[Linux-ha-dev] Feedback on conntrackd RA by Dominik Klein

Robert Euhus euhus-liste1 at rrzn.uni-hannover.de
Thu Feb 3 09:41:08 MST 2011 

Dominik Klein schrieb:
> Just now found this thread. I will include the suggested changes and
> post the new RA soon-ish.
> 
> Dominik
> 
> On 01/21/2011 08:26 AM, Florian Haas wrote:
>> On 01/18/2011 04:21 PM, Florian Haas wrote:
>>>> Our site will shortly be deploying a new HA firewall based on Linux,
>>>> iptables, pacemaker and conntrackd.
>>>> conntrackd[1] is used to maintain connection state of active
>>>> connections
>>>> across the two firewalls allowing us to failover from one firewall to
>>>> the other without dropping any connections.
>>>>
>>>> In order to achieve this with pacemaker we needed to find a resource
>>>> agent for conntrackd. Looking at the mailing list we found a couple of
>>>> options although we only fully evaluated the RA produced by Dominik
>>>> Klein as it appears to be more feature complete than the alternative.
>>>> For a full description of his RA please see his original thread[2].
>>>>
>>>> So far throughout testing we have been very pleased with it. We can
>>>> successfully fail between our nodes and the RA correctly handles the
>>>> synchronisation steps required in the background.
>> Dominik,
>>
>> it appears that the RA is good to be merged with just a few changes left
>> to be done.
>> [..]
We are also going to set up a HA firewall and our (albeit not very
extensive) testing of this resource agent has been quite successful.

I used the agent without any notable changes -- just a little cleanup in
line 146 in the conntracd_start function (diff attatched):

-                       conntrackd_set_master_score 100
+                       conntrackd_set_master_score $slave_score

It was propably just overlooked when changing to variables.

Thank you very much for this resource agent!

Yours,
Robert.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: conntrackd.diff
Type: text/x-patch
Size: 307 bytes
Desc: not available
Url : http://lists.linux-ha.org/pipermail/linux-ha-dev/attachments/20110203/f4393842/attachment.bin

More information about the Linux-HA-Dev mailing list