[Pacemaker] Pacemaker and LDAP (389 Directory Service)

Wed Jun 8 07:41:51 UTC 2011

Hi,

On Tue, Jun 07, 2011 at 06:51:42PM +0000, veghead wrote:
> I'm trying to setup a pair of LDAP servers running 389 (formerly Fedora DS) in 
> high availability using Pacemaker with a floating IP. In addition, 389 supports 
> multi-master replication, where all changes on one node are automatically 
> replicated on one or more other nodes.
> 
> I'm fairly close to having everything working. Failover works just fine. And 
> multi-master replication works fine. However, my current Pacemaker config stops 
> the directory service on the non-active node. Which means that the backup node 
> is not receiving replication data from the other node.
> 
> What is the right way to setup Pacemaker so that:
> 
> 1) LDAP directory services are always running on both nodes
> 2) Floating IP is assigned to one of the nodes
> 3) Failover occurs if the master node dies or LDAP service stops running on the 
> master
> 
> Initially, my Pacemaker config looked like the following:
> 
> ---snip---
> property stonith-enabled=false
> property no-quorum-policy=ignore
> 
> rsc_defaults resource-stickiness=100
> 
> primitive elastic_ip lsb:elastic-ip op monitor interval="10s"
> primitive dirsrv lsb:dirsrv op monitor interval="10s"
> order dirsrv-after-eip inf: elastic_ip dirsrv
> colocation dirsrv-with-eip inf: dirsrv elastic_ip
> ---snip---
> 
> I then explored using Pacemaker clones:
> 
> ---snip---
> property stonith-enabled=false
> property no-quorum-policy=ignore
> 
> rsc_defaults resource-stickiness=100
> 
> primitive elastic_ip lsb:elastic-ip op monitor interval="10s"
> primitive ldap lsb:dirsrv op monitor interval="15s" role="Slave" timeout="10s" 
> op monitor interval="16s" role="Master" timeout="10s"
> 
> ms ldap-clone ldap meta master-max=1 master-node-max=1 clone-max=3 clone-node-
> max=1 notify-true

lsb:dirsrv doesn't understand master/slave. That's OK, none of
LSB agents do. You can only try to use clones (clone ldap-clone
ldap ...).

Thanks,

Dejan

> colocation ldap-with-eip inf: elastic_ip ldap-clone:Master
> order eip-after-promote inf: ldap-clone:promote elastic_ip:start
> order ldap-after-eip inf: elastic_ip ldap-clone
> ---snip---
> 
> Unfortunately, that doesn't quite work. pengine complains that "ldap-clone: 
> Promoted 0 instances of a possible 1 to master" and then stops the LDAP service. 
> I'm sure I'm missing something simple... any suggestions would be greatly 
> appreciated.
> 
> 
> _______________________________________________
> Pacemaker mailing list: Pacemaker at oss.clusterlabs.org
> http://oss.clusterlabs.org/mailman/listinfo/pacemaker
> 
> Project Home: http://www.clusterlabs.org
> Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf
> Bugs: http://developerbugs.linux-foundation.org/enter_bug.cgi?product=Pacemaker