OCI Redis Cache Endpoints

 OCI provisions private DNS endpoints for your Redis Cluster as follows.

 

- 1 Primary Endpoint always pointing to the Primary node. In case of a primary node failure, the primary endpoint will automatically failover to the new primary.

 

- 1 Replica Endpoint pointing to one of the Read replicas. If you have more than 1 read replica, the replica end point resolves to one of the read replicas randomly.

 

- Node Endpoints to all the Redis nodes. This will never change.

 

Example:

Primary Endpoint: amaaaaaa2ne4d2g6eiu32jva-p.redis.eu-frankfurt-1.oci.oraclecloud.com

Replica Endpoint: amaaaaaa2ne4d2g6eiu32jva-r.redis.eu-frankfurt-1.oci.oraclecloud.com

Node Endpoints:

amaaaaaa2ne4d2g6eiu32jva-0.redis.eu-frankfurt-1.oci.oraclecloud.com

amaaaaaa2ne4d2g6eiu32jva-1.redis.eu-frankfurt-1.oci.oraclecloud.com

amaaaaaa2ne4d2g6eiu32jva-2.redis.eu-frankfurt-1.oci.oraclecloud.com

 

 

You can see '-p' suffix to the hash prefix for the primary endpoint, '-r' to the replica endpoint and '-n' (node number 0,1,2,3,4,5) suffix to the node endpoints. This way you could identify the endpoints easily.

 

NOTE:

These endpoints are all private DNS names and hence not resolvable outside the VCN.

 

[root@jay ~]# dig amaaaaaa2ne4d2g6eiu32jva-p.redis.eu-frankfurt-1.oci.oraclecloud.com +noall +answer

amaaaaaa2ne4d2g6eiu32jva-p.redis.eu-frankfurt-1.oci.oraclecloud.com. 500 IN A 10.0.1.5

[root@jay ~]#

[root@jay ~]# dig amaaaaaa2ne4d2g6eiu32jva-r.redis.eu-frankfurt-1.oci.oraclecloud.com +noall +answer

amaaaaaa2ne4d2g6eiu32jva-r.redis.eu-frankfurt-1.oci.oraclecloud.com. 350 IN A 10.0.1.223

[root@jay ~]#

[root@jay ~]# dig amaaaaaa2ne4d2g6eiu32jva-0.redis.eu-frankfurt-1.oci.oraclecloud.com +noall +answer

amaaaaaa2ne4d2g6eiu32jva-0.redis.eu-frankfurt-1.oci.oraclecloud.com. 500 IN A 10.0.1.230

[root@jay ~]#

[root@jay ~]# dig amaaaaaa2ne4d2g6eiu32jva-1.redis.eu-frankfurt-1.oci.oraclecloud.com +noall +answer

amaaaaaa2ne4d2g6eiu32jva-1.redis.eu-frankfurt-1.oci.oraclecloud.com. 500 IN A 10.0.1.118

[root@jay ~]#

 

How to launch OCI Redis Cache Cluster on OCI

OCI Redis Cache is GA as of now. You can launch Redis Cache clusters using Console, CLI, SDK, Terraform and so on.

 

Using Console :

Launching a Redis cluster using OCI console is even easier.

Just go to Databases --> Redis --> Clusters --> Create cluster and launch selecting required options.

 

Let’s see how to launch a Redis Cluster on OCI using CLI.

Sample Command:

# oci redis redis-cluster create -c ocid1.compartment.oc1..aaaaaaaaognnxXXXxxeiexes6cq --display-name redis_1 --node-count 2 --node-memory-in-gbs 4 --software-version V7_0_5 --subnet-id ocid1.subnet.oc1.eu-frankfurt-1.aaaaaaaader2hzdzsfesxoXXXXj6zq47t3dzpoq

 

Reference:

-c - Compartment under which you want to launch your Redis cluster.

--display-name - Name of your cluster.

--node-count - Number of nodes Min 1, Max 5.  1 primary and rest read replicas.

--node-memory-in-gbs - Amount of Memory. Min 1GB, Max 500GB.

--software-version - Redis server version.

--subnet-id - OCID of the subnet (private).

 

jay@serv ~ % oci redis redis-cluster create -c ocid1.compartment.oc1..aaaaaaaaognnx6wnl3gmXXXXXeiexes6cq

--display-name redis_1 --node-count 2 --node-memory-in-gbs 4 --software-version V7_0_5

--subnet-id ocid1.subnet.oc1.eu-frankfurt-1.aaaaaaaader2hzdzsfesxoXXXXXigfj6zq47t3dzpoq

{

  "data": {

    "compartment-id": "ocid1.compartment.oc1..aaaaaaaaognnx6wnl3gmXXXXXeiexes6cq",

    "defined-tags": {

      "WhoCreated": {

        "Creator": "idcs/jay@abc.com"

      }

    },

    "display-name": "redis_1",

    "freeform-tags": {},

    "id": "ocid1.rediscluster.oc1.eu-frankfurt-1.amaaaaaa2ne4dXXXXzjysjlvetazd2g6eiu32jva",

    "lifecycle-details": null,

    "lifecycle-state": "CREATING",

    "node-collection": null,

    "node-count": 2,

    "node-memory-in-gbs": 4.0,

    "primary-endpoint-ip-address": null,

    "primary-fqdn": null,

    "replicas-endpoint-ip-address": null,

    "replicas-fqdn": null,

    "software-version": "V7_0_5",

    "subnet-id": "ocid1.subnet.oc1.eu-frankfurt-1.aaaaaaaader2hzdzsfesxoXXXXXigfj6zq47t3dzpoq",

    "system-tags": {},

    "time-created": "2023-10-27T13:36:05.893000+00:00",

    "time-updated": "2023-10-27T13:36:05.893000+00:00"

  },

  "etag": "4ccaeb142382b6cbc382c37XXXX26ee8bd4ecad8f000aea0d",

  "opc-work-request-id": "ocid1.redisworkrequest.oc1.eu-frankfurt-1.amaaaaaawwq2pqaaXXXXXwhhf7md73tdwxgbchva"

}

 

NOTE:

As of now 27/Oct/2023:

- OCI Cache on  Redis supports only Single Master Redis cluster with 1 Primary and up to 4 Read Replicas. Sharded Multi-Master Redis cluster is not yet supported even though its on the roadmap.

- Supported Redis version is 7.0.5. We can expect future releases to be supported when available.

 

You can get the details of the Redis cluster using the following CLI commands:

# oci redis redis-cluster get --redis-cluster-id ocid1.rediscluster.oc1.eu-frankfurt-1.amaaaaaa2ne4d2XXXXazd2g6eiu32jv

jay@serv ~ % oci redis redis-cluster get --redis-cluster-id ocid1.rediscluster.oc1.eu-frankfurt-1.amaaaaaa2ne4d2XXXXazd2g6eiu32jva

{

"data": {

"compartment-id": "ocid1.compartment.oc1..aaaaaaaaognnxXXXxxeiexes6cq",

"defined-tags": {

"WhoCreated": {

"Creator": "idcs/jay@abc.com"

}

},

"display-name": "redis_1",

"freeform-tags": {},

"id": "ocid1.rediscluster.oc1.eu-frankfurt-1.amaaaaaa2ne4d2XXXXazd2g6eiu32jva",

"lifecycle-details": null,

"lifecycle-state": "ACTIVE",

"node-collection": {

"items": [

{

"display-name": "redis_1-0",

"private-endpoint-fqdn": "amaaaaxxxxjlvetazd2g6eiu32jva-0.redis.eu-frankfurt-1.oci.oraclecloud.com",

"private-endpoint-ip-address": "10.0.1.230"

},

{

"display-name": "redis_1-1",

"private-endpoint-fqdn": "amaaaaxxxxjlvetazd2g6eiu32jva-1.redis.eu-frankfurt-1.oci.oraclecloud.com",

"private-endpoint-ip-address": "10.0.1.118"

}

]

},

"node-count": 2,

"node-memory-in-gbs": 4.0,

"primary-endpoint-ip-address": "10.0.1.5",

"primary-fqdn": "amaaaaxxxxjlvetazd2g6eiu32jva-p.redis.eu-frankfurt-1.oci.oraclecloud.com",

"replicas-endpoint-ip-address": "10.0.1.223",

"replicas-fqdn": "amaaaaxxxxjlvetazd2g6eiu32jva-r.redis.eu-frankfurt-1.oci.oraclecloud.com",

"software-version": "V7_0_5",

"subnet-id": "ocid1.subnet.oc1.eu-frankfurt-1.aaaaaaaader2hzdzsfesxoXXXXj6zq47t3dzpoq",

"system-tags": {},

"time-created": "2023-10-27T13:36:05.893000+00:00",

"time-updated": "2023-10-27T13:42:49.798000+00:00"

},

"etag": "fb33f38b97b353c81805e7ssXXXc0d936eb2f7d11b404d8bb15239e31b77--gzip"

}

OCI Redis Endpoints:

Each Redis Clusters will have the following DNS endpoints:

- 1 Primary Endpoint always pointing to the Primary node. In case of a primary node failure, the primary endpoint will automatically failover to the new primary.

- 1 Replica Endpoint pointing to one of the Read replicas. If you have more than 1 read replica, the replica end point resolves to one of the read replicas randomly.

- Node Endpoints to all the Redis nodes. This will never change.

Interestingly, you can see '-p' suffix to the hash prefix for the primary endpoint, '-r' to the replicas endpoint and '-n' (node number) suffix to the node endpoints. This way you could identify the endpoints easily.

Create Desktop Environment in Suse Linux on AWS

Having a Desktop environment on a Cloud Instance is helpful in many ways. You can troubleshoot application connectivity, take proper HAR files and so on. Even having a desktop is cool!

Here is how you can install GNOME on any SUSE Linux instances in any Cloud Environments. Remember, once you install GNOME (or KDE or any desktop environment as a matter of fact), you need to use VNC to connect to it.

The same steps can be used on any Cloud environments like Oracle Cloud (OCI), AWS, Azure, GCP and so on.

 

Requirements:

- SSH client that allows X11 forwarding

- TightVNC Server and Client

* Here are the steps I took to install GNOME desktop:

1. ssh into the instance with root username

2. type 'yast2' to get into YaST2 Control Center

3. Select "Software" on the left side bar, select "Online Update" on the right side bar, and then hint Enter key. This step is to update the repository of the system

4. Select "Software" on the left side bar, select "software Management" on the right side bar, and then hint Enter key.

5. In the "Search Phrase" textbox in the Filter Search session, type "gnome", and then hint Enter key

6. Install everything that listed on the right side bar, if the error page about "Package Dependencies"pops up, select the first option under "possible solutions", and then click "OK -- Try Again"

7. Select "Accept" on the bottom right of the page, hint Enter key. It will install all the packages you selected.

8. After installing the packages, click "F9" key twice to exit out YaST2 Control Center

Here are the steps to install and configure VNCServer:

1. Open TCP port 5901 in the security group that the instance belongs.

2. In the instance, type "zypper install vnc"

3. After installing VNCServer, type "vncpasswd" to set the access password

4. type "vncserver :1" to start a vnc session

5. sudo vim /root/.vnc/xstartup

6. comment out the "twm &" by typing # in front of the phrase, and then add "/usr/bin/gnome &" to the next line

7. save and exit out the xstartup file

8. type "vncserver -kill :1"

9. type "vncserver :1" to start a new session to load the modified xstartup file

10. In your local host, download and install tightvnc: http://www.tightvnc.com/download.php

11. Open "TightVNC Viewer"

12. For the Remote Host, type your DNS for the instance, and then add "::5901" at the end of the line

13. Click "Connect"

14. Type your password you set by vncpasswd

15. Now you can access to your instance via VNC connection

 

Hope this helps.

 

Block Volume Performance calculation

In the realm of modern computing, where data storage and retrieval speed are paramount, understanding the performance of storage solutions is crucial. One of the fundamental components of this landscape is Linux block volume performance calculation. Whether you're a system administrator, a developer, or an enthusiast, delving into the intricacies of block volume performance, including Fio-based tests, can empower you to make informed decisions about storage setups. In this blog post, we'll demystify the concepts behind Linux block volume performance calculation and explore the key factors that influence it, along with practical Fio-based tests.
 

Understanding Block Volumes:
Block volumes are a type of storage solution commonly used in modern IT infrastructures. They provide raw storage space that can be partitioned and formatted according to the user's needs. These volumes are often found in virtual machines, cloud instances, and even physical servers. They are characterized by their ability to handle data at the block level, meaning data is read from and written to storage in fixed-size blocks.
 

Factors Influencing Block Volume Performance:
Several factors play a pivotal role in determining the performance of Linux block volumes. Understanding these factors helps optimize storage systems for better efficiency and responsiveness.

1. I/O Operations Per Second (IOPS): IOPS refers to the number of input/output operations a storage device can handle in a second. It is a key metric in assessing storage responsiveness. The higher the IOPS, the faster the storage system can read from or write to the block volume.

2. Throughput: Throughput measures the amount of data that can be transferred between the storage device and the system in a given period. It's usually measured in megabytes or gigabytes per second. Throughput is a crucial metric when dealing with large data transfers.

3. Latency: Latency is the delay between initiating a data request and receiving the first byte of data. Lower latency indicates a more responsive storage system. Excessive latency can lead to delays in data-intensive operations.

4. Queue Depth: Queue depth refers to the number of I/O requests that can be in the queue to the storage device at a given time. A higher queue depth can lead to improved performance, especially in scenarios with concurrent I/O operations.

Calculating Block Volume Performance:
While calculating precise block volume performance can be intricate, here's a simplified approach:

1. IOPS Calculation: Determine the total IOPS required by considering the application's read and write demands. Divide this total by the number of block volumes to distribute the load. It's important to consider peak I/O requirements.

2. Throughput Calculation: Calculate the required throughput by estimating the data transfer needs of the application. Divide this by the number of block volumes for load distribution.

3. Latency Estimation: Latency is affected by various factors, including the speed of the storage media and the efficiency of the underlying technology. Faster media and optimized configurations lead to lower latency.

How to fix in-acessible instance in Oracle Cloud Infrastructure (OCI)

Steps to recover inaccessible OCI Compute instances, fix ssh configuration, update ssh key pairs, fix /etc/fstab entries, fix boot parameters and so on

Step-by-Step Guide

1. Stop the instance from the OCI Compute console.
 

2. Detach the volume from the OCI console: (let's call it broken volume) [1].
    - Select the instance from the OCI Compute Console.
    - Select 'Boot Volume' from the Resources.
    - Click the '...' on the boot volume snd select 'Detach'.
 

3. Launch a recovery instance in the same AD. (Lets call it recovery instance). You may use an existing instance in the same Availability domain.
 

4. Once the instance is started, attach the broken volume as Block Volumes.
    - Select 'Attached Block Volumes' from the Resources.
    - Click ' Attach Block Volume' and select the broken volume from the 'BLOCK VOLUME' tab.
    - Click Attach - just make sure you have selected READ/Write' and attach the volume as Paravirtualized one so that you do not have to run the iSCSI commands.
 

5. If you have attached the volume as iSCSI disk, connect to the disk to the recovery instance using iSCSI commands from the OCI console [2].
 

6. SSH into the recovery instance and follow the steps:

Important: Run the commands as root user.

If the disk is attached and connected properly, you should be able to view it using 'lsblk' or similar commands:

[opc@jay ~]$ lsblk
NAME   MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT 
sda      8:0    0 46.6G  0 disk 
├─sda1   8:1    0  512M  0 part /boot/efi 
├─sda2   8:2    0    8G  0 part [SWAP] 
└─sda3   8:3    0 38.1G  0 part / 
sdb      8:16   0   47G  0 disk >>>>> the disk is detected as /dev/sdb 
├─sdb1   8:17   0  512M  0 part >>>>> Boot partition 
├─sdb2   8:18   0    8G  0 part 
└─sdb3   8:19   0 38.1G  0 part >>>>> Root partition

[opc@jay ~]$

7. Mount the root partition on the broken disk on the temporary directory.

# mkdir /recovery 
# mount /dev/sdb3 /recovery

• You might need to specify -o nouuid for some OS.

8. Analyze the logs and perform the recovery steps.


You have access to root volume of the broken instance under /recovery directory. You may now check the logs on the broken instance and apply the fixes accordingly.

• For ssh issues, I suggest checking logs under /recovery/var/log/secure (For RHEL/OEL/CentOS), /recovery/var/log/auth.log (Debian/Ubuntu).
• You can add a pubic key to the opc using by appending the key to file /recovery//home/opc/.ssh/authorized_keys file.
• For boot issues, check /recovery/var/log/boot.log, /recovery/var/log/messages, /recovery/var/log/dmesg log files.
• You can check and update the fstab entries here: /recovery/etc/fstab.

Once the recovery processes are done, you may proceed to detach the volume and attach it back to the original instance as boot volume.
 

12. If you have attached the volume as iSCSI volume, logout from the iSCSI session using the commands available in the OCI console.
 

13. Detach the volume from the OCI console [3].
 

14. Attach the volume back to the original instance as boot volume.
    - Select the instance from the OCI Compute Console.
    - Select 'Boot Volume' from the Resources.
    - Click the '...' on the boot volume (it should be the same volume we detached earlier).
    - Select 'Attach'.
 

15. Start the instance.

16. Check if the issue has been fixed, if not you need to redo the above process to check the logs again and try to fix it.
 

17. Once the issue is fixed, you may terminate the recovery instance (if it was created for this troubleshooting).

More Information

[1] Detach Boot Volume: https://docs.us-phoenix-1.oraclecloud.com/Content/Block/Tasks/detachingabootvolume.htm
[2] Connecting to a Volume: https://docs.us-phoenix-1.oraclecloud.com/Content/Block/Tasks/connectingtoavolume.htm
[3] Disconnecting From a Volume: https://docs.us-phoenix-1.oraclecloud.com/Content/Block/Tasks/disconnectingfromavolume.htm
[4] Attaching a Boot Volume https://docs.us-phoenix-1.oraclecloud.com/Content/Block/Tasks/attachingabootvolume.htm

Pacemaker Cluster on OCI

Keepalived Configuration:

[root@vip1 ~]# cat /etc/redhat-release

CentOS release 6.9 (Final)

Simple Keepalived Configuration:

[root@vip1 keepalived]# cat /etc/keepalived/keepalived.conf

global_defs {

   notification_email {

     root@localhost

   }

   notification_email_from svr1@localhost

   smtp_server localhost

   smtp_connect_timeout 30

}

vrrp_instance VRRP1 {

#    debug 2

    state MASTER

#   Specify the network interface to which the virtual address is assigned

    interface eth0

#   The virtual router ID must be unique to each VRRP instance that you define

    virtual_router_id 41

    unicast_src_ip 10.0.0.3

    unicast_peer {

10.0.0.4

    }

#   Set the value of priority higher on the master server than on a backup server

    priority 200

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 1066

    }

    virtual_ipaddress {

        10.0.0.100/24

    }

    nopreempt

    notify_master /etc/keepalived/vip.sh

}

[root@vip1 keepalived]#

[root@vip1 keepalived]# cat vip.sh

VNIC=ocid1.vnic.oc1.phx.abyhqljstoq64rxxkzl4yf3f6jixbckjhtxkf22i5znfpqxi2aasqyxltsda

/root/bin/oci network vnic assign-private-ip --vnic-id $VNIC --ip-address 10.0.0.100 --unassign-if-already-assigned --region us-phoenix-1

—> Need Update

[root@vip1 keepalived]# cat keepalived.conf

global_defs {

   notification_email {

     root@localhost

   }

   notification_email_from svr1@localhost

   smtp_server localhost

   smtp_connect_timeout 30

}

vrrp_script chk_httpd {

    script "pidof httpd"

    interval 2

}

vrrp_instance VRRP1 {

#    debug 2

    state MASTER

#   Specify the network interface to which the virtual address is assigned

    interface eth0

#   The virtual router ID must be unique to each VRRP instance that you define

    virtual_router_id 41

    unicast_src_ip 10.0.0.3 # Private IP

    unicast_peer {

10.0.0.4 # Peer IP

    }

#   Set the value of priority higher on the master server than on a backup server

    priority 200

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 1066

    }

    track_script {

        chk_httpd

    }

    virtual_ipaddress {

        10.0.0.100/24

    }

    nopreempt

    notify_master /etc/keepalived/vip.sh

}

virtual_server 10.0.0.100 80 {

    delay_loop 6

    lb_algo wrr

    lb_kind DR

    nat_mask 255.255.255.0

    persistence_timeout 50

    protocol TCP

real_server 10.0.0.3 80 {

    weight 1

    #notify_down /etc/keepalived/check_httpd.sh

#    

# Health Check

    TCP_CHECK {

        connect_timeout 10

        nb_get_retry 3

        connect_port 80

}

}   

}

[root@vip1 keepalived]

[root@vip1 keepalived]# cat check_httpd.sh

#!/bin/bash

VNIC=ocid1.vnic.oc1.phx.abyhqljsmtjaqvakuivgjqs4fd3rltx2uc2epwicrj6j52fuzaopbgbcs33q

/root/bin/oci network vnic assign-private-ip --vnic-id $VNIC --ip-address 10.0.0.100 --unassign-if-already-assigned --region us-phoenix-1

Logs from Slave node which transitions to master.

[root@vip2 ~]# tail -50  /var/log/messages

Jun 30 09:47:28 vip2 Keepalived[2379]: Starting Keepalived v1.2.13 (03/19,2015)

Jun 30 09:47:28 vip2 Keepalived[2380]: Starting Healthcheck child process, pid=2381

Jun 30 09:47:28 vip2 Keepalived[2380]: Starting VRRP child process, pid=2382

Jun 30 09:47:28 vip2 Keepalived_vrrp[2382]: Netlink reflector reports IP 10.0.0.4 added

Jun 30 09:47:28 vip2 Keepalived_vrrp[2382]: Netlink reflector reports IP fe80::200:17ff:fe01:4eae added

Jun 30 09:47:28 vip2 Keepalived_vrrp[2382]: Registering Kernel netlink reflector

Jun 30 09:47:28 vip2 Keepalived_vrrp[2382]: Registering Kernel netlink command channel

Jun 30 09:47:28 vip2 Keepalived_vrrp[2382]: Registering gratuitous ARP shared channel

Jun 30 09:47:28 vip2 Keepalived_vrrp[2382]: Opening file '/etc/keepalived/keepalived.conf'.

Jun 30 09:47:28 vip2 Keepalived_vrrp[2382]: Configuration is using : 66719 Bytes

Jun 30 09:47:28 vip2 Keepalived_vrrp[2382]: Using LinkWatch kernel netlink reflector...

Jun 30 09:47:28 vip2 Keepalived_vrrp[2382]: VRRP_Instance(VRRP1) Entering BACKUP STATE

Jun 30 09:47:28 vip2 Keepalived_vrrp[2382]: VRRP sockpool: [ifindex(2), proto(112), unicast(1), fd(10,11)]

Jun 30 09:47:29 vip2 Keepalived_vrrp[2382]: VRRP_Script(chk_httpd) succeeded

Jun 30 09:47:29 vip2 kernel: IPVS: Registered protocols (TCP, UDP, SCTP, AH, ESP)

Jun 30 09:47:29 vip2 kernel: IPVS: Connection hash table configured (size=4096, memory=64Kbytes)

Jun 30 09:47:29 vip2 Keepalived_healthcheckers[2381]: Netlink reflector reports IP 10.0.0.4 added

Jun 30 09:47:29 vip2 Keepalived_healthcheckers[2381]: Netlink reflector reports IP fe80::200:17ff:fe01:4eae added

Jun 30 09:47:29 vip2 Keepalived_healthcheckers[2381]: Registering Kernel netlink reflector

Jun 30 09:47:29 vip2 Keepalived_healthcheckers[2381]: Registering Kernel netlink command channel

Jun 30 09:47:29 vip2 Keepalived_healthcheckers[2381]: Opening file '/etc/keepalived/keepalived.conf'.

Jun 30 09:47:29 vip2 Keepalived_healthcheckers[2381]: Configuration is using : 11990 Bytes

Jun 30 09:47:29 vip2 kernel: IPVS: ipvs loaded.

Jun 30 09:47:29 vip2 Keepalived_healthcheckers[2381]: Using LinkWatch kernel netlink reflector...

Jun 30 09:47:29 vip2 Keepalived_healthcheckers[2381]: Activating healthchecker for service [10.0.0.4]:80

Jun 30 09:47:29 vip2 kernel: IPVS: [wrr] scheduler registered.

Jun 30 09:50:42 vip2 Keepalived_vrrp[2382]: VRRP_Instance(VRRP1) Transition to MASTER STATE

Jun 30 09:50:43 vip2 Keepalived_vrrp[2382]: VRRP_Instance(VRRP1) Entering MASTER STATE

Jun 30 09:50:43 vip2 Keepalived_vrrp[2382]: VRRP_Instance(VRRP1) setting protocol VIPs.

Jun 30 09:50:43 vip2 Keepalived_healthcheckers[2381]: Netlink reflector reports IP 10.0.0.100 added

Jun 30 09:50:43 vip2 Keepalived_vrrp[2382]: VRRP_Instance(VRRP1) Sending gratuitous ARPs on eth0 for 10.0.0.100

Jun 30 09:50:44 vip2 ntpd[2238]: Listen normally on 6 eth0 10.0.0.100 UDP 123

Jun 30 09:50:48 vip2 Keepalived_vrrp[2382]: VRRP_Instance(VRRP1) Sending gratuitous ARPs on eth0 for 10.0.0.100

---

Pacemaker Corosync

1. Install Cluster packages:

#  yum install -y pacemaker pcs psmisc policycoreutils-python

2. Setup firewall:

# firewall-cmd --permanent --add-service=high-availability --add-service=http --add-service=https

# firewall-cmd --reload

Ports required to be opened:

TCP ports 2224, 3121, and 21064, and UDP port 5405.

3. Start pcs daemon:

# systemctl start pcsd.service

# systemctl enable pcsd.service

ln -s '/usr/lib/systemd/system/pcsd.service' '/etc/systemd/system/multi-user.target.wants/pcsd.service’

4. Setup password for user hacluster:

# echo | passed --stdin hacluster

5. Configure Corosync:

On one of the nodes:

# pcs cluster auth node1 node2

Username: hacluster

Password:

node1: Authorized

node2: Authorized

# pcs cluster setup --name mycluster node1 node2

Shutting down pacemaker/corosync services...

Redirecting to /bin/systemctl stop  pacemaker.service

Redirecting to /bin/systemctl stop  corosync.service

Killing any remaining services...

Removing all cluster configuration files...

node1: Succeeded

node2: Succeeded

Start the cluster:

# pcs cluster start --all

node1: Starting Cluster...

node2: Starting Cluster...

[root@node1 ~]# corosync-cfgtool -s

Printing ring status.

Local node ID 1

RING ID 0

    id    = 10.0.0.12

    status    = ring 0 active with no faults

[root@node1 ~]# corosync-cmapctl  | grep members

runtime.totem.pg.mrp.srp.members.1.config_version (u64) = 0

runtime.totem.pg.mrp.srp.members.1.ip (str) = r(0) ip(10.0.0.12)

runtime.totem.pg.mrp.srp.members.1.join_count (u32) = 1

runtime.totem.pg.mrp.srp.members.1.status (str) = joined

runtime.totem.pg.mrp.srp.members.2.config_version (u64) = 0

runtime.totem.pg.mrp.srp.members.2.ip (str) = r(0) ip(10.0.0.14)

runtime.totem.pg.mrp.srp.members.2.join_count (u32) = 1

runtime.totem.pg.mrp.srp.members.2.status (str) = joined

[root@node1 ~]#

6. Disable Stonith:

# pcs property set stonith-enabled=false

# crm_verify -L -V

7. Add Floating IP:

Update IPaddr2 resource so that it will reassign Private IP on the OCI infrastructure as well.

sudo sed -i '64i\##### OCI vNIC variables\' /usr/lib/ocf/resource.d/heartbeat/IPaddr2

sudo sed -i '65i\server="`hostname -s`"\' /usr/lib/ocf/resource.d/heartbeat/IPaddr2

sudo sed -i '66i\node1vnic="ocid1.vnic.oc1.phx.abyhqljs2qwsjkgsi7ujg735xig3xfnq2w5h2slvl33lqw24wn5rtjpfqvia"\' /usr/lib/ocf/resource.d/heartbeat/IPaddr2

sudo sed -i '67i\node2vnic="ocid1.vnic.oc1.phx.abyhqljs6qpbs6w5peguzucokmx3eh6wvu7jauxwntsgz5zj2krfgrgzclzq"\' /usr/lib/ocf/resource.d/heartbeat/IPaddr2

sudo sed -i '68i\vnicip="10.0.0.200"\' /usr/lib/ocf/resource.d/heartbeat/IPaddr2

sudo sed -i '614i\##### OCI/IPaddr Integration\' /usr/lib/ocf/resource.d/heartbeat/IPaddr2

sudo sed -i '615i\        if [ $server = "node1" ]; then\' /usr/lib/ocf/resource.d/heartbeat/IPaddr2

sudo sed -i '616i\                /root/bin/oci network vnic assign-private-ip --unassign-if-already-assigned --vnic-id $node1vnic  --ip-address $vnicip \' /usr/lib/ocf/resource.d/heartbeat/IPaddr2

sudo sed -i '617i\        else \' /usr/lib/ocf/resource.d/heartbeat/IPaddr2

sudo sed -i '618i\                /root/bin/oci network vnic assign-private-ip --unassign-if-already-assigned --vnic-id $node2vnic  --ip-address $vnicip \' /usr/lib/ocf/resource.d/heartbeat/IPaddr2

sudo sed -i '619i\        fi \' /usr/lib/ocf/resource.d/heartbeat/IPaddr2

---

Updated IPaddr2 resource should contain 

[root@node2 ~]# grep -A5 OCI  /usr/lib/ocf/resource.d/heartbeat/IPaddr2

##### OCI vNIC variables

server="`hostname -s`"

node1vnic=“<Node1 VNIC OCID>"

node2vnic=“"

vnicip=“"

--

##### OCI/IPaddr Integration

        if [ $server = "node1" ]; then

                /root/bin/oci network vnic assign-private-ip --unassign-if-already-assigned --vnic-id $node1vnic  --ip-address $vnicip

        else

                /root/bin/oci network vnic assign-private-ip --unassign-if-already-assigned --vnic-id $node2vnic  --ip-address $vnicip

        fi

8. Setup Floating IP:

[root@node1 ~]# pcs resource create ClusterIP ocf:heartbeat:IPaddr2 ip=10.0.0.200 cidr_netmask=32 op monitor interval=30s

9. Specify resource stickiness:

# pcs resource defaults resource-stickiness=100

# pcs resource defaults

resource-stickiness: 100

10. Setup Nginx:

# yum install nginx

[root@node1 ~]# cat /usr/share/nginx/html/index.html

This is NODE1

Status page:

[root@node1 ~]# cat /usr/share/nginx/html/nginx_status

node1 is alive.

# cat /etc/nginx/default.d/status.conf

location ^~ /nginx_status {

    allow 127.0.0.1;

    deny all;

}

[root@node1 ~]# cat /etc/nginx/nginx.conf

user nginx;

worker_processes auto;

error_log /var/log/nginx/error.log;

pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/nginx/README.dynamic.

include /usr/share/nginx/modules/*.conf;

events {

    worker_connections 1024;

}

http {

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '

                      '$status $body_bytes_sent "$http_referer" '

                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;

    tcp_nopush          on;

    tcp_nodelay         on;

    keepalive_timeout   65;

    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;

    default_type        application/octet-stream;

#    include /etc/nginx/conf.d/*.conf;

    server {

        listen       80 default_server;

        listen       [::]:80 default_server;

        server_name  _;

        root         /usr/share/nginx/html;

        # Load configuration files for the default server block.

        include /etc/nginx/default.d/*.conf;

        location / {

        }

        error_page 404 /404.html;

            location = /40x.html {

        }

        error_page 500 502 503 504 /50x.html;

            location = /50x.html {

        }

}

11. Setup Nginx resource

[root@node1 ~]# pcs resource create webserver ocf:heartbeat:nginx configfile=/etc/nginx/nginx.conf status10url="http://localhost/nginx_status" status10regex="node[1-9] is alive." op monitor timeout="30s" interval="10s" op start timeout="40s" interval="0" op stop timeout="60s" interval="0"

[root@node1 ~]#

[root@node1 ~]# pcs resource

ClusterIP    (ocf::heartbeat:IPaddr2):    Started node2

webserver    (ocf::heartbeat:nginx):    Started node1

12. Create colocation constraint so that web server resource sticks with ClusterIP:

[root@node1 ~]# pcs constraint colocation add webserver with ClusterIP INFINITY

13. Setup resource startup order:

[root@node1 ~]# pcs constraint order ClusterIP then webserver

Adding ClusterIP webserver (kind: Mandatory) (Options: first-action=start then-action=start)

[root@node1 ~]# pcs status

Cluster name: mycluster

Stack: corosync

Current DC: node2 (version 1.1.18-11.el7_5.2-2b07d5c5a9) - partition with quorum

Last updated: Sat Jun 30 16:23:40 2018

Last change: Sat Jun 30 15:51:20 2018 by root via crm_resource on node2

2 nodes configured

2 resources configured

Online: [ node1 node2 ]

Full list of resources:

ClusterIP    (ocf::heartbeat:IPaddr2):    Started node2

webserver    (ocf::heartbeat:nginx):    Started node2

Daemon Status:

  corosync: active/disabled

  pacemaker: active/disabled

  pcsd: active/enabled

[root@node1 ~]# pcs constraint

Location Constraints:

  Resource: webserver

    Enabled on: node2 (score:INFINITY) (role: Started)

Ordering Constraints:

  start ClusterIP then start webserver (kind:Mandatory)

Colocation Constraints:

  webserver with ClusterIP (score:INFINITY)

Ticket Constraints: