/// Instalamos los paquetes necesarios y la siguiente configuración
yum install epel-release -y
yum install pcs fence-agents-all -y
firewall-cmd --permanent --add-service=high-availability; firewall-cmd --reload
echo mypassword | passwd --stdin hacluster
systemctl enable --now pcsd
pcs cluster auth node1.labs.testing.local node2.labs.testing.local
Username: hacluster
Password: mypassword
pcs cluster setup --start --name cluster node1.labs.testing.local node2.labs.testing.local pcs cluster enable --all
/// NO poner en este estado si es un entorno de producción
pcs property set stonith-enabled=false
/// Creamos el recurso para compartir de la VIP
pcs resource create ClusterIP ocf:heartbeat:IPaddr2 ip=10.10.10.1 cidr_netmask=32 nic=vip191 op monitor interval=30s
/// Creamos un link desde la interfaz física a la virtual, hay que hacerlo en todos los nodos que formen el cluster.
ip link add link enp0s8 address 02:02:aa:bb:cc:11 vip191 type macvlan pcs resource update ClusterIP nic=vip191 sysctl -w net.ipv4.conf.all.rp_filter=0 sysctl -w net.ipv4.conf.vip191.rp_filter=0 sysctl -w net.ipv4.conf.all.arp_ignore=1 systemctl stop NetworkManager systemctl disable NetworkManager
/// Con esto podemos balancear el recurso de la virtual IP de un nodo a otro
pcs resource move ClusterIP [node1.labs.testing.local | node2.labs.testing.local]
// Con esto vemos el estado de los recursos activos
pcs status resources
// Para hacer la configuracion de la VIP y la MACVLAN persistente a reinicios, tenemos que meter los siguientes scripts en «/etc/sysconfig/network-scripts/», en ambos nodos del cluster
================================================================
ifup-macvlan
================================================================
#!/bin/bash # initscripts-macvlan Copyright (C) 2014 Lars Kellogg-Stedman This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/. . /etc/init.d/functions cd /etc/sysconfig/network-scripts . ./network-functions [ -f ../network ] && . ../network CONFIG=${1} need_config ${CONFIG} source_config OTHERSCRIPT="/etc/sysconfig/network-scripts/ifup-${REAL_DEVICETYPE}" if [ ! -x ${OTHERSCRIPT} ]; then OTHERSCRIPT="/etc/sysconfig/network-scripts/ifup-eth" fi ip link add \ link ${MACVLAN_PARENT} \ name ${DEVICE} \ type ${TYPE:-macvlan} mode ${MACVLAN_MODE:-private} ${OTHERSCRIPT} ${CONFIG}
================================================================
ifdown-macvlan
================================================================
#!/bin/bash # initscripts-macvlan Copyright (C) 2014 Lars Kellogg-Stedman This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/. . /etc/init.d/functions cd /etc/sysconfig/network-scripts . ./network-functions [ -f ../network ] && . ../network CONFIG=${1} need_config ${CONFIG} source_config OTHERSCRIPT="/etc/sysconfig/network-scripts/ifdown-${REAL_DEVICETYPE}" if [ ! -x ${OTHERSCRIPT} ]; then OTHERSCRIPT="/etc/sysconfig/network-scripts/ifdown-eth" fi ${OTHERSCRIPT} ${CONFIG} ip link del ${DEVICE} type ${TYPE:-macvlan}
================================================================
ifcfg-vip191
================================================================
BOOTPROTO=none NAME=vip191 DEVICE=vip191 DEVICETYPE=macvlan TYPE=macvlan ONBOOT=yes NM_CONTROLLED=no MACVLAN_PARENT=enp0s8 MACVLAN_MODE=private MACADDR=02:02:aa:bb:cc:11 PREFIX=32
// Por ultimo, modificaremos el fichero «/etc/sysctl.conf» y añadiremos (NO BORRAR NADA) las siguientes lineas al final del fichero
net.ipv4.conf.all.rp_filter=0 -----> Si esta linea existe, la dejamos tal y como esta, solo añadimos las dos siguientes. net.ipv4.conf.vip191.rp_filter=0 net.ipv4.conf.all.arp_ignore=1
// Para finalizar, reiniciaremos ambos nodos y comprobaremos que la VIP nos contesta con la MAC virtual
[root@node03 ~]# nmap -sP clustervip01.labs.testing.local --> Yo he añadido una entrada a los ficheros /etc/hosts de mis equipos, este registro apunta a la IP 10.10.10.1, la vip del recurso ClusterIP Starting Nmap 6.40 ( http://nmap.org ) at 2019-06-11 17:43 CEST Nmap scan report for clustervip01.labs.testing.local (10.10.10.1) Host is up (0.00032s latency). MAC Address: 02:02:AA:BB:CC:11 (Unknown) Nmap done: 1 IP address (1 host up) scanned in 0.01 seconds