インストール

apt install pcs

haclusterユーザのパスワード設定

passwd hacluster

インストール後はデフォルトでnode1というホストでクラスタが組まれておりこいつが邪魔をして設定ができないので消す

pcs cluster destroy

クラスタを組む

pcs host auth <host1> <host2> <host3> -u hacluster
pcs cluster setup <cluster_name> <host1> <host2> <host3> --start --enable

STONITHを無効にする

pcs property set stonith-enabled=false

クラスタにVirtual IPを追加する

pcs resource create VirtualIP ocf:heartbeat:IPaddr2 ip=192.168.151.254 cidr_netmask=22 nic=br0 op monitor interval=10s

ステータス確認

root@mks-m75q-1:~# pcs status
Cluster name: mks-m75q
Cluster Summary:
  * Stack: corosync
  * Current DC: mks-m75q-3 (version 2.0.3-4b1f869f0f) - partition with quorum
  * Last updated: Sat Oct 31 20:58:20 2020
  * Last change:  Sat Oct 31 20:30:47 2020 by root via cibadmin on mks-m75q-1
  * 3 nodes configured
  * 1 resource instance configured

Node List:
  * Online: [ mks-m75q-1 mks-m75q-2 mks-m75q-3 ]

Full List of Resources:
  * VirtualIP   (ocf::heartbeat:IPaddr2):        Started mks-m75q-1

Daemon Status:
  corosync: active/enabled
  pacemaker: active/enabled
  pcsd: active/enabled

VMのHA

pcs resource create vm-name ocf:heartbeat:VirtualDomain config=/etc/libvirt/qemu/name.xml migration_transport=ssh meta allow-migrate=true

https://access.redhat.com/documentation/ja-jp/red_hat_enterprise_linux/6/html/configuring_the_red_hat_high_availability_add-on_with_pacemaker/remotenode_config

CentOS7,8で確認
yum install -y postfix cyrus-sasl cyrus-sasl-plain mailx

Debian系
apt install -y postfix libsasl2-2 libsasl2-modules bsd-mailx

# /etc/postfix/main.cf に以下を追記
relayhost = [mail.so-net.ne.jp]:587
smtp_sasl_auth_enable = yes
smtp_sasl_mechanism_filter = plain
smtp_sasl_password_maps = hash:/etc/postfix/so-net_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_tls_security_options = noanonymous

# /etc/postfix/so-net_passwd を作成し、下記内容を記載
[mail.so-net.ne.jp]:587 ユーザID:パスワード
postmap hash:/etc/postfix/so-net_passwd

必要に応じて/etc/alias編集
newaliasesコマンド実行

systemctl enable postfix;\
systemctl restart postfix

echo raid1 >>/etc/initramfs-tools/modules
update-initramfs -c -k $(uname -r)
echo "initramfs initrd.img-$(uname -r) followkernel" >>/boot/config.txt
# vi /boot/cmdline.txt
root=/dev/mapper/system-rootfs

ラズパイ4でUSB HDDがうまく動かなかったときのワークアラウンド

echo "usb-storage.quirks=0x0080:0x0578:u" >>/boot/cmdline.txt

nmtuiではできないっぽいのでnmcliでやる

bridgeとbondingの組み合わせ

まずbridgeを作る

nmcli c add type bridge ifname br0 con-name br0
nmcli c mod br0 bridge.stp no
nmcli c mod br0 ipv4.method manual ipv4.address "192.168.1.100/24" ipv4.gateway "192.168.1.1" ipv4.dns "8.8.8.8 8.8.4.4" ipv4.dns-search lan
nmcli c down br0
nmcli c up br0

bridgeにbondingを追加

nmcli c add type bond ifname bond0 con-name bond0 mode active-backup
nmcli c mod bond0 connection.master br0 connection.slave-type bridge
nmcli c add type bond-slave ifname enpxxx con-name bond-slave-enpxxx master bond0
nmcli c add type bond-slave ifname enpyyy con-name bond-slave-enpyyy master bond0
nmcli c down bond-slave-enpxxx
nmcli c down bond-slave-enpyyy
nmcli c down bond0
nmcli c up bond-slave-enpxxx
nmcli c up bond-slave-enpyyy
nmcli c up bond0

bridgeとbondingの組み合わせで更にVLANも指定する

まず上のbridgeとbonding組み合わせを作る

VLAN ID2の場合

nmcli c add type bridge ifname br0.2 con-name br0.2;\
nmcli c mod br0.2 bridge.stp no;\
nmcli c mod br0.2 ipv4.method disable;\
nmcli c mod br0.2 ipv6.method disable;\
nmcli c down br0.2;\
nmcli c up br0.2;\
nmcli c add type vlan ifname bond0.2 con-name bond0.2 dev bond0 id 2;\
nmcli c mod bond0.2 connection.master br0.2 connection.slave-type bridge;\
nmcli c down bond0.2;\
nmcli c up bond0.2;

VLAN ID3の場合

nmcli c add type bridge ifname br0.3 con-name br0.3;\
nmcli c mod br0.3 bridge.stp no;\
nmcli c mod br0.3 ipv4.method disable;\
nmcli c mod br0.3 ipv6.method disable;\
nmcli c down br0.3;\
nmcli c up br0.3;\
nmcli con add type vlan ifname bond0.3 con-name bond0.3 dev bond0 id 3;\
nmcli c mod bond0.3 connection.master br0.3 connection.slave-type bridge;\
nmcli c down bond0.3;\
nmcli c up bond0.3;