diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 06:50:17 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 06:50:17 +0000 |
| commit | 86ed03f8adee56c050c73018537371c230a664a6 (patch) | |
| tree | eae3d04cdf1c49848e5a671327ab38297f4acb0d /agents/ifmib/README | |
| parent | Initial commit. (diff) | |
| download | fence-agents-86ed03f8adee56c050c73018537371c230a664a6.tar.xz fence-agents-86ed03f8adee56c050c73018537371c230a664a6.zip | |
Adding upstream version 4.12.1.upstream/4.12.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'agents/ifmib/README')
| -rw-r--r-- | agents/ifmib/README | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/agents/ifmib/README b/agents/ifmib/README new file mode 100644 index 0000000..6fe8a2b --- /dev/null +++ b/agents/ifmib/README @@ -0,0 +1,45 @@ +Intro: +------ +This is an SNMP-based fencing agent for RHCS. It was designed with the use-case +of disabling ethernet ports on an iSCSI SAN, but could be used to disable any +port on any SNMP v1/2c/3 device that implementes the IF-MIB. + +The script requires NetSNMP to be installed and working on all nodes +in the cluster. There are no requirements for any MIBs to be setup --- all of +the required OIDs are hard-coded into the script. Since the IF-MIB is an IETF +standard, these identifiers are very widely supported and will not change. + + +Typical usage: +-------------- +To use this agent with the switch used on the iSCSI network, you'll need: + 1) A managed switch running SNMP. + 2) An SNMP community with write privileges. + 3) Permission to send SNMP through any ACLs or firewalls from the nodes. + 4) The ifIndex or ifPort associated with the ports being used by the cluster nodes. + +Consider a three-node cluster composed of A, B, and C. Each node has two +network interfaces - one used for network and cluster communication, the second +used for iSCSI traffic. If A needs to be fenced, B and C will run this script +to administratively disable the switchport for A's connection to the iSCSI +storage. + +If you are using a single interface for cluster and iSCSI traffic, this will +still work, but you will lose network connectivity to the fenced host. + + +cluster.conf: +------------- +There is no GUI support for this fence agent at this time. To use it, you will +need something like this cluster.conf + +<fencedevice agent="fence_ifmib" name="myswitch" comm="fencing" ipaddr="sw1"/> + +In a node's fencing methods, you'll include a line like this: + +<device name="myswitch" port="43" option="off"/> + +This node will be fenced by disabling the port with ifIndex 43 on the host sw1. +In SNMP speak, we set IF-MIB::ifAdminStatus.43 = down(2). + +If you will use port name (like fc1/1), script will try to find ifIndex. |