[ClusterLabs] Lost access with the volume while ZFS and other resources migrate to other node (reset VM)
Vladislav Bogdanov
bubble at hoster-ok.com
Wed Apr 5 11:04:25 EDT 2023
Ah, and yes, it is for iptables, not for nft or firewalld. Could be easily
fixed though.
And RA expects target chains to be pre-created.
Vladislav Bogdanov <bubble at hoster-ok.com> 5 апреля 2023 г. 14:53:35 написал:
> Please find attached.
> I use it the following way:
>
> primitive vip-10-5-4-235 ocf:my-org:IPaddr2 \
> params ip="10.5.4.235" cidr_netmask="24" \
> op start interval="0" timeout="20" \
> op stop interval="0" timeout="20" \
> op monitor interval="30" timeout="20"
> primitive vip-10-5-4-235-fw ocf:my-org:VIPfirewall \
> params vip="10.5.4.235" allow_action="pass" \
> input_chain="_ISCSI_INPUT" output_chain="_ISCSI_OUTPUT" \
> op start interval="0" timeout="30" \
> op stop interval="0" timeout="60" \
> op monitor interval="30" timeout="10" role="Master" \
> op monitor interval="15" timeout="10" role="Slave"
> primitive vip-10-5-4-236 ocf:my-org:IPaddr2 \
> params ip="10.5.4.236" cidr_netmask="24" \
> op start interval="0" timeout="20" \
> op stop interval="0" timeout="20" \
> op monitor interval="30" timeout="20"
> primitive vip-10-5-4-236-fw ocf:my-org:VIPfirewall \
> params vip="10.5.4.236" allow_action="pass" \
> input_chain="_ISCSI_INPUT" output_chain="_ISCSI_OUTPUT" \
> op start interval="0" timeout="30" \
> op stop interval="0" timeout="60" \
> op monitor interval="30" timeout="10" role="Master" \
> op monitor interval="15" timeout="10" role="Slave"
> group c01-pool-0-iscsi-vips vip-10-5-4-235 vip-10-5-4-236
> group c01-pool-0-iscsi-vips-fw vip-10-5-4-235-fw vip-10-5-4-236-fw
> ms ms-c01-pool-0-iscsi-vips-fw c01-pool-0-iscsi-vips-fw \
> meta master-max="1" master-node-max="1" clone-max="2" \
> clone-node-max="1" notify="false" interleave="true" \
> target-role="Master"
> colocation c01-pool-0-iscsi-vips-fw-with-vips inf: \
> ms-c01-pool-0-iscsi-vips-fw:Master \
> c01-pool-0-iscsi-vips:Started
> order c01-pool-0-iscsi-vips-fw-after-target inf: iscsi-export:start \
> ms-c01-pool-0-iscsi-vips-fw:promote
> order c01-pool-0-iscsi-vips-fw-after-vips inf: \
> c01-pool-0-iscsi-vips:start \
> ms-c01-pool-0-iscsi-vips-fw:promote
>
> On Wed, 2023-04-05 at 07:17 +0300, Александр via Users wrote:
>> What is this agent? For iscsitarget, I only found portblock RA, in
>> the linstor manual. Can you share the agent and setup instructions?>
>> Среда, 5 апреля 2023, 6:09 +10:00 от Vladislav Bogdanov
>> <bubble at hoster-ok.com>:
>> >
>> > I know that uscsi initiators are very sensible to connection drops.
>> > That's why in all my setups with iscsi I use a special m/s resource
>> > agent which in a slave mode drops all packets to/from portals. That
>> > prevents initiators from receiving FIN packets from the target when
>> > it migrates, and they usually behave much better. I can share that
>> > RA and setup instructions if that is interesting to someone.
>>
>>
>> --
>> С уважением,
>> Александр Волков
>>
>> _______________________________________________
>> Manage your subscription:
>> https://lists.clusterlabs.org/mailman/listinfo/users
>>
>> ClusterLabs home: https://www.clusterlabs.org/
>
>
>
>
> ----------
> _______________________________________________
> Manage your subscription:
> https://lists.clusterlabs.org/mailman/listinfo/users
>
> ClusterLabs home: https://www.clusterlabs.org/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clusterlabs.org/pipermail/users/attachments/20230405/2d1698c6/attachment.htm>
More information about the Users
mailing list