Excellent.
Please note; With IPMI-only fencing, you may find that killing all
power to the node will cause fencing to fail, as the IPMI's BMC will
lose power as well (unless it has it's own battery, but most don't).
If you find this, then the solution I would recommend is to get a
pair of switched PDUs (I like the APC brand AP7900, very fast and the
fence_apc_snmp agent is very well tested). With this, you can then setup
STONITH levels;
http://clusterlabs.org/wiki/STONITH_Levels
With this, if the IPMI fails, Pacemaker will move on and try fencing
by cutting power to the lost node, providing a backup method of fencing.
If you use stacked switches, put the PDUs on one switch and the IPMI
interface on the other switch, and you will provide reliable fencing in
a failed-switch state, too.
Cheers!
On 21/06/14 12:38 PM, Gianluca Cecchi wrote:
Hi Gianluca,
I'm not sure of the CIB XML syntax, but here is how it's done
using pcs:
OK, thanks Digimer.
It seems it worked this way using your suggestions
[root@srvmgmt01 ~]# pcs stonith show
Fencing (stonith:fence_intelmodular): Started
# pcs cluster cib stonith_separate_cfg
[root@srvmgmt01 ~]# pcs -f stonith_separate_cfg stonith delete Fencing
Attempting to stop: Fencing...Error: Unable to stop: Fencing before
deleting (re-run with --force to force deletion)
(used --force later see below perhaps I had to use stop before, but I
thought that working on file it would have done nothing...)
# pcs -f stonith_separate_cfg stonith create fence_srvmgmt01
fence_intelmodular \
pcmk_host_list="srvmgmt01.localdomain.local"
pcmk_host_map="srvmgmt01.localdomain.local:5" \
ipaddr="192.168.150.150" login="snmpv3user"
passwd_script="/usr/local/bin/fence_pwd.sh" \
snmp_version="3" snmp_auth_prot="SHA" snmp_sec_level="authNoPriv" \
power_wait="15" action="reboot" delay=15 \
op monitor interval=10m timeout="300s"
# pcs -f stonith_separate_cfg stonith create fence_srvmgmt02
fence_intelmodular \
pcmk_host_list="srvmgmt02.localdomain.local"
pcmk_host_map="srvmgmt02.localdomain.local:6" \
ipaddr="192.168.150.150" login="snmpv3user"
passwd_script="/usr/local/bin/fence_pwd.sh" \
snmp_version="3" snmp_auth_prot="SHA" snmp_sec_level="authNoPriv" \
power_wait="15" action="reboot" \
op monitor interval=10m timeout="300s"
[root@srvmgmt01 ~]# pcs -f stonith_separate_cfg stonith delete Fencing
--force
Deleting Resource - Fencing
# pcs cluster cib-push stonith_separate_cfg
CIB updated
and now I have
[root@srvmgmt01 ~]# crm_mon -1
Last updated: Sat Jun 21 18:33:15 2014
Last change: Sat Jun 21 18:31:35 2014 via cibadmin on
srvmgmt01.localdomain.local
Stack: cman
Current DC: srvmgmt01.localdomain.local - partition with quorum
Version: 1.1.10-14.el6_5.3-368c726
2 Nodes configured
5 Resources configured
Online: [ srvmgmt01.localdomain.local srvmgmt02.localdomain.local ]
Master/Slave Set: ms_drbd_kvm-ovirtmgr [p_drbd_kvm-ovirtmgr]
Masters: [ srvmgmt01.localdomain.local ]
Slaves: [ srvmgmt02.localdomain.local ]
p_kvm-ovirtmgr (ocf::heartbeat:VirtualDomain): Started
srvmgmt01.localdomain.local
fence_srvmgmt01 (stonith:fence_intelmodular): Started
srvmgmt02.localdomain.local
fence_srvmgmt02 (stonith:fence_intelmodular): Started
srvmgmt01.localdomain.local
I'm going to test several scenarios to see behaviour is as expected.
Thanks again.
Gianluca
_______________________________________________
Pacemaker mailing list: Pacemaker@oss.clusterlabs.org
http://oss.clusterlabs.org/mailman/listinfo/pacemaker
Project Home: http://www.clusterlabs.org
Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf
Bugs: http://bugs.clusterlabs.org
--
Digimer
Papers and Projects: https://alteeve.ca/w/
What if the cure for cancer is trapped in the mind of a person without
access to education?
_______________________________________________
Pacemaker mailing list: Pacemaker@oss.clusterlabs.org
http://oss.clusterlabs.org/mailman/listinfo/pacemaker
Project Home: http://www.clusterlabs.org
Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf
Bugs: http://bugs.clusterlabs.org
