Eu instalei fail2banpara o meu CentOS 6, mas quando ele inicia, recebo a mensagem de erro
Failed to start server : Starting fail2ban: WARNING 'ignoreregex'
not defined in 'Definition'. Using default one: '' ERROR No file(s)
found for glob /var/log/mail.log ERROR Failed during configuration:
Have not found any log file for sasl-iptables jail [FAILED]
Alguém sabe como consertar?
aqui está o crm o show de configuração
[root@node1 /]# crm configure show
node node1
node node1.mycluster.org
node node2
node node2.mycluster.org
primitive Apache apache \
params configfile="/etc/httpd/conf/httpd.conf" \
op monitor interval=30s \
op start timeout=40s interval=0 \
op stop timeout=60s interval=0 \
meta target-role=Started
primitive drbd_res ocf:linbit:drbd \
params drbd_resource=data \
op monitor interval=29s role=Master \
op monitor interval=31s role=Slave
primitive failover_ip IPaddr2 \
params ip=192.168.1.100 cidr_netmask=32 \
op monitor interval=30s \
meta target-role=Started
primitive fs_res Filesystem \
params device="/dev/drbd0" directory="/data" fstype=ext4
ms drbd_master_slave drbd_res \
meta master-max=1 master-node-max=1 clone-max=2 clone-node-max=1 notify=true target-role=Started
location cli-ban-Apache-on-node2.mycluster.org Apache role=Started -inf: node2.mycluster.org
location cli-ban-drbd_res-on-node1.mycluster.org drbd_res role=Started -inf: node1.mycluster.org
colocation apache_ip_colo inf: Apache failover_ip
colocation fs_drbd_colo inf: fs_res drbd_master_slave:Master
order apache_after_ip Mandatory: failover_ip Apache
order fs_after_drbd Mandatory: drbd_master_slave:promote fs_res:start
property cib-bootstrap-options: \
dc-version=1.1.10-14.el6_5.3-368c726 \
cluster-infrastructure="classic openais (with plugin)" \
expected-quorum-votes=2 \
stonith-enabled=false \
no-quorum-policy=ignore
antes de node1: início do recurso crm drbd_res
[root@node2 /]# service drbd status
drbd driver loaded OK; device status:
version: 8.3.16 (api:88/proto:86-97)
GIT-hash: a798fa7e274428a357657fb52f0ecf40192c1985 build by phil@Build64R6, 2013-09-27 16:00:43
m:res cs ro ds p mounted fstype
0:data Connected Secondary/Primary UpToDate/UpToDate C
Após node1: início do recurso crm drbd_res
[root@node1 /]# crm resource start drbd_res
[root@node1 /]# crm status
Last updated: Thu Nov 6 18:04:43 2014
Last change: Thu Nov 6 17:51:37 2014 via cibadmin on node1.mycluster.org
Stack: classic openais (with plugin)
Current DC: node1.mycluster.org - partition with quorum
Version: 1.1.10-14.el6_5.3-368c726
4 Nodes configured, 2 expected votes
5 Resources configured
Online: [ node1.mycluster.org node2.mycluster.org ]
OFFLINE: [ node1 node2 ]
failover_ip (ocf::heartbeat:IPaddr2): Started node1.mycluster.org
Master/Slave Set: drbd_master_slave [drbd_res]
Masters: [ node2.mycluster.org ]
Stopped: [ node1 node1.mycluster.org node2 ]
fs_res (ocf::heartbeat:Filesystem): Started node2.mycluster.org
Apache (ocf::heartbeat:apache): Started node1.mycluster.org
Failed actions:
drbd_res_monitor_29000 on node1.mycluster.org 'ok' (0): call=42, status=complete, last-rc-change='Thu Nov 6 16:02:12 2014', queued=0ms, exec=0ms
drbd_res_promote_0 on node2.mycluster.org 'unknown error' (1): call=909, status=Timed Out, last-rc-change='Thu Nov 6 15:25:36 2014', queued=20002ms, exec=0ms
isso desativa meu drbd no node2 e não consigo fazer o node2 voltar ao secundário ...
[root@node2 /]# service drbd status
drbd driver loaded OK; device status:
version: 8.3.16 (api:88/proto:86-97)
GIT-hash: a798fa7e274428a357657fb52f0ecf40192c1985 build by phil@Build64R6, 2013-09-27 16:00:43
m:res cs ro ds p mounted fstype
0:data StandAlone Primary/Unknown UpToDate/DUnknown r----- ext4
Alguma coisa que eu errei?
Eu tenho um servidor web que hospeda vários domínios (centos + postfix + dovcot), um dos meus domínios seu dns está hospedado no cloudflare (ou seja, abcd.com), mas quando eu uso o gmail para enviar e-mail para um [email protected], [email protected] não poderá receber o e-mail. Aqui está o registro MX que defini no cloudflare:
Type Name Value TTL Active
mx mail handled by mail.abcd.com with priority10 Automatic
cname mail is an alias of abcd.com Automatic grey cloud
Alguém sabe como posso fazer o domínio receber os e-mails?
estou tentando construir um cluster por duas vm usando o virtualbox, sigo este tutorial http://www.tokiwinter.com/clustering-with-drbd-corosync-and-pacemaker/
e digite o comando conforme abaixo
[root@node1 data]# crm configure primitive nginx_res ocf:heartbeat:nginx params configfile=/etc/nginx/nginx.conf httpd=/usr/sbin/nginx op monitor interval=60s timout=10s op start timeout=40s op stop timeout=60s
error: unpack_resources: Resource start-up disabled since no STONITH resources have been defined
error: unpack_resources: Either configure some or disable STONITH with the stonith-enabled option
error: unpack_resources: NOTE: Clusters with shared data need STONITH to ensure data integrity
Errors found during check: config not valid
ERROR: ocf:heartbeat:nginx: got no meta-data, does this RA exist?
ERROR: ocf:heartbeat:nginx: got no meta-data, does this RA exist?
ERROR: ocf:heartbeat:nginx: no such resource agent
Do you still want to commit (y/n)?
é normal essas mensagens de erro? como posso restaurar depois de pressionar sim? o que o comando vai fazer?
-----atualizar------
[root@node2 ~]# crm ra list ocf heartbeat
CTDB Delay Dummy Filesystem IPaddr
IPaddr2 IPsrcaddr LVM MailTo Route
SendArp Squid VirtualDomain Xinetd apache
conntrackd dhcpd ethmonitor exportfs mysql
named nfsserver pgsql postfix rsyncd
symlink
sou novo em corosync e pacemaker e tento criar um cluster usando vm node1 e node2. aqui está o /etc/corosync/corosync.conf
# Please read the corosync.conf.5 manual page
compatibility: whitetank
totem {
version: 2
secauth: off
interface {
member {
memberaddr: 192.168.1.101
}
member {
memberaddr: 192.168.1.102
}
ringnumber: 0
bindnetaddr: 192.168.1.100
mcastport: 5405
ttl: 1
}
transport: udpu
}
logging {
fileline: off
to_logfile: yes
to_syslog: yes
#logfile: /var/log/cluster/corosync.log
debug: off
timestamp: on
logger_subsys {
subsys: AMF
debug: off
}
}
o status do crm:
[root@node1 ~]# crm status
Last updated: Wed Oct 29 04:41:37 2014
Last change: Wed Oct 29 01:29:10 2014 via crmd on node1
Stack: classic openais (with plugin)
Current DC: NONE
1 Nodes configured, 2 expected votes
0 Resources configured
Node node1: UNCLEAN (offline)
sigo este tutorial, http://www.tokiwinter.com/clustering-with-drbd-corosync-and-pacemaker/ , mas meu status parece que minha configuração não foi bem-sucedida
alguém pode ajudar?
-------------atualizar----------------
corosync-1.4.1-17.e16_5.1.86_64
pacemaker-1.1.10-14.el6_5.3.x86_64
[root@node1 ~]# cat /etc/hosts
127.0.0.1 node1 localhost
::1 localhost6.localdomain6 localhost6
192.168.1.101 node1.mycluster.org node1
192.168.1.102 node2.mycluster.org node2
[root@node1 ~]# cat /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=node1
estou tentando aprender drbd com centoOS 6.3 na caixa virtual, tenho duas vm configuradas, o node1 e o node2, copio o arquivo para o ponto de montagem /data que é /dev/drbd0 do node1, mas não reflete no /dados do nó2
aqui está a configuração
# You can find an example in /usr/share/doc/drbd.../drbd.conf.example
#include "drbd.d/global_common.conf";
#include "drbd.d/*.res";
global {
# do not participate in online usage survey
usage-count no;
}
resource data {
# write IO is reported as completed if it has reached both local
# and remote disk
protocol C;
net {
# set up peer authentication
cram-hmac-alg sha1;
shared-secret "s3cr3tp@ss";
# default value 32 - increase as required
max-buffers 512;
# highest number of data blocks between two write barriers
max-epoch-size 512;
# size of the TCP socket send buffer - can tweak or set to 0 to
# allow kernel to autotune
sndbuf-size 0;
}
startup {
# wait for connection timeout - boot process blocked
# until DRBD resources are connected
wfc-timeout 30;
# WFC timeout if peer was outdated
outdated-wfc-timeout 20;
# WFC timeout if this node was in a degraded cluster (i.e. only had one
# node left)
degr-wfc-timeout 30;
}
disk {
# the next two are for safety - detach on I/O error
# and set up fencing - resource-only will attempt to
# reach the other node and fence via the fence-peer
# handler
#on-io-error detach;
#fencing resource-only;
# no-disk-flushes; # if we had battery-backed RAID
# no-md-flushes; # if we had battery-backed RAID
# ramp up the resync rate
# resync-rate 10M;
}
handlers {
# specify the two fencing handlers
# see: http://www.drbd.org/users-guide-8.4/s-pacemaker-fencing.html
fence-peer "/usr/lib/drbd/crm-fence-peer.sh";
after-resync-target "/usr/lib/drbd/crm-unfence-peer.sh";
}
# first node
on node1 {
# DRBD device
device /dev/drbd0;
# backing store device
disk /dev/sdb;
# IP address of node, and port to listen on
address 192.168.1.101:7789;
# use internal meta data (don't create a filesystem before
# you create metadata!)
meta-disk internal;
}
# second node
on node2 {
# DRBD debice
device /dev/drbd0;
# backing store device
disk /dev/sdb;
# IP address of node, and port to listen on
address 192.168.1.102:7789;
# use internal meta data (don't create a filesystem before
# you create metadata!)
meta-disk internal;
}
}
aqui está o gato /proc/drbd
cat: /proc/data: No such file or directory
[root@node1 /]# cat /proc/drbd
version: 8.3.16 (api:88/proto:86-97)
GIT-hash: a798fa7e274428a357657fb52f0ecf40192c1985 build by phil@Build64R6, 2013-09-27 16:00:43
0: cs:SyncSource ro:Primary/Secondary ds:UpToDate/Inconsistent C r-----
ns:543648 nr:0 dw:265088 dr:280613 al:107 bm:25 lo:0 pe:0 ua:0 ap:0 ep:1 wo:f oos:7848864
[>...................] sync'ed: 6.5% (7664/8188)M
finish: 7:47:11 speed: 272 (524) K/sec
copiei um arquivo para /data no nó 1, mas não consigo encontrar o arquivo em /date no nó2, alguém pode ajudar?
status do drbd no nó1
[root@node1 /]# service drbd status
drbd driver loaded OK; device status:
version: 8.3.16 (api:88/proto:86-97)
GIT-hash: a798fa7e274428a357657fb52f0ecf40192c1985 build by phil@Build64R6, 2013-09-27 16:00:43
m:res cs ro ds p mounted fstype
0:data SyncSource Primary/Secondary UpToDate/Inconsistent C /data ext3
... sync'ed: 8.1% (7536/8188)M
estou tentando aprender drbd com centoOS 6.3 na caixa virtual, tenho duas vm configuradas, o nó 1 é original, o nó 2 é clonado do nó 1, mas não consigo iniciar 'service drbd start' há um erro mensagem 'iniciando recursos DRBD: Não é possível carregar o módulo drbd', enquanto o nó 2 pode iniciar o comando, aqui está a configuração
[root@localhost db]# cat /etc/drbd.conf
# You can find an example in /usr/share/doc/drbd.../drbd.conf.example
#include "drbd.d/global_common.conf";
#include "drbd.d/*.res";
global {
# do not participate in online usage survey
usage-count no;
}
resource data {
# write IO is reported as completed if it has reached both local
# and remote disk
protocol C;
net {
# set up peer authentication
cram-hmac-alg sha1;
shared-secret "s3cr3tp@ss";
# default value 32 - increase as required
max-buffers 512;
# highest number of data blocks between two write barriers
max-epoch-size 512;
# size of the TCP socket send buffer - can tweak or set to 0 to
# allow kernel to autotune
sndbuf-size 0;
}
startup {
# wait for connection timeout - boot process blocked
# until DRBD resources are connected
wfc-timeout 30;
# WFC timeout if peer was outdated
outdated-wfc-timeout 20;
# WFC timeout if this node was in a degraded cluster (i.e. only had one
# node left)
degr-wfc-timeout 30;
}
disk {
# the next two are for safety - detach on I/O error
# and set up fencing - resource-only will attempt to
# reach the other node and fence via the fence-peer
# handler
on-io-error detach;
fencing resource-only;
# no-disk-flushes; # if we had battery-backed RAID
# no-md-flushes; # if we had battery-backed RAID
# ramp up the resync rate
# resync-rate 10M;
}
handlers {
# specify the two fencing handlers
# see: http://www.drbd.org/users-guide-8.4/s-pacemaker-fencing.html
fence-peer "/usr/lib/drbd/crm-fence-peer.sh";
after-resync-target "/usr/lib/drbd/crm-unfence-peer.sh";
}
# first node
on node1.mycluster.org {
# DRBD device
device /dev/drbd0;
# backing store device
disk /dev/sdb;
# IP address of node, and port to listen on
address 192.168.1.101:7789;
# use internal meta data (don't create a filesystem before
# you create metadata!)
meta-disk internal;
}
# second node
on node2.mycluster.org {
# DRBD debice
device /dev/drbd0;
# backing store device
disk /dev/sdb;
# IP address of node, and port to listen on
address 192.168.1.102:7789;
# use internal meta data (don't create a filesystem before
# you create metadata!)
meta-disk internal;
}
}
alguem sabe qual é o problema?