[pve-devel] Corosync-qdevice

Gilberto Nunes gilberto.nunes32 at gmail.com
Mon Jul 17 12:51:46 CEST 2017 

Hi Thomas...

I get it... But i have one doubt:
The corosync-qdevice-net-certutil procedure will no mess up a previously
cluster??
I ask this because I already have my cluster here work normally...

Thanks


Obrigado

Cordialmente


Gilberto Ferreira

Consultor TI Linux | IaaS Proxmox, CloudStack, KVM | Zentyal Server |
Zimbra Mail Server

(47) 3025-5907
(47) 99676-7530

Skype: gilberto.nunes36


konnectati.com.br <http://www.konnectati.com.br/>


https://www.youtube.com/watch?v=dsiTPeNWcSE


2017-07-17 5:44 GMT-03:00 Thomas Lamprecht <t.lamprecht at proxmox.com>:

> Hi,
>
>
> On 07/17/2017 12:35 AM, Gilberto Nunes wrote:
>
>> Hi folks
>>
>> Is Corosync-qdevice read for tests and production???
>>
> For testing for sure, production normally also,
> but as we haven't any documentation in the official PVE docs
> and some helpers I would like to integrate still miss,
> it's a "technology preview" from our point of view.
>
> Is there some doc to reference???
>>
>
> for a general overview:
>
> # man corosync-qdevice
>
> Simplified you need to
> * setup a encrypted connection between the nodes and the qdevice host,
>   use `corosync-qdevice-net-certutil` for this (run it without arguments
>   to get some help overview). The easiest way is to ensure all nodes trust
>   the qdevice host and vice versa, i.e. they have the respective keys in
> the
>   authorized_key file, then simply run:
>   # corosync-qdevice-net-certutil -Q -n <cluster-name> <qnetd-server>
> <node1> <node2> <...> <nodeN>
> * add the qdevice to the corosync quorum section
> * start the services everywhere (corosync-qdevice on the PVE nodes and the
> corosync-qnetd...
>   on the qdevice serving host)
>
> The "quorum" section should look somewhat like this:
>
> ----
> quorum {
>     provider: corosync_votequorum
>     device {
>         model: net
>         votes: 1
>         net {
>           tls: on
>           host: 192.168.30.15
>           algorithm: ffsplit
>         }
>     }
> }
> ----
>
> Note that we highly recommend the ff-split algorithm! This means implicit
> that it should be only
> done in clusters with an even-numbered member count.
> The integration in Proxmox VE was a bit delayed with the PVE 5 release, I
> try to pick it up soon again.
>
> As always, test such thing first in a (eventual virtual) test cluster,
> so that you get a feeling for what must be done and eventual pitfalls.
>
> cheers,
> Thomas
>
>

More information about the pve-devel mailing list