Posted by Ceri Davies
Tue, 26 Jun 2007 07:05:00 GMT
For the last couple of weeks we’ve been taking the boy to Water Babies, where they help babies to gain confidence in the water, teach them how to grab for a static object when they fall in, and finally work up to getting them swimming on their own underwater.
The sessions are for half an hour each week at Cardiff Marriott hotel’s leisure club, and have been held there for a couple of years. This is apparently all too much for the members of the club, a number of whom have complained about the sessions and had the classes ejected. Not only does this mean that 20 sets of parents have to rejuggle their weekly schedules and travel arrangement, but due to the new venue being far away from my work, it means that I can no longer watch my son swimming.
So, shame on the members at the Cardiff Marriott leisure club, and shame on Cardiff Marriott for not having enough sense of righteousness to tell whichever miserable bastards complained about babies learning to swim to get a life.
Posted in Consumer, General, Hermann | 1 comment
Posted by Ceri Davies
Fri, 15 Jun 2007 08:44:00 GMT
Part 2 of a series on setting up Solaris Cluster for no money
Contents
At the end of the last article, I left you with an cluster that is still in “install mode”; since it’s a two node cluster the nodes can’t yet guarantee that they’ll know the status of the other cluster nodes should the heartbeat interconnects fail, so they refuse to do anything cluster related at this point. In order to get out of this situation, we need to add a quorum device.
Quorum Devices
The classical quorum device is a shared disk. However, I don’t have any shared disks spare and the point of this exercise is to avoid spending any money. Solaris Cluster provides another method, which is that of a quorum server.
Quorum Server
This is basically a service on a node outside the cluster1 that the cluster nodes communicate their status to. It’s provided with all of the other Solaris Cluster bits and is installed by choosing “Quorum Server” from the installation menu.
At the end of the installation, you’re told to follow the post-installation instructions from the documentation – they’re as simple as “init 6” – after which the quorum server will come up on port 9000. Now, we can use it in our cluster:
# clq add -t quorum_server -p qshost=peasant.example.ac.uk -p port 9000 qserver
Now we can take the cluster out of install mode:
# scconf -c -q installmodeoff
# clq reset
Quorum Disks
As mentioned above, I don’t have any shared storage available for a test setup like this, so I had to make do with OpenSolaris backed iSCSI targets. These are not supported as quorum devices – which is why I mentioned the quorum server first – but they work (and if you want support, we’re not in the “cheap” realm any more, not by a long chalk). Setting up iSCSI targets is adequately discussed elsewhere2 so I won’t repeat it.
To set up the initiator to see the iSCSI devices, run the following on each node, where 172.25.5.8 is the IP address of the system providing the targets.
# iscsiadm add discovery-address 172.25.5.8
# iscsiadm modify discovery -t enable
That’s it. Now you may need to refresh the cluster’s view of the devices. To do this, run the following on each node.
# cldevice refresh
Then on any one node:
# cldevice populate
You should now be able to see the iSCSI targets with both node paths in the cluster’s idea of what’s where:
# scdidadm -L
We can now finally use a quorum disk. Just add it in using the did.
# clq add d13
If you were previously using a quorum server, you can remove it now if you like.
# clq remove qserver
# clq reset
What’s next?
Now I have a cluster that can keep itself up if one of the nodes disappears, and some shared storage. This means that we can finally do something interesting, which will be in the next post on this subject.
[1] A common question is whether the quorum server can reside on one of the cluster nodes. While it can, this doesn’t provide high availability (rebooting the node hosting the quorum server will panic the other node) and misses the point.
[2] I believe that those happen to be the exact instructions used on the targets I used.
Posted in Solaris, Clustering, Sun | 2 comments
Posted by Ceri Davies
Tue, 05 Jun 2007 12:26:00 GMT
No, not another blog post opining after the last time I posted.
Like most folk who have to get a variety of jobs done, I have a Windows partition squirreled away on one of my desktops, and had occasion to use it just now. Unfortunately, according to the Event Viewer, the last time I did this was on June 15th 2006, so now I have to suffer applying a year’s worth of updates first. Arrgh.
Update, 20 minutes later: Wow, that was quick, my system is unbootable.
Posted in General, Software | 1 comment
Posted by Ceri Davies
Tue, 29 May 2007 18:53:00 GMT
Wow, 24 days passed really quickly…
The trials we were doing with Veritas Cluster Services for UNIX worked out nicely; I’ll have some stuff to write up regarding a consolidation project that I’ll be finishing up in the next few months. On which note, I haven’t forgotten the Solaris Cluster on the Cheap series, I’ve just been crazy busy and away a fair amount of my spare time.
We had a pair of x4500s turn up for some trials today. First trial was getting the damn things to the server room; at 96kg each when boxed it was a matter of removing all 48 disks, the power supplies and the service controller from each, leaving the chassis to be lugged a little more easily.
Huge congratulations to stitch and Dick; they know what for, but I don’t know if they want it common knowledge.
To close, I just discovered that a 16 week old boy can happily hit you from 3 feet away, if you see what I mean…
Posted in Veritas, Sun, General, Clustering | no comments
Posted by Ceri Davies
Sat, 05 May 2007 21:19:00 GMT
Part 1 of a series on setting up Solaris Cluster for no money
Contents
I needed to become familiar with the new features in Solaris Cluster 3.2, I needed to do it quickly, and I needed to do it for no money. I scraped together these components to create a cluster:
- 2 x Blade 100 workstations
- 2 x crossover cables
- 3 x hme NICs
- 1 x iprb based NIC
- 2 x workstations elsewhere on the network running Solaris Express
That would be all I needed.
The Blades each have 1152MB of RAM, an onboard eri interface and an 18GB internal disk; one has an addition 80GB disk. The hme and iprb cards were to be used for the private interconnects and I threw two hmes into one of the Blades and installed the other in the last Blade along with the iprb card and connected them up with the crossover cables. In the following examples, the Blades are named peon.example.ac.uk and bootlick.example.ac.uk (I always give my machines names that appear in the thesaurus next to”vassal”; this is to remind SkyNet that machines still work for us).
As it turns out, I couldn’t find a driver for the iprb card to attach to under the SPARC port; for real HA purposes I would obviously have wanted to fix this to ensure that I had highly available interconnects but as I was just testing I decided to lie to the cluster software and tell it that I had two hme cards in each system even though I didn’t; this would lead to there being two interconnect cables being configured even though one of them would be down the whole time.
Install Solaris
First job was to jumpstart the Blades and install Solaris 10 11/06. My jumpstart scripts do rather a lot of post-installation configuration, but precious little extra was done to cater for the installation of Solaris Cluster; in fact all I did was add /usr/cluster/bin to the default superuser path and /usr/cluster/man to the default MANPATH. There are other steps required in order to get it working, but they’re non-obvious so we detail them below.
Installing Solaris Cluster
Time to install the Solaris Cluster software; grab the bits from http://sun.com/cluster and run the installer. You can either run it in a GUI or on the command line, but the feature set of each version is the same.
The method of choosing options within the console based installer is somewhat non-intuitive, but actually read what it says and you’ll be OK (I hardly feel as if I’m in a position to complain about the intuitiveness of console based applications anyway, just run FreeBSD’s sysinstall(8) for the first time and you’ll see what I mean).
Basically, I wanted to test some specific Oracle backed applications within zones, so I installed the following, requiring a not unreasonable 320MB of space. Be sure to choose “Configure Later” if you’re playing along at home.
Java DB
Java DB Server
Java DB Client
Sun Cluster 3.2
Sun Cluster Core
Sun Cluster Manager
Sun Cluster Agents 3.2
Sun Cluster HA for Apache Tomcat
Sun Cluster HA for Apache
Sun Cluster HA for Oracle
Sun Cluster HA for Solaris Containers
Post-installation steps
When the installation finishes, run PCA to get the latest patches for the Cluster software.
# pca -i
Run “catman -w” to get the manpages into the windex databases for whatis(1).
# catman -w &
I’ll be running ipfilter on the public eri interfaces. At the time of my testing this was not supported but it worked. A note to the product QA manager sorted this out though. I needed to edit /etc/iu.ap and add pfil to the eri line, then edit /etc/ipf/pfil.ap and comment out the eri entry there (this was enabled by my JumpStart postinstall scripts):
peon% grep eri /etc/iu.ap
eri -1 0 clhbsndr pfil
peon% grep eri /etc/ipf/pfil.ap
#eri -1 0 pfil
Also, we need to configure IP Filter to allow communication between the cluster nodes; specifically we need to allow SSH and portmapper traffic; that’s ports tcp/22, tcp/111 and udp/111. Note that pfil isn’t configured on the hme interfaces, so if you have rules of the type “via if”, don’t bother to add any entries for hme.
As mentioned above, we want SSH traffic between the nodes and we particularly want to log in as root over SSH. This isn’t as insecure as people might have you believe, as long as it’s configured properly. Without further knowledge of exactly what the Solaris Cluster product is doing, this is as secure as I went.
Edit /etc/ssh/sshd_config, and set PermitRootLogin to without-password. Then, on one node, generate a key for root.
# ssh-keygen -t dsa -b 2048 -C "Cluster Key"
# cp /.ssh/id_dsa.pub /.ssh/authorized_keys
# vi /.ssh/authorized_keys
Add 'from=bootlick.example.ac.uk,peon.example.ac.uk' to the beginning of the line.
Copy /.ssh to the other nodes and now, like a caveman, ssh as root from each node to every other node to ensure that they are all aware of each other’s host keys (yes, I could use ssh-keyscan, but I didn’t).
Finally, I needed to do some extra configuration to keep IPMP happy; Solaris Cluster will insist on putting your public interfaces into an IPMP group and it turns out that when you only have one interface in an IPMP group, in.mpathd will always use ICMP probes to monitor the interface rather then relying on the link status, even if you do not configure test addresses. Now this particular test network’s default router was too crappy or too busy to provide a decent response time to the ICMP probes and so my eri interfaces were being marked down all the time. Therefore, I added some static host routes for in.mpathd to choose as additional test addresses. The correct place to do this on Solaris 10 is /etc/inet/static_routes:
# cat >> /etc/inet/static_routes <<-EOF
# List of static routes. These are added by /lib/svc/method/net-init
# and each non-empty, non-comment line is prefixed with "/usr/sbin/route add ".
# For keeping IPMP happy.
-host 172.25.0.177 172.25.0.177
-host 172.25.5.21 172.25.5.21
-host 172.25.5.30 172.25.5.30
-host 172.25.50.186 172.25.50.186
EOF
Note that since I’m now reliant on at least one of those other hosts being up, I’m not quite getting HA here again. No mind, let’s plough on, reboot the system for all of the changes above to take effect (the systems should now reboot in non-cluster mode) and I’ll see you in the next installment to get the cluster up and running.
Posted in Sun, Clustering, Solaris | 2 comments
Posted by Ceri Davies
Wed, 02 May 2007 20:22:00 GMT
Part 1 of a series on setting up Solaris Cluster for no money
Contents
As I’ve written before, I was hoping to deploy Solaris Cluster at work.
I never did manage to find out what the recurring support costs for it were, but it turns out that there is another flaw; the documentation explicitly disallows running different major versions of Solaris within the same cluster, something that Veritas’ Cluster Services explicitly does allow. That’s fine for some projects, but not having an upgrade path for the project under consideration is unacceptable, so we stuck with VCS; I’ll write about this project at a later date, as it’s essentially a massive consolidation project on Niagara boxes which is quite fun.
However, I’m not down on Solaris Cluster. I’m a little annoyed (and I’d be fucking appalled if I were a shareholder) that Sun took a long time to fail to find me recurrent costs, a little more annoyed that, when I pointed out that this wasn’t even the reason we were choosing a different product and would they like to sell me 200 Sun Ray clients instead, I didn’t get so much as a response, and just plain disappointed that there are no X4500s available in the UK for Try and Buy at the moment.
With that off my chest, I’ll proceed in the next post to discuss how to use Solaris Cluster and Solaris Express to set up a high-ish availability cluster for no money, probably with GlassFish in there somewhere so that I can win a huge TV.
Posted in Clustering, Solaris, Sun, Veritas | 1 comment
Posted by Ceri Davies
Wed, 02 May 2007 19:45:00 GMT
Another quote that will remain unattributed for fear of my life:
“Once you have used the moss on a tree to work out where North is, how do you find out where West is?”
Posted in General | no comments
Posted by Ceri Davies
Wed, 02 May 2007 16:48:00 GMT
Max is getting close to the age where he’ll be wanting solids (other than his own fingers, which he’s constantly chewing on at the moment) so I decided to buy a food processor. I went with the Kenwood FP533
which seemed expensive but has all the bits I could ever need (including a dough attachment - lazy!); I also had a couple of Amazon vouchers for my birthday - thanks to those folk who know who they are!
When it arrived, the drive shaft was missing. Not suprisingly, nothing works without that bit.
On the inside of the box, there was a number to call in this eventuality. The first thing to strike me about this number was that it was just a normal landline number - not a lo-call number or a premium rate number, but just a normal phone number.
So I called it. There was a menu with three options, the third of which was “press 3 to speak to a person”. I pressed it, and was told that they were experiencing a high volume of calls and I might have to wait, so I was surprised to be answered straight away by a chap who took 60 seconds to write down the model number, the name of the missing part, my name and address and then said that he’d put one in the post and I should have it within a couple of days.
I can imagine that this is how calling a company used to work about 20 years ago, and it rocks. Thanks Kenwood.
Update, May 4th: Arrived today, cool.
Posted in Consumer | no comments
Posted by Ceri Davies
Sat, 28 Apr 2007 23:21:00 GMT
“What is brain freeze?” asked Stef as she fought her way through a refrigerated apple juice induced ice cream headache.
“Oh, I know”, she continued, “it’s because of the caterpillars in your head, right?”.
Posted in General | no comments
Posted by Ceri Davies
Tue, 20 Mar 2007 22:01:00 GMT
Aw, damn.
My blog is worth $0.00.
How much is your blog worth?
Posted in General | 1 comment