Re: [ClusterLabs] Running 'pcs status' cmd on remote node

2015-12-02 Thread Ken Gaillot 
On 12/02/2015 06:21 AM, Simon Lawrence wrote:
> 
> In my 2 node test cluster, one node is a physical server (running
> Pacemaker 1.1.13), the other is a VM on that server, configured as a
> Pacemaker remote node (v1.1.13).
> 
> I get the correct output if I run crm_mon & pcs config on the remote
> node, but if I run 'pcs status' I get
> 
> # pcs status
> Cluster name: test
> Error: unable to get list of pacemaker nodes
> 
> 
> Is this normal or should the command work on a remote node?

That's expected. Not all command-line tools are supported when run on
Pacemaker Remote nodes. In this case, "pcs status" is doing "crm_node
-l" which is not yet supported.

The primary design goal was to enable commands known to be used by
resource agents. Enabling all commands is a goal for future versions.

___
Users mailing list: Users@clusterlabs.org
http://clusterlabs.org/mailman/listinfo/users

Project Home: http://www.clusterlabs.org
Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf
Bugs: http://bugs.clusterlabs.org

Re: [ClusterLabs] Running 'pcs status' cmd on remote node

2015-12-02 Thread Simon Lawrence 

On 02/12/15 16:37, Ken Gaillot wrote:

On 12/02/2015 06:21 AM, Simon Lawrence wrote:

In my 2 node test cluster, one node is a physical server (running
Pacemaker 1.1.13), the other is a VM on that server, configured as a
Pacemaker remote node (v1.1.13).

I get the correct output if I run crm_mon & pcs config on the remote
node, but if I run 'pcs status' I get

# pcs status
Cluster name: test
Error: unable to get list of pacemaker nodes


Is this normal or should the command work on a remote node?

That's expected. Not all command-line tools are supported when run on
Pacemaker Remote nodes. In this case, "pcs status" is doing "crm_node
-l" which is not yet supported.

The primary design goal was to enable commands known to be used by
resource agents. Enabling all commands is a goal for future versions.




Thanks Ken

I'd just found the use of 'crm_node -l' in the source code.
I've got it working (just out of interest) in my test setup using the 
awful hack of replacing the crm_node and corosync-cmapctl executeables 
with shell scripts that ssh in the host and run the command there. 
not something I want to do in production for security reasons.







___
Users mailing list: Users@clusterlabs.org
http://clusterlabs.org/mailman/listinfo/users

Project Home: http://www.clusterlabs.org
Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf
Bugs: http://bugs.clusterlabs.org

Re: [ClusterLabs] Comments on stonith:external/ec2 agent

2015-12-02 Thread kazuh 
Hi, Kristoffer

I think Markus's points out and patch is correct.
And I want some advice for that what gethosts should return.

>> The bug is not really a bug in the fencing agent, but in the Python
>> AWS API CLI. It looks like, that sometimes, when calling two or more
>> 'aws ec2 ...' commands in a very short time period, the 'aws ec2'
>> commands returns an error. I've created a patch (attached) with a
>> little workaround, that lets the agent wait for two seconds between
>> two 'describe' commands. Furthermore this patch includes slightly
>> improved logging and an improved parameter description.

I never experienced that error.
But I think it is a good if become more secure and friendly.

>> First, it outputs all found instance id's (fist if-clause in the awk
>> command), not only the ones that are belonging to the cluster, which
>> might result in a very large number. Second, why is it printing the
>> instance-id's anyway=3F Shouldn't it return hostnames instead=3F
>> Hostnames can't be obtained at all using this command.
>>
>> The 'else if' clause works fine and outputs the hostnames belonging to
>> tag_pat, which are hostnames that are set using AWS instance tags with
>> a unique tag key and the node hostnames as values.

Indeed, it should return only the hostnames in the "tag"
And, if the "port" is set, it should return only value of "port".
(Is the first if-clause not necessary?)

This plug-in is based on the following.
  https://github.com/beekhof/fence_ec2/blob/master/fence_ec2
It is returns all instance ID's among this.
Could you advice for us about this ?
(What should the gethosts return?)


Best regards,
Kazuhiko


- 元のメッセージ -
From: "Kristoffer Grönlund" 
宛先: users@clusterlabs.org, ka...@goo.jp
送信済み: 2015年12月1日, 火曜日 午後 8:43:47
件名: Comments on stonith:external/ec2 agent

Hi all,

Markus Guertler who was part of the original discussion in March sent
these comments regarding the external/ec2 agent. Kazuhiko-san, what do
you think about the attached patch and the comments below?

Quoting Markus:

> The bug is not really a bug in the fencing agent, but in the Python
> AWS API CLI. It looks like, that sometimes, when calling two or more
> 'aws ec2 ...' commands in a very short time period, the 'aws ec2'
> commands returns an error. I've created a patch (attached) with a
> little workaround, that lets the agent wait for two seconds between
> two 'describe' commands. Furthermore this patch includes slightly
> improved logging and an improved parameter description.
>
> The 'gethostlist' code seems to be a bit strange:
>
> --- SNIP ---
>gethosts|hostlist|list)
># List of names we know about
>a=3D`aws ec2 describe-instances $options | awk -v 
> tag_pat=3D=22^TAGS\t$ec2_tag\t=22 -F '\t' '{ 
>if (/^INSTANCES/) { printf =22%s\n=22, $8 }
>else if ( $1=22\t=22$2=22\t=22 ~ tag_pat ) { printf 
> =22%s\n=22, $3 }
>}' | sort -u`
>echo $a
> --- SNIP ---
>
> First, it outputs all found instance id's (fist if-clause in the awk
> command), not only the ones that are belonging to the cluster, which
> might result in a very large number. Second, why is it printing the
> instance-id's anyway=3F Shouldn't it return hostnames instead=3F
> Hostnames can't be obtained at all using this command.
>
> The 'else if' clause works fine and outputs the hostnames belonging to
> tag_pat, which are hostnames that are set using AWS instance tags with
> a unique tag key and the node hostnames as values.

Best regards,
Kristoffer

-- 
// Kristoffer Grönlund
// kgronl...@suse.com

===File /home/krig/Desktop/ec2.patch
--- usr/lib64/stonith/plugins/external/ec2  2015-09-28 10:18:20.0 
+0200
+++ usr/lib64/stonith/plugins/external/ec2  2015-10-08 23:14:57.092036211 
+0200
@@ -94,15 +94,16 @@ 
 


-   The name/id/tag of a instance to 
control/check
+   The instance name (not the hostname!) or 
instance-id of a node to fence



-   Use a specific profile from your 
credential file.
+   Use a specific profile from your 
credential file



-   Name of the tag containing the instances 
uname
+   Name of an AWS instance tag containing the 
hostname of a node
+   Name of an AWS instance tag containing the 
hostname of a node. When used, the instance tag must be set for all nodes 
belonging to this cluster. The cluster identifies the list of nodes that can be 
fenced via the instance tag. Therefore the port parameter can be omitted. The 
resource can be configured as a clone resource



@@ -130,7 +131,7 @@ 



-   The name/id/tag of a instance to 
control/check
+   The instance name (not