[Pacemaker] authentication in the cluster

Christine Caulfield ccaulfie at redhat.com
Thu Jan 29 04:44:41 EST 2015

On 27/01/15 17:20, Kostiantyn Ponomarenko wrote:
> Hi Chrissie,
> I know that this setup it crazy thing =)
> First of all I needed to say - think about each two-node cluster as one box
> with two nodes.
>> You can't connect clusters together like that.
> I know that.
>> All nodes in the cluster have just 1 authkey file.
> That is true. But in this example there are two clusters, each of them have
> its own auth key.
>> What you have there is not a ring, it's err, a linked-cross?!
> Yep, I showed the wrong way of connecting two clusters.
>> Why do you need to connect the two clusters together - is it for failover?
> No, it is not. I really don't (and won't) connect them in that way. It
> wrong.
> But, in real life those two clusters will be standing (physically, in the
> same room, in the same rack) pretty close to each other.
> And my concern is - if someone do that connection by a mistake. What will
> be in that situation?
> What I would like to get in that situation, is something which prevent
> simultaneous work of two nodes in one cluster - because it will cause data
> corruption.

Oh I see! Sorry, I thought that was a deliberate installation plan - I'm
pleased to hear that it's not :)

What will happen if the clusters do get connected is that you will just
get a lot of errors printed to syslog as corosync rejects the messages
with the wrong authkey. Your data will be safe but you might get some
slowdown. If that slowdown is severe (maybe both clusters are very busy)
there is a small chance that it might cause a fencing action.

I hope this helps


More information about the Pacemaker mailing list