corosync
Ansible Corosync (OpenStack ready)
This role provides a support for the Corosync cluster setup.
This role supports the below protocols:
- Multicast (udp)
- Unicast (udpu)
- Multiple rings
Supported distributions:
- CentOS 7.x
- RedHat EL 7.x
- Debian 8.x
- Ubuntu 14.x / 15.x / 16.x
Works with firewalld
daemon and SELinux.
Because the version 1 of Corosync is "not supported" anymore, this role provides only a support for the version 2 of Corosync.
Requirements
This role needs at least 3 nodes and Ansible 2.x
To generate the Corosync auth key, you will need entropy. If the task Generating /eyc/corosync/authkey file
is stuck it means that you don't have enough entropy. The workaround is to generate entropy with haveged
daemon, enable this option:
corosync_haveged: true
If corosync_firewalld
is set to true
please make sure than firewalld
package is installed and the service is started.
If corosync_selinux
is set to true
please make sure than policycoreutils-python
package is installed.
Role Variables
The description of all options is available here: http://manpages.ubuntu.com/manpages/wily/man5/corosync.conf.5.html
corosync_crypto_cipher | default('aes256')
corosync_crypto_hash | default('sha256')
corosync_rrp_mode
corosync_netmtu | default(1500)
corosync_vsftype | default('ykb')
corosync_transport
corosync_cluster_name | default('uoi')
corosync_config_version
corosync_ip_version | default('ipv4')
corosync_token | default(1000)
corosync_token_retransmit
corosync_hold
corosync_token_retransmits_before_loss_const
corosync_join
corosync_send_join
corosync_consensus
corosync_merge
corosync_downcheck
corosync_fail_recv_const
corosync_seqno_unchanged_const
corosync_heartbeat_failures_allowed
corosync_max_network_delay
corosync_window_size
corosync_max_messages
corosync_miss_count_const
corosync_rrp_problem_count_timeout
corosync_rrp_problem_count_threshold
corosync_rrp_problem_count_mcast_threshold
corosync_rrp_token_expired_timeout
corosync_rrp_autorecovery_check_timeout
corosync_provider | default('corosync_votequorum')
corosync_expected_votes
corosync_timestamp | default ('off')
corosync_fileline | default('off')
corosync_to_stderr | default('on')
corosync_to_logfile | default('off')
corosync_to_syslog | default('on')
corosync_logfile
corosync_logfile_priority | default('info')
corosync_syslog_facility | default('daemon')
corosync_syslog_priority | default('info')
corosync_debug | default('off')
corosync_subsys | default('QUORUM')
corosync_subsys_debug | default('off')
corosync_subsys_tags
corosync_ipc_type | default('native')
Dependencies
None.
Example Playbook
The following example will create a Corosync cluster using multicast
, if multicast
is used you have to define the corosync_expected_votes
variable (3 for three nodes).
As said above, if you want to configure firewalld
rules, be sure that corosync_firewalld
is set to true
.
It's possible to use official Debian backports to have the latest Corosync version, just enable it via corosync_debian_backports
set to true
.
The corosync_force_regenerate_authkey
allows you to regenerate the /etc/corosync/authkey
file.
Multicast (1 ring)
---
corosync_firewalld: true
corosync_selinux: true
corosync_haveged: true
corosync_force_regenerate_authkey: false
corosync_debian_backports: true
corosync_expected_votes: 3
corosync_interfaces:
- bindnetaddr: 192.168.56.0
mcastaddr: 226.94.1.1
mcastport: 5405
ttl: 1
The following example will create a Corosync cluster using multicast
with two rings.
Multicast (2 rings)
---
corosync_firewalld: true
corosync_selinux: true
corosync_haveged: true
corosync_force_regenerate_authkey: false
corosync_debian_backports: true
corosync_expected_votes: 3
corosync_interfaces:
- bindnetaddr: 192.168.56.0
mcastaddr: 226.94.1.1
mcastport: 5405
ttl: 1
- bindnetaddr: 10.14.130.0
mcastaddr: 227.94.1.1
mcastport: 5407
ttl: 100
Unicast (1 ring)
The following example will create a Corosync cluster using unicast
with one rings.
If unicast
is used, you will have to define corosync_transport: udpu
and then define corosync_node_list
as an array.
---
corosync_firewalld: true
corosync_selinux: true
corosync_haveged: true
corosync_force_regenerate_authkey: false
corosync_debian_backports: true
corosync_node_list:
- ctrl01
- ctrl02
- ctrl03
corosync_transport: 'udpu'
corosync_interfaces:
- bindnetaddr: 192.168.56.0
mcastport: 5405
The following example will create a Corosync cluster using unicast
with two rings.
Unicast (2 rings)
---
corosync_firewalld: true
corosync_selinux: true
corosync_haveged: true
corosync_force_regenerate_authkey: false
corosync_debian_backports: true
corosync_node_list:
- ctrl01
- ctrl02
- ctrl03
corosync_transport: 'udpu'
corosync_interfaces:
- bindnetaddr: 192.168.56.0
mcastaddr: 226.94.1.1
mcastport: 5405
members:
- 226.94.1.10
- 226.94.1.11
- 226.94.1.12
- bindnetaddr: 10.14.130.0
mcastaddr: 227.94.1.1
mcastport: 5407
members:
- 227.94.1.10
- 227.94.1.11
- 227.94.1.12
License
Apache
Author Information
This role was created in 2016 by Gaëtan Trellu (goldyfruit).
Deploy a Corosync cluster, support unicast and multicast with mutilple rings
ansible-galaxy install uoi-io/ansible-corosync