1. Setting Up High Availability Clustering
  2. Using the Pacemaker/Corosync Web User Interface

7 Using the Pacemaker/Corosync Web User Interface

This chapter describes how to create and manage clusters by using the web UI tool instead of the pcs command line.

About the Pacemaker Web User Interface

The Pacemaker service provides a web user interface tool (web UI) that enables you to configure and manage clusters in graphical mode. Use this tool as an alternative to typing pcs commands to perform those tasks.

This chapter assumes that you have completed the tasks that are described in Installing and Enabling the Pacemaker and Corosync Service and that the nodes have been authenticated for the hacluster user.

For information about authentication and configuring hacluster credentials, see Step 1 of Creating the Cluster.

To access the web UI, log in as user hacluster at https://node:2224, where node refers to a node authenticated for hacluster. Specify the node either by its node name or IP address.

Note:

The rest of this chapter assumes that you have configured resolvable names for all the nodes.

After you log in, the home page's Manage Clusters page is displayed. This page lists clusters that are under the web UI's management.

Figure 7-1 Manage Clusters


The image partially shows the Manage Clusters page where an administrator can remove, add existing clusters, destroy clusters, or create new ones. Clusters that are created and managed by the web UI would be listed on the page, and corresponding information about a selected cluster would also be displayed, such as its nodes, and so on.

Initial Cluster Configuration Tasks

The Manage Clusters page contains the following options:

  • Create New: Create a cluster consisting of nodes. While creating the cluster, you can optionally configure additional cluster properties.

  • Add Existing: Add more nodes to an existing cluster.

  • Remove: Remove a cluster from being managed by the web UI.

  • Destroy: Delete a cluster.

Creating a New Cluster

To create new clusters, do the following:

  1. Click + Create New.

    The Create cluster window opens.

  2. Specify the cluster name.

  3. Specify the nodes to include in the cluster.

  4. Optional: Configure other properties of the cluster.

    1. Click Go to advanced settings.

    2. Click the tab for the setting you want to customize.

      You can configure the cluster's Transport, Quorum, or Totem settings.

    3. For each setting, specify parameter values on their corresponding fields.

      For example, for the Transport mechanism, you can define transport, compression, and crypto options, as shown in the following image:

      Figure 7-2 Transport Options


      The image shows the group of options for configuring a cluster's transport mechanism. The group options are transport, compression, and crypto. Each group has its corresponding definable parameters.

  5. Click Create Cluster.

  6. Click Finish.

    If you don't want to start the cluster, clear Start the Cluster first before clicking Finish.

The new cluster is listed on the page. Selecting it displays cluster information such as its nodes and any configured resources and fences.

Adding an Existing Cluster

This option enables you to add nodes to an existing cluster.

  1. From the list, select the cluster to which you want to add an existing node.

    If the cluster is unlisted, then you would need to create the cluster first.

  2. Click + Add Existing.

  3. Specify the node that you want to add.

    You can add only one node at a time.

  4. Click Add Existing.

Note:

The web UI provides another method of adding nodes to a cluster. See Configuring Nodes.

Removing or Destroying Clusters

The remaining options on the Manage Cluster page are removing clusters or destroying them.

  • Removing a cluster means disabling it from being managed by the web UI. The cluster continues to run. However, it can only be administered through the command line.

  • Destroying a cluster means deleting the cluster and all its associated configuration files. Its constituent nodes thus become independent units. Destroying a cluster is irreversible.

Managing Clusters With the Web UI

To further customize existing clusters, from the list of clusters that is displayed, click the cluster name. A new window opens where additional menu options enable you to configure the cluster's nodes, resources, fence devices, access control lists, and cluster properties. By default, the Nodes page is displayed.

Figure 7-3 Nodes


The image partially shows the Nodes page that lists the nodes of the selected cluster and displays information about each node. The page's menu bar also includes menu items for configuring resources, fence devices, ACLs, and cluster properties. The final menu item is Manage Clusters that brings the user back to the Manage Cluster page. On the Node page itself, the administrator can start, stop, or restart the node; put the node on standby or maintenance mode; and configure the node for the fencing feature.

Configuring Nodes

The Nodes page contains options to add nodes to the cluster or remove nodes.

  • To add nodes:

    1. Click + Add.

    2. Specify the nodes to add.

    3. Click Add Node.

  • To remove nodes:

    1. Select one or more nodes from the list.

    2. Click x Remove.

    3. Click Remove Node(s) to confirm.

For every node that you select from the list, information about that node is displayed, including the status of the cluster daemons running on the node, resource information, node attributes, and so on. You can manipulate the node further by clicking the options that correspond to the following actions:

  • Stop, start, or restart the node.

  • Put the node on standby mode.

  • Put the node on maintenance mode.

Configuring Additional Cluster Properties

To configure more properties of a selected cluster, open the Cluster Properties page. The page displays a list of basic properties for which you specify values on their corresponding fields. To configure properties other than the basic ones, click Show advanced settings.

Figure 7-4 Cluster Properties


The image partially shows the Cluster Properties page that lists basic configurable properties of the cluster. Properties have associated fields on which you can enter values as well as corresponding information icons (i) that provide short descriptions of the properties. A Show advanced settings button displays more configurable properties.

To obtain information about a specific property, hover the mouse pointer over the information icon (i). The icon displays a short description of the property and its default value.

For example, the Batch Limit property is described as follows: 

The number of jobs that the TE is allowed to
execute in parallel.

The "correct" value will depend on the speed
and load of your network and cluster nodes.

Default value: 0

The properties you customize depend on circumstances and needs. Suppose that you have a two-node cluster. For this cluster, you want to disable the fencing feature. Because the cluster consists only of two nodes, you do not need any quorum policy. Finally you want to set the migration threshold such that the cluster moves services to a new node after a single failure on a current node. In this case, you would do the following:

  1. From the drop down list of Stonith Enabled, select false to disable the fencing feature.

  2. From the drop down list of No Quorum Policy, select ignore to disregard the quorum policy

  3. Click Show advanced settings to display migration parameters.

  4. On the migration limit field, type 1 to set the threshold to a single failure event before services are moved.

  5. Click Apply Changes to accept the revisions.

  6. Click Refresh so that the page reflects the changed parameters with their new values.

Typically, you can configure multiple properties in any random order. However, as a final step, you must click Apply Changes to effect the new configuration.

Setting Local Permissions Through ACLs

Access control lists (ACLs) on the ACLS page are a way of regulating access to a specific cluster so that local users are granted only the permissions they need in the cluster to perform their tasks.

Figure 7-5 ACLs


The image partially shows the ACLS page that lists roles that function as access control lists. The page includes options to add or remove roles. In addition, options are available for designating users and groups who can assume specific roles and thus inherit the permissions defined in those roles.

Creating ACLs for the cluster assumes that you have already created users and optionally have added them to defined groups on all the cluster nodes, for example: 

sudo adduser user
sudo usermod -a -G groupuser

To define local permissions, do the following:

  1. Click + Add.

    The Add ACL Role window opens.

  2. Provide a role name and description.

  3. Click Add Role.

  4. On the ACLS page, select the permission to be assigned to the role.

    You can grant three types of permissions: read-only, write-only, or deny. Deny takes precedence over the other permissions.

  5. Specify users who can assume the role and click Add.

  6. Optionally, specify a group whose members can assume the role and click Add.

  7. Click the Cluster Properties menu item.

  8. From the pull-down list of the Enable ACLs property, select true.

    If you omit this step, the new role remains configured but deactivated.

Configuring Fencing

To configure fencing for the cluster, click the appropriate menu item to open the Fence Devices page.

Figure 7-6 Fence Devices


The image partially shows the Fence Devices page that contains options to add or remove a fencing configuration, or to specify an SBD fencing. Existing fence configurations are listed on the page with their corresponding information.

For a brief description of fencing and its purpose, see About Fencing Configuration (stonith).

Creating Fence Devices

The web UI enables you to configure different kinds of fencing configuration. The configuration options that become available depend on the fencing type you create.

Because of the multiplicity of fencing types, the following steps show you how to configure specifically an IPMI LAN fencing and is based on the example in IPMI LAN Fencing. These steps aim to be a guide for creating other types of fencing:

  1. If necessary, check that the Stonith Enabled property on the Cluster Properties page is set to (Default) or true.

  2. On the Fence Devices page, click + Add.

    The Add Fence Device window opens.

  3. From the Type pull-down list, select fence_ipmilan.

    You can view a brief description of your selected fencing type through the information icon (i).

  4. Provide a name for the fence configuration, for example, ipmilan_n1_fencing.

    You can configure additional arguments later after creating the fence instance.

  5. Click Create Fence Instance.

  6. Repeat the procedure to create the fence device for the next node, such as node2.

The fence device is listed on the page and information about it is displayed.

Configuring Fence Device Arguments

The fence device information includes expandable lists for Optional and Advanced Arguments. For the sample IPMI LAN fence devices you just created, you can define new values for the following arguments:

  • pcmk_host_list, for example, node1

  • delay, for example, 5 seconds

  • ip for node1's IP address

  • password for the administrator password

  • lanplus, for example, 1 as the level of priority over other fencing types for actions that take effect in case of failure.

  • pcmk_monitor_timeout, for example, 60 seconds

As with all other properties, information about each argument can be obtained through the information icon.

Adding Resources to the Cluster

You add resources and services to for the cluster's operations through the Resources page.

Figure 7-7 Resources


The image partially shows the Resources page that contains options to add or remove resources and services for the cluster's operations. Further, an option is available to create a group to which different resources can be added.

Add resources to the cluster as follows:

  1. Click + Add.

    The Add Resource window opens.

  2. Select a class or provider from the pull-down list.

    The selection determines which types of resources are available to add.

  3. Select the resource type from the pull-down list.

    The resource type you select automatically creates a description of the selection. For example, the apache service is described as Manage an Apache web server. More information about the type is viewable through the information icon.

  4. Required: Specify a valid resource ID.

  5. Optionally, configure the other listed parameters.

    You can configure Optional and Advanced Arguments later.

  6. Click Create Resource.

The created resource is added to the list.

If you have multiple resources on the list, you can assign resources to belong to a group as follows:

  1. Select resources by clicking their associated boxes.

  2. Click + Create Group.

  3. Provide a name for the group.

  4. Click + Create Group.

On the resource's information detail, you can manage the resource further through the following options:

  • Enforce actions on the resource such as enabling, disabling, refreshing, or removing the resource; performing resource cleanups; and putting the resource in manage or unmanage mode.

  • Create a clone or a promotable clone.

  • Update the resource's group information, such as assigning it to another group.

  • Configure optional and advanced arguments.