Besides installing the corosync
package, you will also have to
create a configuration file, stored in
/etc/corosync/corosync.conf
. Most distributions ship an example
configuration file (corosync.conf.example
) as part of the
documentation bundled with the corosync
package. An example Corosync
configuration file is shown below:
Corosync configuration file (corosync.conf
).
totem {
version: 2
# Time (in ms) to wait for a token
token: 10000
# How many token retransmits before forming a new
# configuration
token_retransmits_before_loss_const: 10
# Turn off the virtual synchrony filter
vsftype: none
# Enable encryption
secauth: on
# How many threads to use for encryption/decryption
threads: 0
# This specifies the redundant ring protocol, which may be
# none, active, or passive.
rrp_mode: active
# The following is a two-ring multicast configuration.
interface {
ringnumber: 0
bindnetaddr: 192.168.42.0
mcastaddr: 239.255.42.1
mcastport: 5405
}
interface {
ringnumber: 1
bindnetaddr: 10.0.42.0
mcastaddr: 239.255.42.2
mcastport: 5405
}
}
amf {
mode: disabled
}
service {
# Load the Pacemaker Cluster Resource Manager
ver: 1
name: pacemaker
}
aisexec {
user: root
group: root
}
logging {
fileline: off
to_stderr: yes
to_logfile: no
to_syslog: yes
syslog_facility: daemon
debug: off
timestamp: on
logger_subsys {
subsys: AMF
debug: off
tags: enter|leave|trace1|trace2|trace3|trace4|trace6
}
}
|
The token value specifies the time, in milliseconds, during
which the Corosync token is expected to be transmitted around the
ring. When this timeout expires, the token is declared lost, and after
token_retransmits_before_loss_const lost tokens the non-responding
processor (cluster node) is declared dead. In other words,
token × token_retransmits_before_loss_const is the maximum
time a node is allowed to not respond to cluster messages before being
considered dead. The default for token is 1000 (1 second), with 4
allowed retransmits. These defaults are intended to minimize failover
times, but can cause frequent "false alarms" and unintended failovers
in case of short network interruptions. The values used here are
safer, albeit with slightly extended failover times.
|
|
With secauth enabled, Corosync nodes mutually authenticate using
a 128-byte shared secret stored in /etc/corosync/authkey , which may
be generated with the corosync-keygen utility. When using secauth ,
cluster communications are also encrypted.
|
|
In Corosync configurations using redundant networking (with more
than one interface ), you must select a Redundant Ring Protocol (RRP)
mode other than none . active is the recommended RRP mode.
|
|
There are several things to note about the recommended interface
configuration:
-
The
ringnumber must differ between all configured interfaces,
starting with 0.
-
The
bindnetaddr is the network address of the interfaces to bind
to. The example uses two network addresses of /24 IPv4 subnets.
-
Multicast groups (
mcastaddr ) must not be reused across cluster
boundaries. In other words, no two distinct clusters should ever use
the same multicast group. Be sure to select multicast addresses
compliant with RFC 2365,
"Administratively Scoped IP Multicast".
-
For firewall configurations, note that Corosync communicates over
UDP only, and uses
mcastport (for receives) and mcastport -1 (for
sends).
|
|
The service declaration for the pacemaker service may be
placed in the corosync.conf file directly, or in its own separate
file, /etc/corosync/service.d/pacemaker .
|
Once created, the corosync.conf
file (and the authkey
file if the
secauth
option is enabled) must be synchronized across all cluster
nodes.