Hi, On Tue, May 24, 2011 at 10:08:38AM +0200, RaSca wrote: > Hi all, > as some of you saw in the last two weeks I've faced some problems in > configuring a Corosync/Pacemaker cluster on two Hetzner server. > > The main problem about those cheap and very powerful servers is > their network management. For example, if you want to have a > failover IP you need to manage it by the web interface or via a > webservice, there's no other way. > Luckily, the guys from Kumina > (http://blog.kumina.nl/2011/02/hetzner-failover-ip-ocf-script/) > wrote an ocf resource agent that automates the management of the IP > so the last (but not least) problem was the Stonith. > > In the intention of Hetzner the only way you have to force a reset > of the machine is... via the same webserver. I know, it's odd, but > also in this case it is the only way. So, following those > directives: http://wiki.hetzner.de/index.php/Robot_Webservice_en I > wrote the stonith agent that is attached to this email. > It is based upon the same configuration file of the Kumina's ocf: > > # cat /etc/hetzner.cfg > [dummy] > user = <username> > pass = <password> > local_ip = <local ip address of the server> > > And it needs two parameters: the "hostname" and it's related > "remote_ip", for example: > > primitive stonith_hserver-1 stonith:external/hetzner \ > params hostname="hserver-1" remote_ip="X.Y.Z.G" \ > op start interval="0" timeout="60s > > First of all, it works. The system is able to fence nodes in case of > split brain and manually, so I can say it is ok. But it is the first > stonith agent that I wrote, so it may need some corrections. > > Hope this can help someone. Thanks to andreask who helped me on irc > in understanding how stonith agents works. > > -- > RaSca > Mia Mamma Usa Linux: Niente รจ impossibile da capire, se lo spieghi bene! > ra...@miamammausalinux.org > http://www.miamammausalinux.org
> #!/bin/sh > # > # External STONITH module for Hetzner. > # > # Copyright (c) 2011 MMUL S.a.S. - Raoul Scarazzini <ra...@mmul.it> > # > # This program is free software; you can redistribute it and/or modify > # it under the terms of version 2 of the GNU General Public License as > # published by the Free Software Foundation. > # > # This program is distributed in the hope that it would be useful, but > # WITHOUT ANY WARRANTY; without even the implied warranty of > # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. > # > # Further, this software is distributed without any warranty that it is > # free of the rightful claim of any third person regarding infringement > # or the like. Any license provided herein, whether implied or > # otherwise, applies only to this software file. Patent licenses, if > # any, provided herein do not apply to combinations of this program with > # other software, or any other product whatsoever. > # > # You should have received a copy of the GNU General Public License > # along with this program; if not, write the Free Software Foundation, > # Inc., 59 Temple Place - Suite 330, Boston MA 02111-1307, USA. > # > > # Read parameters > conf_file="/etc/hetzner.cfg" > user=`cat /etc/hetzner.cfg | egrep "^user.*=" | sed 's/^user.*=\ *//g'` Better: user=`sed -n 's/^user.*=\ *//p' /etc/hetzner.cfg` > pass=`cat /etc/hetzner.cfg | egrep "^pass.*=" | sed 's/^pass.*=\ *//g'` > hetzner_server="https://robot-ws.your-server.de"; I assume that this is a well-known URL which doesn't need to be passed as a parameter. > is_host_up() { > if [ "$1" != "" ] > then > status=`curl -s -u $user:$pass $hetzner_server/server/$1 | sed > 's/.*status\":"\([A-Za-z]*\)",.*/\1/g'` > if [ "$status" = "ready" ] > then > return 0 > else > return 1 > fi This if statement can be reduced to (you save 5 lines): [ "$status" = "ready" ] > else > return 1 > fi > } > > case $1 in > gethosts) > echo $hostname > exit 0 > ;; > on) > # Can't really be implemented because Hetzner webservice cannot power > on a system > exit 1 > ;; > off) > # Can't really be implemented because Hetzner webservice cannot power > on a system > exit 1 > ;; > reset) > status=`curl -s -u $user:$pass $hetzner_server/reset/$remote_ip -d > type=hw` > if [ "$status" = "" ] > then > exit 1 > else > if is_host_up "$hostaddress" > then > exit 1 > else > exit 0 > fi Again, better (is return code of is_host_up inverted?): is_host_up "$hostaddress" exit # this is actually also superfluous, but perhaps better left in > fi > exit 1 > ;; > status) > if [ "$remote_ip" != "" ] > then > if is_host_up "$remote_ip" > then > exit 0 > else > exit 1 > fi Ditto. > else > # Check if we can contact the server > status=`curl -s -u $user:$pass $hetzner_server/server/` > if [ "$status" = "" ] > then > exit 1 > else > exit 0 > fi Ditto. Good work! Cheers, Dejan P.S. Moving discussion to linux-ha-dev. > fi > ;; > getconfignames) > echo "hostname" > exit 0 > ;; > getinfo-devid) > echo "Hetzner STONITH device" > exit 0 > ;; > getinfo-devname) > echo "Hetzner STONITH external device" > exit 0 > ;; > getinfo-devdescr) > echo "Hetzner host reset" > echo "Manages the remote webservice for reset a remote server." > exit 0 > ;; > getinfo-devurl) > echo "http://wiki.hetzner.de/index.php/Robot_Webservice_en"; > exit 0 > ;; > getinfo-xml) > cat << HETZNERXML > <parameters> > <parameter name="hostname" unique="1"> > <content type="string" /> > <shortdesc lang="en"> > Hostname > </shortdesc> > <longdesc lang="en"> > The name of the host to be managed by this STONITH device. > </longdesc> > </parameter> > > <parameter name="remote_ip" unique="1" required="1"> > <content type="string" /> > <shortdesc lang="en"> > Remote IP > </shortdesc> > <longdesc lang="en"> > The address of the remote IP that manages this server. > </longdesc> > </parameter> > </parameters> > HETZNERXML > exit 0 > ;; > *) > exit 1 > ;; > esac > _______________________________________________ > Linux-HA mailing list > Linux-HA@lists.linux-ha.org > http://lists.linux-ha.org/mailman/listinfo/linux-ha > See also: http://linux-ha.org/ReportingProblems _______________________________________________ Linux-HA mailing list Linux-HA@lists.linux-ha.org http://lists.linux-ha.org/mailman/listinfo/linux-ha See also: http://linux-ha.org/ReportingProblems
