PCS Cluster is required for:
- The role LB (Load Balancer), if two load balancers are used for redundancy
- The role STORE (file storage), if two file stores are setup using DRBD for redundancy
If the system does not contain redundancy, do not install this. Only install on the above roles.
Install PCS Services (Both nodes)
Install the PCS packages and stop the services.
apt-get update apt-get -y install pacemaker corosync pcs haveged systemctl stop pcsd systemctl stop pacemaker systemctl stop corosync
Disable Managed Services (Both nodes)
Disable smb since this will be managed by pacemaker:
systemctl disable smbd
Configuration Settings (Both nodes)
Next configure the names of the machines and the virtual IP address which will be shared in the cluster:
CAUTION PASSWORD
JT_HOST1=acd-lb1 JT_HOST2=acd-lb2 PASSWORD=<password>
Configure the Firewall (Both nodes)
Next configure the firewall for ha services:
ufw allow 2224/tcp ufw allow 3121/tcp ufw allow 5403/tcp ufw allow 5404/udp ufw allow 5405/udp
Change user password (Both nodes)
Change the password of the hacluster user (replace <password> with the chosen password):
echo hacluster:${PASSWORD} | chpasswd
Cluster Configuration
Node 1 - Create Cluster Key
Create a key for the cluster and copy to server 2:
# On Server 1 corosync-keygen scp /etc/corosync/authkey jtel@acd-lb2:/home/jtel/
Node 2 - Move Cluster Key
Move the cluster key to the configuration directory and setup rights:
# On Server 2 mv /home/jtel/authkey /etc/corosync/ chown root:root /etc/corosync/authkey chmod 400 /etc/corosync/authkey
Both Nodes - Create Corosync Configuration
Note: the hosts file must be configured for this to work.
mv /etc/corosync/corosync.conf /etc/corosync/corosync.conf.orig
cat << EOFF > /etc/corosync/corosync.conf
totem {
version: 2
cluster_name: jtel_cluster
transport: knet
crypto_cipher: aes256
crypto_hash: sha256
token: 4000
}
nodelist {
node {
ring0_addr: acd-lb1
name: acd-lb1
nodeid: 1
}
node {
ring0_addr: acd-lb2
name: acd-lb2
nodeid: 2
}
}
quorum {
provider: corosync_votequorum
two_node: 1
}
logging {
to_logfile: yes
logfile: /var/log/corosync/corosync.log
to_syslog: yes
timestamp: on
}
EOFF
Start Cluster - Both Nodes
systemctl enable corosync systemctl enable pacemaker systemctl enable pcsd systemctl start corosync systemctl start pacemaker systemctl start pcsd
Resource Cleanup - One Node
pcs resource cleanup pcs status
Check if the output is OK.
Configure Cluster - One Node
pcs property set stonith-enabled=false pcs property set no-quorum-policy=ignore pcs resource defaults migration-threshold=1
Test
Check the results on both machines:
root@test-lb1:/home/jtel# pcs status Cluster name: jtel_cluster Stack: corosync Current DC: acd-lb1 (version 2.0.1-9e909a5bdd) - partition with quorum Last updated: Tue Feb 23 07:49:26 2021 Last change: Tue Feb 23 07:40:58 2021 by root via cibadmin on acd-lb1 2 nodes configured 0 resources configured Online: [ acd-lb1 acd-lb2 ] No resources Daemon Status: corosync: active/enabled pacemaker: active/enabled pcsd: active/enabled
root@acd-store1-test:/home/jtel# pcs config
Cluster Name: jtel_cluster
Corosync Nodes:
acd-store1-test acd-store2-test
Pacemaker Nodes:
acd-store1-test acd-store2-test
Resources:
Stonith Devices:
Fencing Levels:
Location Constraints:
Ordering Constraints:
Colocation Constraints:
Ticket Constraints:
Alerts:
No alerts defined
Resources Defaults:
Meta Attrs: rsc_defaults-meta_attributes
migration-threshold=1
Operations Defaults:
No defaults set
Cluster Properties:
cluster-infrastructure: corosync
cluster-name: debian
dc-version: 2.0.5-ba59be7122
have-watchdog: false
no-quorum-policy: ignore
stonith-enabled: false
Tags:
No tags defined
Quorum:
Options: