Hi Kevin,<br><br><div class="gmail_quote">On Tue, May 24, 2011 at 9:12 AM, Kevin Stevenard <span dir="ltr"><<a href="mailto:kstevenard@gmail.com">kstevenard@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div><br></div><div>Because by default on my asymmetric cluster I saw that the op monitor action is only executed on the node where the resource is currently running, and when a user start manually (not through the crm) the same resource on another node pacemaker won't see it because it is not executing the op monitor on all nodes that are potentially able to run the resource.</div>
</blockquote><div><br></div><div>This makes complete sense. If pacemaker didn't start a resource, how is it expected to know to manage that resource?</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div><br></div><div>Am I obliged to write my own RA with a master/slave or primary/secondary knowledge to be sure that the resource is active only at one place at a time?</div>
<div><br></div></blockquote><div><br></div><div>Really, it seems the only obligation is to not allow a user to have shell access on your cluster nodes if they can't understand the concept of what a cluster is and won't listen to you when you explain to them that they must not start resources on their own just because they feel like it. It takes very little time to teach a user how to run 'crm status' or to show them a simple web page that will show them the status of all cluster resouces, so they can tell for themselves that the service they're about to start is already running (see the -h switch for crm_mon and imagine how you can have an apache resource that runs to show the web page it outputs).</div>
<div><br></div><div>If a user doesn't understand what is really a pretty simple concept ("we run a cluster suite and it starts/stops these particular resources itself, so don't ever, ever touch them unless told to do so"), then it's pretty dangerous to let them onto the cluster nodes in the first place, no? Do you have the option of changing permissions so that the users can't start the resource, can't execute the scripts/binaries required, and instead only the cluster suite, the root user, and perhaps a trusted admin or two can?</div>
<div><br></div><div>Regards,</div><div>Mark</div></div>