[ClusterLabs] Coming in Pacemaker 2.0.5: better start-up/shutdown coordination with sbd

[Ken Gaillot]

Hi all,

Looking ahead to the Pacemaker 2.0.5 release expected toward the end of
this year, we will have improvements of interest to anyone running
clusters with sbd.

Previously at start-up, if sbd was blocked from contacting Pacemaker's
CIB in a way that looked like pacemaker wasn't running (SELinux being a
good example), pacemaker would run resources without protection from
sbd. Now, if sbd is running, pacemaker will wait until sbd contacts it
before it will start any resources, so the cluster is protected in this
situation.

Additionally, sbd will now periodically contact the main pacemaker
daemon for a status report. Currently, this is just an immediate
response, but it ensures that the main pacemaker daemon is responsive
to IPC requests. This is a bit more assurance that pacemaker is not
only running, but functioning properly. In future versions, we will
have even more in-depth health checks as part of this feature.

Previously at shutdown, sbd determined a clean pacemaker shutdown by
checking whether any resources were running at shutdown. This would
lead to sbd fencing if pacemaker shut down in maintenance mode with
resources active. Now, sbd will determine clean shutdowns as part of
the status report described above, avoiding that situation.

These behaviors will be controlled by a new option in
/etc/sysconfig/sbd or /etc/default/sbd, SBD_SYNC_RESOURCE_STARTUP. This
defaults to "no" for backward compatibility when a newer sbd is used
with an older pacemaker or vice versa. Distributions may change the
value to "yes" since they can ensure both sbd and pacemaker versions
support it; users who build their own installations can set it
themselves if both versions support it.
-- 
Ken Gaillot <kgaillot at redhat.com>