Linux-cluster-test-minimal-centos7
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Input params: | |
hacluster_pwd="$1" | |
hafence_pwd="$2" | |
HOSTNAME=$(hostname) | |
HOSTID=$(echo $HOSTNAME | sed 's/.*-//') | |
eths=$(ip address | grep '^[0-9]' | awk '{print $2}' | uniq | grep -v lo | sed 's/://g' | sed 's/@.*$//') | |
eth1=$(echo $eths | awk '{print $1}') | |
eth2=$(echo $eths | awk '{print $2}') | |
eth3=$(echo $eths | awk '{print $3}') | |
localectl set-locale LANG=en_US.utf8 | |
#yum update -y -q >/dev/null 2>&1 | |
echo -e "installing cluster software" | |
yum install -y -q pacemaker pcs httpd | |
pcs cluster destroy --force | |
echo -e "configuring private cluster network on ${eth2}" | |
echo -e "\tupdate cluster network in /etc/hosts" | |
echo -e "192.168.33.11\t cl-c7-node-1" >>/etc/hosts | |
echo -e "192.168.33.12\t cl-c7-node-2" >>/etc/hosts | |
echo -e "192.168.33.13\t cl-c7-node-3" >>/etc/hosts | |
cat <<EOF >/etc/sysconfig/network-scripts/ifcfg-${eth2} | |
DEVICE="${eth2}" | |
ONBOOT="yes" | |
BOOTPROTO=static | |
IPADDR=192.168.33.$(($HOSTID + 10)) | |
NETMASK=255.255.255.0 | |
NM_CONTROLLED=no | |
TYPE=Ethernet | |
EOF | |
/etc/sysconfig/network-scripts/ifup ${eth2} | |
echo -e "configuring fence cluster network on ${eth3}" | |
echo -e "\tinstalling fence-agents-all" | |
yum install -y -q "fence-agents-all" | |
echo -e "192.168.43.11\t cl-c7-nodefence-1" >>/etc/hosts | |
echo -e "192.168.43.12\t cl-c7-nodefence-2" >>/etc/hosts | |
echo -e "192.168.43.13\t cl-c7-nodefence-3" >>/etc/hosts | |
cat <<EOF >/etc/sysconfig/network-scripts/ifcfg-${eth3} | |
DEVICE="${eth3}" | |
ONBOOT="yes" | |
BOOTPROTO=static | |
IPADDR=192.168.43.$(($HOSTID + 10)) | |
NETMASK=255.255.255.0 | |
NM_CONTROLLED=no | |
TYPE=Ethernet | |
EOF | |
/etc/sysconfig/network-scripts/ifup ${eth3} | |
echo -e "\tDownload fence_ssh from github into /usr/sbin/fence_ssh" | |
wget -q -O /usr/sbin/fence_ssh https://raw.githubusercontent.com/nannafudge/fence_ssh/master/fence_ssh | |
chmod +x /usr/sbin/fence_ssh | |
echo -e "\tcreate user fence with password '$hafence_pwd'" | |
useradd -c "Fence ssh user" -m -s /bin/bash fence | |
echo "fence:$hafence_pwd" | chpasswd | |
cat <<EOF >/etc/sudoers.d/fence | |
fence ALL = NOPASSWD: /sbin/shutdown | |
EOF | |
sed -i 's/^PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config | |
systemctl restart sshd | |
cat <<EOF >> /etc/httpd/conf/httpd.conf | |
<Location /server-status> | |
SetHandler server-status | |
Require local | |
</Location> | |
EOF | |
systemctl stop httpd >/dev/null 2>&1 | |
systemctl disable httpd >/dev/null 2>&1 | |
if [ -e "/var/www/html/index.html" ]; then | |
mv /var/www/html/index.html /var/www/html/index.html.orig | |
chmod 600 /var/www/html/index.html.orig | |
fi | |
cat <<EOF >>/var/www/html/index.html | |
<!DOCTYPE html> | |
<html> <head> | |
<meta charset="UTF-8"> | |
<meta name="viewport" content="width=device-width, initial-scale=1"> | |
<style id='linux-text-cluster-inline-quolltech-css' type='text/css'> | |
body {margin: 0;} | |
#top { position:fixed; top:86px; left:72px; transform:rotate(90deg); transform-origin:0% 0%; background-color: #f94701; background-image: linear-gradient(to right,#a6a6a6,#c9c925,#1e73be,#fe36f9,#0fe22a,#fe4809); text-align:center; padding:5px; border-radius:5px; opacity:0.9;} | |
#top div {font-size:14px;} | |
h2 { font-size:20px; margin-bottom:10px; margin-top:10px; } | |
#test_frame {width:100vw;height:99vh;border:0px hidden;margin:0;padding:0;} | |
</style> </head> | |
<body> | |
<div id="top"> <h2>Linux Cluster Test: Cps, Pacemaker, Corosync</h2> <div>$HOSTNAME - by Quoll Tech</div> </div> | |
<iframe id="test_frame" src="https://quoll.it/servizi-chiedi-un-preventivo/"></iframe> | |
<script type="text/javascript"> | |
function quoll_resize() {el=document.getElementById("top"); el_h=el.offsetHeight; el.style.left = el_h +"px";} | |
quoll_resize() | |
window.onresize = quoll_resize; | |
</script> | |
</body> </html> | |
EOF | |
echo "Setting hapassword to '$hacluster_pwd'" | |
echo "hacluster:$hacluster_pwd" | chpasswd | |
echo -e "Set $firewall firewall package and rules" | |
systemctl unmask firewalld | |
systemctl start firewalld | |
systemctl enable firewalld | |
firewall-cmd --permanent --add-service=ssh >/dev/null 2>&1 | |
firewall-cmd --add-service=ssh >/dev/null 2>&1 | |
firewall-cmd --permanent --add-service=high-availability >/dev/null 2>&1 | |
firewall-cmd --add-service=high-availability >/dev/null 2>&1 | |
firewall-cmd --permanent --add-service=http >/dev/null 2>&1 | |
firewall-cmd --add-service=http >/dev/null 2>&1 | |
echo "Start and enable pcsd service ..." | |
systemctl start pcsd.service >/dev/null 2>&1 | |
systemctl enable pcsd.service >/dev/null 2>&1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
hacluster_pwd="$1" | |
fencecluster_pwd="$2" | |
cluster_nodes="cl-c7-node-1 cl-c7-node-2 cl-c7-node-3" | |
echo -e "\tinizializing the cluster on nodes ${cluster_nodes}" | |
pcs cluster auth ${cluster_nodes} -u hacluster -p "$hacluster_pwd" | |
pcs cluster setup --start --name "quolltech_cluster" ${cluster_nodes} --force | |
pcs cluster enable --all | |
# disable stonith | |
pcs property set stonith-enabled=false | |
sleep 5 | |
echo "Check cluster resource" | |
pcs resource create first_test_ip IPaddr2 ip=192.168.33.31 cidr_netmask=24 --group apachegroup | |
pcs resource create Web1 apache configfile="/etc/httpd/conf/httpd.conf" statusurl="http://127.0.0.1/server-status" --group apachegroup | |
pcs resource create second_test_ip IPaddr2 ip=192.168.33.32 cidr_netmask=24 --group group_second_test_ip | |
pcs resource create last_test_ip IPaddr2 ip=192.168.33.33 cidr_netmask=24 --group group_last_test_ip | |
echo "fence agents: enable ssh with private key" | |
yum install -y -q sshpass | |
cd /root | |
rm -rf .ssh | |
echo -e "\tgenerating ssh key to auto login in fence user and moving it in /home/fence/.ssh" | |
ssh-keygen -q -C "fence_agent_key" -f /root/.ssh/id_rsa -N '' | |
cp -a .ssh/id_rsa.pub .ssh/authorized_keys | |
cat <<EOF >.ssh/config | |
Host 192.168.43.* ${pre_node}fence-* | |
StrictHostKeyChecking no | |
EOF | |
rm -rf /home/fence/.ssh | |
mv -f .ssh/ /home/fence/ | |
chown -R fence:fence /home/fence/.ssh | |
cd /home/fence | |
echo -e "\tcopying fence ssh key (id_rsa,id_rsa.pub,authorized_keys,config) on fence@cl-c7-nodefence-2" | |
tar cf - .ssh/ | sshpass -p "$fencecluster_pwd" ssh -i /home/fence/.ssh/id_rsa -o StrictHostKeyChecking=no -o LogLevel=ERROR fence@cl-c7-nodefence-2 tar xf - --warning=no-timestamp | |
echo -e "\tcopying fence ssh key (id_rsa,id_rsa.pub,authorized_keys,config) on fence@cl-c7-nodefence-2" | |
tar cf - .ssh/ | sshpass -p "$fencecluster_pwd" ssh -i /home/fence/.ssh/id_rsa -o StrictHostKeyChecking=no -o LogLevel=ERROR fence@cl-c7-nodefence-3 tar xf - --warning=no-timestamp | |
echo "Creating fence resource" | |
pcs stonith create stonith-ssh-1 fence_ssh user=fence sudo=true private-key="/home/fence/.ssh/id_rsa" hostname="cl-c7-nodefence-1" pcmk_host_list="cl-c7-node-1" --force --disabled >/dev/null 2>&1 | |
pcs stonith create stonith-ssh-2 fence_ssh user=fence sudo=true private-key="/home/fence/.ssh/id_rsa" hostname="cl-c7-nodefence-2" pcmk_host_list="cl-c7-node-2" --force --disabled >/dev/null 2>&1 | |
pcs stonith create stonith-ssh-3 fence_ssh user=fence sudo=true private-key="/home/fence/.ssh/id_rsa" hostname="cl-c7-nodefence-3" pcmk_host_list="cl-c7-node-3" --force --disabled >/dev/null 2>&1 | |
pcs constraint location stonith-ssh-1 avoids cl-c7-node-1 | |
pcs constraint location stonith-ssh-2 avoids cl-c7-node-2 | |
pcs constraint location stonith-ssh-3 avoids cl-c7-node-3 | |
pcs stonith enable stonith-ssh-1 | |
pcs stonith enable stonith-ssh-2 | |
pcs stonith enable stonith-ssh-3 | |
pcs property set stonith-enabled=true | |
pcs cluster status | |
pcs status | |
pcs quorum status |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# ** | |
# Linux-cluster-test-minimal-centos7 | |
# Copyright (c) 2020 Enio Carboni (enio.carboni __at__ gmail.com) | |
# Distributed under the GNU GPL v3. For full terms see https://www.gnu.org/licenses/gpl-3.0.html. | |
# For complete project see https://github.com/eniocarboni/linux-cluster-test | |
# ** | |
# random_password method: return a 12 (or length) random characters for user password | |
$CHARS = ('0'..'9').to_a + ('A'..'Z').to_a + ('a'..'z').to_a + ('#'..'&').to_a + (':'..'?').to_a | |
def random_password(length=12) | |
p='' | |
(0..length).each do | |
p+=$CHARS[rand($CHARS.size)] | |
end | |
return p | |
end | |
$hacluster_pwd=random_password | |
$fencecluster_pwd=random_password | |
Vagrant.configure("2") do |config| | |
[2, 3, 1].each do |i| | |
config.vm.define "cl-c7-node-#{i}" do |node| | |
node.vm.box = "generic/centos7" | |
# Cluster private net for Carousync | |
node.vm.network "private_network", ip: "192.168.33.#{i + 10}", auto_config: false | |
# private net for fencing (pcs stonith) | |
node.vm.network "private_network", ip: "192.168.43.#{i + 10}", auto_config: false | |
node.vm.hostname = "cluster-cl-c7-node-#{i}" | |
node.vm.synced_folder ".", "/vagrant", disabled: true | |
node.vm.provider "virtualbox" do |vb, override| | |
vb.name = "cl-c7-node-#{i}" | |
vb.memory = "1024" | |
vb.customize ["modifyvm", :id, "--groups", "/cluster/centos7"] | |
end | |
node.vm.provision "Update software and configure node", | |
type: "shell", | |
path: "provision_scripts/10-node_configuration.sh", | |
args: "'#{$hacluster_pwd}' '#{$fencecluster_pwd}'" | |
if i == 1 | |
node.vm.provision "Configuring Cluster via pcs on all nodes", | |
type: "shell", | |
path: "provision_scripts/90-single-cluster_configuration.sh", | |
args: "'#{$hacluster_pwd}' '#{$fencecluster_pwd}'" | |
end | |
end | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment