... | ... | @@ -957,20 +957,8 @@ catastrophic data loss bug in Ganeti or [howto/drbd](howto/drbd). |
|
|
--no-node-setup \
|
|
|
fsn-node-02.torproject.org
|
|
|
|
|
|
If this is an entirely new cluster, you need a different procedure:
|
|
|
|
|
|
gnt-cluster init \
|
|
|
--master-netdev vlan-gntbe \
|
|
|
--vg-name vg_ganeti \
|
|
|
--secondary-ip 172.30.135.1 \
|
|
|
--enabled-hypervisors kvm \
|
|
|
--nic-parameters link=br0,vlan=4000 \
|
|
|
--mac-prefix 00:66:37 \
|
|
|
--no-ssh-init \
|
|
|
--no-etc-hosts \
|
|
|
fsngnt.torproject.org
|
|
|
|
|
|
The above assumes that `fsngnt` is already in DNS.
|
|
|
If this is an entirely new cluster, you need a different
|
|
|
procedure, see [the cluster initialization procedure](#gnt-fsn-cluster-initialization) instead.
|
|
|
|
|
|
13. make sure everything is great in the cluster:
|
|
|
|
... | ... | @@ -988,6 +976,45 @@ catastrophic data loss bug in Ganeti or [howto/drbd](howto/drbd). |
|
|
ssh fsn-node-03.torproject.org "puppet agent -t; service ipsec reload"
|
|
|
ssh fsn-node-06.torproject.org "puppet agent -t; service ipsec reload; ipsec up gnt-fsn-be::fsn-node-03"
|
|
|
|
|
|
### gnt-fsn cluster initialization
|
|
|
|
|
|
This procedure replaces the `gnt-node add` step in the initial setup
|
|
|
of the first Ganeti node when the `gnt-fsn` cluster was setup:
|
|
|
|
|
|
gnt-cluster init \
|
|
|
--master-netdev vlan-gntbe \
|
|
|
--vg-name vg_ganeti \
|
|
|
--secondary-ip 172.30.135.1 \
|
|
|
--enabled-hypervisors kvm \
|
|
|
--nic-parameters link=br0,vlan=4000 \
|
|
|
--mac-prefix 00:66:37 \
|
|
|
--no-ssh-init \
|
|
|
--no-etc-hosts \
|
|
|
fsngnt.torproject.org
|
|
|
|
|
|
The above assumes that `fsngnt` is already in DNS. See the [MAC
|
|
|
address prefix selection](#mac-address-prefix-selection) section for information on how the
|
|
|
`--mac-prefix` argument was selected.
|
|
|
|
|
|
Then the following extra configuration was performed:
|
|
|
|
|
|
gnt-cluster modify --reserved-lvs vg_ganeti/root,vg_ganeti/swap
|
|
|
gnt-cluster modify -H kvm:kernel_path=,initrd_path=,
|
|
|
gnt-cluster modify -H kvm:security_model=pool
|
|
|
gnt-cluster modify -H kvm:kvm_extra='-device virtio-rng-pci\,bus=pci.0\,addr=0x1e\,max-bytes=1024\,period=1000'
|
|
|
gnt-cluster modify -H kvm:disk_cache=none
|
|
|
gnt-cluster modify -H kvm:disk_discard=unmap
|
|
|
gnt-cluster modify -H kvm:scsi_controller_type=virtio-scsi-pci
|
|
|
gnt-cluster modify -H kvm:disk_type=scsi-hd
|
|
|
gnt-cluster modify -H kvm:migration_bandwidth=950
|
|
|
gnt-cluster modify -H kvm:migration_downtime=500
|
|
|
gnt-cluster modify -D drbd:c-plan-ahead=0,disk-custom='--c-plan-ahead 0'
|
|
|
gnt-cluster modify --nic-parameters mode=openvswitch,link=br0,vlan=4000
|
|
|
gnt-cluster modify --uid-pool 4000-4019
|
|
|
|
|
|
The [network configuration](#network-configuration) (below) must also be performed for the
|
|
|
address blocks reserved in the cluster.
|
|
|
|
|
|
### New gnt-chi node
|
|
|
|
|
|
1. to create a new box, follow the [cymru new-machine howto](howto/new-machine-cymru)
|
... | ... | @@ -1036,41 +1063,58 @@ catastrophic data loss bug in Ganeti or [howto/drbd](howto/drbd). |
|
|
--no-node-setup \
|
|
|
chi-node-02.torproject.org
|
|
|
|
|
|
If this is an entirely new cluster, you need a different procedure:
|
|
|
If this is an entirely new cluster, you need a different
|
|
|
procedure, see [the cluster initialization procedure](#gnt-fsn-cluster-initialization) instead.
|
|
|
|
|
|
11. make sure everything is great in the cluster:
|
|
|
|
|
|
gnt-cluster verify
|
|
|
|
|
|
### gnt-chi cluster initialization
|
|
|
|
|
|
This procedure replaces the `gnt-node add` step in the initial setup
|
|
|
of the first Ganeti node when the `gnt-chi` cluster was setup:
|
|
|
|
|
|
gnt-cluster init \
|
|
|
--master-netdev eth1 \
|
|
|
--vg-name vg_ganeti \
|
|
|
--secondary-ip 172.30.130.1 \
|
|
|
--enabled-hypervisors kvm \
|
|
|
--mac-prefix 00:66:38 \
|
|
|
--mac-prefix 06:66:38 \
|
|
|
--no-ssh-init \
|
|
|
--no-etc-hosts \
|
|
|
chignt.torproject.org
|
|
|
|
|
|
The above assumes that `chignt` is already in DNS.
|
|
|
The above assumes that `chignt` is already in DNS. See the [MAC
|
|
|
address prefix selection](#mac-address-prefix-selection) section for information on how the
|
|
|
`--mac-prefix` argument was selected.
|
|
|
|
|
|
11. make sure everything is great in the cluster:
|
|
|
|
|
|
gnt-cluster verify
|
|
|
|
|
|
### cluster config
|
|
|
|
|
|
These could probably be merged into the cluster init, but just to document what has been done:
|
|
|
Then the following extra configuration was performed:
|
|
|
|
|
|
```
|
|
|
gnt-cluster modify --reserved-lvs vg_ganeti/root,vg_ganeti/swap
|
|
|
gnt-cluster modify -H kvm:kernel_path=,initrd_path=,
|
|
|
gnt-cluster modify -H kvm:security_model=pool
|
|
|
gnt-cluster modify -H kvm:kvm_extra='-device virtio-rng-pci\,bus=pci.0\,addr=0x1e\,max-bytes=1024\,period=1000'
|
|
|
gnt-cluster modify -H kvm:disk_cache=none
|
|
|
gnt-cluster modify -H kvm:disk_discard=unmap
|
|
|
gnt-cluster modify -H kvm:scsi_controller_type=virtio-scsi-pci
|
|
|
gnt-cluster modify -H kvm:disk_type=scsi-hd
|
|
|
gnt-cluster modify --uid-pool 4000-4019
|
|
|
gnt-cluster modify --nic-parameters mode=openvswitch,link=br0,vlan=4000
|
|
|
gnt-cluster modify -D drbd:c-plan-ahead=0,disk-custom='--c-plan-ahead 0'
|
|
|
gnt-cluster modify -H kvm:migration_bandwidth=950
|
|
|
gnt-cluster modify -H kvm:migration_downtime=500
|
|
|
gnt-cluster modify -D drbd:c-plan-ahead=0,disk-custom='--c-plan-ahead 0'
|
|
|
gnt-cluster modify --uid-pool 4000-4019
|
|
|
```
|
|
|
|
|
|
The following was done on the `gnt-fsn` cluster but it may not be
|
|
|
required on the `gnt-chi` cluster.
|
|
|
|
|
|
```
|
|
|
gnt-cluster modify -H kvm:kvm_extra='-device virtio-rng-pci\,bus=pci.0\,addr=0x1e\,max-bytes=1024\,period=1000'
|
|
|
gnt-cluster modify --nic-parameters mode=openvswitch,link=br0,vlan=4000
|
|
|
```
|
|
|
|
|
|
The [network configuration](#network-configuration) (below) must also be performed for the
|
|
|
address blocks reserved in the cluster.
|
|
|
|
|
|
### Network configuration
|
|
|
|
... | ... | |