8.4.5. Configuration Overview: KVM Guest Node
This section provides a high-level summary overview of the steps to perform to have Pacemaker launch a virtual machine and to integrate that machine as a guest node, using
libvirt
and KVM virtual guests.
- After installing the virtualization software and enabling the
libvirtd
service on the cluster nodes, put the same encryption key with the path/etc/pacemaker/authkey
on every cluster node and virtual machine. This secures remote communication and authentication.Run the following set of commands on every node to create theauthkey
directory with secure permissions.#
mkdir -p --mode=0750 /etc/pacemaker
#chgrp haclient /etc/pacemaker
The following command shows one method to create an encryption key. You should create the key only once and then copy it to all of the nodes.#
dd if=/dev/urandom of=/etc/pacemaker/authkey bs=4096 count=1
- On every virtual machine, install
pacemaker_remote
packages, start thepacemaker_remote
service and enable it to run on startup, and allow TCP port 3121 through the firewall.#
yum install pacemaker-remote resource-agents
#systemctl start pacemaker_remote.service
#systemctl enable pacemaker_remote.service
#firewall-cmd --add-port 3121/tcp --permanent
#firewall-cmd --reload
- Give each virtual machine a static network address and unique host name, which should be known to all nodes. For information on setting a static IP address for the guest virtual machine, see the Virtualization Deployment and Administration Guide.
- To create the
VirtualDomain
resource agent for the management of the virtual machine, Pacemaker requires the virtual machine's xml config file to be dumped to a file on disk. For example, if you created a virtual machine namedguest1
, dump the xml to a file somewhere on the host. You can use a file name of your choosing; this example uses/etc/pacemaker/guest1.xml
.#
virsh dumpxml guest1 > /etc/pacemaker/guest1.xml
- If it is running, shut down the guest node. Pacemaker will start the node when it is configured in the cluster.
- Create the
VirtualDomain
resource, configuring theremote-note
resource meta option to indicate that the virtual machine is a guest node capable of running resources.In the example below, the meta-attributeremote-node=guest1
tells pacemaker that this resource is a guest node with the host nameguest1
that is capable of being integrated into the cluster. The cluster will attempt to contact the virtual machine’spacemaker_remote
service at the host nameguest1
after it launches.From a cluster node, enter the following command.#
pcs resource create vm-guest1 VirtualDomain hypervisor="qemu:///system" config="/virtual_machines/vm-guest1.xml" meta remote-node=guest1
- After creating the
VirtualDomain
resource, you can treat the guest node just as you would treat any other node in the cluster. For example, you can create a resource and place a resource constraint on the resource to run on the guest node as in the following commands, which are run from a cluster node. As of Red Hat Enterprise Linux 6.8, you can include guest nodes in groups, which allows you to group a storage device, file system, and VM.#
pcs resource create webserver apache configfile=/etc/httpd/conf/httpd.conf op monitor interval=30s
#pcs constraint location webserver prefers guest1