6.3. Containers as Guest Nodes
Containers,
and in particular Linux containers (LXC) and Docker, have become a popular method of isolating services in a resource-efficient manner.
The preferred means of integrating containers into Pacemaker is as a cluster resource, whether opaque or using Pacemaker’s bundle resource type.
However, it is possible to run pacemaker_remote
inside a container, following the process for guest nodes. This is not recommended but can be useful, for example, in testing scenarios, to simulate a large number of guest nodes.
The configuration process is very similar to that described for guest nodes using virtual machines. Key differences:
The underlying host must install the libvirt driver for the desired container technology — for example, the
libvirt-daemon-lxc
package to get the
libvirt-lxc driver for LXC containers.
Libvirt XML definitions must be generated for the containers. The pacemaker-cts
package includes a script for this purpose, /usr/share/pacemaker/tests/cts/lxc_autogen.sh
. Run it with the --help
option for details on how to use it. It is intended for testing purposes only, and hardcodes various parameters that would need to be set appropriately in real usage. Of course, you can create XML definitions manually, following the appropriate libvirt driver documentation.
To share the authentication key, either share the host’s /etc/pacemaker
directory with the container, or copy the key into the container’s filesystem.
The VirtualDomain resource for a container will need force_stop="true" and an appropriate hypervisor option, for example hypervisor="lxc:///" for LXC containers.