Press “Enter” to continue...
The cfengine environment consists of:
Master server (policy host): package_hostname
Master clients:
cluster_member_1, cluster_member_2, ...
A file containing the answers for this run of the Configuration
Synchronization Wizard is stored here:
/var/opt/dsau/cfengine/tmpdir/csync_wizard_input.txt
This configuration can be reestablished by issuing the following command:
/opt/dsau/sbin/csync_wizard \
2.3.1.3 Cluster Configuration Notes for cfengine
This section describes the details of a high availability configuration of cfengine in a Serviceguard cluster. For more information on the role of the various cfengine daemons and commands, refer to “cfengine Daemons and Commands” (page 14). The Serviceguard package ensures that cfengine's cfservd daemon remains highly available. The cfengine configuration files update.conf and cfagent.conf define the master configuration synchronization server to be the registered DNS name for the relocatable IP address of the package. When managed clients run cfagent (see cfagent(8)), cfagent connects to cfservd on the package’s adoptive node. Thus the cluster members themselves are all managed clients. The member hosting the package additionally acts as the master server for the policy files.
When booting the cluster, each member will start a client cfservd. This is the cfservd that responds to cfrun requests. When the package starts on a member, that cfservd now has access to the filesystem of the package and becomes the master cfservd that serves the policy files to all managed clients. This cfservd is monitored by the package. If cfservd fails, the package will attempt to restart on another member. That member’s cfservd will then become the master cfservd.
Halting the package does not stop the cfservd daemon on the adoptive member since the expectation is that the daemon is present to respond to future cfrun requests. Also, unlike some other high availability services, if the csync package is down or unavailable, remote clients are not adversely impacted. The clients continue to run with their currently defined configurations. The administrator would need to make sure the package is up and running in order to distribute any new configuration instructions to the managed clients.
The wizard automates cfengine key distribution to all cluster members. For a detailed description of key distribution steps performed, refer to “Security Notes” (page 36).
2.3.1.4 Serviceguard Automation Features
The Distributed Systems Administration Utilities require Serviceguard 11.17 or later. With Serviceguard 11.17 or later, when members are added to or deleted from the cluster, the configuration synchronization tools automatically take the appropriate configuration actions. Specifically:
•When adding a member to the cluster, the new member is automatically configured to participate in configuration synchronization. The following configuration actions occur automatically on the added member:
1./etc/rc.config.d/cfservd is changed to set CSYNC_CONFIGURED to 1.
2.The appropriate cfengine public/private keys are created for the new member and placed in the member's /var/opt/dsau/cfengine/ppkeys directory. The new keys
2.3 Configuring cfengine | 23 |
