[CentOS] heartbeat configuration for lb

Sun Dec 12 03:13:22 UTC 2010
bluethundr <bluethundr at gmail.com>

hello list!

 I am attempting to setup haproxy using a shared up I am trying to
setup using the heartbeat package that I currently have installed:

  [root at VIRTCENT01:~]#rpm -qa | grep heartbeat | grep -v -e stonith -e pils

I have /etc/ha/.d authkeys setup this way:

auth 2
#1 crc
2 sha1 {SHA}secret

I have /etc/ha.d/resources setup like this:


And I have /etc/ha.cf setup like this:

 #       What UDP port to use for udp or ppp-udp communication?
udpport        694
bcast  eth0
mcast eth0 694 1 0
ucast eth0
#       What interfaces to heartbeat over?
udp     eth0
#       Facility to use for syslog()/logger (alternative to log/debugfile)
logfacility     local0
#       Tell what machines are in the cluster
#       node    nodename ...    -- must match uname -n
node    lb1.summitnjhome.com
node    lb2.summitnjhome.com

The service seems to start ok:

[root at VIRTCENT01:~]#service heartbeat restart
Stopping High-Availability services:
                                                           [  OK  ]
Waiting to allow resource takeover to complete:
                                                           [  OK  ]
Starting High-Availability services:
2010/12/11_22:03:55 INFO:  Resource is stopped
                                                           [  OK  ]

(tho I am unsure of that the INFO notice is of the resource being stopped).

And I have verified that it is running with ps:

[root at VIRTCENT01:~]#ps auxwww | grep heartbeat
root      3646  0.1  4.6  12260 12256 ?        SLs  22:03   0:00
heartbeat: master control process
nobody    3648  0.0  2.1   5664  5660 ?        SL   22:03   0:00
heartbeat: FIFO reader
nobody    3649  0.0  2.1   5660  5656 ?        SL   22:03   0:00
heartbeat: write: bcast eth0
nobody    3650  0.0  2.1   5660  5656 ?        SL   22:03   0:00
heartbeat: read: bcast eth0
root      3653  0.0  0.2  61180   736 pts/1    S+   22:04   0:00 grep heartbeat

And verified that the box is listening on port 694 (the port that I
have set for heartbeat):

[root at VIRTCENT01:~]#netstat -tulpn | grep heartbeat
udp        0      0       *
                 3649/heartbeat: wri
udp        0      0     *
                 3649/heartbeat: wri

However although I have the port enabled in iptables:

-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 694 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited

An nmap scan does not see anything active on 694:

bluethundr at bluethundr-laptop:~$ sudo nmap -sT -A virt1

Starting Nmap 5.00 ( http://nmap.org ) at 2010-12-11 22:07 EST
Warning: Traceroute does not support idle or connect scan, disabling...
Interesting ports on
Not shown: 997 filtered ports
22/tcp  open   ssh     OpenSSH 5.6 (protocol 2.0)
|  ssh-hostkey: 1024 b0:gu:s (DSA)
|_ 2048 b0:gu:s (RSA)
80/tcp  closed http
631/tcp closed ipp
MAC Address: 00:16:36:22:92:70 (Quanta Computer)
Device type: general purpose
Running: Linux 2.6.X
OS details: Linux 2.6.15 - 2.6.26
Network Distance: 1 hop

OS and Service detection performed. Please report any incorrect
results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 11.27 seconds

I am enclosing an archive of my /etc/ha.d directory in case this is of
use to anyone. I would certainly appreciate any help anyone could


GPG me!!

gpg --keyserver pgp.mit.edu --recv-keys F186197B
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ha.d.tar.gz
Type: application/x-gzip
Size: 21638 bytes
Desc: not available
URL: <http://lists.centos.org/pipermail/centos/attachments/20101211/7b44352c/attachment-0004.bin>