Re: [Linux-ha-dev] Feedback on conntrackd RA by Dominik Klein

Thu, 03 Feb 2011 08:41:17 -0800 

Dominik Klein schrieb:

Just now found this thread. I will include the suggested changes and
post the new RA soon-ish.

Dominik

On 01/21/2011 08:26 AM, Florian Haas wrote:

On 01/18/2011 04:21 PM, Florian Haas wrote:

Our site will shortly be deploying a new HA firewall based on Linux,
iptables, pacemaker and conntrackd.
conntrackd[1] is used to maintain connection state of active
connections
across the two firewalls allowing us to failover from one firewall to
the other without dropping any connections.

In order to achieve this with pacemaker we needed to find a resource
agent for conntrackd. Looking at the mailing list we found a couple of
options although we only fully evaluated the RA produced by Dominik
Klein as it appears to be more feature complete than the alternative.
For a full description of his RA please see his original thread[2].

So far throughout testing we have been very pleased with it. We can
successfully fail between our nodes and the RA correctly handles the
synchronisation steps required in the background.

Dominik,

it appears that the RA is good to be merged with just a few changes left
to be done.
[..]

We are also going to set up a HA firewall and our (albeit not very
extensive) testing of this resource agent has been quite successful.

I used the agent without any notable changes -- just a little cleanup in
line 146 in the conntracd_start function (diff attatched):

-                       conntrackd_set_master_score 100
+                       conntrackd_set_master_score $slave_score

It was propably just overlooked when changing to variables.

Thank you very much for this resource agent!

Yours,
Robert.


--- conntrackd	2010-11-12 11:13:59.000000000 +0100
+++ conntrackd.MYOWN	2011-02-03 17:27:12.000000000 +0100
@@ -143,7 +143,7 @@
 		case "$status" in 
 		$OCF_SUCCESS)
 			rc=$OCF_SUCCESS
-			conntrackd_set_master_score 100
+			conntrackd_set_master_score $slave_score
 			break
 			;;
 		$OCF_NOT_RUNNING)


_______________________________________________________
Linux-HA-Dev: Linux-HA-Dev@lists.linux-ha.org
http://lists.linux-ha.org/mailman/listinfo/linux-ha-dev
Home Page: http://linux-ha.org/

Reply via email to