9.1. Conectarea de pe o Maşină la Distanţă
Provided Pacemaker is installed on a machine, it is possible to connect to the cluster even if the machine itself is not in the same cluster. To do this, one simply sets up a number of environment variables and runs the same commands as when working on a cluster node.
Tabel 9.1. Variabile de Mediu Folosite pentru Conectare la Instanţe la Distanţă ale CIB-ului
Environment Variable
|
Descriere
|
---|
CIB_user
|
The user to connect as. Needs to be part of the hacluster group on the target host. Defaults to $USER.
|
CIB_passwd
|
The user’s password. Read from the command line if unset.
|
CIB_server
|
The host to contact. Defaults to localhost.
|
CIB_port
|
The port on which to contact the server; required.
|
CIB_encrypted
|
Encrypt network traffic; defaults to true.
|
So, if c001n01
is an active cluster node and is listening on 1234
for connections, and someguy
is a member of the hacluster
group, then the following would prompt for someguy
's password and return the cluster’s current configuration:
# export CIB_port=1234; export CIB_server=c001n01; export CIB_user=someguy;
# cibadmin -Q
Din motive de securitate, clusterul nu ascultă pentru conexiuni la distanţă în mod implicit. Dacă doriţi să permiteţi accesul de la distanţă, trebuie să setaţi opţiunile primare remote-tls-port
(criptat) sau remote-clear-port
(necriptat) (ex. acelea stocate în tag-ul cib, precum num_updates
şi epoch
).
Tabel 9.2. Extra top-level CIB options for remote access
Câmp
|
Descriere
|
---|
remote-tls-port
|
Listen for encrypted remote connections on this port. Default: none
|
remote-clear-port
|
Listen for plaintext remote connections on this port. Default: none
|