members are preferred, but that a cluster service assigned to this domain can run on any available member.
  • Restricted - Allows you to restrict the members that can run a particular cluster service. If none of the members in a restricted failover domain are available, the cluster service cannot be started (either manually or by the cluster software).
  • Unordered - When a cluster service is assigned to an unordered failover domain, the member on which the cluster service runs is chosen from the available failover domain members with no priority ordering.
  • Ordered - Allows you to specify a preference order among the members of a failover domain. The member at the top of the list is the most preferred, followed by the second member in the list, and so on.
  • Failback - Allows you to specify whether a service in the failover domain should fail back to the node that it was originally running on before that node failed. Configuring this characteristic is useful in circumstances where a node repeatedly fails and is part of an ordered failover domain. In that circumstance, if a node is the preferred node in a failover domain, it is possible for a service to fail over and fail back repeatedly between the preferred node and another node, causing severe impact on performance.

    Note

    The failback characteristic is applicable only if ordered failover is configured.

Note

Changing a failover domain configuration has no effect on currently running services.

Note

Failover domains are not required for operation.
By default, failover domains are unrestricted and unordered.
In a cluster with several members, using a restricted failover domain can minimize the work to set up the cluster to run a cluster service (such as httpd), which requires you to set up the configuration identically on all members that run the cluster service. Instead of setting up the entire cluster to run the cluster service, you can set up only the members in the restricted failover domain that you associate with the cluster service.

Note

To configure a preferred member, you can create an unrestricted failover domain comprising only one cluster member. Doing that causes a cluster service to run on that cluster member primarily (the preferred member), but allows the cluster service to fail over to any of the other members.
The following sections describe adding, modifying, and deleting a failover domain:

3.8.1. Adding a Failover Domain

To add a failover domain, follow the steps in this section.
  1. From the cluster-specific page, you can configure failover domains for that cluster by clicking on Failover Domains along the top of the cluster display. This displays the failover domains that have been configured for this cluster.
  2. Click Add. Clicking Add causes the display of the Add Failover Domain to Cluster dialog box, as shown in Figure 3.7, "luci failover domain configuration dialog box".
    luci failover domain configuration dialog box
    The luci failover domain configuration dialog box.

    Figure 3.7. luci failover domain configuration dialog box


  3. In the Add Failover Domain to Cluster dialog box, specify a failover domain name at the Name text box.

    Note

    The name should be descriptive enough to distinguish its purpose relative to other names used in your cluster.
  4. To enable setting failover priority of the members in the failover domain, click the Prioritized checkbox. With Prioritized checked, you can set the priority value, Priority, for each node selected as members of the failover domain.
  5. To restrict failover to members in this failover domain, click the Restricted checkbox. With Restricted checked, services assigned to this failover domain fail over only to nodes in this failover domain.
  6. To specify that a node does not fail back in this failover domain, click the No Failback checkbox. With No Failback checked, if a service fails over from a preferred node, the service does not fail back to the original node once it has recovered.
  7. Configure members for this failover domain. Click the Member checkbox for each node that is to be a member of the failover domain. If Prioritized is checked, set the priority in the Priority text box for each member of the failover domain.
  8. Click Create. This displays the Failover Domains page with the newly-created failover domain displayed. A message indicates that the new domain is being created. Refresh the page for an updated status.

3.8.2. Modifying a Failover Domain

To modify a failover domain, follow the steps in this section.
  1. From the cluster-specific page, you can configure Failover Domains for that cluster by clicking on Failover Domains along the top of the cluster display. This displays the failover domains that have been configured for this cluster.
  2. Click on the name of a failover domain. This displays the configuration page for that failover domain.
  3. To modify the Prioritized, Restricted, or No Failback properties for the failover domain, click or unclick the checkbox next to the property and click Update Properties.
  4. To modify the failover domain membership, click or unclick the checkbox next to the cluster member. If the failover domain is prioritized, you can also modify the priority setting for the cluster member. Click Update Settings.

3.8.3. Deleting a Failover Domain

To delete a failover domain, follow the steps in this section.
  1. From the cluster-specific page, you can configure Failover Domains for that cluster by clicking on Failover Domains along the top of the cluster display. This displays the failover domains that have been configured for this cluster.
  2. Select the checkbox for the failover domain to delete.
  3. Click on Delete.

3.9. Configuring Global Cluster Resources

You can configure global resources that can be used by any service running in the cluster, and you can configure resources that are available only to a specific service.
To add a global cluster resource, follow the steps in this section. You can add a resource that is local to a particular service when you configure the service, as described in Section 3.10, "Adding a Cluster Service to the Cluster".
  1. From the cluster-specific page, you can add resources to that cluster by clicking on Resources along the top of the cluster display. This displays the resources that have been configured for that cluster.
  2. Click Add. This displays the Add Resource to Cluster drop-down menu.
  3. Click the drop-down box under Add Resource to Cluster and select the type of resource to configure.
  4. Enter the resource parameters for the resource you are adding. Appendix B, HA Resource Parameters describes resource parameters.
  5. Click Submit. Clicking Submit returns to the resources page that displays the display of Resources, which displays the added resource (and other resources).
To modify an existing resource, perform the following steps.
  1. From the luci Resources page, click on the name of the resource to modify. This displays the parameters for that resource.
  2. Edit the resource parameters.
  3. Click Apply.
To delete an existing resource, perform the following steps.
  1. From the luci Resources page, click the checkbox for any resources to delete.
  2. Click Delete.

3.10. Adding a Cluster Service to the Cluster

To add a cluster service to the cluster, follow the steps in this section.
  1. From the cluster-specific page, you can add services to that cluster by clicking on Service Groups along the top of the cluster display. This displays the services that have been configured for that cluster. (From the Service Groups page, you can also start, restart, and disable a service, as described in Section 4.5, "Managing High-Availability Services".)
  2. Click Add. This displays the Add Service Group to Cluster dialog box.
  3. On the Add Service Group to Cluster dialog box, at the Service Name text box, type the name of the service.

    Note

    Use a descriptive name that clearly distinguishes the service from other services in the cluster.
  4. Check the Automatically Start This Service checkbox if you want the service to start automatically when a cluster is started and running. If the checkbox is not checked, the service must be started manually any time the cluster comes up from the stopped state.
  5. Check the Run Exclusive checkbox to set a policy wherein the service only runs on nodes that have no other services running on them.
  6. If you have configured failover domains for the cluster, you can use the drop-down menu of the Failover Domain parameter to select a failover domain for this service. For information on configuring failover domains, see Section 3.8, "Configuring a Failover Domain".
  7. Use the Recovery Policy drop-down box to select a recovery policy for the service. The options are to Relocate, Restart, Restart-Disable, or Disable the service.
    Selecting the Restart option indicates that the system should attempt to restart the failed service before relocating the service. Selecting the Relocate option indicates that the system should try to restart the service in a different node. Selecting the Disable option indicates that the system should disable the resource group if any component fails. Selecting the Restart-Disable option indicates that the system should attempt to restart the service in place if it fails, but if restarting the service fails the service will be disabled instead of being moved to another host in the cluster.
    If you select Restart or Restart-Disable as the recovery policy for the service, you can specify the maximum number of restart failures before relocating or disabling the service, and you can specify the length of time in seconds after which to forget a restart.
  8. To add a resource to the service, click Add Resource. Clicking Add Resource causes the display of the Add Resource To Service drop-down box that allows you to add an existing global resource or to add a new resource that is available only to this service.
    • To add an existing global resource, click on the name of the existing resource from the Add Resource To Service drop-down box. This displays the resource and its parameters on the Service Groups page for the service you are configuring. For information on adding or modifying global resources, see Section 3.9, "Configuring Global Cluster Resources").
    • To add a new resource that is available only to this service, select the type of resource to configure from the Add Resource To Service drop-down box and enter the resource parameters for the resource you are adding. Appendix B, HA Resource Parameters describes resource parameters.
    • When adding a resource to a service, whether it is an existing global resource or a resource available only to this service, you can specify whether the resource is an Independent Subtree or a Non-Critical Resource.
      If you specify that a resource is an independent subtree, then if that resource fails only that resource is restarted (rather than the entire service) before the system attempting normal recovery. You can specify the maximum number of restarts to attempt for that resource on a node before implementing the recovery policy for the service. You can also specify the length of time in seconds after which the system will implement the recovery policy for the service.
      If you specify that the resource is a non-critical resource, then if that resource fails only that resource is restarted, and if the resource continues to fail then only that resource is disabled, rather than the entire service. You can specify the maximum number of restarts to attempt for that resource on a node before disabling that resource. You can also specify the length of time in seconds after which the system will disable that resource.
  9. If you want to add child resources to the resource you are defining, click Add Child Resource. Clicking Add Child Resource causes the display of the Add Resource To Service drop-down box, from which you can add an existing global resource or add a new resource that is available only to this service. You can continue adding children resources to the resource to suit your requirements.

    Note

    If you are adding a Samba-service resource, add it directly to the service, not as a child of another resource.
  10. When you have completed adding resources to the service, and have completed adding children resources to resources, click Submit. Clicking Submit returns to the Service Groups page displaying the added service (and other services).

Note

To verify the existence of the IP service resource used in a cluster service, you can use the /sbin/ip addr show command on a cluster node (rather than the obsoleted ifconfig command). The following output shows the /sbin/ip addr show command executed on a node running a cluster service:
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever2: eth0: <BROADCAST,MULTICAST,UP> mtu 1356 qdisc pfifo_fast qlen 1000 link/ether 00:05:5d:9a:d8:91 brd ff:ff:ff:ff:ff:ff inet 10.11.4.31/22 brd 10.11.7.255 scope global eth0 inet6 fe80::205:5dff:fe9a:d891/64 scope link inet 10.11.4.240/22 scope global secondary eth0   valid_lft forever preferred_lft forever
To modify an existing service, perform the following steps.
  1. From the Service Groups dialog box, click on the name of the service to modify. This displays the parameters and resources that have been configured for that service.
  2. Edit the service parameters.
  3. Click Submit.
To delete one or more existing services, perform the following steps.
  1. From the luci Service Groups page, click the checkbox for any services to delete.
  2. Click Delete.
  3. As of Red Hat Enterprise Linux 6.3, before luci deletes any services a message appears asking you to confirm that you intend to delete the service groups or groups, which stops the resources that comprise it. Click Cancel to close the dialog box without deleting any services, or click Proceed to remove the selected service or services.
(Sebelumnya) 12 : Chapter 2. Before Configu ...12 : Chapter 4. Managing Red H ... (Berikutnya)