Product SiteDocumentation Site

Capitolo 9. Configurazione avanzata

Indice

9.1. Connecting from a Remote Machine
9.2. Specificare tempistiche per le azioni ricorrenti
9.3. Spostare le risorse
9.3.1. Intervenire manualmente
9.3.2. Spostare risorse in seguito ad un fallimento
9.3.3. Spostare le risorse in base a variazioni della connettività
9.3.4. Migrazione delle risorse
9.4. Riutilizzare regole, opzioni e set di operazioni
9.5. Effettuare il reload dei servizi dopo una variazione della definizione

9.1. Connecting from a Remote Machine

Provided Pacemaker is installed on a machine, it is possible to connect to the cluster even if the machine itself is not in the same cluster. To do this, one simply sets up a number of environment variables and runs the same commands as when working on a cluster node.

Tabella 9.1. Variabili d'ambiente utilizzate per connettersi ad istanze remote del CIB

Variabile d'ambiente Descrizione
CIB_user
The user to connect as. Needs to be part of the hacluster group on the target host. Defaults to $USER.
CIB_passwd
The user’s password. Read from the command line if unset.
CIB_server
The host to contact. Defaults to localhost.
CIB_port
The port on which to contact the server; required.
CIB_encrypted
Encrypt network traffic; defaults to true.

So, if c001n01 is an active cluster node and is listening on 1234 for connections, and someguy is a member of the hacluster group, then the following would prompt for someguy's password and return the cluster’s current configuration:
# export CIB_port=1234; export CIB_server=c001n01; export CIB_user=someguy;
# cibadmin -Q
For security reasons, the cluster does not listen for remote connections by default. If you wish to allow remote access, you need to set the remote-tls-port (encrypted) or remote-clear-port (unencrypted) top-level options (ie., those kept in the cib tag, like num_updates and epoch).

Tabella 9.2. Opzioni top-level extra per l'accesso remoto

Campo Descrizione
remote-tls-port
Listen for encrypted remote connections on this port. Default: none
remote-clear-port
Listen for plaintext remote connections on this port. Default: none