[ClusterLabs Developers] Problem with fence_virsh in RHEL 6 - selinux denial

Digimer lists at alteeve.ca
Thu Sep 10 03:15:02 UTC 2015


I've created an rhbz:

https://bugzilla.redhat.com/show_bug.cgi?id=1261711

digimer

On 08/09/15 11:04 PM, Digimer wrote:
> ere is my cluster.conf, in case it matters:
> 
> ====
> [root at node1 ~]# cat /etc/cluster/cluster.conf
> <?xml version="1.0"?>
> <cluster name="ccrs" config_version="1">
> 	<cman expected_votes="1" two_node="1" />
> 	<clusternodes>
> 		<clusternode name="node1.ccrs.bcn" nodeid="1">
> 			<altname name="node1.sn" />
> 			<fence>
> 				<method name="kvm">
> 					<device name="kvm_host" port="an-a02n01" delay="15" action="reboot" />
> 				</method>
> 			</fence>
> 		</clusternode>
> 		<clusternode name="node2.ccrs.bcn" nodeid="2">
> 			<altname name="node2.sn" />
> 			<fence>
> 				<method name="kvm">
> 					<device name="kvm_host" port="an-a02n02" action="reboot" />
> 				</method>
> 			</fence>
> 		</clusternode>
> 	</clusternodes>
> 	<fencedevices>
> 		<fencedevice name="kvm_host" agent="fence_virsh"
> ipaddr="192.168.122.1" login="root" passwd="it's a secret" />
> 	</fencedevices>
> 	<fence_daemon post_join_delay="30" />
> 	<totem rrp_mode="active" secauth="off"/>
> 	<rm log_level="5">
> 		<resources>
> 			<script file="/etc/init.d/drbd" name="drbd"/>
> 			<script file="/etc/init.d/wait-for-drbd" name="wait-for-drbd"/>
> 			<script file="/etc/init.d/clvmd" name="clvmd"/>
> 			<clusterfs device="/dev/node1_vg0/shared" force_unmount="1"
> fstype="gfs2" mountpoint="/shared" name="sharedfs" />
> 			<script file="/etc/init.d/libvirtd" name="libvirtd"/>
> 		</resources>
> 		<failoverdomains>
> 			<failoverdomain name="only_n01" nofailback="1" ordered="0"
> restricted="1">
> 				<failoverdomainnode name="node1.ccrs.bcn"/>
> 			</failoverdomain>
> 			<failoverdomain name="only_n02" nofailback="1" ordered="0"
> restricted="1">
> 				<failoverdomainnode name="node2.ccrs.bcn"/>
> 			</failoverdomain>
> 			<failoverdomain name="primary_n01" nofailback="1" ordered="1"
> restricted="1">
> 				<failoverdomainnode name="node1.ccrs.bcn" priority="1"/>
> 				<failoverdomainnode name="node2.ccrs.bcn" priority="2"/>
> 			</failoverdomain>
> 			<failoverdomain name="primary_n02" nofailback="1" ordered="1"
> restricted="1">
> 				<failoverdomainnode name="node1.ccrs.bcn" priority="2"/>
> 				<failoverdomainnode name="node2.ccrs.bcn" priority="1"/>
> 			</failoverdomain>
> 		</failoverdomains>
> 		<service name="storage_n01" autostart="1" domain="only_n01"
> exclusive="0" recovery="restart">
> 			<script ref="drbd">
> 				<script ref="wait-for-drbd">
> 					<script ref="clvmd">
> 						<clusterfs ref="sharedfs"/>
> 					</script>
> 				</script>
> 			</script>
> 		</service>
> 		<service name="storage_n02" autostart="1" domain="only_n02"
> exclusive="0" recovery="restart">
> 			<script ref="drbd">
> 				<script ref="wait-for-drbd">
> 					<script ref="clvmd">
> 						<clusterfs ref="sharedfs"/>
> 					</script>
> 				</script>
> 			</script>
> 		</service>
> 		<service name="libvirtd_n01" autostart="1" domain="only_n01"
> exclusive="0" recovery="restart">
> 			<script ref="libvirtd"/>
> 		</service>
> 		<service name="libvirtd_n02" autostart="1" domain="only_n02"
> exclusive="0" recovery="restart">
> 			<script ref="libvirtd"/>
> 		</service>
> 	</rm>
> </cluster>
> ====


-- 
Digimer
Papers and Projects: https://alteeve.ca/w/
What if the cure for cancer is trapped in the mind of a person without
access to education?




More information about the Developers mailing list