[ClusterLabs] how to connect to the cluster from a docker container

Dejan Muhamedagic dejanmm at fastmail.fm
Wed Aug 7 08:36:24 EDT 2019 

Hi,

On Tue, Aug 06, 2019 at 01:36:49PM +0200, Jan Pokorný wrote:
> Hello Dejan,
> 
> nice to see you around,
> 
> On 06/08/19 10:37 +0200, Dejan Muhamedagic wrote:
> > Hawk runs in a docker container on one of the cluster nodes (the
> > nodes run Debian and apparently it's rather difficult to install
> > hawk on a non-SUSE distribution, hence docker). Now, how to
> > connect to the cluster? Hawk uses the pacemaker command line
> > tools such as cibadmin. I have a vague recollection that there is
> > a way to connect over tcp/ip, but, if that is so, I cannot find
> > any documentation about it.
> [...]
> 2. use modern enough libqb (v1.0.2+) and use
> 
>      touch /etc/libqb/force-filesystem-sockets
> 
>    on both host and within the container (assuming those two locations
>    are fully disjoint, i.e., not an overlay-based reuse), you should
>    then be able to share the respective reified sockets simply by
>    sharing the pertaining directory (normally /var/run it seems)
> 
>    - if indeed a directory as generic as /var/run is involved,
>      it may also lead to unexpected interferences, so the more
>      minimalistic the container is, the better I think
>      (or you can recompile libqb and play with path mapping
>      in container configuration to achieve smoother plug-in)
> 
> Then, pacemaker utilities would hopefully work across the container
> boundaries just as if they were fully native, hence hawk shall as
> well.
> 
> Let us know how far you'll get and where we can colletively join you
> in your attempts, I don't think we had such experience disseminated
> here.  I know for sure I haven't ever tried this in practice, some
> one else here could have.  Also, there may be a lot of fun with various
> Linux Security Modules like SELinux.

pacemakerd is not happy with the filesystem sockets:

Aug 07 14:12:26 alpaca1-pc pacemakerd          [7606] (crm_ipc_connect) 	debug: Could not establish pacemakerd connection: No such file or directory (2)
Aug 07 14:12:26 alpaca1-pc pacemakerd          [7606] (qb_ipcc_disconnect) 	debug: qb_ipcc_disconnect()
Aug 07 14:12:26 alpaca1-pc pacemakerd          [7606] (mcp_read_config) 	info: cmap connection setup failed: CS_ERR_NOT_EXIST .  Retrying in 1s
...
Aug  7 14:12:41 alpaca1-pc pacemakerd[7606]: Could not connect to Cluster Config uration Database API, error 12

Apparently, it fails to connect to corosync.

Any ideas?

Cheers,

Dejan

More information about the Users mailing list