Hi list,
Im using heartbeat-2.99.2-6.1 with pacemaker-1.0.1-3.1 in a testsetup for a
firewall cluster. This setup has two nodes each with two physical interfaces
eth0 and eth1.
I configured two resources of the typ IPaddr2 and one MailTo resource to get an
Email when a failover occurs. I put these resources into one group to ensure
that the resources will always run on one node.
The problem is each time when I force a failover the resource MailTo produces
the following report in /var/log/ha-log and unfortunately no email will be send.
<snip>
RA
output:(MailTo-admin:start:stderr) /usr/lib/ocf/resource.d//heartbeat/MailTo:
line 86: -s: command not found </snip>
For me it looks like MailTo has no valid $MAILCMD.
Here is my xml snippet.
<group id="group-firewall">
<primitive id="IPaddr2-10.1.1.1" class="ocf" type="IPaddr2"
provider="heartbeat">
<operations>
<op id="op-IPaddr2-10.1.1.1" name="monitor" interval="3s" timeout="3s"
role="Started" on-fail="restart"/>
</operations>
<instance_attributes id="IPaddr2-10.1.1.1-inst-attrs">
<nvpair id="IPaddr2-10.1.1.1-ip" name="ip" value="10.1.1.1"/>
<nvpair id="IPaddr2-10.1.1.1-nic" name="nic" value="eth0"/>
<nvpair id="IPaddr2-10.1.1.1-cidr" name="cidr_netmask" value="24"/>
<nvpair id="IPaddr2-10.1.1.1-iflabel" name="iflabel" value="VIP"/>
</instance_attributes>
</primitive>
<primitive id="IPaddr2-192.168.2.50" class="ocf" type="IPaddr2"
provider="heartbeat">
<operations>
<op id="op-IPaddr2-192.168.2.50" name="monitor" interval="3s"
timeout="3s" role="Started" on-fail="restart"/>
</operations>
<instance_attributes id="IPaddr2-192.168.2.50-inst-attrs">
<nvpair id="IPaddr2-192.168.2.50-inst-attr-ip" name="ip"
value="192.168.2.50"/>
<nvpair id="IPaddr2-192.168.2.50-inst-attr-nic" name="nic"
value="eth1"/>
<nvpair id="IPaddr2-192.168.2.50-inst-attr-cidr"
name="cidr_netmask" value="24"/>
<nvpair id="IPaddr2-192.168.2.50-inst-attr-iflabel" name="iflabel"
value="VIP"/>
</instance_attributes>
</primitive>
<primitive id="MailTo-admin" class="ocf" type="MailTo" provider="heartbeat">
<instance_attributes id="MailTo-inst-attrs">
<nvpair id="MailTo-inst-email" name="email" value="[EMAIL PROTECTED]"/>
<nvpair id="MailTo-inst-subject" name="subject" value="Heartbeat Takeover
occurs"/>
</instance_attributes>
</primitive>
</group>
In additionen, when ping packets from my configured pingd on the prefered
maste node stay away, the duration for a complete failover takes about 75
seconds. This is a long time and not reasonable for a firewall cluster.
I tried to set the monitor option interval from pingd to 3 seconds. But this
changed nothing. The interval for ping packets remains at 10 seconds.
Are there better places, like adding another resource to monitor the link
status of the network interfaces to achieve a faster failover? I believe
IPaddr2 won't check network link status, right?
Here is my xml snippet for pingd
<clone id="clone-pingd">
<meta_attributes id="clone-pingd-meta-attrs">
<nvpair id="clone-pingd-meta-attr-clone-max" name="clone_max" value="2"/>
<nvpair id="clone-pingd-meta-attr-clone-node-max" name="clone_node_max"
value="1"/>
</meta_attributes>
<primitive id="pingd" class="ocf" type="pingd" provider="heartbeat">
<operations>
<op id="op-pingd" name="monitor" interval="3"/>
</operations>
<instance_attributes id="pingd-inst-attrs">
<nvpair id="pingd-inst-attr-multiplier" name="multiplier" value="200"/>
<nvpair id="pingd-inst-attr-dampen" name="dampen" value="5s"/>
<nvpair id="pingd-inst-attr-host-list" name="host_list"
value="default-gateway switch1 switch2"/>
</instance_attributes>
</primitive>
</clone>
<rsc_location id="pingd-group-firewall" rsc="group-firewall">
<rule id="pingd-prefer-rule" score-attribute="pingd">
<expression id="pingd-prefer" attribute="pingd" operation="defined"/>
</rule>
</rsc_location>
Thanks in advance,
Joerg
_______________________________________________
Linux-HA mailing list
[email protected]
http://lists.linux-ha.org/mailman/listinfo/linux-ha
See also: http://linux-ha.org/ReportingProblems
