<div dir="ltr"><div><div>Hi,<br>I did a small research on the scripts<br><br>/usr/sbin/fence_vbox<br>def main():<br>...<br>conn = fence_login(options)<br></div><br></div>The fence_loging is scripted in the fencing.py and it should invoke function: _login_ssh_with_identity_file <div><div><br>/usr/share/fence/fencing.py<br>def _login_ssh_with_identity_file:<br>...<br>command = '%s %s %s@%s -i %s -p %s' % \<br> (options["--ssh-path"], force_ipvx, options["--username"], options["--ip"], \<br> options["--identity-file"], options["--ipport"])<br><br></div><div>There are username and ip parameter used here (not login and ipaddr as in fence description) so I used:<br></div><div><br>pcs stonith create vbox-fencing fence_vbox ip=10.0.2.2 username=AW23321 identity_file=/root/.ssh/id_rsa host_os=windows vboxmanage_path="/cygdrive/c/Program\ Files/Oracle/VirtualBox/VBoxManage" pcmk_host_map="nfsnode1:centos1;nfsnode2:centos2" ssh=true inet4_only=true op monitor interval=5 -force<br><br>I still got the same warning in messages:<br>Jul 7 07:52:24 nfsnode1 stonith-ng[6244]: warning: fence_vbox[21564] stderr: [ Unable to connect/login to fencing device ]<br>Jul 7 07:52:24 nfsnode1 stonith-ng[6244]: warning: fence_vbox[21564] stderr: [ ]<br>Jul 7 07:52:24 nfsnode1 stonith-ng[6244]: warning: fence_vbox[21564] stderr: [ ]<br><br></div><div>"Standalone" test is working with the same parameters:<br></div><div>[root@nfsnode1 nfsinfo]# fence_vbox --ip 10.0.2.2 --username=AW23321 --identity-file=/root/.ssh/id_rsa --plug=centos2 --host-os=windows --action=status --vboxmanage-path="/cygdrive/c/Program\ Files/Oracle/VirtualBox/VBoxManage" -4 -x<br>Status: ON<br><br></div><div>I could use more debug in the scripts.<br><br></div></div></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div>Pozdrawiam,<br>Arek</div></div></div></div>
<br><div class="gmail_quote">2017-07-06 17:31 GMT+02:00 Ken Gaillot <span dir="ltr"><<a href="mailto:kgaillot@redhat.com" target="_blank">kgaillot@redhat.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="HOEnZb"><div class="h5">On 07/06/2017 10:29 AM, Ken Gaillot wrote:<br>
> On 07/06/2017 10:13 AM, ArekW wrote:<br>
>> Hi,<br>
>><br>
>> It seems that my the fence_vbox is running but there are errors in<br>
>> logs every few minutes like:<br>
>><br>
>> Jul 6 12:51:12 nfsnode1 fence_vbox: Unable to connect/login to fencing device<br>
>> Jul 6 12:51:13 nfsnode1 stonith-ng[7899]: warning: fence_vbox[30220]<br>
>> stderr: [ Unable to connect/login to fencing device ]<br>
>> Jul 6 12:51:13 nfsnode1 stonith-ng[7899]: warning: fence_vbox[30220]<br>
>> stderr: [ ]<br>
>> Jul 6 12:51:13 nfsnode1 stonith-ng[7899]: warning: fence_vbox[30220]<br>
>> stderr: [ ]<br>
>><br>
>> Eventually after fome time the pcs status shows Failed Actions:<br>
>><br>
>> # pcs status --full<br>
>> Cluster name: nfscluster<br>
>> Stack: corosync<br>
>> Current DC: nfsnode1 (1) (version 1.1.15-11.el7_3.5-e174ec8) -<br>
>> partition with quorum<br>
>> Last updated: Thu Jul 6 13:02:52 2017 Last change: Thu Jul<br>
>> 6 13:00:33 2017 by root via crm_resource on nfsnode1<br>
>><br>
>> 2 nodes and 11 resources configured<br>
>><br>
>> Online: [ nfsnode1 (1) nfsnode2 (2) ]<br>
>><br>
>> Full list of resources:<br>
>><br>
>> Master/Slave Set: StorageClone [Storage]<br>
>> Storage (ocf::linbit:drbd): Master nfsnode1<br>
>> Storage (ocf::linbit:drbd): Master nfsnode2<br>
>> Masters: [ nfsnode1 nfsnode2 ]<br>
>> Clone Set: dlm-clone [dlm]<br>
>> dlm (ocf::pacemaker:controld): Started nfsnode1<br>
>> dlm (ocf::pacemaker:controld): Started nfsnode2<br>
>> Started: [ nfsnode1 nfsnode2 ]<br>
>> vbox-fencing (stonith:fence_vbox): Started nfsnode1<br>
>> Clone Set: ClusterIP-clone [ClusterIP] (unique)<br>
>> ClusterIP:0 (ocf::heartbeat:IPaddr2): Started nfsnode1<br>
>> ClusterIP:1 (ocf::heartbeat:IPaddr2): Started nfsnode2<br>
>> Clone Set: StorageFS-clone [StorageFS]<br>
>> StorageFS (ocf::heartbeat:Filesystem): Started nfsnode1<br>
>> StorageFS (ocf::heartbeat:Filesystem): Started nfsnode2<br>
>> Started: [ nfsnode1 nfsnode2 ]<br>
>> Clone Set: WebSite-clone [WebSite]<br>
>> WebSite (ocf::heartbeat:apache): Started nfsnode1<br>
>> WebSite (ocf::heartbeat:apache): Started nfsnode2<br>
>> Started: [ nfsnode1 nfsnode2 ]<br>
>><br>
>> Failed Actions:<br>
>> * vbox-fencing_start_0 on nfsnode1 'unknown error' (1): call=157,<br>
>> status=Error, exitreason='none',<br>
>> last-rc-change='Thu Jul 6 13:58:04 2017', queued=0ms, exec=11947ms<br>
>> * vbox-fencing_start_0 on nfsnode2 'unknown error' (1): call=57,<br>
>> status=Error, exitreason='none',<br>
>> last-rc-change='Thu Jul 6 13:58:16 2017', queued=0ms, exec=11953ms<br>
>><br>
>> The fence was created with command:<br>
>> pcs -f stonith_cfg stonith create vbox-fencing fence_vbox ip=10.0.2.2<br>
>> ipaddr=10.0.2.2 login=AW23321 username=AW23321<br>
>> identity_file=/root/.ssh/id_<wbr>rsa host_os=windows<br>
>> pcmk_host_check=static-list pcmk_host_list="centos1 centos2"<br>
>> vboxmanage_path="/cygdrive/c/<wbr>Program\<br>
>> Files/Oracle/VirtualBox/<wbr>VBoxManage" op monitor interval=5<br>
>><br>
>> where centos1 and centos2 are VBox machines names (not hostnames). I<br>
>> used duplicated login/username parameters as it is indicated as<br>
>> required in stonith description fence_vbox.<br>
>><br>
>> Then I updated the configuration and set:<br>
>><br>
>> pcs stonith update vbox-fencing pcmk_host_list="nfsnode1 nfsnode2"<br>
>> pcs stonith update vbox-fencing<br>
>> pcmk_host_map="nfsnode1:<wbr>centos1;nfsnode2:centos2"<br>
>><br>
>> where nfsnode1 and nfsnode2 are the hostnames<br>
>><br>
>> I'not sure which config is correct but both shows Failed Actions after<br>
>> some time.<br>
><br>
> You only need one of pcmk_host_list or pcmk_host_map. Use pcmk_host_list<br>
> if fence_vbox recognizes the node names used by the cluster, or<br>
> pcmk_host_map if fence_vbox knows the nodes by other names. In this<br>
> case, it looks like you want to tell fence_vbox to use "centos2" when<br>
> the cluster wants to fence nfsnode2, so your pcmk_host_map is the right<br>
> choice.<br>
><br>
>> I've successfully tested the fence connection to the VBox host with:<br>
>> fence_vbox --ip 10.0.2.2 --username=AW23321<br>
>> --identity-file=/root/.ssh/id_<wbr>rsa --plug=centos2 --host-os=windows<br>
>> --action=status --vboxmanage-path="/cygdrive/<wbr>c/Program\<br>
>> Files/Oracle/VirtualBox/<wbr>VBoxManage"<br>
>><br>
>> Why the above configuration work as standalone command and does not<br>
>> work in pcs ?<br>
> Two main possibilities: you haven't expressed those identical options in<br>
> the cluster configuration correctly; or, you have some permissions on<br>
> the command line that the cluster doesn't have (maybe SELinux, or file<br>
> permissions, or ...).<br>
<br>
</div></div>Forgot one other possibility: the status shows that the *start* action<br>
is what failed, not a fence action. Check the fence_vbox source code to<br>
see what start does, and try to do that manually step by step.<br>
<div class="HOEnZb"><div class="h5"><br>
______________________________<wbr>_________________<br>
Users mailing list: <a href="mailto:Users@clusterlabs.org">Users@clusterlabs.org</a><br>
<a href="http://lists.clusterlabs.org/mailman/listinfo/users" rel="noreferrer" target="_blank">http://lists.clusterlabs.org/<wbr>mailman/listinfo/users</a><br>
<br>
Project Home: <a href="http://www.clusterlabs.org" rel="noreferrer" target="_blank">http://www.clusterlabs.org</a><br>
Getting started: <a href="http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf" rel="noreferrer" target="_blank">http://www.clusterlabs.org/<wbr>doc/Cluster_from_Scratch.pdf</a><br>
Bugs: <a href="http://bugs.clusterlabs.org" rel="noreferrer" target="_blank">http://bugs.clusterlabs.org</a><br>
</div></div></blockquote></div><br></div>