[Pacemaker] Pacemaker and LDAP (389 Directory Service)

veghead sean at studyblue.com
Tue Jun 7 18:51:42 UTC 2011 

I'm trying to setup a pair of LDAP servers running 389 (formerly Fedora DS) in 
high availability using Pacemaker with a floating IP. In addition, 389 supports 
multi-master replication, where all changes on one node are automatically 
replicated on one or more other nodes.

I'm fairly close to having everything working. Failover works just fine. And 
multi-master replication works fine. However, my current Pacemaker config stops 
the directory service on the non-active node. Which means that the backup node 
is not receiving replication data from the other node.

What is the right way to setup Pacemaker so that:

1) LDAP directory services are always running on both nodes
2) Floating IP is assigned to one of the nodes
3) Failover occurs if the master node dies or LDAP service stops running on the 
master

Initially, my Pacemaker config looked like the following:

---snip---
property stonith-enabled=false
property no-quorum-policy=ignore

rsc_defaults resource-stickiness=100

primitive elastic_ip lsb:elastic-ip op monitor interval="10s"
primitive dirsrv lsb:dirsrv op monitor interval="10s"
order dirsrv-after-eip inf: elastic_ip dirsrv
colocation dirsrv-with-eip inf: dirsrv elastic_ip
---snip---

I then explored using Pacemaker clones:

---snip---
property stonith-enabled=false
property no-quorum-policy=ignore

rsc_defaults resource-stickiness=100

primitive elastic_ip lsb:elastic-ip op monitor interval="10s"
primitive ldap lsb:dirsrv op monitor interval="15s" role="Slave" timeout="10s" 
op monitor interval="16s" role="Master" timeout="10s"

ms ldap-clone ldap meta master-max=1 master-node-max=1 clone-max=3 clone-node-
max=1 notify-true

colocation ldap-with-eip inf: elastic_ip ldap-clone:Master
order eip-after-promote inf: ldap-clone:promote elastic_ip:start
order ldap-after-eip inf: elastic_ip ldap-clone
---snip---

Unfortunately, that doesn't quite work. pengine complains that "ldap-clone: 
Promoted 0 instances of a possible 1 to master" and then stops the LDAP service. 
I'm sure I'm missing something simple... any suggestions would be greatly 
appreciated.

More information about the Pacemaker mailing list