On Thu, 2018-09-06 at 17:33 -0300, Marcos Renato da Silva Junior wrote: > Hi, > I created a testing environment based on Raspberry Pi (attached > diagram), in my tests it has worked well, but I did not implement > anything about fencing and stonith, what is the need and how to > implement? > Thanks, > Marcos.
The need for fencing is to be able to recover from problems that disrupt normal cluster operation. For example, if one node has the IP but becomes overloaded and can't respond to requests, the cluster can't stop the IP on the unresponsive node. If the cluster brings up the IP on another node anyway (which it will do if there's no fencing), packets will randomly go to one or the other node, causing the service to fail. With fencing, the cluster powers down the unresponsive node, and can safely bring up the IP elsewhere. > corosync.conf : > totem { > version: 2 > cluster_name: debian > token: 3000 > token_retransmits_before_loss_const: 10 > clear_node_high_bit: yes > crypto_cipher: aes256 > crypto_hash: sha1 > interface { > bindnetaddr: 192.168.0.0 > mcastaddr: 239.255.1.1 > mcastport: 5405 > ttl: 1 > } > } > > logging { > fileline: off > to_stderr: no > to_logfile: no > to_syslog: yes > syslog_facility: daemon > debug: off > timestamp: on > logger_subsys { > subsys: QUORUM > debug: off > } > } > > quorum { > provider: corosync_votequorum > expected_votes: 2 > two_node: 1 > } > > crm configure property stonith-enabled=false > > crm configure property no-quorum-policy=ignore > > crm configure primitive LDAP-IP ocf:heartbeat:IPaddr2 \ > params ip="192.168.0.10" nic="eth0" cidr_netmask="24" \ > op monitor interval=10s timeout=20s > crm configure primitive LDAP ocf:heartbeat:slapd params \ > slapd="/usr/sbin/slapd" \ > config="/etc/ldap/slapd.d/" \ > user="openldap" group="openldap" \ > services="ldap:///" \ > watch_suffix="dc=acme,dc=lab" \ > bind_dn="cn=admin,dc=acme,dc=lab" \ > password="password" \ > op monitor interval=10s timeout=20s > crm configure clone LDAP-CLONE LDAP > crm configure colocation LDAP-IP_WITH_LDAP inf: LDAP-IP LDAP-CLONE > > crm configure order LDAP-IP_BEFORE_LDAP inf: LDAP-IP LDAP-CLONE > > crm configure location PREFER_RASP4_LDAP LDAP-IP 50: rasp4 > > crm configure primitive RADIUS-IP ocf:heartbeat:IPaddr2 \ > params ip="192.168.0.9" nic="eth0" cidr_netmask="24" \ > op monitor interval=10s timeout=20s > crm configure primitive RADIUS lsb:freeradius op monitor interval=10s > timeout=20s > crm configure clone RADIUS-CLONE RADIUS > crm configure colocation RADIUS-IP_WITH_RADIUS inf: RADIUS-IP RADIUS- > CLONE > > crm configure order RADIUS-IP_BEFORE_RADIUS inf: RADIUS-IP RADIUS- > CLONE > > crm configure location PREFER_RASP4_RADIUS RADIUS-IP 50: rasp4 > > > diagram.jpg -- Ken Gaillot <kgail...@redhat.com> _______________________________________________ Users mailing list: Users@clusterlabs.org https://lists.clusterlabs.org/mailman/listinfo/users Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://bugs.clusterlabs.org