HA cluster configuration for RHEL
The following instructions are applicable to Red Hat Enterprise Linux for SAP with versions 7.x and 8.x.
Operating system configuration
If you are using Red Hat 8.6 or later, the following services must be stopped and disabled on both the cluster nodes. This prevents the NetworkManager from removing the overlay IP address from the network interface.
systemctl disable nm-cloud-setup.timer systemctl stop nm-cloud-setup.timer systemctl disable nm-cloud-setup systemctl stop nm-cloud-setup
Cluster installation
If you use BYOS images, ensure that your system is configured with RHEL for SAP and HA repositories to have access to required packages. Run the following commands in all cluster nodes.
# yum update -y # yum install -y pcs pacemaker fence-agents-aws # yum install -y resource-agents # yum install -y resource-agents-sap (Version resource-agents-sap-4.1.1-12.el7.x86_64 or higher) # yum install -y sap-cluster-connector # yum install -y awscli
Cluster configuration
Update user hacluster password
Change the password on both nodes by running the following command.
# passwd hacluster
Start and enable the pcs services
Start and enable pcs services on both nodes by running the following command.
# systemctl start pcsd.service # systemctl enable pcsd.service
Authenticate pcs with user hacluster
The following command authenticates pcs to the pcs daemon on cluster nodes. It should
be run on only one of the cluster nodes. The username and password for the pcs admin
must be the same, and the username should be hacluster.
RHEL 7.x
# pcs cluster auth hahost01 hahost02 Username: hacluster Password: hahost02: Authorized hahost01: Authorized
Note – replace hahost01 and
hahost02 with the appropriate cluster node hostnames.
RHEL 8.x
# pcs host auth hahost01 hahost02 Username: hacluster Password: hahost02: Authorized hahost01: Authorized
Note – replace hahost01 and
hahost02 with the appropriate cluster node hostnames.
Set up the cluster
The following command configures the cluster configuration file
and syncs the configuration on both nodes. It should be run on only one of the cluster
nodes.
RHEL 7.x
# pcs cluster setup --name rhelha hahost01 hahost02 Destroying cluster on nodes: hahost01, hahost02... hahost01: Stopping Cluster (pacemaker)... hahost02: Stopping Cluster (pacemaker)... hahost01: Successfully destroyed cluster hahost02: Successfully destroyed cluster
Sending 'pacemaker_remote authkey' to 'hahost01’, 'hahost02' hahost01: successful distribution of the file 'pacemaker_remote authkey' hahost02: successful distribution of the file 'pacemaker_remote authkey' Sending cluster config files to the nodes... hahost01: Succeeded hahost02: Succeeded Synchronizing pcsd certificates on nodes hahost01, hahost02... hahost01: Success hahost02: Success Restarting pcsd on the nodes in order to reload the certificates... hahost01: Success hahost02: Success
Note – replace hahost01 and
hahost02 with the appropriate cluster node hostnames.
RHEL 8.x
[root@hahost01 ~]# pcs cluster setup rhelha hahost01 hahost02 Destroying cluster on nodes: hahost01, hahost02... hahost01: Stopping Cluster (pacemaker)... hahost02: Stopping Cluster (pacemaker)... hahost01: Successfully destroyed cluster hahost02: Successfully destroyed cluster Sending 'pacemaker_remote authkey' to 'hahost01’, 'hahost02' hahost01: successful distribution of the file 'pacemaker_remote authkey' hahost02: successful distribution of the file 'pacemaker_remote authkey' Sending cluster config files to the nodes... hahost01: Succeeded hahost02: Succeeded Synchronizing pcsd certificates on nodes hahost01, hahost02... hahost01: Success hahost02: Success Restarting pcsd on the nodes in order to reload the certificates... hahost01: Success hahost02: Success
Note – replace hahost01 and
hahost02 with the appropriate cluster node hostnames.
Enable and start the cluster
The following command enables and starts the cluster. It should be run on only one of the nodes.
# pcs cluster enable --all hahost01: Cluster Enabled hahost02: Cluster Enabled # pcs cluster start --all hahost01: Starting Cluster (corosync)... hahost02: Starting Cluster (corosync)... hahost01: Starting Cluster (pacemaker)... hahost02: Starting Cluster (pacemaker)...
Check the status of the cluster by running the following command.
# pcs status Cluster name: rhelha WARNINGS: No stonith devices and stonith-enabled is not false Stack: corosync Current DC: hahost02 (version 1.1.19-8.el7_6.5-c3c624ea3d) - partition with quorum Last updated: Mon Apr 26 00:19:22 2021 Last change: Mon Apr 26 00:18:15 2021 by hacluster via crmd on hahost02 2 nodes configured 0 resources configured Online: [ hahost01 hahost02 ] No resources Daemon Status: corosync: active/enabled pacemaker: active/enabled pcsd: active/enabled
Increase corosync totem token timeout
RHEL 7.x
-
Edit the
/etc/corosync/corosync.conffile in all cluster nodes to increase the token value or to add a value if it is not present, as shown in the following example.totem { version: 2 secauth: off cluster_name: my-rhel-sap-cluster transport: udpu rrp_mode: passive token: 29000 <------ Value to be set } -
Reload the corosync, without any downtime, with the following command in any of the one cluster nodes.
# pcs cluster reload corosync -
Use the following command to confirm if the changes are active.
# corosync-cmapctl | grep totem.token Runtime.config.totem.token (u32) = 29000
RHEL 8.x
Use the following command to increase or add the value of corosync in RHEL 8.x.
# pcs cluster config update totem token=29000
STONITH device
Run the following command to configure STONITH.
# pcs stonith create clusterfence fence_aws \ region=us-east-1 \ pcmk_host_map="hahost01:i-xxxxxxxxx;hahost02:i-yyyyyyyyy" \ power_timeout=240 pcmk_reboot_timeout=600 \ pcmk_reboot_retries=4 pcmk_delay_max=45 \ pcmk_reboot_action=off op start timeout=600 \ op monitor interval=300 timeout=60
Note – replace hostnames, Region, and Amazon EC2 instance ids with appropriate values.