HA cluster configuration for RHEL - SAP NetWeaver on Amazon
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

HA cluster configuration for RHEL

The following instructions are applicable to Red Hat Enterprise Linux for SAP with versions 7.x and 8.x.

Cluster installation

If you use BYOS images, ensure that your system is configured with RHEL for SAP and HA repositories to have access to required packages. Run the following commands in all cluster nodes.

# yum update -y # yum install -y pcs pacemaker fence-agents-aws # yum install -y resource-agents # yum install -y resource-agents-sap (Version resource-agents-sap-4.1.1-12.el7.x86_64 or higher) # yum install -y sap-cluster-connector # yum install -y awscli

Cluster configuration

Update user hacluster password

Change the password on both nodes by running the following command.

# passwd hacluster

Start and enable the pcs services

Start and enable pcs services on both nodes by running the following command.

# systemctl start pcsd.service # systemctl enable pcsd.service

Authenticate pcs with user hacluster

The following command authenticates pcs to the pcs daemon on cluster nodes. It should be run on only one of the cluster nodes. The username and password for the pcs admin must be the same, and the username should be hacluster.

RHEL 7.x

# pcs cluster auth hahost01 hahost02 Username: hacluster Password: hahost02: Authorized hahost01: Authorized

Note – replace hahost01 and hahost02 with the appropriate cluster node hostnames.

RHEL 8.x

# pcs host auth hahost01 hahost02 Username: hacluster Password: hahost02: Authorized hahost01: Authorized

Note – replace hahost01 and hahost02 with the appropriate cluster node hostnames.

Set up the cluster

The following command configures the cluster configuration file and syncs the configuration on both nodes. It should be run on only one of the cluster nodes.

RHEL 7.x

# pcs cluster setup --name rhelha hahost01 hahost02 Destroying cluster on nodes: hahost01, hahost02... hahost01: Stopping Cluster (pacemaker)... hahost02: Stopping Cluster (pacemaker)... hahost01: Successfully destroyed cluster hahost02: Successfully destroyed cluster
Sending 'pacemaker_remote authkey' to 'hahost01’, 'hahost02' hahost01: successful distribution of the file 'pacemaker_remote authkey' hahost02: successful distribution of the file 'pacemaker_remote authkey' Sending cluster config files to the nodes... hahost01: Succeeded hahost02: Succeeded Synchronizing pcsd certificates on nodes hahost01, hahost02... hahost01: Success hahost02: Success Restarting pcsd on the nodes in order to reload the certificates... hahost01: Success hahost02: Success

Note – replace hahost01 and hahost02 with the appropriate cluster node hostnames.

RHEL 8.x

[root@hahost01 ~]# pcs cluster setup rhelha hahost01 hahost02 Destroying cluster on nodes: hahost01, hahost02... hahost01: Stopping Cluster (pacemaker)... hahost02: Stopping Cluster (pacemaker)... hahost01: Successfully destroyed cluster hahost02: Successfully destroyed cluster Sending 'pacemaker_remote authkey' to 'hahost01’, 'hahost02' hahost01: successful distribution of the file 'pacemaker_remote authkey' hahost02: successful distribution of the file 'pacemaker_remote authkey' Sending cluster config files to the nodes... hahost01: Succeeded hahost02: Succeeded Synchronizing pcsd certificates on nodes hahost01, hahost02... hahost01: Success hahost02: Success Restarting pcsd on the nodes in order to reload the certificates... hahost01: Success hahost02: Success

Note – replace hahost01 and hahost02 with the appropriate cluster node hostnames.

Enable and start the cluster

The following command enables and starts the cluster. It should be run on only one of the nodes.

# pcs cluster enable --all hahost01: Cluster Enabled hahost02: Cluster Enabled # pcs cluster start --all hahost01: Starting Cluster (corosync)... hahost02: Starting Cluster (corosync)... hahost01: Starting Cluster (pacemaker)... hahost02: Starting Cluster (pacemaker)...

Check the status of the cluster by running the following command.

# pcs status Cluster name: rhelha WARNINGS: No stonith devices and stonith-enabled is not false Stack: corosync Current DC: hahost02 (version 1.1.19-8.el7_6.5-c3c624ea3d) - partition with quorum Last updated: Mon Apr 26 00:19:22 2021 Last change: Mon Apr 26 00:18:15 2021 by hacluster via crmd on hahost02 2 nodes configured 0 resources configured Online: [ hahost01 hahost02 ] No resources Daemon Status: corosync: active/enabled pacemaker: active/enabled pcsd: active/enabled

Increase corosync totem token timeout

RHEL 7.x

  1. Edit the /etc/corosync/corosync.conf file in all cluster nodes to increase the token value or to add a value if it is not present, as shown in the following example.

    totem { version: 2 secauth: off cluster_name: my-rhel-sap-cluster transport: udpu rrp_mode: passive token: 29000 <------ Value to be set }
  2. Reload the corosync, without any downtime, with the following command in any of the one cluster nodes.

    # pcs cluster reload corosync
  3. Use the following command to confirm if the changes are active.

    # corosync-cmapctl | grep totem.token Runtime.config.totem.token (u32) = 29000

RHEL 8.x

Use the following command to increase or add the value of corosync in RHEL 8.x.

# pcs cluster config update totem token=29000

STONITH device

Run the following command to configure STONITH.

# pcs stonith create clusterfence fence_aws \ region=us-east-1 \ pcmk_host_map="hahost01:i-xxxxxxxxx;hahost02:i-yyyyyyyyy" \ power_timeout=240 pcmk_reboot_timeout=600 \ pcmk_reboot_retries=4 pcmk_delay_max=45 \ pcmk_reboot_action=off op start timeout=600 \ op monitor interval=300 timeout=60

Note – replace hostnames, Region, and Amazon EC2 instance ids with appropriate values.