The following notes descrive how to setup a High Availability (HA) cluster based on loopback images for domains (Para-virtualised Xen VMs) and a BeeGFS or NFS shared file system provided by external servers.
This guide asumes that:
- You have at least two nodes to install sNow!
- You have installed the OS following the instructions defined here
- The BeeGFS (or NFS) client has been installed in sNow! nodes
- The /sNow path is mounted directly from BeeGFS/NFS or it’s a mount bind to that path
- The /home path is mounted directly from BeeGFS/NFS or it’s a mount bind to that path
Enabling cluster file system re-export
In the following file you can define which file systems are going to be re-exported from an external server. sNow! relies NFS for deploying the compute nodes, so /sNow and /home are expected to be shared through NFSv4.
Assuming that the content of /sNow and /home are located in /beegfs the file /etc/exports.d/snow.exports should be similar to:
/beegfs 10.1.0.0/255.255.0.0(rw,async,fsid=0,crossmnt,no_subtree_check,no_root_squash)
Enabling the /sNow path to the compute nodes
You can setup a simple mount bind to the path where /sNow folder is located in the BeeGFS, for example: /beegfs/sNow. Include the following line in the snow.conf in order to enable that.
MOUNT_NFS[1]="/beegfs/sNow /sNow none noauto,x-systemd.automount,x-systemd.device-timeout=60,_netdev,bind,x-systemd.requires=/beegfs/sNow 0 0"
MOUNT_NFS[2]="/beegfs/home /home none noauto,x-systemd.automount,x-systemd.device-timeout=60,_netdev,bind,x-systemd.requires=/beegfs/home 0 0"
Install sNow! software
Install the first node (snow01) following the instructions defined here.
Once the sNow! installation is completed in the first node, you can proceed with the other sNow! nodes installation.
Note that after installing sNow!, a reboot is required in order to boot with the new kernel and configuration.
Configure sNow! by setting snow.conf as described here
Configure sNow! by setting active_domains.conf as described here
On the other nodes of the HA cluster, the snow init
will deliver the following warning message.
At this point, it’s safe to proceed. Please, don’t consider to run this command in a production environment.
root@snow02:~# snow init
[W] sNow! configuration had been initiated before.
[W] Please, do not run this command in a production environment
[W] Do you want to proceed? (y/N)
Once all the nodes
Install the required software packages
apt update
apt install libqb0 fence-agents pacemaker corosync pacemaker-cli-utils crmsh drbd-utils -y
Do the same in the other sNow! nodes
Disable auto start of corosync and pacemaker
In order to avoid a death match situation, it’s highly recommended to disable corosync and pacemaker to be started at boot time. To start the service, you only need to start pacemaker.
systemctl disable corosync
systemctl disable pacemaker
Do the same in the other sNow! nodes
Setting up Corosync
Generate keys
corosync-keygen
Corosync Cluster Engine Authentication key generator.
Gathering 1024 bits for key from /dev/random.
Press keys on your keyboard to generate entropy.
Setup the right permissions
chmod 400 /etc/corosync/authkey
Transfer the key to the other nodes
scp -p /etc/corosync/authkey snow02:/etc/corosync/authkey
Configuring corosync
The content of /etc/corosync/corosync.conf should be something similar to the following example. Note that this cluster only has two nodes (snow01 and snow02).
# egrep -v "^$|#" /etc/corosync/corosync.conf
totem {
version: 2
cluster_name: snow
token: 3000
token_retransmits_before_loss_const: 10
clear_node_high_bit: yes
interface {
ringnumber: 0
bindnetaddr: 192.168.8.0
mcastport: 5405
ttl: 1
}
}
logging {
fileline: off
to_stderr: no
to_logfile: no
to_syslog: yes
syslog_facility: daemon
debug: off
timestamp: on
logger_subsys {
subsys: QUORUM
debug: off
}
}
quorum {
provider: corosync_votequorum
expected_votes: 2
two_node: 1
wait_for_all: 1
}
nodelist {
node {
ring0_addr: snow01
nodeid: 1
}
node {
ring0_addr: snow02
nodeid: 2
}
}
You can download the following example file and adapt it to accomodate your needs.
Edit /etc/corosync/corosync.conf
in snow01 and transfer this file to the other nodes:
scp -p /etc/corosync/corosync.conf snow02:/etc/corosync/corosync.conf
Start corosync service on all the nodes
systemctl start corosync
Xen configuration
Review if /etc/default/xendomains has an empty value for XENDOMAINS_SAVE variable or if it’s commented. Otherwise, comment this variable.
Test if Xen allows live migration between sNow! nodes
Execute the following commands in order to certify that the para-virtual machines can be migrated across the sNow! nodes:
From snow01 you can execute the following commands:
snow boot deploy01
xl migrate deploy01 snow02
If it works as expected, you should see a output message similar to the following example:
[4287] snow01:~ $ xl migrate deploy01 snow02
migration target: Ready to receive domain.
Saving to migration stream new xl format (info 0x0/0x0/799)
Loading new save file <incoming migration stream> (new xl fmt info 0x0/0x0/799)
Savefile contains xl domain config
xc: progress: Reloading memory pages: 26624/524288 5%
xc: progress: Reloading memory pages: 53248/524288 10%
xc: progress: Reloading memory pages: 78848/524288 15%
xc: progress: Reloading memory pages: 105472/524288 20%
xc: progress: Reloading memory pages: 131072/524288 25%
xc: progress: Reloading memory pages: 157696/524288 30%
xc: progress: Reloading memory pages: 184320/524288 35%
xc: progress: Reloading memory pages: 209920/524288 40%
xc: progress: Reloading memory pages: 236544/524288 45%
xc: progress: Reloading memory pages: 262144/524288 50%
xc: progress: Reloading memory pages: 288768/524288 55%
xc: progress: Reloading memory pages: 315392/524288 60%
xc: progress: Reloading memory pages: 340992/524288 65%
xc: progress: Reloading memory pages: 367616/524288 70%
xc: progress: Reloading memory pages: 393216/524288 75%
xc: progress: Reloading memory pages: 419840/524288 80%
xc: progress: Reloading memory pages: 446464/524288 85%
xc: progress: Reloading memory pages: 472064/524288 90%
xc: progress: Reloading memory pages: 498688/524288 95%
xc: progress: Reloading memory pages: 524482/524288 100%
migration target: Transfer complete, requesting permission to start domain.
migration sender: Target has acknowledged transfer.
migration sender: Giving target permission to start.
migration target: Got permission, starting domain.
migration target: Domain started successsfully.
migration sender: Target reports successful startup.
Migration successful.
Pacemaker
Setup the right permissions and check the cluster health
chown -R hacluster:haclient /var/lib/pacemaker
chmod 750 /var/lib/pacemaker
ssh snow02 chown -R hacluster:haclient /var/lib/pacemaker
ssh snow02 chmod 750 /var/lib/pacemaker
crm cluster health | more
Setup Pacemaker
The following steps can be automated taking advantage of the following script: setup_domains_ha.sh
#!/bin/bash
domain_list=$(snow list domains | egrep -v "Domain|------" | gawk '{print $1}')
crm_attribute --type op_defaults --attr-name timeout --attr-value 120s
rm -f pacemaker.cfg
echo "property stonith-enabled=no" > pacemaker.cfg
echo "property no-quorum-policy=ignore" >> pacemaker.cfg
echo "property default-resource-stickiness=100" >> pacemaker.cfg
echo "primitive xsnow-vip ocf:heartbeat:IPaddr2 params ip=\"10.1.0.254\" nic=\"xsnow0\" op monitor interval=\"10s\"" >> pacemaker.cfg
for domain in ${domain_list}; do
echo "primitive $domain ocf:heartbeat:Xen \\
params xmfile=\"/sNow/snow-tools/etc/domains/$domain.cfg\" \\
op monitor interval=\"40s\" \\
meta target-role=\"started\" allow-migrate=\"true\"
" >> pacemaker.cfg
done
echo commit >> pacemaker.cfg
echo bye >> pacemaker.cfg
crm configure < pacemaker.cfg
Otherwise, you can follow the next steps to setup Pacemaker:
Define global configuration
Iniciate the setup without STONITH. The last section explains how to setup STONITH using a fence device based on Xen.
[4242] snow01:~ $ crm configure
crm(live)configure# property stonith-enabled=no
crm(live)configure# property no-quorum-policy=ignore
crm(live)configure# property default-resource-stickiness=100
crm(live)configure# commit
crm(live)configure# bye
Define the first service in HA
Execute the crm configure
and define the first service in HA as follows:
primitive deploy01 ocf:heartbeat:Xen \
params xmfile="/sNow/snow-tools/etc/domains/deploy01.cfg" \
op monitor interval="40s" \
meta target-role="started" allow-migrate="true"
Some operations like the live migration requires some extra time. Specially when the VM uses a reasonable amount of memory. It’s highly recommended to increase the default timeout to avoid cancelling the live migration due a short time limit. The following example, setup 120s as default timeout. You can tune this value attending at your VM needs.
crm_attribute --type op_defaults --attr-name timeout --attr-value 120s
Test!
This is a good moment to test if the HA works. In order to review that, execute in a new SSH session the command:
crm_mon
It should report something like this:
Stack: corosync
Current DC: snow01 (version 1.1.16-94ff4df) - partition with quorum
Last updated: Fri Jul 28 06:51:02 2017
Last change: Fri Jul 28 06:50:50 2017 by root via crm_resource on snow02
2 nodes configured
1 resource configured
Online: [ snow01 snow02 ]
Active resources:
deploy01 (ocf::heartbeat:Xen): Started snow01
Using the following command, you will force to migrate the service from one node to the other one:
crm resource move deploy01 snow01
Define all the HA services
Follow the previous instructions to setup the services required to be in HA mode. The expected outcome should be something like this:
Stack: corosync
Current DC: snow01 (version 1.1.16-94ff4df) - partition with quorum
Last updated: Fri Jul 28 07:13:00 2017
Last change: Fri Jul 28 07:11:31 2017 by root via cibadmin on snow01
2 nodes configured
8 resources configured
Online: [ snow01 snow02 ]
Active resources:
deploy01 (ocf::heartbeat:Xen): Started snow01
proxy01 (ocf::heartbeat:Xen): Started snow01
monitor01 (ocf::heartbeat:Xen): Started snow02
nis01 (ocf::heartbeat:Xen): Started snow02
syslog01 (ocf::heartbeat:Xen): Started snow01
maui01 (ocf::heartbeat:Xen): Started snow02
nis02 (ocf::heartbeat:Xen): Started snow01
flexlm01 (ocf::heartbeat:Xen): Started snow02
Define floating IP for gateway
sNow! servers play a gateway role. The following instructions define HA for this service.
Execute the crm configure
and define the xsnow-vip
service as follows:
primitive xsnow-vip ocf:heartbeat:IPaddr2 params ip="10.1.0.254" nic="xsnow0" op monitor interval="10s"
commit
bye
Notice that this IP 10.1.0.254
must match with the IP defined in NET_SNOW
and NET_COMP
in the snow.conf
Service placement
In order to balance services across the two nodes and also to distribute additional services with native HA (i.e slurm-master slurm-slave) you can use the following instructions to define the preferred hosts. Failback is useful to define well balanced services, but if you have an ongoing issue, you could trigger a failback in a “semi-faulty” node.
crm(live)# configure
crm(live)configure# location cli-prefer-maui01 maui01 role=Started inf: snow01
crm(live)configure# location cli-prefer-nis01 nis01 role=Started inf: snow01
crm(live)configure# location cli-prefer-proxy01 proxy01 role=Started inf: snow01
crm(live)configure# location cli-prefer-flexlm01 flexlm01 role=Started inf: snow02
crm(live)configure# location cli-prefer-monitor01 monitor01 role=Started inf: snow02
crm(live)configure# location cli-prefer-nis02 nis02 role=Started inf: snow02
crm(live)configure# location cli-prefer-syslog01 syslog01 role=Started inf: snow02
crm(live)configure# commit
crm(live)configure# bye