2.4. Configuring a High Availability pcsd Web UI
When you use the
pcsd
Web UI, you connect to one of the nodes of the cluster to display the cluster management pages. If the node to which you are connecting goes down or becomes unavailable, you can reconnect to the cluster by opening your browser to a URL that specifies a different node of the cluster. It is possible, however, to configure the pcsd Web UI itself for high availability, in which case you can continue to manage the cluster without entering a new URL.
To configure the
pcsd
Web UI for high availability, perform the following steps.
- Ensure that
PCSD_SSL_CERT_SYNC_ENABLED
is set totrue
in the/etc/sysconfig/pcsd
configuration file, which is the default value in RHEL 7. Enabling certificate syncing causespcsd
to sync thepcsd
certificates for the cluster setup and node add commands. - Create an
IPaddr2
cluster resource, which is a floating IP address that you will use to connect to thepcsd
Web UI. The IP address must not be one already associated with a physical node. If theIPaddr2
resource’s NIC device is not specified, the floating IP must reside on the same network as one of the node’s statically assigned IP addresses, otherwise the NIC device to assign the floating IP address cannot be properly detected. - Create custom SSL certificates for use with
pcsd
and ensure that they are valid for the addresses of the nodes used to connect to thepcsd
Web UI.- To create custom SSL certificates, you can use either wildcard certificates or you can use the Subject Alternative Name certificate extension. For information on the Red Hat Certificate System, see the Red Hat Certificate System Administration Guide.
- Install the custom certificates for
pcsd
with thepcs pcsd certkey
command. - Sync the
pcsd
certificates to all nodes in the cluster with thepcs pcsd sync-certificates
command.
- Connect to the
pcsd
Web UI using the floating IP address you configured as a cluster resource.
Note
Even when you configure the
pcsd
Web UI for high availability, you will be asked to log in again when the node to which you are connecting goes down.