This document guides you through the setup of a High Availability cluster with a remote
node or a guest node, managed by Pacemaker and pacemaker_remote
. Remote in the pacemaker_remote
term
does not mean physical distance, but “non-membership” of a cluster.
A regular cluster may contain up to 32 nodes. With the pacemaker_remote
service,
High Availability clusters can be extended to include additional nodes beyond this
limit.
The pacemaker_remote
service can be operated as a physical node (called remote
node) or as a virtual node (called guest node).
Unlike normal cluster nodes, both remote and guest nodes are managed by
the cluster as resources.
As such, they are not bound to the 32 node limitation of the cluster
stack. However, from the resource management point of view, they behave
as regular cluster nodes.
Remote nodes do not need to have the full cluster stack installed, as
they only run the pacemaker_remote
service. The service acts as a proxy,
allowing the cluster stack on the “regular” cluster nodes
to connect to the service.
Thus, the node that runs the pacemaker_remote
service is
effectively integrated into the cluster as a remote node (see Terminology).
A node that runs the complete cluster stack, see Figure 1, “Regular Cluster Stack (Two-Node Cluster)”.
A regular cluster node may perform the following tasks:
Run cluster resources.
Run all command line tools, such as crm
,
crm_mon
.
Execute fencing actions.
Count toward cluster quorum.
Serve as the cluster's designated coordinator (DC).
pacemaker_remote
)
A service daemon that makes it possible to use a node as a Pacemaker node
without deploying the full cluster stack. Note that pacemaker_remote
is the
name of the systemd service. However, the name of the daemon
is pacemaker_remoted (with a trailing d after its name).
A physical machine that runs the pacemaker_remote
daemon. A special
resource (ocf:pacemaker:remote
) needs to run
on one of the cluster nodes to manage communication
between the cluster node and the remote node (see Section 3, “Use Case 1: Setting Up a Cluster with Remote Nodes”).
A virtual machine that runs the pacemaker_remote
daemon.
A guest node is created using a resource agent such as
ocf:pacemaker:VirtualDomain
with the
remote-node
meta attribute (see
Section 4, “Use Case 2: Setting Up a Cluster with Guest Nodes”).
For a physical machine that contains several guest nodes, the process is as follows:
On the cluster node, virtual machines are launched by Pacemaker.
The cluster connects to the pacemaker_remote
service of the virtual
machines.
The virtual machines are integrated into the cluster by pacemaker_remote
.
It is important to distinguish between several roles that a virtual machine can take in the High Availability cluster:
A virtual machine can run a full cluster stack. In this case, the virtual machine is a regular cluster node and is not itself managed by the cluster.
A virtual machine can be managed by the cluster as a resource, without the cluster being aware of the services that run inside the virtual machine. In this case, the virtual machine is opaque to the cluster.
A virtual machine can be a cluster resource and run pacemaker_remote
,
which allows the cluster to manage services inside the virtual machine.
In this case, the virtual machine is a guest node and is transparent
to the cluster.
Remote nodes and guest nodes can run cluster resources and most command line tools. However, they have the following limitations:
They cannot execute fencing actions.
They do not affect quorum.
They cannot serve as Designated Coordinator (DC).
The procedures in this document describe the process of setting up a minimal cluster with the following characteristics:
Two cluster nodes running SUSE Linux Enterprise High Availability Extension 12 GA or higher. In this guide,
their host names are alice
and bob
.
Depending on the setup you choose, your cluster will end up with one of the following nodes:
One remote node running pacemaker_remote
(the remote node is named
charlie
in this document).
Or:
One guest node running pacemaker_remote
(the guest node is named
doro
in this document).
Pacemaker to manage guest nodes and remote nodes.
Failover of resources from one node to the other if the active host breaks down (active/passive setup).
In the following example setup, a remote node
charlie
is used.
To prepare the cluster nodes and remote node, proceed as follows:
Install and set up a basic two-node cluster as described in the Kurzanleitung zu Installation und Einrichtung.
This will lead to a two-node cluster with two physical hosts, alice
and bob
.
On a physical host (charlie
) that you want to use as remote node, install
SUSE Linux Enterprise Server 12 SP5 and add SUSE Linux Enterprise High Availability Extension 12 SP5
as extension. However, do not install the High Availability installation pattern,
because the remote node needs only individual packages (see Section 3.3).
On all cluster nodes, check /etc/hosts
and add an
entry for charlie
.
On the cluster node alice
proceed as follows:
Create a specific authentication key for the pacemaker_remote
service:
root #
mkdir
-p --mode=0755 /etc/pacemakerroot #
dd
if=/dev/urandom of=/etc/pacemaker/authkey bs=4k count=1
The key for the pacemaker_remote
service is different from the cluster
authentication key that you create in the YaST cluster module.
Synchronize the authentication key among all cluster nodes
and your future remote node with scp
:
root #
scp
-r -p /etc/pacemaker/ bob:/etcroot #
scp
-r -p /etc/pacemaker/ charlie:/etc
The key needs to be kept synchronized all the time.
The following procedure configures the physical host charlie
as a remote node:
On charlie
, proceed as follows:
In the firewall settings, open the TCP port 3121 for
pacemaker_remote
.
Install the pacemaker-remote and crmsh packages:
root #
zypper
in pacemaker-remote crmsh
Enable and start the pacemaker_remote
service on charlie
:
root #
systemctl
enable pacemaker_remoteroot #
systemctl
start pacemaker_remote
On alice
or bob
, verify the
host connection to the remote node by using ssh
:
root #
ssh
-p 3121 charlie
This SSH connection will fail, but how it fails shows if the setup is working:
ssh_exhange_identification: read: Connection reset by peer.
ssh: connect to host charlie port 3121: No route to host ssh: connect to host charlie port 3121: Connection refused
If you see either of those two messages, the setup does
not work. Use the -v
option for ssh
and execute the command again to see debugging messages. This can
be helpful to find connection, authentication, or configuration
problems. Multiple -v
options increase the verbosity.
If needed, add more remote nodes and configure them as described above.
To integrate the remote node into the cluster, proceed as follows:
Log in to each cluster node and make sure Pacemaker service is already started:
root #
systemctl
start pacemaker
On node alice
,
create a ocf:pacemaker:remote
primitive:
root #
crm
configurecrm(live)configure#
primitive
charlie ocf:pacemaker:remote \ params server=charlie reconnect_interval=15m \ op monitor interval=30scrm(live)configure#
commit
crm(live)configure#
exit
Check the status of the cluster with the command
crm status
. It
should contain a running cluster with nodes that are all accessible:
root #
crm
status [...] Online: [ alice bob ] RemoteOnline: [ charlie ] Full list of resources: charlie (ocf:pacemaker:remote): Started alice [...]
After the remote node is integrated into the cluster, you can start resources on the remote node in the same way as on any cluster node.
Never involve a remote node connection resource in a resource group, colocation constraint, or order constraint. This may lead to unexpected behavior on cluster transitions.
Fencing Remote Nodes. Remote nodes are fenced in the same way as cluster nodes. Configure fencing resources for use with remote nodes in the same way as with cluster nodes.
Remote nodes do not take part in initiating a fencing action. Only cluster nodes can execute a fencing operation against another node.
In the following example setup, KVM is used for setting up the virtual
guest node (doro
).
To prepare the cluster nodes and guest node, proceed as follows:
Install and set up a basic two-node cluster as described in the Kurzanleitung zu Installation und Einrichtung.
This will lead to a two-node cluster with two physical hosts, alice
and bob
.
Create a KVM guest on alice
. For details refer to https://documentation.suse.com/sles-12/html/SLES-all/cha-kvm-inst.html.
On the KVM guest (doro
) that you want to use as guest node, install
SUSE Linux Enterprise Server 12 SP5 and add SUSE Linux Enterprise High Availability Extension 12 SP5
as extension. However, do not install the High Availability installation pattern,
because the remote node needs only individual packages (see Section 4.3).
On all cluster nodes, check /etc/hosts
and add an
entry for doro
.
On the cluster node alice
proceed as follows:
Create a specific authentication key for the pacemaker_remote
service:
root #
mkdir
-p --mode=0755 /etc/pacemakerroot #
dd
if=/dev/urandom of=/etc/pacemaker/authkey bs=4k count=1
The key for the pacemaker_remote
service is different from the cluster
authentication key that you create in the YaST cluster module.
Synchronize the authentication key among all cluster nodes
and your guest node with scp
:
root #
scp
-r -p /etc/pacemaker/ bob:/etcroot #
scp
-p /etc/pacemaker/ doro:/etc
The key needs to be kept synchronized all the time.
The following procedure configures doro
as a guest node on your cluster node
alice
:
On doro
, proceed as follows:
In the firewall settings, open the TCP port 3121 for
pacemaker_remote
.
Install the pacemaker-remote and crmsh packages:
root #
zypper
in pacemaker-remote crmsh
Enable and start the pacemaker_remote
service on alice
:
root #
systemctl
enable pacemaker_remoteroot #
systemctl
start pacemaker_remote
On alice
or bob
, verify the
host connection to the guest by running ssh
:
root #
ssh
-p 3121 doro
This SSH connection will fail, but how it fails shows if the setup is working:
ssh_exhange_identification: read: Connection reset by peer.
ssh: connect to host doro port 3121: No route to host ssh: connect to host doro port 3121: Connection refused
If you see either of those two messages, the setup does
not work. Use the -v
option for ssh
and execute the command again to see debugging messages. This can
be helpful to find connection, authentication, or configuration
problems. Multiple -v
options increase the verbosity.
If needed, add more guest nodes and configure them as described above.
Shut down the guest node and proceed with Section 4.4, “Integrating a Guest Node into the Cluster”.
To integrate the guest node into the cluster, proceed as follows:
Log in to each cluster node and make sure Pacemaker service is already started:
root #
systemctl
start pacemaker
Dump the XML configuration of the KVM guest(s) that you need in the next step:
root #
virsh
list --all Id Name State ----------------------------------- - doro shut offroot #
virsh
dumpxml doro > /etc/pacemaker/doro.xml
On node alice
,
create a VirtualDomain
resource to launch the
virtual machine. Use the dumped configuration from Step 2:
root #
crm
configurecrm(live)configure#
primitive
vm-doro ocf:heartbeat:VirtualDomain \ params hypervisor="qemu:///system" \ config="/etc/pacemaker/doro.xml" \ meta remote-node=doro
Pacemaker will automatically monitor pacemaker_remote connections for failure,
so it is not necessary to create a recurring monitor on the
VirtualDomain
resource.
Check the status of the cluster with the command
crm status
. It
should contain a running cluster with nodes that are all accessible.
To demonstrate how resources are executed, use a dummy resource. It serves for testing purposes only.
Create a dummy resource:
root #
crm
configure primitive fake1 ocf:pacemaker:Dummy
Check the cluster status with the crm status
command.
You should see something like the following:
root #
crm
status [...] Online: [ alice bob ] GuestOnline: [ doro@alice ] Full list of resources: vm-doro (ocf:heartbeat:VirtualDomain): Started alice fake1 (ocf:pacemaker:Dummy): Started bob
To move the Dummy primitive to the guest node
(doro
), use the following command:
root #
crm
resource move fake1 doro
The status will change to this:
root #
crm
status [...] Online: [ alice bob ] GuestOnline: [ doro@alice ] Full list of resources: vm-doro (ocf:heartbeat:VirtualDomain): Started alice fake1 (ocf:pacemaker:Dummy): Started doro
To test whether fencing works, kill the pacemaker_remoted
daemon on doro
:
root #
kill
-9 $(pidof pacemaker_remoted)
After a few seconds, check the status of the cluster again. It should look like this:
root #
crm
status [...] Online: [ alice bob ] Full list of resources: vm-doro (ocf::heartbeat:VirtualDomain): Started alice fake1 (ocf:pacemaker:Dummy): Stopped Failed Actions: * doro_monitor_30000 on alice 'unknown error' (1): call=8, status=Error, exitreason='none', last-rc-change='Tue Jul 18 13:11:51 2017', queued=0ms, exec=0ms
Upgrade all pacemaker_remote nodes to SUSE Linux Enterprise 12 SP5 one by one and make sure
SUSE Linux Enterprise High Availability Extension 12 SP5 has been added as extension. Update the
packages pacemaker-remote
and
crmsh
including their
dependencies. For details, see Section 5.3, “Updating Software Packages on Cluster Nodes”.
It also lists different scenarios and supported upgrade paths in chapter Upgrading Your Cluster and Updating Software Packages.
Copyright © 2006– 2024 SUSE LLC und Mitwirkende. Alle Rechte vorbehalten.
Es wird die Genehmigung erteilt, dieses Dokument unter den Bedingungen der GNU Free Documentation License, Version 1.2 oder (optional) Version 1.3 zu vervielfältigen, zu verbreiten und/oder zu verändern; die unveränderlichen Abschnitte hierbei sind der Urheberrechtshinweis und die Lizenzbedingungen. Eine Kopie dieser Lizenz (Version 1.2) finden Sie im Abschnitt “GNU Free Documentation License”.
Die SUSE-Marken finden Sie unter http://www.suse.com/company/legal/. Alle anderen Marken von Drittanbietern sind Besitz ihrer jeweiligen Eigentümer. Markensymbole (®, ™ usw.) kennzeichnen Marken von SUSE und der Tochtergesellschaften. Sternchen (*) kennzeichnen Marken von Drittanbietern.
Alle Informationen in diesem Buch wurden mit größter Sorgfalt zusammengestellt. Doch auch dadurch kann hundertprozentige Richtigkeit nicht gewährleistet werden. Weder SUSE LLC noch ihre Tochtergesellschaften noch die Autoren noch die Übersetzer können für mögliche Fehler und deren Folgen haftbar gemacht werden.