[Pacemaker] How to ensure that a resource is only running at one place?

mark - pacemaker list m+pacemaker at nerdish.us
Tue May 24 20:30:20 EDT 2011 

Hi Kevin,

On Tue, May 24, 2011 at 9:12 AM, Kevin Stevenard <kstevenard at gmail.com>wrote:

>
> Because by default on my asymmetric cluster I saw that the op monitor
> action is only executed on the node where the resource is currently running,
> and when a user start manually (not through the crm) the same resource on
> another node pacemaker won't see it because it is not executing the op
> monitor on all nodes that are potentially able to run the resource.
>

This makes complete sense.  If pacemaker didn't start a resource, how is it
expected to know to manage that resource?


>
> Am I obliged to write my own RA with a master/slave or primary/secondary
> knowledge to be sure that the resource is active only at one place at a
> time?
>
>
Really, it seems the only obligation is to not allow a user to have shell
access on your cluster nodes if they can't understand the concept of what a
cluster is and won't listen to you when you explain to them that they must
not start resources on their own just because they feel like it.  It takes
very little time to teach a user how to run 'crm status' or to show them a
simple web page that will show them the status of all cluster resouces, so
they can tell for themselves that the service they're about to start is
already running (see the -h switch for crm_mon and imagine how you can have
an apache resource that runs to show the web page it outputs).

If a user doesn't understand what is really a pretty simple concept ("we run
a cluster suite and it starts/stops these particular resources itself, so
don't ever, ever touch them unless told to do so"), then it's pretty
dangerous to let them onto the cluster nodes in the first place, no?  Do you
have the option of changing permissions so that the users can't start the
resource, can't execute the scripts/binaries required, and instead only the
cluster suite, the root user, and perhaps a trusted admin or two can?

Regards,
Mark
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clusterlabs.org/pipermail/pacemaker/attachments/20110524/e685e807/attachment-0003.html>

More information about the Pacemaker mailing list