[Openstack-operators] Pacemaker / Corosync in guests on OpenStack

John Petrini jpetrini at coredial.com
Wed Aug 16 10:55:16 UTC 2017

I just did recently and had no issues. I used a provider network so I don't
have experience using it with project networks but I believe the only issue
you might run into with project networks is multicast. You can work around
this by using unicast instead.

If you do you use multicast you need to enable IGMP in your security
groups. You can do this in Horizon by selecting other protocol and setting
the IP protocol number to 2.

I hit a minor issue setting up a VIP because port security wouldn't allow
traffic to the instance that was destined for that address but all I had to
do was add the VIP as an allowed address pair on the port of each instance.
Also, I attached an additional interface to one of the instances to
allocate the VIP, I just didn't configure the interface within the
instance. Since we use DHCP this was a simple way to reserve the IP. I'm
sure I could have created a pacemaker resource that would move the port
using the OpenStack API but I prefer the simplicity and speed of Pacemakers
ocf:ipaddr2 resource.

I setup fencing of the instances via the openstack api to avoid any chance
of a duplicate IP when moving the VIP. I borrowed this script
https://github.com/beekhof/fence_openstack/blob/master/fence_openstack and
made a few minor changes.

Overall there weren't many differences between setting up pacemaker in
OpenStack vs Iron but I hope this is helpful.


John Petrini

On Wed, Aug 16, 2017 at 6:06 AM, Tim Bell <Tim.Bell at cern.ch> wrote:

> Has anyone had experience setting up a cluster of VM guests running
> Pacemaker / Corosync? Any recommendations?
> Tim
> _______________________________________________
> OpenStack-operators mailing list
> OpenStack-operators at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20170816/0b3378dc/attachment.html>

More information about the OpenStack-operators mailing list