{"id":7297,"date":"2018-03-31T08:54:57","date_gmt":"2018-03-31T00:54:57","guid":{"rendered":"http:\/\/rmohan.com\/?p=7297"},"modified":"2018-03-31T08:54:57","modified_gmt":"2018-03-31T00:54:57","slug":"centos-7-cluster","status":"publish","type":"post","link":"https:\/\/mohan.sg\/?p=7297","title":{"rendered":"centos 7 cluster"},"content":{"rendered":"

[root@clusterserver1 ~]# cat \/etc\/hosts
\n127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
\n::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
\n192.168.1.20 clusterserver1.rmohan.com clusterserver1
\n192.168.1.21 clusterserver2.rmohan.com clusterserver2
\n192.168.1.22 clusterserver3.rmohan.com clusterserver3<\/p>\n

perl -pi.orig -e ‘s\/SELINUX=enforcing\/SELINUX=permissive\/g’ \/etc\/selinux\/config<\/p>\n

setenforce 0<\/p>\n

timedatectl status<\/p>\n

yum install -y ntp
\nsystemctl enable ntpd ; systemctl start ntpd<\/p>\n

run ssh-keygen<\/p>\n

[root@clusterserver1 ~]# ssh-keygen
\nGenerating public\/private rsa key pair.
\nEnter file in which to save the key (\/root\/.ssh\/id_rsa):
\nCreated directory ‘\/root\/.ssh’.
\nEnter passphrase (empty for no passphrase):
\nEnter same passphrase again:
\nYour identification has been saved in \/root\/.ssh\/id_rsa.
\nYour public key has been saved in \/root\/.ssh\/id_rsa.pub.
\nThe key fingerprint is:
\ne4:57:e7:7c:2e:dd:82:9f:d5:c7:57:f9:ef:ce:d5:e0 root@clusterserver1.rmohan.com
\nThe key’s randomart image is:
\n+–[ RSA 2048]—-+
\n| |
\n| |
\n| . . . |
\n| o . + .|
\n| S . +.o|
\n| . o **|
\n| . E &|
\n| . *=|
\n| oo=|
\n+—————–+
\n[root@clusterserver1 ~]#<\/p>\n

for i in clusterserver1 clusterserver2 clusterserver3 ; do ssh-copy-id $i; done<\/p>\n

\/usr\/bin\/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
\n\/usr\/bin\/ssh-copy-id: INFO: 1 key(s) remain to be installed — if you are prompted now it is to install the new keys
\nroot@clusterserver1’s password:
\nPermission denied, please try again.
\nroot@clusterserver1’s password:<\/p>\n

Number of key(s) added: 1<\/p>\n

Now try logging into the machine, with: “ssh ‘clusterserver1′”
\nand check to make sure that only the key(s) you wanted were added.<\/p>\n

The authenticity of host ‘clusterserver2 (192.168.1.21)’ can’t be established.
\nECDSA key fingerprint is 43:25:9c:32:53:18:33:a9:25:f7:cd:bb:b0:64:80:fd.
\nAre you sure you want to continue connecting (yes\/no)? yes
\n\/usr\/bin\/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
\n\/usr\/bin\/ssh-copy-id: INFO: 1 key(s) remain to be installed — if you are prompted now it is to install the new keys
\nroot@clusterserver2’s password:<\/p>\n

Number of key(s) added: 1<\/p>\n

Now try logging into the machine, with: “ssh ‘clusterserver2′”
\nand check to make sure that only the key(s) you wanted were added.<\/p>\n

The authenticity of host ‘clusterserver3 (192.168.1.22)’ can’t be established.
\nECDSA key fingerprint is 62:79:b1:c7:9b:de:a3:5e:a4:3d:e0:15:2b:f8:c2:f7.
\nAre you sure you want to continue connecting (yes\/no)? yes
\n\/usr\/bin\/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
\n\/usr\/bin\/ssh-copy-id: INFO: 1 key(s) remain to be installed — if you are prompted now it is to install the new keys
\nroot@clusterserver3’s password:<\/p>\n

Number of key(s) added: 1<\/p>\n

Now try logging into the machine, with: “ssh ‘clusterserver3′”
\nand check to make sure that only the key(s) you wanted were added.<\/p>\n

yum install iscsi-initiator-utils -y<\/p>\n

systemctl enable iscsi
\nsystemctl start iscsi<\/p>\n

iscsiadm -m discovery -t sendtargets -p 192.168.1.90:3260<\/p>\n

iscsiadm –mode node –targetname iqn.2006-01.com.openfiler:tsn.b01850dab96a –portal 192.168.1.90 –login<\/p>\n

iscsiadm -m node -T iqn.2006-01.com.openfiler:tsn.b01850dab96a -p 192.168.1.90:3260 -l<\/p>\n

Install corosync and pacemaker on the nodes<\/p>\n

yum -y install lvm2-cluster corosync pacemaker pcs fenceagents-all<\/p>\n

systemctl enable pcsd.service<\/p>\n

systemctl start pcsd.service<\/p>\n

echo test123 | passwd –stdin hacluster<\/p>\n

pcs cluster auth clusterserver1 clusterserver2 clusterserver3<\/p>\n

[root@clusterserver1 ~]# pcs cluster auth clusterserver1 clusterserver2 clusterserver3
\nUsername: hacluster
\nPassword:
\nclusterserver3: Authorized
\nclusterserver2: Authorized
\nclusterserver1: Authorized
\n[root@clusterserver1 ~]#<\/p>\n

[root@clusterserver1 ~]# ls -lt \/var\/lib\/pcsd\/
\ntotal 20
\n-rw——- 1 root root 250 Jan 4 03:33 tokens
\n-rw-r–r– 1 root root 1542 Jan 4 03:33 pcs_users.conf
\n-rwx—— 1 root root 60 Jan 4 03:28 pcsd.cookiesecret
\n-rwx—— 1 root root 1233 Jan 4 03:28 pcsd.crt
\n-rwx—— 1 root root 1679 Jan 4 03:28 pcsd.key
\n[root@clusterserver1 ~]#<\/p>\n

pcs cluster setup –name webcluster clusterserver1 clusterserver2 clusterserver3<\/p>\n

[root@clusterserver1 ~]# pcs cluster setup –name webcluster clusterserver1 clusterserver2 clusterserver3
\nShutting down pacemaker\/corosync services…
\nRedirecting to \/bin\/systemctl stop pacemaker.service
\nRedirecting to \/bin\/systemctl stop corosync.service
\nKilling any remaining services…
\nRemoving all cluster configuration files…
\nclusterserver1: Succeeded
\nclusterserver2: Succeeded
\nclusterserver3: Succeeded
\nSynchronizing pcsd certificates on nodes clusterserver1, clusterserver2, clusterserver3…
\nclusterserver3: Success
\nclusterserver2: Success
\nclusterserver1: Success<\/p>\n

Restaring pcsd on the nodes in order to reload the certificates…
\nclusterserver3: Success
\nclusterserver2: Success
\nclusterserver1: Success
\n[root@clusterserver1 ~]#<\/p>\n

[root@clusterserver1 ~]# ls \/etc\/corosync\/
\ncorosync.conf corosync.conf.example corosync.conf.example.udpu corosync.xml.example uidgid.d\/
\n[root@clusterserver1 ~]# ls \/etc\/corosync\/
\ncorosync.conf corosync.conf.example corosync.conf.example.udpu corosync.xml.example uidgid.d\/
\n[root@clusterserver1 ~]# ls \/etc\/corosync\/*
\n\/etc\/corosync\/corosync.conf \/etc\/corosync\/corosync.conf.example \/etc\/corosync\/corosync.conf.example.udpu \/etc\/corosync\/<\/p>\n

\/etc\/corosync\/uidgid.d:
\n[root@clusterserver1 ~]#
\n[root@clusterserver1 corosync]# cat corosync.conf
\ntotem {
\nversion: 2
\nsecauth: off
\ncluster_name: webcluster
\ntransport: udpu
\n}<\/p>\n

nodelist {
\nnode {
\nring0_addr: clusterserver1
\nnodeid: 1
\n}<\/p>\n

node {
\nring0_addr: clusterserver2
\nnodeid: 2
\n}<\/p>\n

node {
\nring0_addr: clusterserver3
\nnodeid: 3
\n}
\n}<\/p>\n

quorum {
\nprovider: corosync_votequorum
\n}<\/p>\n

logging {
\nto_logfile: yes
\nlogfile: \/var\/log\/cluster\/corosync.log
\nto_syslog: yes
\n}
\n[root@clusterserver1 corosync]#<\/p>\n

[root@clusterserver2 ~]# pcs status
\nError: cluster is not currently running on this node
\n[root@clusterserver2 ~]#<\/p>\n

[root@clusterserver3 ~]# pcs status
\nError: cluster is not currently running on this node
\n[root@clusterserver3 ~]#<\/p>\n

pcs cluster enable –all<\/p>\n

[root@clusterserver1 corosync]# pcs cluster enable –all
\nclusterserver1: Cluster Enabled
\nclusterserver2: Cluster Enabled
\nclusterserver3: Cluster Enabled
\n[root@clusterserver1 corosync]#<\/p>\n

Start the cluster
\n\u2022From any node: pcs cluster start –all<\/p>\n

pcsd: active\/enabled
\n[root@clusterserver1 corosync]# pcs status
\nCluster name: webcluster
\nWARNING: no stonith devices and stonith-enabled is not false
\nLast updated: Mon Jan 4 03:39:26 2016 Last change: Mon Jan 4 03:39:24 2016 by hacluster via crmd on clusterserver1
\nStack: corosync
\nCurrent DC: clusterserver1 (version 1.1.13-10.el7-44eb2dd) – partition with quorum
\n3 nodes and 0 resources configured<\/p>\n

Online: [ clusterserver1 clusterserver2 clusterserver3 ]<\/p>\n

Full list of resources:<\/p>\n

PCSD Status:
\nclusterserver1: Online
\nclusterserver2: Online
\nclusterserver3: Online<\/p>\n

Daemon Status:
\ncorosync: active\/enabled
\npacemaker: active\/enabled
\npcsd: active\/enabled
\n[root@clusterserver1 corosync]#<\/p>\n

Verify Corosync Installation
\n\u2022corosync-cfgtool -s<\/p>\n

[root@clusterserver1 corosync]# corosync-cfgtool -s
\nPrinting ring status.
\nLocal node ID 1
\nRING ID 0
\nid = 192.168.1.20
\nstatus = ring 0 active with no faults
\n[root@clusterserver1 corosync]#<\/p>\n

[root@clusterserver2 ~]# corosync-cfgtool -s
\nPrinting ring status.
\nLocal node ID 2
\nRING ID 0
\nid = 192.168.1.21
\nstatus = ring 0 active with no faults
\n[root@clusterserver2 ~]#<\/p>\n

Verify Corosync Installation
\n\u2022corosync-cmapctl | grep members<\/p>\n

[root@clusterserver2 ~]# corosync-cfgtool -s
\nPrinting ring status.
\nLocal node ID 2
\nRING ID 0
\nid = 192.168.1.21
\nstatus = ring 0 active with no faults
\n[root@clusterserver2 ~]# corosync-cmapctl | grep members
\nruntime.totem.pg.mrp.srp.members.1.config_version (u64) = 0
\nruntime.totem.pg.mrp.srp.members.1.ip (str) = r(0) ip(192.168.1.20)
\nruntime.totem.pg.mrp.srp.members.1.join_count (u32) = 1
\nruntime.totem.pg.mrp.srp.members.1.status (str) = joined
\nruntime.totem.pg.mrp.srp.members.2.config_version (u64) = 0
\nruntime.totem.pg.mrp.srp.members.2.ip (str) = r(0) ip(192.168.1.21)
\nruntime.totem.pg.mrp.srp.members.2.join_count (u32) = 1
\nruntime.totem.pg.mrp.srp.members.2.status (str) = joined
\nruntime.totem.pg.mrp.srp.members.3.config_version (u64) = 0
\nruntime.totem.pg.mrp.srp.members.3.ip (str) = r(0) ip(192.168.1.22)
\nruntime.totem.pg.mrp.srp.members.3.join_count (u32) = 1
\nruntime.totem.pg.mrp.srp.members.3.status (str) = joined
\n[root@clusterserver2 ~]#<\/p>\n

Verify Corosync Installation
\n\u2022crm_verify -L -V<\/p>\n

[root@clusterserver2 ~]# crm_verify -L -V
\nerror: unpack_resources: Resource start-up disabled since no STONITH resources have been defined
\nerror: unpack_resources: Either configure some or disable STONITH with the stonith-enabled option
\nerror: unpack_resources: NOTE: Clusters with shared data need STONITH to ensure data integrity
\nErrors found during check: config not valid
\n[root@clusterserver2 ~]#<\/p>\n","protected":false},"excerpt":{"rendered":"

[root@clusterserver1 ~]# cat \/etc\/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.1.20 clusterserver1.rmohan.com clusterserver1 192.168.1.21 clusterserver2.rmohan.com clusterserver2 192.168.1.22 clusterserver3.rmohan.com clusterserver3<\/p>\n

perl -pi.orig -e ‘s\/SELINUX=enforcing\/SELINUX=permissive\/g’ \/etc\/selinux\/config<\/p>\n

setenforce 0<\/p>\n

timedatectl status<\/p>\n

yum install -y ntp systemctl enable ntpd ; systemctl start ntpd<\/p>\n

run ssh-keygen<\/p>\n

[root@clusterserver1 ~]# ssh-keygen Generating public\/private rsa key pair. Enter file […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[73],"tags":[],"_links":{"self":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/7297"}],"collection":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7297"}],"version-history":[{"count":1,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/7297\/revisions"}],"predecessor-version":[{"id":7298,"href":"https:\/\/mohan.sg\/index.php?rest_route=\/wp\/v2\/posts\/7297\/revisions\/7298"}],"wp:attachment":[{"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7297"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7297"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mohan.sg\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7297"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}