[Linux-cluster] consistent quorum disk on cluster nodes
Kumar, T Santhosh (TCS)
T.Kumar at alcoa.com
Mon Sep 21 12:39:46 UTC 2009
Cluster quorum work the label and it is suppose to be unique across a
given SAN. AFAIK, not mandatory to keep the same device names
-----Original Message-----
From: linux-cluster-bounces at redhat.com
[mailto:linux-cluster-bounces at redhat.com] On Behalf Of
linux-cluster-request at redhat.com
Sent: Friday, September 18, 2009 6:36 AM
To: linux-cluster at redhat.com
Subject: Linux-cluster Digest, Vol 65, Issue 21
Send Linux-cluster mailing list submissions to
linux-cluster at redhat.com
To subscribe or unsubscribe via the World Wide Web, visit
https://www.redhat.com/mailman/listinfo/linux-cluster
or, via email, send a message with subject or body 'help' to
linux-cluster-request at redhat.com
You can reach the person managing the list at
linux-cluster-owner at redhat.com
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Linux-cluster digest..."
Today's Topics:
1. consistent quorum disk on cluster nodes (James Marcinek)
2. Re: consistent quorum disk on cluster nodes
(Marc - A. Dahlhaus [ Administration | Westermann GmbH ])
3. Re: consistent quorum disk on cluster nodes (James Marcinek)
4. Re: consistent quorum disk on cluster nodes
(Marc - A. Dahlhaus [ Administration | Westermann GmbH ])
5. Re: consistent quorum disk on cluster nodes (James Marcinek)
6. exact iptables command to stop a source from accessing a
Linux cluster (sunhux G)
7. Re: exact iptables command to stop a source from accessing a
Linux cluster (Ian Hayes)
8. Re: exact iptables command to stop a source from accessing a
Linux cluster (sunhux G)
9. Re: exact iptables command to stop a source from accessing a
Linux cluster (Ian Hayes)
10. Re: exact iptables command to stop a source from accessing a
Linux cluster (sunhux G)
----------------------------------------------------------------------
Message: 1
Date: Thu, 17 Sep 2009 12:30:30 -0400 (EDT)
From: James Marcinek <jmarc1 at jemconsult.biz>
Subject: [Linux-cluster] consistent quorum disk on cluster nodes
To: rhelcluster <Linux-cluster at redhat.com>
Message-ID:
<664969789.1531253205029999.JavaMail.root at srv01.jemconsult.biz>
Content-Type: text/plain; charset=utf-8
Hello all,
Can anyone point me in the right direction to some examples of defining
udev rules for quorum disks (or disks in general). I'm reading in the
docs that the quorum disk needs to be the same on all nodes. I have 2
node clusters, which I've allocated a shared 100MB lun that I've created
the quorum disk (mkqdisk command); however the devices are not showing
up as the same device (eg /dev/sdc on one node and /dev/sdb on the other
).
If the quorum disk could be managed by lvm that would likely make life
easier but I'm not sure that would work or is supported, but I think
that would be easier than having to create a udev rule for it...
Thanks,
james
------------------------------
Message: 2
Date: Thu, 17 Sep 2009 18:46:04 +0200
From: "Marc - A. Dahlhaus [ Administration | Westermann GmbH ]"
<mad at wol.de>
Subject: Re: [Linux-cluster] consistent quorum disk on cluster nodes
To: linux clustering <linux-cluster at redhat.com>
Message-ID: <1253205964.2641.156.camel at marc>
Content-Type: text/plain
Am Donnerstag, den 17.09.2009, 12:30 -0400 schrieb James Marcinek:
> Hello all,
>
> Can anyone point me in the right direction to some examples of
defining udev rules for quorum disks (or disks in general). I'm reading
in the docs that the quorum disk needs to be the same on all nodes. I
have 2 node clusters, which I've allocated a shared 100MB lun that I've
created the quorum disk (mkqdisk command); however the devices are not
showing up as the same device (eg /dev/sdc on one node and /dev/sdb on
the other ).
>
> If the quorum disk could be managed by lvm that would likely make life
easier but I'm not sure that would work or is supported, but I think
that would be easier than having to create a udev rule for it...
>
> Thanks,
>
> james
You should try to use the LABEL of the qdisk to select it.
man qdiskd
Marc
------------------------------
Message: 3
Date: Thu, 17 Sep 2009 12:53:47 -0400 (EDT)
From: James Marcinek <jmarc1 at jemconsult.biz>
Subject: Re: [Linux-cluster] consistent quorum disk on cluster nodes
To: linux clustering <linux-cluster at redhat.com>
Message-ID:
<1664263533.1561253206427426.JavaMail.root at srv01.jemconsult.biz>
Content-Type: text/plain; charset=utf-8
ok,
So I can specify it by the label when I issued the mkqdisk -c /dev/sdx
-l quorum command (where x is device)?
Thanks,
James
----- Original Message -----
From: "Marc - A. Dahlhaus [ Administration | Westermann GmbH ]"
<mad at wol.de>
To: "linux clustering" <linux-cluster at redhat.com>
Sent: Thursday, September 17, 2009 12:46:04 PM GMT -05:00 US/Canada
Eastern
Subject: Re: [Linux-cluster] consistent quorum disk on cluster nodes
Am Donnerstag, den 17.09.2009, 12:30 -0400 schrieb James Marcinek:
> Hello all,
>
> Can anyone point me in the right direction to some examples of
defining udev rules for quorum disks (or disks in general). I'm reading
in the docs that the quorum disk needs to be the same on all nodes. I
have 2 node clusters, which I've allocated a shared 100MB lun that I've
created the quorum disk (mkqdisk command); however the devices are not
showing up as the same device (eg /dev/sdc on one node and /dev/sdb on
the other ).
>
> If the quorum disk could be managed by lvm that would likely make life
easier but I'm not sure that would work or is supported, but I think
that would be easier than having to create a udev rule for it...
>
> Thanks,
>
> james
You should try to use the LABEL of the qdisk to select it.
man qdiskd
Marc
--
Linux-cluster mailing list
Linux-cluster at redhat.com
https://www.redhat.com/mailman/listinfo/linux-cluster
------------------------------
Message: 4
Date: Thu, 17 Sep 2009 19:00:41 +0200
From: "Marc - A. Dahlhaus [ Administration | Westermann GmbH ]"
<mad at wol.de>
Subject: Re: [Linux-cluster] consistent quorum disk on cluster nodes
To: linux clustering <linux-cluster at redhat.com>
Message-ID: <1253206841.2641.162.camel at marc>
Content-Type: text/plain
Am Donnerstag, den 17.09.2009, 12:53 -0400 schrieb James Marcinek:
> ok,
>
> So I can specify it by the label when I issued the mkqdisk -c /dev/sdx
-l quorum command (where x is device)?
>
> Thanks,
James,
you need to run the mkqdisk command only on one of your boxes but add
the desired label to it.
Then read how to add the qdisk configuration to your cluster.conf in the
man page of qdisk(5).
Marc
------------------------------
Message: 5
Date: Thu, 17 Sep 2009 18:49:03 -0400 (EDT)
From: James Marcinek <jmarc1 at jemconsult.biz>
Subject: Re: [Linux-cluster] consistent quorum disk on cluster nodes
To: linux clustering <linux-cluster at redhat.com>
Message-ID:
<542588928.1661253227743959.JavaMail.root at srv01.jemconsult.biz>
Content-Type: text/plain; charset=utf-8
Yes thanks,
I was just put the label in when I defined the quorum disk. All 9
clusters up and running!
Thanks,
James
----- Original Message -----
From: "Marc - A. Dahlhaus [ Administration | Westermann GmbH ]"
<mad at wol.de>
To: "linux clustering" <linux-cluster at redhat.com>
Sent: Thursday, September 17, 2009 1:00:41 PM GMT -05:00 US/Canada
Eastern
Subject: Re: [Linux-cluster] consistent quorum disk on cluster nodes
Am Donnerstag, den 17.09.2009, 12:53 -0400 schrieb James Marcinek:
> ok,
>
> So I can specify it by the label when I issued the mkqdisk -c /dev/sdx
-l quorum command (where x is device)?
>
> Thanks,
James,
you need to run the mkqdisk command only on one of your boxes but add
the desired label to it.
Then read how to add the qdisk configuration to your cluster.conf in the
man page of qdisk(5).
Marc
--
Linux-cluster mailing list
Linux-cluster at redhat.com
https://www.redhat.com/mailman/listinfo/linux-cluster
------------------------------
Message: 6
Date: Fri, 18 Sep 2009 10:33:04 +0800
From: sunhux G <sunhux at gmail.com>
Subject: [Linux-cluster] exact iptables command to stop a source from
accessing a Linux cluster
To: linux clustering <linux-cluster at redhat.com>
Message-ID:
<60f08e700909171933h116656ablf58ea7212026472c at mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
Hi,
I have a RHEL 5.1 cluster that's constantly being accessed by an
application from a Windows server application via sqlnet (ie Tcp
port 1521) which caused a specific Oracle accounts to be locked.
The owner of the Windows box does not know why the Filenet
application is doing this so while she's doing the research which
configuration in Filenet needs to be fixed to stop this, we need an
interim measure to block this Windows server's access to the cluster.
Thus I would like to set up iptables / firewall on this Linux box to
stop the sqlnet access. Can someone provide me some example
commands / syntax ?
Source IP address : 10.5.5.25 (Windows server)
Tcp port : 1521
My Linux boxes IP address : 10.5.5.46 / .47
My Linux cluster virtual addr : 10.5.5.45
In fact I would like to block on all ports on the Linux cluster to stop
this Windows server from accessing it. So what's the exact commands
I should issue on each of the Linux box? Would iptables also block
the Windows server from accessing the cluster virtual IP addr?
Thanks
U
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
https://www.redhat.com/archives/linux-cluster/attachments/20090918/a6525
9ca/attachment.html
------------------------------
Message: 7
Date: Thu, 17 Sep 2009 19:36:42 -0700
From: Ian Hayes <cthulhucalling at gmail.com>
Subject: Re: [Linux-cluster] exact iptables command to stop a source
from accessing a Linux cluster
To: linux clustering <linux-cluster at redhat.com>
Message-ID:
<36df569a0909171936n3dec0996uf96342be6a1f672 at mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
iptables -A INPUT -s 10.5.5.25 -j DROP
On Thu, Sep 17, 2009 at 7:33 PM, sunhux G <sunhux at gmail.com> wrote:
>
> Hi,
>
> I have a RHEL 5.1 cluster that's constantly being accessed by an
> application from a Windows server application via sqlnet (ie Tcp
> port 1521) which caused a specific Oracle accounts to be locked.
>
> The owner of the Windows box does not know why the Filenet
> application is doing this so while she's doing the research which
> configuration in Filenet needs to be fixed to stop this, we need an
> interim measure to block this Windows server's access to the cluster.
>
> Thus I would like to set up iptables / firewall on this Linux box to
> stop the sqlnet access. Can someone provide me some example
> commands / syntax ?
>
> Source IP address : 10.5.5.25 (Windows server)
> Tcp port : 1521
> My Linux boxes IP address : 10.5.5.46 / .47
> My Linux cluster virtual addr : 10.5.5.45
>
> In fact I would like to block on all ports on the Linux cluster to
stop
> this Windows server from accessing it. So what's the exact commands
> I should issue on each of the Linux box? Would iptables also block
> the Windows server from accessing the cluster virtual IP addr?
>
>
> Thanks
> U
>
>
>
>
> --
> Linux-cluster mailing list
> Linux-cluster at redhat.com
> https://www.redhat.com/mailman/listinfo/linux-cluster
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
https://www.redhat.com/archives/linux-cluster/attachments/20090917/6701d
a76/attachment.html
------------------------------
Message: 8
Date: Fri, 18 Sep 2009 11:22:15 +0800
From: sunhux G <sunhux at gmail.com>
Subject: Re: [Linux-cluster] exact iptables command to stop a source
from accessing a Linux cluster
To: linux clustering <linux-cluster at redhat.com>
Message-ID:
<60f08e700909172022k73729a81s38d10eb9024f358c at mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
Thanks Ian.
So I issue this command on both cluster nodes and it will also
stop access to the virtual cluster address?
What's the command to reverse / remove
" iptables -A INPUT -s 10.5.5.25 -j DROP " ?
Just in case there's a problem, I'll need to reverse.
Tks
U
On Fri, Sep 18, 2009 at 10:36 AM, Ian Hayes
<cthulhucalling at gmail.com>wrote:
> iptables -A INPUT -s 10.5.5.25 -j DROP
>
> On Thu, Sep 17, 2009 at 7:33 PM, sunhux G <sunhux at gmail.com> wrote:
>
>>
>> Hi,
>>
>> I have a RHEL 5.1 cluster that's constantly being accessed by an
>> application from a Windows server application via sqlnet (ie Tcp
>> port 1521) which caused a specific Oracle accounts to be locked.
>>
>> The owner of the Windows box does not know why the Filenet
>> application is doing this so while she's doing the research which
>> configuration in Filenet needs to be fixed to stop this, we need an
>> interim measure to block this Windows server's access to the cluster.
>>
>> Thus I would like to set up iptables / firewall on this Linux box to
>> stop the sqlnet access. Can someone provide me some example
>> commands / syntax ?
>>
>> Source IP address : 10.5.5.25 (Windows server)
>> Tcp port : 1521
>> My Linux boxes IP address : 10.5.5.46 / .47
>> My Linux cluster virtual addr : 10.5.5.45
>>
>> In fact I would like to block on all ports on the Linux cluster to
stop
>> this Windows server from accessing it. So what's the exact commands
>> I should issue on each of the Linux box? Would iptables also block
>> the Windows server from accessing the cluster virtual IP addr?
>>
>>
>> Thanks
>> U
>>
>>
>>
>>
>> --
>> Linux-cluster mailing list
>> Linux-cluster at redhat.com
>> https://www.redhat.com/mailman/listinfo/linux-cluster
>>
>
>
> --
> Linux-cluster mailing list
> Linux-cluster at redhat.com
> https://www.redhat.com/mailman/listinfo/linux-cluster
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
https://www.redhat.com/archives/linux-cluster/attachments/20090918/87275
760/attachment.html
------------------------------
Message: 9
Date: Thu, 17 Sep 2009 20:38:25 -0700
From: Ian Hayes <cthulhucalling at gmail.com>
Subject: Re: [Linux-cluster] exact iptables command to stop a source
from accessing a Linux cluster
To: linux clustering <linux-cluster at redhat.com>
Message-ID:
<36df569a0909172038t18280965y10efb75d9a802acb at mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
[root at cthulhu ~]# iptables -L --line-numbers
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 DROP all -- 10.5.5.5 anywhere
2 DROP all -- 10.5.5.6 anywhere
3 DROP all -- 10.5.5.7 anywhere
Find the rule number that matches the one you want to delete. Say you
want
to delete #2 from the INPUT table
[root at cthulhu ~]# iptables -D INPUT 2
[root at cthulhu ~]# iptables -L --line-numbers
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 DROP all -- 10.5.5.5 anywhere
2 DROP all -- 10.5.5.7 anywhere
Or you can do iptables -F which will basically drop all your iptables.
Make
sure you've saved recently before you do that.
On Thu, Sep 17, 2009 at 8:22 PM, sunhux G <sunhux at gmail.com> wrote:
> Thanks Ian.
>
> So I issue this command on both cluster nodes and it will also
> stop access to the virtual cluster address?
>
> What's the command to reverse / remove
> " iptables -A INPUT -s 10.5.5.25 -j DROP " ?
> Just in case there's a problem, I'll need to reverse.
>
> Tks
> U
> On Fri, Sep 18, 2009 at 10:36 AM, Ian Hayes
<cthulhucalling at gmail.com>wrote:
>
>> iptables -A INPUT -s 10.5.5.25 -j DROP
>>
>> On Thu, Sep 17, 2009 at 7:33 PM, sunhux G <sunhux at gmail.com> wrote:
>>
>>>
>>> Hi,
>>>
>>> I have a RHEL 5.1 cluster that's constantly being accessed by an
>>> application from a Windows server application via sqlnet (ie Tcp
>>> port 1521) which caused a specific Oracle accounts to be locked.
>>>
>>> The owner of the Windows box does not know why the Filenet
>>> application is doing this so while she's doing the research which
>>> configuration in Filenet needs to be fixed to stop this, we need an
>>> interim measure to block this Windows server's access to the
cluster.
>>>
>>> Thus I would like to set up iptables / firewall on this Linux box to
>>> stop the sqlnet access. Can someone provide me some example
>>> commands / syntax ?
>>>
>>> Source IP address : 10.5.5.25 (Windows server)
>>> Tcp port : 1521
>>> My Linux boxes IP address : 10.5.5.46 / .47
>>> My Linux cluster virtual addr : 10.5.5.45
>>>
>>> In fact I would like to block on all ports on the Linux cluster to
stop
>>> this Windows server from accessing it. So what's the exact commands
>>> I should issue on each of the Linux box? Would iptables also block
>>> the Windows server from accessing the cluster virtual IP addr?
>>>
>>>
>>> Thanks
>>> U
>>>
>>>
>>>
>>>
>>> --
>>> Linux-cluster mailing list
>>> Linux-cluster at redhat.com
>>> https://www.redhat.com/mailman/listinfo/linux-cluster
>>>
>>
>>
>> --
>> Linux-cluster mailing list
>> Linux-cluster at redhat.com
>> https://www.redhat.com/mailman/listinfo/linux-cluster
>>
>
>
> --
> Linux-cluster mailing list
> Linux-cluster at redhat.com
> https://www.redhat.com/mailman/listinfo/linux-cluster
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
https://www.redhat.com/archives/linux-cluster/attachments/20090917/ebd68
3b9/attachment.html
------------------------------
Message: 10
Date: Fri, 18 Sep 2009 18:35:23 +0800
From: sunhux G <sunhux at gmail.com>
Subject: Re: [Linux-cluster] exact iptables command to stop a source
from accessing a Linux cluster
To: linux clustering <linux-cluster at redhat.com>
Message-ID:
<60f08e700909180335n767535bfjdd39bc43ccd96122 at mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
I can't even start up iptables as the previous admin hardened it
(but not sure how / where he hardened it)
So despite that I do
service iptables start,
"service iptables status" still show "Firewall is stopped"
Now, can I use /etc/hosts.deny instead ?
Do I need to do "pkill -HUP tcpd" or
"service xinetd restart" - which of the two
commands shd I execute & what's the syntax
in /etc/hosts.deny ?
Thanks
On Fri, Sep 18, 2009 at 11:38 AM, Ian Hayes
<cthulhucalling at gmail.com>wrote:
> [root at cthulhu ~]# iptables -L --line-numbers
> Chain INPUT (policy ACCEPT)
> num target prot opt source destination
> 1 DROP all -- 10.5.5.5 anywhere
> 2 DROP all -- 10.5.5.6 anywhere
> 3 DROP all -- 10.5.5.7 anywhere
>
> Find the rule number that matches the one you want to delete. Say you
want
> to delete #2 from the INPUT table
>
> [root at cthulhu ~]# iptables -D INPUT 2
> [root at cthulhu ~]# iptables -L --line-numbers
> Chain INPUT (policy ACCEPT)
> num target prot opt source destination
> 1 DROP all -- 10.5.5.5 anywhere
> 2 DROP all -- 10.5.5.7 anywhere
>
>
> Or you can do iptables -F which will basically drop all your iptables.
Make
> sure you've saved recently before you do that.
>
>
> On Thu, Sep 17, 2009 at 8:22 PM, sunhux G <sunhux at gmail.com> wrote:
>
>> Thanks Ian.
>>
>> So I issue this command on both cluster nodes and it will also
>> stop access to the virtual cluster address?
>>
>> What's the command to reverse / remove
>> " iptables -A INPUT -s 10.5.5.25 -j DROP " ?
>> Just in case there's a problem, I'll need to reverse.
>>
>> Tks
>> U
>> On Fri, Sep 18, 2009 at 10:36 AM, Ian Hayes
<cthulhucalling at gmail.com>wrote:
>>
>>> iptables -A INPUT -s 10.5.5.25 -j DROP
>>>
>>> On Thu, Sep 17, 2009 at 7:33 PM, sunhux G <sunhux at gmail.com>
wrote:
>>>
>>>>
>>>> Hi,
>>>>
>>>> I have a RHEL 5.1 cluster that's constantly being accessed by an
>>>> application from a Windows server application via sqlnet (ie Tcp
>>>> port 1521) which caused a specific Oracle accounts to be locked.
>>>>
>>>> The owner of the Windows box does not know why the Filenet
>>>> application is doing this so while she's doing the research which
>>>> configuration in Filenet needs to be fixed to stop this, we need an
>>>> interim measure to block this Windows server's access to the
cluster.
>>>>
>>>> Thus I would like to set up iptables / firewall on this Linux box
to
>>>> stop the sqlnet access. Can someone provide me some example
>>>> commands / syntax ?
>>>>
>>>> Source IP address : 10.5.5.25 (Windows server)
>>>> Tcp port : 1521
>>>> My Linux boxes IP address : 10.5.5.46 / .47
>>>> My Linux cluster virtual addr : 10.5.5.45
>>>>
>>>> In fact I would like to block on all ports on the Linux cluster to
stop
>>>> this Windows server from accessing it. So what's the exact
commands
>>>> I should issue on each of the Linux box? Would iptables also block
>>>> the Windows server from accessing the cluster virtual IP addr?
>>>>
>>>>
>>>> Thanks
>>>> U
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Linux-cluster mailing list
>>>> Linux-cluster at redhat.com
>>>> https://www.redhat.com/mailman/listinfo/linux-cluster
>>>>
>>>
>>>
>>> --
>>> Linux-cluster mailing list
>>> Linux-cluster at redhat.com
>>> https://www.redhat.com/mailman/listinfo/linux-cluster
>>>
>>
>>
>> --
>> Linux-cluster mailing list
>> Linux-cluster at redhat.com
>> https://www.redhat.com/mailman/listinfo/linux-cluster
>>
>
>
> --
> Linux-cluster mailing list
> Linux-cluster at redhat.com
> https://www.redhat.com/mailman/listinfo/linux-cluster
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
https://www.redhat.com/archives/linux-cluster/attachments/20090918/21bba
89a/attachment.html
------------------------------
--
Linux-cluster mailing list
Linux-cluster at redhat.com
https://www.redhat.com/mailman/listinfo/linux-cluster
End of Linux-cluster Digest, Vol 65, Issue 21
*********************************************
More information about the Linux-cluster
mailing list