Chapter 5 Administering Cluster Partnerships

This chapter provides the procedures for administering partnerships between two Sun Cluster Geographic Edition software-enabled clusters.

This chapter contains the following sections:

• Configuring Trust Between Partner Clusters

• Creating and Modifying a Partnership

• Joining an Existing Partnership

• Leaving or Deleting a Partnership

• Resynchronizing a Partnership

Configuring Trust Between Partner Clusters

Before you create a partnership between two clusters, you must configure the Sun Cluster Geographic Edition software for secure communication between the two clusters. The configuration must be reciprocal. For example, you must configure the cluster cluster-paris to trust the cluster cluster-newyork, and you must also configure the cluster cluster-newyork to trust the cluster cluster-paris.

How to Configure Trust Between Two Clusters

Before You Begin

Ensure that the following conditions are met:

• The cluster on which you want to create the partnership is running.

• The geoadm start command must have already been run on this cluster and the partner cluster. For more information about using the geoadm start command, see Enabling the Sun Cluster Geographic Edition Software.

• The cluster name of the partner cluster is known.

• The host information of the partner cluster must defined in the local host file. The local cluster needs to know how to reach the partner cluster by name.

1. Log in to a cluster node.

   You must be assigned the Geo Management RBAC rights profile to complete this procedure. For more information about RBAC, see Sun Cluster Geographic Edition Software and RBAC.

2. Import the public keys from the remote cluster to the local cluster.

   Running this command on one node of the local cluster imports the keys from the remote cluster to one node of the cluster.

   # geops add-trust -c remotepartnerclustername

   -cremoteclustername

   Specifies the logical hostname of the cluster with which to form a partnership. The logical hostname is used by the Sun Cluster Geographic Edition software and maps to the name of the remote partner cluster. For example, a remote partner cluster name might resemble the following:

   cluster-paris

   When you use this option with the add-trust or remote-trust subcommand, the option specifies the alias where the public keys on the remote cluster are stored. An alias for certificates on the remote cluster has the following pattern:

   remotepartnercluster.certificate[0-9]*

   Keys and only keys that belong to the remote cluster should have their alias match this pattern.

   For more information about the geops command, refer to the geops(1M) man page.

3. Repeat the preceding steps on a node of the remote partner cluster.

4. Verify trust from one node of each cluster.

   # geops verify-trust -c remotepartnerclustername

See Also

For a complete example of how to configure and join a partnership, see Example 5–4.

How to Remove Trust Between Two Clusters

Before You Begin

Ensure that the following conditions are met:

• The cluster on which you want to remove trust is running.

• The cluster name of the partner cluster is known.

• The host information of the partner cluster must defined in the local host file. The local cluster needs to know how to reach the partner cluster by name.

1. Log in to a cluster node.

   You must be assigned the Geo Management RBAC rights profile to complete this procedure. For more information about RBAC, see Sun Cluster Geographic Edition Software and RBAC.

2. On all nodes of both clusters, remove all keys for the remote cluster from the truststore file on the local node.

   # geops remove-trust -c remotepartnerclustername

   Perform this step on all the nodes of the local cluster, and then repeat this step on all nodes of the partner cluster.

   -cremoteclustername

   Specifies the logical hostname of the cluster from which you want to remove the keys. The name for the remote cluster must be identical to the cluster name you specified when adding trust with the geops add-trust command. You do not need to specify the fully qualified name if the remote cluster is reachable by partial name.

   When you use this option with the add-trust or remote-trust subcommand, the option specifies the alias where the public keys on the remote cluster are stored. An alias for certificates on the remote cluster has the following pattern:

   remotepartnercluster.certificate[0-9]*

   Keys and only keys that belong to the remote cluster should have their alias match this pattern.

   For more information about the geops command, refer to the geops(1M) man page.

3. Repeat the preceding steps on a node of the remote partner cluster.

Creating and Modifying a Partnership

The Sun Cluster Geographic Edition software enables clusters to form partnerships between clusters to provide mutual protection against disasters. The clusters in a partnership monitor each other by sending heartbeat messages to each other in the same way that nodes of a single cluster do. Unlike local clusters, the clusters in a partnership use the public network for these messages, but support additional, plug-in mechanisms as well.

You create only one partnership between two specific clusters by using the geops(1m) command. After you have created a partnership, you can use this command to modify the properties of this partnership.

When creating partnerships, ensure that the name of all the clusters in the partnership are unique. For example, if you have a cluster wholly within the domain .france, you can use hostnames like paris and grenoble. However, if you have a cross-domain cluster, you must specify the hostnames with enough qualification to identify the host on the network. You can link paris and munich with hostnames paris.france and munich.germany, and the cluster names remain paris and munich.

You cannot create a partnership between clusters paris.france and paris.texas because of a collision on the cluster name paris.

The names of the application resource groups that are managed by the Sun Cluster Geographic Edition software must be the same on both partner clusters. You can configure the names of these resource groups manually or by using the scsnapshot command.

The scsnapshot command replicates configuration data on a cluster that does not have configured resource groups, resource types, and resources. The scsnapshot command retrieves the configuration data from the cluster on which it is launched and generates a script called scriptfile. Edit the script to adapt it to the specific features of the cluster where you want to replicate the configuration data. For example, you might have to change the IP address and host names in the script. Launch the script from any node in the cluster where you want to replicate the configuration data. For more information about using this command, see the scsnapshot(1M) man page.

You can define only one partnership between two specific clusters. A single cluster can participate in other partnerships with different clusters.

How to Create a Partnership

Before You Begin

Ensure that the following conditions are met:

• The cluster on which you want to create the partnership is up and running.

• The geoadm start command must have already been run on the this cluster and the partner cluster. For more information about using the geoadm start command, see Enabling the Sun Cluster Geographic Edition Software.

• The cluster name of the partner cluster is known.

• The host information of the partner cluster must defined in the local host file. The local cluster needs to know how to reach the partner cluster by name.

• Security has been configured on the two clusters by installing the appropriate certificates.

  See Configuring Trust Between Partner Clusters for more information.

1. Log in to a cluster node.

   You must be assigned the Geo Management RBAC rights profile to complete this procedure. For more information about RBAC, see Sun Cluster Geographic Edition Software and RBAC.

2. Create the partnership.

   # geops create -c remotepartnerclustername [-h heartbeatname] \ [-p propertysetting [-p...]] partnershipname

   -c remoteclustername

   Specifies the name of the remote cluster that will participate in the partnership.

   This name matches the logical hostname used by the Sun Cluster Geographic Edition infrastructure on the remote cluster.

   -h heartbeatname

   Specifies a custom heartbeat to use in the partnership to monitor the availability of the partner cluster.

   If you omit this option, the default Sun Cluster Geographic Edition heartbeat is used.

   Custom heartbeats are provided for special circumstances and require careful configuration. Consult your Sun specialist for assistance if your system requires the use of custom heartbeats. For more information about configuring custom heartbeats, see Chapter 6, Administering Heartbeats.

   If you create a custom heartbeat, you must add at least one plug-in to prevent the partnership from remaining in degraded mode.

   You must configure the custom heartbeat that you provide in this option before you run the geops command.

   ---

   Note –

   A custom heartbeat prevents the default heartbeat from being used during partnership creation. If you want to use the default heartbeat for your partnership, you must delete the custom heartbeat before you run the geops create command.

   ---

   -p propertysetting

   Specifies the value of partnership properties with a string of property=value pair statements.

   Specify a description of the partnership with the Description property.

   You can configure heartbeat-loss notification with the Notification_emailaddrs and Notification_actioncmd properties. For more information about configuring heartbeat-loss notification, see Configuring Heartbeat-Loss Notification.

   For more information about the properties you can set, see Appendix A, Standard Sun Cluster Geographic Edition Properties.

   partnershipname

   Specifies the name of the partnership.

   For information about the names and values that are supported by Sun Cluster Geographic Edition software, see Appendix B, Legal Names and Values of Sun Cluster Geographic Edition Entities.

   For more information about the geops command, refer to the geops(1M) man page.

3. Verify that the partnership was created and the status of the partnership.

   # geoadm status

Example 5–1 Creating a Partnership

This example creates the paris-newyork-ps partnership on the cluster-paris cluster.

# geops create -c cluster-newyork -p Description=Transatlantic \
-p Notification_emailaddrs=sysadmin@companyX.com paris-newyork-ps 
# geoadm status

See Also

For a complete example of how to configure and join a partnership, see Example 5–4.

How to Modify Partnership Properties

1. Log in to a cluster node.

   You must be assigned the Geo Management RBAC rights profile to complete this procedure. For more information about RBAC, see Sun Cluster Geographic Edition Software and RBAC.

2. Modify partnership properties.

   # geops set-prop -p propertysetting [-p...] partnershipname

   -p propertysetting

   Specifies the value of partnership properties with a string of property=value pair statements.

   Specify a description of the partnership with the Description property.

   You can configure heartbeat-loss notification with the Notification_emailaddrs and Notification_actioncmd properties. For more information about configuring heartbeat-loss notification, see Configuring Heartbeat-Loss Notification.

   For more information about the properties you can set, see Appendix A, Standard Sun Cluster Geographic Edition Properties.

   partnershipname

   Specifies the name of the partnership.

   For information about the names and values that are supported by Sun Cluster Geographic Edition software, see Appendix B, Legal Names and Values of Sun Cluster Geographic Edition Entities.

   For more information about the geops command, refer to the geops(1M) man page.

3. Verify that your modification was made correctly.

   # geops list

Example 5–2 Modifying the Properties of a Partnership

This example modifies the notification email address for the cluster-paris cluster.

# geops set-prop -p Notification_emailaddrs=operations@companyX.com \
paris-newyork-ps
# geops list

Joining an Existing Partnership

When you define and configure a partnership, the partnership specifies a second cluster to be a member of that partnership. Then, you must configure this second cluster to join the partnership.

How to Join a Partnership

Before You Begin

Ensure that the following conditions are met:

• The local cluster is enabled to run the Sun Cluster Geographic Edition software.

• The partnership you want the cluster to join is defined and configured on another cluster (cluster-paris) and the local cluster (cluster-newyork) is specified as a member of this partnership.

• Security has been configured on the clusters by installing the appropriate certificates.

  See Configuring Secure Cluster Communication Using Security Certificates for more information.

1. Log in to a node of the cluster that is joining the partnership.

   You must be assigned the Geo Management RBAC rights profile to complete this procedure. For more information about RBAC, see Sun Cluster Geographic Edition Software and RBAC.

2. Confirm that the remote cluster that originally created the partnership, cluster-paris, can be reached at its logical hostname.

   # ping lh-paris-1

   For information about the logical hostname of the cluster, see How to Enable Sun Cluster Geographic Edition Software.

3. Join the partnership.

   # geops join-partnership [-h heartbeatname] remoteclustername partnershipname

   -h heartbeatname

   Specifies a custom heartbeat to use in the partnership to monitor the availability of the partner cluster.

   If you omit this option, the default Sun Cluster Geographic Edition heartbeat is used.

   Custom heartbeats are provided for special circumstances and require careful configuration. Consult your Sun specialist for assistance if your system requires the use of custom heartbeats. For more information about configuring custom heartbeats, see Chapter 6, Administering Heartbeats.

   If you create a custom heartbeat, you must add at least one plug-in to prevent the partnership from remaining in degraded mode.

   You must configure the custom heartbeat that you provide in this option before you run the geops command.

   remoteclustername

   Specifies the name of a cluster that is currently a member of the partnership that is being joined. This cluster is used to retrieve the partnership configuration information.

   partnershipname

   Specifies the name of the partnership.

   For information about the names and values that are supported by Sun Cluster Geographic Edition software, see Appendix B, Legal Names and Values of Sun Cluster Geographic Edition Entities.

   For more information about the geops command, refer to the geops(1M) man page.

4. Verify that the cluster was added to the partnership and that the partnership properties were defined correctly.

   # geops list # geoadm status

Example 5–3 Joining a Partnership

This example joins the cluster-newyork cluster in the partnership that was created on cluster-paris in Example 5–1.

# geops join-partnership cluster-paris paris-newyork-ps
# geops list
# geoadm status

Example 5–4 Creating and Joining a Partnership With a Remote Cluster in a Different Domain

This example creates and configures the paris-newyork-ps partnership between clusters cluster-paris.france and cluster-newyork.usa.

1. On one node of cluster-paris.france, configure trust for the partnership.

   phys-paris-1# geops add-trust -c cluster-newyork.usa phys-paris-2# geops add-trust -c cluster-newyork.usa

2. On one node of cluster-newyork.usa, configure trust for the partnership.

   phys-newyork-1# geops add-trust -c cluster-paris.france phys-newyork-2# geops add-trust -c cluster-paris.france

3. On cluster-newyork.usa, verify that trust has been set up properly.

   cluster-newyork# geops verify-trust -c cluster-newyork.usa

4. On cluster-paris.france, create the partnership paris-newyork-ps.

   cluster-paris# geops create -c cluster-newyork.usa -p Description=Transatlantic \ -p Notification_emailaddrs=sysadmin@companyX.com paris-newyork-ps

5. On cluster-newyork.usa, join the partnership paris-newyork-ps.

   cluster-newyork# geops join-partnership cluster-paris.france paris-newyork-ps

6. Verify that the partnership has been created successfully.

   # geops list # geoadm status

Leaving or Deleting a Partnership

You can also use the geops command to remove a cluster from a partnership and release all the resources that are associated with the partnership.

Because this command destroys the local partnership configuration information, when the last member leaves a partnership, the partnership no longer exists.

How to Leave a Partnership

Before You Begin

Ensure that the following conditions are met:

• The local cluster is a member of the partnership you want to leave.

• This partnership does not contain any protection groups.

1. Log in to a cluster node.

   You must be assigned the Geo Management RBAC rights profile to complete this procedure. For more information about RBAC, see Sun Cluster Geographic Edition Software and RBAC.

2. Verify that the partnership does not have any protection groups.

   # geopg list

   If you find that the partnership contains protection groups, you can delete them with the geopg delete command. For information about deleting protection groups, see one of the following data replication guides:

   • How to Delete a Sun StorEdge Availability Suite 3.2.1 Protection Group in Sun Cluster Geographic Edition Data Replication Guide for Sun StorEdge Availability Suite

   • How to Delete a Hitachi TrueCopy Protection Group in Sun Cluster Geographic Edition Data Replication Guide for Hitachi TrueCopy

   • How to Delete an EMC Symmetrix Remote Data Facility Protection Group in Sun Cluster Geographic Edition Data Replication Guide for EMC Symmetrix Remote Data Facility

3. Remove the partnership on a node of the cluster that is a member of the partnership.

   # geops leave-partnership partnershipname

   partnershipname

   Specifies the name of the partnership

   ---

   Note –

   The geops leave-partnership command deletes the heartbeats configured for the partnership, including custom heartbeats.

   ---

   For more information, refer to the geops(1M) man page.

Example 5–5 Leaving a Partnership

In this example, the cluster-paris cluster leaves the paris-newyork-ps partnership.

phys-paris-1# geops leave-partnership paris-newyork-ps

Example 5–6 Deleting a Partnership

After the cluster-paris cluster leaves the paris-newyork-ps partnership, as described in the previous example, the only remaining member of the partnership is the cluster-newyork cluster. You can delete the paris-newyork-ps partnership by forcing the cluster-newyork cluster to leave the partnership.

phys-newyork-1# geops leave-partnership paris-newyork-ps

Next Steps

Repeat this procedure on the other cluster in the partnership.

Resynchronizing a Partnership

Partner clusters that become disconnected during a disaster situation might force the administrator to perform a takeover for a protection group that the partners share. When both clusters are brought online again, both partner clusters might report as the primary of the protection group. You must resynchronize the configuration information of the local protection group with the configuration information that is retrieved from the partner cluster.

If a cluster that is a member of a partnership fails, when the cluster restarts, it detects whether the partnership parameters have been modified while it was down. You decide which partnership configuration information you want to keep: the information on the cluster that failed or the information on the failover cluster. Then, resynchronize the configuration of the partnership accordingly.

You do not need to resynchronize the configuration information in the following situations if the original secondary cluster goes down and resumes operation later.

Use the geoadm status command to check whether you need to resynchronize a partnership. If the Configuration status is Synchronization Status Error, you need to synchronize the partnership. If the Local status is Partnership Error, do not resynchronize the partnership. Instead, wait until a heartbeat exchange occurs.

How to Resynchronize a Partnership

Before You Begin

Ensure that the following conditions are met:

• The local cluster is Sun Cluster Geographic Edition enabled.

• The local cluster was an active member of the partnership before failing.

Resynchronizing a partnership overwrites the partnership configuration on the cluster where the command is run with the information from the partner cluster.

1. Log in to a node on the cluster that needs to be synchronized with the information retrieved from the partner cluster.

   You must be assigned the Geo Management RBAC rights profile to complete this procedure. For more information about RBAC, see Sun Cluster Geographic Edition Software and RBAC.

2. Resynchronize the partnership.

   # geops update partnershipname

   partnershipname

   Specifies the name of the partnership

Example 5–7 Resynchronizing a Partnership

This example resynchronizes a partnership.

# geops update paris-newyork-ps