consistent quorum disk on cluster nodes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Cluster quorum work the label and it is suppose to be unique across a
given SAN. AFAIK, not mandatory to keep the same device names

-----Original Message-----
From: linux-cluster-bounces@xxxxxxxxxx
[mailto:linux-cluster-bounces@xxxxxxxxxx] On Behalf Of
linux-cluster-request@xxxxxxxxxx
Sent: Friday, September 18, 2009 6:36 AM
To: linux-cluster@xxxxxxxxxx
Subject: Linux-cluster Digest, Vol 65, Issue 21

Send Linux-cluster mailing list submissions to
	linux-cluster@xxxxxxxxxx

To subscribe or unsubscribe via the World Wide Web, visit
	https://www.redhat.com/mailman/listinfo/linux-cluster
or, via email, send a message with subject or body 'help' to
	linux-cluster-request@xxxxxxxxxx

You can reach the person managing the list at
	linux-cluster-owner@xxxxxxxxxx

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Linux-cluster digest..."


Today's Topics:

   1. consistent quorum disk on cluster nodes (James Marcinek)
   2. Re: consistent quorum disk on cluster nodes
      (Marc - A. Dahlhaus [ Administration | Westermann GmbH ])
   3. Re: consistent quorum disk on cluster nodes (James Marcinek)
   4. Re: consistent quorum disk on cluster nodes
      (Marc - A. Dahlhaus [ Administration | Westermann GmbH ])
   5. Re: consistent quorum disk on cluster nodes (James Marcinek)
   6. exact iptables command to stop a source from	accessing a
      Linux cluster (sunhux G)
   7. Re: exact iptables command to stop a source from 	accessing a
      Linux cluster (Ian Hayes)
   8. Re: exact iptables command to stop a source from 	accessing a
      Linux cluster (sunhux G)
   9. Re: exact iptables command to stop a source from 	accessing a
      Linux cluster (Ian Hayes)
  10. Re: exact iptables command to stop a source from 	accessing a
      Linux cluster (sunhux G)


----------------------------------------------------------------------

Message: 1
Date: Thu, 17 Sep 2009 12:30:30 -0400 (EDT)
From: James Marcinek <jmarc1@xxxxxxxxxxxxxx>
Subject:  consistent quorum disk on cluster nodes
To: rhelcluster <Linux-cluster@xxxxxxxxxx>
Message-ID:
	<664969789.1531253205029999.JavaMail.root@xxxxxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset=utf-8

Hello all,

Can anyone point me in the right direction to some examples of defining
udev rules for quorum disks (or disks in general). I'm reading in the
docs that the quorum disk needs to be the same on all nodes. I have 2
node clusters, which I've allocated a shared 100MB lun that I've created
the quorum disk (mkqdisk command); however the devices are not showing
up as the same device (eg /dev/sdc on one node and /dev/sdb on the other
). 

If the quorum disk could be managed by lvm that would likely make life
easier but I'm not sure that would work or is supported, but I think
that would be easier than having to create a udev rule for it...

Thanks,

james



------------------------------

Message: 2
Date: Thu, 17 Sep 2009 18:46:04 +0200
From: "Marc - A. Dahlhaus [ Administration | Westermann GmbH ]"
	<mad@xxxxxx>
Subject: Re:  consistent quorum disk on cluster nodes
To: linux clustering <linux-cluster@xxxxxxxxxx>
Message-ID: <1253205964.2641.156.camel@marc>
Content-Type: text/plain

Am Donnerstag, den 17.09.2009, 12:30 -0400 schrieb James Marcinek:
> Hello all,
> 
> Can anyone point me in the right direction to some examples of
defining udev rules for quorum disks (or disks in general). I'm reading
in the docs that the quorum disk needs to be the same on all nodes. I
have 2 node clusters, which I've allocated a shared 100MB lun that I've
created the quorum disk (mkqdisk command); however the devices are not
showing up as the same device (eg /dev/sdc on one node and /dev/sdb on
the other ). 
> 
> If the quorum disk could be managed by lvm that would likely make life
easier but I'm not sure that would work or is supported, but I think
that would be easier than having to create a udev rule for it...
> 
> Thanks,
> 
> james

You should try to use the LABEL of the qdisk to select it.

man qdiskd

Marc



------------------------------

Message: 3
Date: Thu, 17 Sep 2009 12:53:47 -0400 (EDT)
From: James Marcinek <jmarc1@xxxxxxxxxxxxxx>
Subject: Re:  consistent quorum disk on cluster nodes
To: linux clustering <linux-cluster@xxxxxxxxxx>
Message-ID:
	<1664263533.1561253206427426.JavaMail.root@xxxxxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset=utf-8

ok,

So I can specify it by the label when I issued the mkqdisk -c /dev/sdx
-l quorum command (where x is device)?

Thanks,

James
----- Original Message -----
From: "Marc - A. Dahlhaus [ Administration | Westermann GmbH ]"
<mad@xxxxxx>
To: "linux clustering" <linux-cluster@xxxxxxxxxx>
Sent: Thursday, September 17, 2009 12:46:04 PM GMT -05:00 US/Canada
Eastern
Subject: Re:  consistent quorum disk on cluster nodes

Am Donnerstag, den 17.09.2009, 12:30 -0400 schrieb James Marcinek:
> Hello all,
> 
> Can anyone point me in the right direction to some examples of
defining udev rules for quorum disks (or disks in general). I'm reading
in the docs that the quorum disk needs to be the same on all nodes. I
have 2 node clusters, which I've allocated a shared 100MB lun that I've
created the quorum disk (mkqdisk command); however the devices are not
showing up as the same device (eg /dev/sdc on one node and /dev/sdb on
the other ). 
> 
> If the quorum disk could be managed by lvm that would likely make life
easier but I'm not sure that would work or is supported, but I think
that would be easier than having to create a udev rule for it...
> 
> Thanks,
> 
> james

You should try to use the LABEL of the qdisk to select it.

man qdiskd

Marc

--
Linux-cluster mailing list
Linux-cluster@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/linux-cluster



------------------------------

Message: 4
Date: Thu, 17 Sep 2009 19:00:41 +0200
From: "Marc - A. Dahlhaus [ Administration | Westermann GmbH ]"
	<mad@xxxxxx>
Subject: Re:  consistent quorum disk on cluster nodes
To: linux clustering <linux-cluster@xxxxxxxxxx>
Message-ID: <1253206841.2641.162.camel@marc>
Content-Type: text/plain

Am Donnerstag, den 17.09.2009, 12:53 -0400 schrieb James Marcinek:
> ok,
> 
> So I can specify it by the label when I issued the mkqdisk -c /dev/sdx
-l quorum command (where x is device)?
> 
> Thanks,

James,

you need to run the mkqdisk command only on one of your boxes but add
the desired label to it.
Then read how to add the qdisk configuration to your cluster.conf in the
man page of qdisk(5).


Marc



------------------------------

Message: 5
Date: Thu, 17 Sep 2009 18:49:03 -0400 (EDT)
From: James Marcinek <jmarc1@xxxxxxxxxxxxxx>
Subject: Re:  consistent quorum disk on cluster nodes
To: linux clustering <linux-cluster@xxxxxxxxxx>
Message-ID:
	<542588928.1661253227743959.JavaMail.root@xxxxxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset=utf-8

Yes thanks,

I was just put the label in when I defined the quorum disk. All 9
clusters up and running!

Thanks,

James
----- Original Message -----
From: "Marc - A. Dahlhaus [ Administration | Westermann GmbH ]"
<mad@xxxxxx>
To: "linux clustering" <linux-cluster@xxxxxxxxxx>
Sent: Thursday, September 17, 2009 1:00:41 PM GMT -05:00 US/Canada
Eastern
Subject: Re:  consistent quorum disk on cluster nodes

Am Donnerstag, den 17.09.2009, 12:53 -0400 schrieb James Marcinek:
> ok,
> 
> So I can specify it by the label when I issued the mkqdisk -c /dev/sdx
-l quorum command (where x is device)?
> 
> Thanks,

James,

you need to run the mkqdisk command only on one of your boxes but add
the desired label to it.
Then read how to add the qdisk configuration to your cluster.conf in the
man page of qdisk(5).


Marc

--
Linux-cluster mailing list
Linux-cluster@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/linux-cluster



------------------------------

Message: 6
Date: Fri, 18 Sep 2009 10:33:04 +0800
From: sunhux G <sunhux@xxxxxxxxx>
Subject:  exact iptables command to stop a source from
	accessing a Linux cluster
To: linux clustering <linux-cluster@xxxxxxxxxx>
Message-ID:
	<60f08e700909171933h116656ablf58ea7212026472c@xxxxxxxxxxxxxx>
Content-Type: text/plain; charset="iso-8859-1"

 Hi,

I have a RHEL 5.1  cluster that's constantly being accessed by an
application from a Windows server application via sqlnet (ie Tcp
port 1521) which caused a specific Oracle accounts to be locked.

The owner of the Windows box does not know why the Filenet
application is doing this so while she's doing the research which
configuration in Filenet needs to be fixed to stop this, we need an
interim measure to block this Windows server's access to the cluster.

Thus I would like to set up iptables / firewall on this Linux box to
stop the sqlnet access.  Can someone provide me some example
commands / syntax ?

Source IP address : 10.5.5.25   (Windows server)
Tcp port : 1521
My Linux boxes IP address :  10.5.5.46 / .47
My Linux cluster virtual addr : 10.5.5.45

In fact I would like to block on all ports on the Linux cluster to stop
this Windows server from accessing it.  So what's the exact commands
I should issue on each of the Linux box?  Would iptables also block
the Windows server from accessing the cluster virtual IP addr?


Thanks
U
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
https://www.redhat.com/archives/linux-cluster/attachments/20090918/a6525
9ca/attachment.html

------------------------------

Message: 7
Date: Thu, 17 Sep 2009 19:36:42 -0700
From: Ian Hayes <cthulhucalling@xxxxxxxxx>
Subject: Re:  exact iptables command to stop a source
	from 	accessing a Linux cluster
To: linux clustering <linux-cluster@xxxxxxxxxx>
Message-ID:
	<36df569a0909171936n3dec0996uf96342be6a1f672@xxxxxxxxxxxxxx>
Content-Type: text/plain; charset="iso-8859-1"

iptables -A INPUT -s 10.5.5.25 -j DROP

On Thu, Sep 17, 2009 at 7:33 PM, sunhux G <sunhux@xxxxxxxxx> wrote:

>
>  Hi,
>
> I have a RHEL 5.1  cluster that's constantly being accessed by an
> application from a Windows server application via sqlnet (ie Tcp
> port 1521) which caused a specific Oracle accounts to be locked.
>
> The owner of the Windows box does not know why the Filenet
> application is doing this so while she's doing the research which
> configuration in Filenet needs to be fixed to stop this, we need an
> interim measure to block this Windows server's access to the cluster.
>
> Thus I would like to set up iptables / firewall on this Linux box to
> stop the sqlnet access.  Can someone provide me some example
> commands / syntax ?
>
> Source IP address : 10.5.5.25   (Windows server)
> Tcp port : 1521
> My Linux boxes IP address :  10.5.5.46 / .47
> My Linux cluster virtual addr : 10.5.5.45
>
> In fact I would like to block on all ports on the Linux cluster to
stop
> this Windows server from accessing it.  So what's the exact commands
> I should issue on each of the Linux box?  Would iptables also block
> the Windows server from accessing the cluster virtual IP addr?
>
>
> Thanks
> U
>
>
>
>
> --
> Linux-cluster mailing list
> Linux-cluster@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/linux-cluster
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
https://www.redhat.com/archives/linux-cluster/attachments/20090917/6701d
a76/attachment.html

------------------------------

Message: 8
Date: Fri, 18 Sep 2009 11:22:15 +0800
From: sunhux G <sunhux@xxxxxxxxx>
Subject: Re:  exact iptables command to stop a source
	from 	accessing a Linux cluster
To: linux clustering <linux-cluster@xxxxxxxxxx>
Message-ID:
	<60f08e700909172022k73729a81s38d10eb9024f358c@xxxxxxxxxxxxxx>
Content-Type: text/plain; charset="iso-8859-1"

Thanks Ian.

So I issue this command on both cluster nodes and it will also
stop access to the virtual cluster address?

What's the command to reverse / remove
" iptables -A INPUT -s 10.5.5.25 -j DROP " ?
Just in case there's a problem, I'll need to reverse.

Tks
U
On Fri, Sep 18, 2009 at 10:36 AM, Ian Hayes
<cthulhucalling@xxxxxxxxx>wrote:

> iptables -A INPUT -s 10.5.5.25 -j DROP
>
>   On Thu, Sep 17, 2009 at 7:33 PM, sunhux G <sunhux@xxxxxxxxx> wrote:
>
>>
>>  Hi,
>>
>> I have a RHEL 5.1  cluster that's constantly being accessed by an
>> application from a Windows server application via sqlnet (ie Tcp
>> port 1521) which caused a specific Oracle accounts to be locked.
>>
>> The owner of the Windows box does not know why the Filenet
>> application is doing this so while she's doing the research which
>> configuration in Filenet needs to be fixed to stop this, we need an
>> interim measure to block this Windows server's access to the cluster.
>>
>> Thus I would like to set up iptables / firewall on this Linux box to
>> stop the sqlnet access.  Can someone provide me some example
>> commands / syntax ?
>>
>> Source IP address : 10.5.5.25   (Windows server)
>> Tcp port : 1521
>> My Linux boxes IP address :  10.5.5.46 / .47
>> My Linux cluster virtual addr : 10.5.5.45
>>
>> In fact I would like to block on all ports on the Linux cluster to
stop
>> this Windows server from accessing it.  So what's the exact commands
>> I should issue on each of the Linux box?  Would iptables also block
>> the Windows server from accessing the cluster virtual IP addr?
>>
>>
>> Thanks
>> U
>>
>>
>>
>>
>> --
>> Linux-cluster mailing list
>> Linux-cluster@xxxxxxxxxx
>> https://www.redhat.com/mailman/listinfo/linux-cluster
>>
>
>
> --
> Linux-cluster mailing list
> Linux-cluster@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/linux-cluster
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
https://www.redhat.com/archives/linux-cluster/attachments/20090918/87275
760/attachment.html

------------------------------

Message: 9
Date: Thu, 17 Sep 2009 20:38:25 -0700
From: Ian Hayes <cthulhucalling@xxxxxxxxx>
Subject: Re:  exact iptables command to stop a source
	from 	accessing a Linux cluster
To: linux clustering <linux-cluster@xxxxxxxxxx>
Message-ID:
	<36df569a0909172038t18280965y10efb75d9a802acb@xxxxxxxxxxxxxx>
Content-Type: text/plain; charset="iso-8859-1"

[root@cthulhu ~]# iptables -L --line-numbers
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    DROP       all  --  10.5.5.5             anywhere
2    DROP       all  --  10.5.5.6             anywhere
3    DROP       all  --  10.5.5.7             anywhere

Find the rule number that matches the one you want to delete. Say you
want
to delete #2 from the INPUT table

[root@cthulhu ~]# iptables -D INPUT 2
[root@cthulhu ~]# iptables -L --line-numbers
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    DROP       all  --  10.5.5.5             anywhere
2    DROP       all  --  10.5.5.7             anywhere


Or you can do iptables -F which will basically drop all your iptables.
Make
sure you've saved recently before you do that.

On Thu, Sep 17, 2009 at 8:22 PM, sunhux G <sunhux@xxxxxxxxx> wrote:

> Thanks Ian.
>
> So I issue this command on both cluster nodes and it will also
> stop access to the virtual cluster address?
>
> What's the command to reverse / remove
> " iptables -A INPUT -s 10.5.5.25 -j DROP " ?
> Just in case there's a problem, I'll need to reverse.
>
> Tks
> U
> On Fri, Sep 18, 2009 at 10:36 AM, Ian Hayes
<cthulhucalling@xxxxxxxxx>wrote:
>
>> iptables -A INPUT -s 10.5.5.25 -j DROP
>>
>>   On Thu, Sep 17, 2009 at 7:33 PM, sunhux G <sunhux@xxxxxxxxx> wrote:
>>
>>>
>>>  Hi,
>>>
>>> I have a RHEL 5.1  cluster that's constantly being accessed by an
>>> application from a Windows server application via sqlnet (ie Tcp
>>> port 1521) which caused a specific Oracle accounts to be locked.
>>>
>>> The owner of the Windows box does not know why the Filenet
>>> application is doing this so while she's doing the research which
>>> configuration in Filenet needs to be fixed to stop this, we need an
>>> interim measure to block this Windows server's access to the
cluster.
>>>
>>> Thus I would like to set up iptables / firewall on this Linux box to
>>> stop the sqlnet access.  Can someone provide me some example
>>> commands / syntax ?
>>>
>>> Source IP address : 10.5.5.25   (Windows server)
>>> Tcp port : 1521
>>> My Linux boxes IP address :  10.5.5.46 / .47
>>> My Linux cluster virtual addr : 10.5.5.45
>>>
>>> In fact I would like to block on all ports on the Linux cluster to
stop
>>> this Windows server from accessing it.  So what's the exact commands
>>> I should issue on each of the Linux box?  Would iptables also block
>>> the Windows server from accessing the cluster virtual IP addr?
>>>
>>>
>>> Thanks
>>> U
>>>
>>>
>>>
>>>
>>> --
>>> Linux-cluster mailing list
>>> Linux-cluster@xxxxxxxxxx
>>> https://www.redhat.com/mailman/listinfo/linux-cluster
>>>
>>
>>
>> --
>> Linux-cluster mailing list
>> Linux-cluster@xxxxxxxxxx
>> https://www.redhat.com/mailman/listinfo/linux-cluster
>>
>
>
> --
> Linux-cluster mailing list
> Linux-cluster@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/linux-cluster
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
https://www.redhat.com/archives/linux-cluster/attachments/20090917/ebd68
3b9/attachment.html

------------------------------

Message: 10
Date: Fri, 18 Sep 2009 18:35:23 +0800
From: sunhux G <sunhux@xxxxxxxxx>
Subject: Re:  exact iptables command to stop a source
	from 	accessing a Linux cluster
To: linux clustering <linux-cluster@xxxxxxxxxx>
Message-ID:
	<60f08e700909180335n767535bfjdd39bc43ccd96122@xxxxxxxxxxxxxx>
Content-Type: text/plain; charset="iso-8859-1"

 I can't even start up iptables as the previous admin hardened it
(but not sure how / where he hardened it)

So despite that I do
service iptables start,
"service iptables status" still show "Firewall is stopped"

Now, can I use /etc/hosts.deny instead ?
Do I need to do "pkill -HUP tcpd"   or
"service xinetd restart"   - which of the two
commands shd I execute & what's the syntax
in /etc/hosts.deny ?

Thanks

On Fri, Sep 18, 2009 at 11:38 AM, Ian Hayes
<cthulhucalling@xxxxxxxxx>wrote:

> [root@cthulhu ~]# iptables -L --line-numbers
> Chain INPUT (policy ACCEPT)
> num  target     prot opt source               destination
> 1    DROP       all  --  10.5.5.5             anywhere
> 2    DROP       all  --  10.5.5.6             anywhere
> 3    DROP       all  --  10.5.5.7             anywhere
>
> Find the rule number that matches the one you want to delete. Say you
want
> to delete #2 from the INPUT table
>
> [root@cthulhu ~]# iptables -D INPUT 2
> [root@cthulhu ~]# iptables -L --line-numbers
> Chain INPUT (policy ACCEPT)
> num  target     prot opt source               destination
> 1    DROP       all  --  10.5.5.5             anywhere
> 2    DROP       all  --  10.5.5.7             anywhere
>
>
> Or you can do iptables -F which will basically drop all your iptables.
Make
> sure you've saved recently before you do that.
>
>
> On Thu, Sep 17, 2009 at 8:22 PM, sunhux G <sunhux@xxxxxxxxx> wrote:
>
>> Thanks Ian.
>>
>> So I issue this command on both cluster nodes and it will also
>> stop access to the virtual cluster address?
>>
>> What's the command to reverse / remove
>> " iptables -A INPUT -s 10.5.5.25 -j DROP " ?
>> Just in case there's a problem, I'll need to reverse.
>>
>> Tks
>> U
>>   On Fri, Sep 18, 2009 at 10:36 AM, Ian Hayes
<cthulhucalling@xxxxxxxxx>wrote:
>>
>>> iptables -A INPUT -s 10.5.5.25 -j DROP
>>>
>>>   On Thu, Sep 17, 2009 at 7:33 PM, sunhux G <sunhux@xxxxxxxxx>
wrote:
>>>
>>>>
>>>>  Hi,
>>>>
>>>> I have a RHEL 5.1  cluster that's constantly being accessed by an
>>>> application from a Windows server application via sqlnet (ie Tcp
>>>> port 1521) which caused a specific Oracle accounts to be locked.
>>>>
>>>> The owner of the Windows box does not know why the Filenet
>>>> application is doing this so while she's doing the research which
>>>> configuration in Filenet needs to be fixed to stop this, we need an
>>>> interim measure to block this Windows server's access to the
cluster.
>>>>
>>>> Thus I would like to set up iptables / firewall on this Linux box
to
>>>> stop the sqlnet access.  Can someone provide me some example
>>>> commands / syntax ?
>>>>
>>>> Source IP address : 10.5.5.25   (Windows server)
>>>> Tcp port : 1521
>>>> My Linux boxes IP address :  10.5.5.46 / .47
>>>> My Linux cluster virtual addr : 10.5.5.45
>>>>
>>>> In fact I would like to block on all ports on the Linux cluster to
stop
>>>> this Windows server from accessing it.  So what's the exact
commands
>>>> I should issue on each of the Linux box?  Would iptables also block
>>>> the Windows server from accessing the cluster virtual IP addr?
>>>>
>>>>
>>>> Thanks
>>>> U
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Linux-cluster mailing list
>>>> Linux-cluster@xxxxxxxxxx
>>>> https://www.redhat.com/mailman/listinfo/linux-cluster
>>>>
>>>
>>>
>>> --
>>> Linux-cluster mailing list
>>> Linux-cluster@xxxxxxxxxx
>>> https://www.redhat.com/mailman/listinfo/linux-cluster
>>>
>>
>>
>> --
>> Linux-cluster mailing list
>> Linux-cluster@xxxxxxxxxx
>> https://www.redhat.com/mailman/listinfo/linux-cluster
>>
>
>
> --
> Linux-cluster mailing list
> Linux-cluster@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/linux-cluster
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
https://www.redhat.com/archives/linux-cluster/attachments/20090918/21bba
89a/attachment.html

------------------------------

--
Linux-cluster mailing list
Linux-cluster@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/linux-cluster

End of Linux-cluster Digest, Vol 65, Issue 21
*********************************************

--
Linux-cluster mailing list
Linux-cluster@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/linux-cluster

[Index of Archives]     [Corosync Cluster Engine]     [GFS]     [Linux Virtualization]     [Centos Virtualization]     [Centos]     [Linux RAID]     [Fedora Users]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite Camping]

  Powered by Linux