Sv translation |
---|
|
Create LVM Physical Volume, Volume Group and Logical Volume (Both Nodes)The commands below assume that /dev/sdb will be used for the DRBD |
...
on top of LVM configuration, and that the disks are EXACTLY the same size. Translations Ignore |
---|
Code Block |
---|
# Create the phsyical volume - this is based on sdb assuming it is the second drive on the system
lvm pvcreate /dev/sdb
# Create the volume group
lvm vgcreate "vg_drbd_jtelshared" /dev/sdb
# Create the logical volume
lvm lvcreate -l +100%FREE vg_drbd_jtelshared -n lv_drbd_jtelshared |
|
Translations Ignore |
---|
Code Block |
---|
# Prepare the firewall
firewall-cmd --zone=public --add-port=7788-7799/tcp --permanent
firewall-cmd --reload |
|
Install elrepo to yum (Both Nodes) Translations Ignore |
---|
Code Block |
---|
# Install elrepo
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm |
|
Install and enable DRBD (Both Nodes) Translations Ignore |
---|
Code Block |
---|
# Install DRBD
yum -y install drbd84-utils kmod-drbd84 lsof
# Enable drbd at boot, and in this session
systemctl enable drbd
systemctl start drbd |
|
NOTE: The following commands requires the hostname of both machines and the IP Address. These are obtained as follows: Translations Ignore |
---|
Code Block |
---|
ip addr
hostname |
|
Create a DRBD config file for jtelshared on /dev/sdb Translations Ignore |
---|
Code Block |
---|
title | /etc/drbd.d/jtelshared.res |
---|
| # Configure DRBD
cat <<EOFF > /etc/drbd.d/jtelshared.res
resource jtelshared {
protocol C;
meta-disk internal;
device /dev/drbd0;
syncer {
verify-alg sha1;
}
net {
allow-two-primaries;
}
on acd-store1.jtel.local {
disk /dev/vg_drbd_jtelshared/lv_drbd_jtelshared;
address 10.42.14.98:7789;
}
on acd-store2.jtel.local {
disk /dev/vg_drbd_jtelshared/lv_drbd_jtelshared;
address 10.42.14.198:7789;
}
startup {
become-primary-on both;
}
}
EOFF |
|
Note: it has been observed, that the fully qualified host name is required in the configuration file. Translations Ignore |
---|
Code Block |
---|
# Create metadata and start DRBD
drbdadm create-md jtelshared
drbdadm up jtelshared |
|
Make one node primary (First Node) Translations Ignore |
---|
Code Block |
---|
drbdadm primary jtelshared --force |
|
Tune the transfer (Second Node) Translations Ignore |
---|
Code Block |
---|
drbdadm disk-options --c-plan-ahead=0 --resync-rate=110M jtelshared |
|
|
...
Wait for initial sync to complete (Either Node) |
Code Block |
---|
mkfs.xfs -L data /dev/drbd0 |
Create fstab entry for file system (both nodes)
Add the following line to /etc/fstab
Code Block |
---|
/dev/drbd/by-res/jtelshared/0 /srv/jtel/shared xfs noauto,noatime,nodiratime 0 0 |
Mount the file system (primary node)
Add the following line to /etc/fstab
Code Block |
---|
mkdir /srv/jtel
mkdir /srv/jtel/shared
chown -R jtel:jtel /srv/jtel
mount /srv/jtel/shared |
Wait for initial sync to complete
Code Block |
---|
cat /proc/drbd
-->
# When not yet done:
version: 8.4.10-1 (api:1/proto:86-101)
GIT-hash: a4d5de01fffd7e4cde48a080e2c686f9e8cebf4c build by mockbuild@, 2017-09-15 14:23:22
1: cs:SyncTarget ro:Secondary/Primary ds:Inconsistent/UpToDate C r-----
ns:0 nr:3955712 dw:3950592 dr:0 al:8 bm:0 lo:5 pe:0 ua:5 ap:0 ep:1 wo:f oos:264474588
[>....................] sync'ed: 1.5% (258272/262132)M
finish: 2:08:08 speed: 34,388 (25,652) want: 112,640 K/sec
-->
# When done:
version: 8.4.10-1 (api:1/proto:86-101)
GIT-hash: a4d5de01fffd7e4cde48a080e2c686f9e8cebf4c build by mockbuild@, 2017-09-15 14:23:22
1: cs:Connected ro:Secondary/Primary ds:UpToDate/UpToDate C r-----
ns:0 nr:15626582 dw:284051762 dr:0 al:8 bm:0 lo:0 pe:0 ua:0 ap:0 ep:1 wo:f oos:0 |
Untune the transfer (Second Node)
Code Block |
---|
drbdadm adjust jtelshared |
Make second node primary and mount the file system (Secondary node)
Add the following line to /etc/fstab
Code Block |
---|
mkdir /srv/jtel
mkdir /srv/jtel/shared
chown -R jtel:jtel /srv/jtel
drbdadm primary jtelshared |
Install Samba and lsof (Both Nodes)
Translations Ignore |
---|
Code Block |
---|
cat /proc/drbd
-->
# When not yet done:
version: 8.4.10-1 (api:1/proto:86-101)
GIT-hash: a4d5de01fffd7e4cde48a080e2c686f9e8cebf4c build by mockbuild@, 2017-09-15 14:23:22
1: cs:SyncTarget ro:Secondary/Primary ds:Inconsistent/UpToDate C r-----
ns:0 nr:3955712 dw:3950592 dr:0 al:8 bm:0 lo:5 pe:0 ua:5 ap:0 ep:1 wo:f oos:264474588
[>....................] sync'ed: 1.5% (258272/262132)M
finish: 2:08:08 speed: 34,388 (25,652) want: 112,640 K/sec
-->
# When done:
version: 8.4.10-1 (api:1/proto:86-101)
GIT-hash: a4d5de01fffd7e4cde48a080e2c686f9e8cebf4c build by mockbuild@, 2017-09-15 14:23:22
1: cs:Connected ro:Secondary/Primary ds:UpToDate/UpToDate C r-----
ns:0 nr:15626582 dw:284051762 dr:0 al:8 bm:0 lo:0 pe:0 ua:0 ap:0 ep:1 wo:f oos:0 |
|
Untune the transfer and make primary (Second Node) Translations Ignore |
---|
Code Block |
---|
drbdadm adjust jtelshared
drbdadm primary jtelshared |
|
Create filesystem (First Node) Translations Ignore |
---|
Code Block |
---|
mkfs.xfs -L data /dev/drbd/by-res/jtelshared/0 |
|
Create fstab entry for file system (Both Nodes)Add the following line to /etc/fstab Translations Ignore |
---|
Code Block |
---|
/dev/drbd/by-res/jtelshared/0 /srv/jtel/shared xfs noauto,noatime,nodiratime 0 0 |
|
Mount the file system (First Node) Translations Ignore |
---|
Code Block |
---|
mkdir /srv/jtel
mkdir /srv/jtel/shared
chown -R jtel:jtel /srv/jtel
mount /srv/jtel/shared |
|
Create a test file and Unmount (First Node) Translations Ignore |
---|
Code Block |
---|
cat <<EOFF > /srv/jtel/shared/test.txt
test 123
EOFF
umount /srv/jtel/shared |
|
Mount the file system and check the test file (Second Node) Translations Ignore |
---|
Code Block |
---|
mkdir /srv/jtel
mkdir /srv/jtel/shared
chown -R jtel:jtel /srv/jtel
mount /srv/jtel/shared
cat /srv/jtel/shared/test.txt
# Check contents of file before proceeding
rm /srv/jtel/shared/test.txt
umount /srv/jtel/shared |
|
Install Samba and lsof (Both Nodes) Translations Ignore |
---|
Code Block |
---|
| yum -y install samba samba-client lsof |
|
Translations Ignore |
---|
Code Block |
---|
| cat <<EOFF > /etc/samba/smb.conf
[global]
workgroup = SAMBA
security = user
passdb backend = tdbsam
printing = cups
printcap name = cups
load printers = yes
cups options = raw
min protocol = NT1
ntlm auth = yes
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = root
create mask = 0664
directory mask = 0775
[shared]
comment = jtel ACD Shared Directory
read only = no
public = yes
writable = yes
locking = yes
path = /srv/jtel/shared
guest ok = yes
create mask = 0644
directory mask = 0755
force user = jtel
force group = jtel
acl allow execute always = True
EOFF |
|
Setup SeLinux, jtel User access and Firewall for Samba (Both Nodes)Replace <password> with the actual password for the jtel user: Translations Ignore |
---|
Code Block |
---|
title | SeLinux, jtel User, Firewall |
---|
| setsebool -P samba_enable_home_dirs=on samba_export_all_rw=on use_samba_home_dirs=on use_nfs_home_dirs=on
printf '<password>\n<password>\n' | smbpasswd -a -s jtel
firewall-cmd --zone=public --add-port=445/tcp --add-port=139/tcp --add-port=138/udp --add-port=137/udp --permanent
firewall-cmd --reload |
|
If necessary, add further users to samba: Translations Ignore |
---|
Code Block |
---|
| useradd -m Administrator
printf 'F1r3B²11\nF1r3B²11\n' | smbpasswd -a -s Administrator
|
|
Test SAMBA (Both Nodes)This test should be performed on the node which currently has /srv/jtel/shared mounted: Translations Ignore |
---|
Code Block |
---|
| mount /srv/jtel/shared
service nmb start
service smb start
# Now check access to the SMB share via (for example) one of the windows machines.
service smb stop
umount /srv/jtel/shared
# do same again on other node |
|
Unmount and disable SAMBA (Both Nodes) Translations Ignore |
---|
Code Block |
---|
| service smb stop
umount /srv/jtel/shared
systemctl disable smb |
|
Install PCS Services (Both Nodes)See Redundancy - Installing PCS Cluster. Setup virtual IP (One Node Only!)Change the following to set the virtual IP which should be shared between the nodes. Translations Ignore |
---|
Code Block |
---|
| KE_VIP=10.4.8.22 |
|
Configure the PCS resources with the following commands: Translations Ignore |
---|
Code Block |
---|
title | Configure PCS Resources |
---|
| pcs resource create ClusterDataJTELSharedMount ocf:heartbeat:Filesystem device="/dev/drbd/by-res/jtelshared/0" directory="/srv/jtel/shared" fstype="xfs" --group=jtel_portal_group
pcs resource create ClusterIP ocf:heartbeat:IPaddr2 ip=${KE_VIP} cidr_netmask=32 op monitor interval=30s --group=jtel_portal_group
pcs resource create samba systemd:smb op monitor interval=30s --group=jtel_portal_group
pcs constraint order start ClusterDataJTELSharedMount then ClusterIP
pcs constraint order start ClusterIP then samba |
|
TestTest as follows: Translations Ignore |
---|
Code Block |
---|
| pcs status
--> shows the status of the newly created resources on both nodes, one node should be active.
Cluster name: portal
Stack: corosync
Current DC: uk-acd-store2 (version 1.1.16-12.el7_4.8-94ff4df) - partition with quorum
Last updated: Mon Mar 19 15:40:24 2018
Last change: Mon Mar 19 15:40:16 2018 by root via cibadmin on uk-acd-store1
2 nodes configured
3 resources configured
Online: [ uk-acd-store1 uk-acd-store2 ]
Full list of resources:
Resource Group: jtel_portal_group
ClusterDataJTELSharedMount (ocf::heartbeat:Filesystem): Started uk-acd-store1
ClusterIP (ocf::heartbeat:IPaddr2): Started uk-acd-store1
samba (systemd:smb): Started uk-acd-store1
Daemon Status:
corosync: active/enabled
pacemaker: active/enabled
pcsd: active/enabled |
|
Test the file mount: Translations Ignore |
---|
Code Block |
---|
| # From the windows machines:
dir \\uk-acd-store\shared |
|
Test manual failover: Translations Ignore |
---|
Code Block |
---|
| # Failover to node 2
pcs cluster standby uk-acd-store1
# ... (wait)
pcs status
# Then test the availability of the files from the windows machines.
# Create a new file before failing back (to make sure DRBD working ok).
# Fail back to node 1
pcs cluster unstandby uk-acd-store1
pcs cluster standby uk-acd-store2
# ... (wait)
pcs status
# Then test the availability of the files from the windows machines.
# Check that the new file created above is available.
# Unstandby node 2
pcs cluster unstandby uk-acd-store2 |
|
Manually link /home/jtel/shared (Both Nodes) Translations Ignore |
---|
Code Block |
---|
title | link /home/jtel/shared |
---|
| ln -s /srv/jtel/shared /home/jtel/shared |
|
|
Sv translation |
---|
|
Status |
---|
colour | Red |
---|
title | This page is only available in English |
---|
|
|
Sv translation |
---|
|
Créer un volume physique, un groupe de volumes et un volume logique LVM (les deux nœuds)Les commandes ci-dessous supposent que /dev/sdb sera utilisé pour le DRBD en plus de la configuration LVM, et que les disques sont EXACTEMENT la même taille. Translations Ignore |
---|
Code Block |
---|
# Create the phsyical volume - this is based on sdb assuming it is the second drive on the system lvm pvcreate /dev/sdb # Create the volume group lvm vgcreate "vg_drbd_jtelshared" /dev/sdb # Create the logical volume lvm lvcreate -l +100%FREE vg_drbd_jtelshared -n lv_drbd_jtelshared |
|
Translations Ignore |
---|
Code Block |
---|
# Préparez le pare-feu firewall-cmd --zone=public --add-port=7788-7799/tcp --permanentfirewall-cmd --reload |
|
Installer elrepo à yum (les deux nœuds) Translations Ignore |
---|
Code Block |
---|
# Install elrepo rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-3.el7.elrepo.noarch.rpm |
|
Installer et activer DRBD (les deux nœuds) Translations Ignore |
---|
Code Block |
---|
# Install DRBD yum -y install drbd84-utils kmod-drbd84 lsof # Enable drbd at boot, and in this session systemctl enable drbd systemctl start drbd |
|
NOTE : Les commandes suivantes nécessitent le nom d'hôte des deux machines et l'adresse IP. Ceux-ci sont obtenus comme suit : Translations Ignore |
---|
Code Block |
---|
ip addr hostname |
|
Créer un fichier de configuration DRBD pour jtelshared sur /dev/sdb Translations Ignore |
---|
Code Block |
---|
title | /etc/drbd.d/jtelshared.res |
---|
| # Configure DRBD cat <<EOFF > /etc/drbd.d/jtelshared.res resource jtelshared { protocol C; meta-disk internal; device /dev/drbd0; syncer { verify-alg sha1; } net { allow-two-primaries; } on acd-store1.jtel.local { disk /dev/vg_drbd_jtelshared/lv_drbd_jtelshared; address 10.42.14.98:7789; } on acd-store2.jtel.local { disk /dev/vg_drbd_jtelshared/lv_drbd_jtelshared; address 10.42.14.198:7789; } startup { become-primary-on both; } } EOFF |
|
Note : il a été observé que le nom d'hôte entièrement qualifié est requis dans le fichier de configuration. Créer des métadonnées et démarrer (les deux nœuds) Translations Ignore |
---|
Code Block |
---|
# Create metadata and start DRBD drbdadm create-md jtelshared drbdadm up jtelshared |
|
Faire un nœud primaire (premier nœud) Translations Ignore |
---|
Code Block |
---|
drbdadm primary jtelshared --force |
|
Régler le transfert (deuxième nœud) Translations Ignore |
---|
Code Block |
---|
drbdadm disk-options --c-plan-ahead=0 --resync-rate=110M jtelshared |
|
Attendre la fin de la synchronisation initiale (l'un ou l'autre des nœuds) Translations Ignore |
---|
Code Block |
---|
cat /proc/drbd --> # Quand ce n'est pas encore fait: version: 8.4.10-1 (api:1/proto:86-101) GIT-hash: a4d5de01fffd7e4cde48a080e2c686f9e8cebf4c build by mockbuild@, 2017-09-15 14:23:22 1: cs:SyncTarget ro:Secondary/Primary ds:Inconsistent/UpToDate C r----- ns:0 nr:3955712 dw:3950592 dr:0 al:8 bm:0 lo:5 pe:0 ua:5 ap:0 ep:1 wo:f oos:264474588 [>....................] sync'ed: 1.5% (258272/262132)M finish: 2:08:08 speed: 34,388 (25,652) want: 112 640 K/sec --> # Quand c'est fait : version : 8.4.10-1 (api:1/proto:86-101) GIT-hash: a4d5de01fffd7e4cde48a080e2c686f9e8cebf4c build by mockbuild@, 2017-09-15 14:23:22 1: cs:Connected ro:Secondary/Primary ds:UpToDate/UpToDate C r----- ns:0 nr:15626582 dw:284051762 dr:0 al:8 bm:0 lo:0 pe:0 ua:0 ap:0 ep:1 wo:f oos:0 |
|
Désaccorder le transfert et faire le primaire (Second Node) Translations Ignore |
---|
Code Block |
---|
drbdadm adjust jtelshared drbdadm primary jtelshared |
|
Créer un système de fichiers (premier nœud) Translations Ignore |
---|
Code Block |
---|
mkfs.xfs -L data /dev/drbd/by-res/jtelshared/0 |
|
Créer une entrée fstab pour le système de fichiers (les deux nœuds)Ajouter la ligne suivante à /etc/fstab Translations Ignore |
---|
Code Block |
---|
/dev/drbd/by-res/jtelshared/0 /srv/jtel/shared xfs noauto,noatime,nodiratime 0 0 |
|
Monter le système de fichiers (premier nœud) Translations Ignore |
---|
Code Block |
---|
mkdir /srv/jtel mkdir /srv/jtel/shared chown -R jtel:jtel /srv/jtel mount /srv/jtel/shared |
|
Créer un fichier test et le démonter (premier nœud) Translations Ignore |
---|
Code Block |
---|
cat <<EOFF > /srv/jtel/shared/test.txt test 123 EOFF umount /srv/jtel/shared |
|
Monter le système de fichiers et vérifier le fichier test (Second Node) Translations Ignore |
---|
Code Block |
---|
mkdir /srv/jtel mkdir /srv/jtel/shared chown -R jtel:jtel /srv/jtel mount /srv/jtel/shared cat /srv/jtel/shared/test.txt # Check contents of file before proceeding rm /srv/jtel/shared/test.txt umount /srv/jtel/shared |
|
Installer Samba et lsof (les deux nœuds) |
Code Block |
---|
title | Install | yum -y install samba samba- |
| client lsof |
---|
Configure Samba (Both Nodes)
Configurer Samba (les deux nœuds)
| Configure | cat <<EOFF > /etc/samba/smb.conf |
|
name = cups
name = cups load printers = yes |
|
comment = Home Directories |
|
No
comment = Printer Drivers |
|
/drivers
/drivers write list = root |
|
comment = jtel ACD Shared Directory |
|
acl allow execute always = True |
|
EOFF
sed -i -e "s/MYGROUP/WORKGROUP/g" /etc/samba/smb.conf |
Setup SeLinux, jtel User access and Firewall for Samba (Both Nodes)
Configuration de SeLinux, jtel Accès utilisateur et pare-feu pour Samba (les deux nœuds)Remplacez <password> par le mot de passe réel de l'utilisateur de jtel : Translations Ignore |
---|
Code Block |
---|
title | SeLinux, utilisateur jtel |
---|
|
|
| User | Firewall | setsebool -P samba_enable_home_dirs=on samba_export_all_rw=on use_samba_home_dirs=on use_nfs_home_dirs=on |
|
fireballnfireballn<password>\n' | smbpasswd -a -s jtel |
|
firewall-cmd --zone=public --add-port=445/tcp --add-port=139/tcp --add-port=138/udp --add-port=137/udp --permanent |
|
|
...
Si nécessaire, ajoutez d'autres utilisateurs à samba : | More Plus d'utilisateurs de SAMBA |
|
|
| users
printf 'F1r3B²11\nF1r3B²11\n' | smbpasswd -a -s Administrator |
|
|
...
...
...
Ce test doit être effectué sur le nœud qui a actuellement /srv/jtel/shared |
...
monté : | Test
# Now check access to the SMB share via (for example) one of the windows machines. |
|
servicenmb stop
# do same again on other node |
|
|
...
Démonter et désactiver SAMBA (les deux nœuds) | Unmount
servicenmb stop
|
...
Installer les services PCS |
...
...
...
...
...
Change the following to set the virtual IP which should be shared between the nodes.
Modifiez les éléments suivants pour définir l'IP virtuel qui doit être partagé entre les nœuds. | Set virtual |
...
...
...
Configurez les ressources PCS à l'aide des commandes suivantes : | Configure Configurer les ressources PCS |
|
|
| Resources | pcs resource create ClusterDataJTELSharedMount ocf:heartbeat:Filesystem device="/dev/drbd/by-res/jtelshared/0" directory="/srv/jtel/shared" fstype="xfs" --group=jtel_portal_group |
|
pcs resource create ClusterIP ocf:heartbeat:IPaddr2 ip=${KE_VIP} cidr_netmask=32 op monitor interval=30s --group=jtel_portal_group |
|
pcs resource create samba systemd:smb op monitor interval=30s --group=jtel_portal_group |
|
pcs constraint order start ClusterDataJTELSharedMount then ClusterIP |
|
pcs constraint order start ClusterIP then samba |
|
Test |
...
Tester comme suit : | Test pcs status
showsthestatusofthenewlycreatedresourcesonboth nodesonenodeshouldbeactive
Cluster name
Current DC : uk-acd-store2 (version 1.1.16-12.el7_4.8-94ff4df) - partition |
| with
Last updated: Mon Dernière mise à jour : Lun 19 Mar |
| 19
LastchangeMon19 byon
nodes configured
3 resources configured
Onlinenœuds configurés 3 ressources configurées en ligne : [ uk-acd-store1 uk-acd-store2 ] |
|
Full list of resources:
Resource Group Liste complète des ressources : Groupe de ressources: jtel_portal_group |
|
ClusterDataJTELSharedMount (ocf::heartbeat:Filesystem): |
|
ClusterIP ocf::heartbeat:IPaddr2
Started
Daemon Status:
corosync: active/enabled
pacemaker: active/enabled
pcsd: active/enabled |
...
Statut du démon : corosync : actif/activé pacemaker : actif/activé pcsd : actif/activé |
|
Tester la monture du fichier : | Test file mountTester la monture du fichier |
| # |
| Fromthewindowsmachines
Test |
...
de basculement manuel : | Test file mountTester la monture du fichier |
| # Failover to node 2 |
|
pcs cluster standby uk-acd-store1 |
|
# Then test the availability of the files from the windows machines. |
|
# Create a new file before failing back (to make sure DRBD working ok). |
|
pcs cluster unstandby uk-acd-store1 |
|
pcs cluster standby uk-acd-store2 |
|
# Then test the availability of the files from the windows machines. |
|
# Check that the new file created above is available. |
|
pcs cluster unstandby uk-acd-store2 |
|
|
...
Lier manuellement /home/jtel/shared (les deux nœuds) | link | ln -s /srv/jtel/shared /home/jtel/shared |
|
|