HA cluster configuration for SLES - SAP NetWeaver on Amazon
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

HA cluster configuration for SLES

Cluster installation

SLES for SAP images that are sold by Amazon through Amazon Marketplace come with pre-installed SUSE HAE packages. Ensure that you have the latest version of these packages. If required, update them by using the zypper command, as shown in the following example.

# zypper update # reboot

If you are using BYOS images, ensure that the following packages are installed:

  • corosync

  • crmsh

  • fence-agents

  • ha-cluster-bootstrap

  • pacemaker

  • patterns-ha-ha_sles

  • resource-agents

  • cluster-glue

  • awscli

Cluster configuration

System logging

SUSE recommends using the rsyslogd daemon for logging in the SUSE cluster. Install the rsyslog package as a root user on all cluster nodes. logd is a subsystem to log additional information coming from the STONITH agent.

# zypper install rsyslog # systemctl enable logd # systemctl start logd

Install SAP cluster connector.

On both the nodes, run the following command.

# zypper install sap-suse-cluster-connector

Add the following lines to the ASCS and ERS profile parameters.

service/halib = $(DIR_CT_RUN)/saphascriptco.so service/halib_cluster_connector = /usr/bin/sap_suse_cluster_connector

Add the sidadm user to the Linux haclient group.

# usermod -a -G haclient sidadm

Corosync configuration

The cluster services (pacemaker and corosync) should be in a stopped state when performing cluster configuration. Check the status and stop the pacemaker service if it is running.

Check the status

# systemctl status pacemaker

Stop the service

# systemctl stop pacemaker

Create encrypted keys

Run the following command to create a secret key, which is used to encrypt all of the cluster communication.

# corosync-keygen

The new authkey key file is created at /etc/corosync/. Copy this file to the same location on the second cluster node, with the same permissions and ownership.

hahost01:/etc/corosync # scp -p authkey root@hahost02:/etc/corosync

Create corosync configuration file

All cluster nodes are required to have a local configuration file named /etc/corosync/corosync.conf, as shown in the following example.

# Read the corosync.conf.5 manual page totem { version: 2 rrp_mode: passive token: 30000 consensus: 36000 token_retransmits_before_loss_const: 10 max_messages: 20 crypto_cipher: none crypto_hash: none clear_node_high_bit: yes interface { ringnumber: 0 bindnetaddr: x.x.x.x mcastport: 5405 ttl: 1 } transport: udpu } logging { fileline: off to_logfile: yes to_syslog: yes logfile: /var/log/cluster/corosync.log debug: off timestamp: on logger_subsys { subsys: QUORUM debug: off } } nodelist { node { ring0_addr: x.x.x.x ring1_addr: x.x.x.x nodeid: 1 } node { ring0_addr: x.x.x.x ring1_addr: x.x.x.x nodeid: 2 } } quorum { # Enable and configure quorum subsystem (default: off) # see also corosync.conf.5 and votequorum.5 provider: corosync_votequorum expected_votes: 2 two_node: 1 }

Replace the values for the following variables with those of your environment:

  • bindnetaddr – IP address of the node where the file is being configured

  • ring0_addr – Primary IP address of cluster node 1

  • ring1_addr – Secondary IP address of cluster node 1

  • ring0_addr – Primary IP address of cluster node 2

  • ring1_addr – Secondary IP address of cluster node 2

The secondary ring corosync configuration provides redundancy. It enables the cluster nodes to communicate with each other in case of a communication issue with the primary IP address.

Update the hacluster password

Change the password for user hacluster on both nodes.

#passwd hacluster

Start the cluster

Start the cluster on both the primary and the secondary node, and then check the status.

Start the cluster by running the following command.

# systemctl start pacemaker

Check the status with the crm_mon-1 command, as shown in the following example. You will see that both nodes are online, and will see a full list of any resources that are available.

# crm_mon -1 Cluster Summary: * Stack: corosync * Current DC: hahost01 (version 2.0.xxxxxxxxxxx) - partition with quorum * Last updated: * Last change: by hacluster via crmd on hahost01 * 2 nodes configured * 0 resource instances configured Node List: * Online: [ hahost01 hahost02 ] Active Resources: * No active resources

You can find the ring status and the associated IP address of the cluster with the corosync-cfgtool command, as shown in the following example.

# corosync-cfgtool –s Printing ring status. Local node ID 1 RING ID 0 id = x.x.x.x status = ring 0 active with no faults RING ID 1 id = x.x.x.x status = ring 1 active with no faults