[pve-devel] Corosync-qdevice
Thomas Lamprecht
t.lamprecht at proxmox.com
Mon Jul 17 10:44:08 CEST 2017
Hi,
On 07/17/2017 12:35 AM, Gilberto Nunes wrote:
> Hi folks
>
> Is Corosync-qdevice read for tests and production???
For testing for sure, production normally also,
but as we haven't any documentation in the official PVE docs
and some helpers I would like to integrate still miss,
it's a "technology preview" from our point of view.
> Is there some doc to reference???
for a general overview:
# man corosync-qdevice
Simplified you need to
* setup a encrypted connection between the nodes and the qdevice host,
use `corosync-qdevice-net-certutil` for this (run it without arguments
to get some help overview). The easiest way is to ensure all nodes trust
the qdevice host and vice versa, i.e. they have the respective keys
in the
authorized_key file, then simply run:
# corosync-qdevice-net-certutil -Q -n <cluster-name> <qnetd-server>
<node1> <node2> <...> <nodeN>
* add the qdevice to the corosync quorum section
* start the services everywhere (corosync-qdevice on the PVE nodes and
the corosync-qnetd...
on the qdevice serving host)
The "quorum" section should look somewhat like this:
----
quorum {
provider: corosync_votequorum
device {
model: net
votes: 1
net {
tls: on
host: 192.168.30.15
algorithm: ffsplit
}
}
}
----
Note that we highly recommend the ff-split algorithm! This means
implicit that it should be only
done in clusters with an even-numbered member count.
The integration in Proxmox VE was a bit delayed with the PVE 5 release,
I try to pick it up soon again.
As always, test such thing first in a (eventual virtual) test cluster,
so that you get a feeling for what must be done and eventual pitfalls.
cheers,
Thomas
More information about the pve-devel
mailing list