Configuring DRBD

This procedure configures DRBD for deployments with either one or two NICs in each node.
  1. Log in to the primary node as root, or as a user with superuser privileges.
  2. In a separate window, log in to the secondary node as root, or as a user with superuser privileges.
  3. On both nodes, identify the storage areas to use.
    lsblk --output=NAME,SIZE
    Record the paths of the storage areas in the following table. The information is needed in subsequent steps and procedures.
    Node Isvcs-Storage Metadata-Storage App-Data-Storage
           
           
  4. On both nodes, edit the DRBD configuration file.
    1. Open /etc/drbd.d/global_common.conf with a text editor.
    2. Add the following values to the global and common/net sections of the file.
      global {
        usage-count yes;
      }
      common {
        net {
          protocol C;
        }
      }
    3. Save the file, and then close the editor.
  5. Optional: On both nodes, add SELinux policies for DRBD, if necessary.
    Perform this step only if you are using SELinux in enforcing mode.
    1. Determine whether DRBD security failures are present in the audit log.
      grep drbd /var/log/audit/audit.log
      If the command returns results similar to the following example, continue with the remaining substeps.
      type=AVC msg=audit(1316737884.896:27): avc:  denied  { module_request } for  pid=1253 comm="drbdsetup" kmod="hmac(sha1)" scontext=system_u:system_r:drbd_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system
    2. Determine whether auditd is running.
      ps -ef | grep auditd | grep -v grep
    3. Create policies based on the security failures in the log file.
      If auditd is running, enter the following command:
      grep drbd /var/log/audit/audit.log | audit2allow -a -l -M localdrbd
      If auditd is not running, enter the following command:
      grep drbd /var/log/audit/audit.log | audit2allow -d -l -M localdrbd
    4. Make the new policy active.
      semodule -i localdrbd.pp
  6. On both nodes, create a resource definition for Control Center.
    1. Open /etc/drbd.d/serviced-dfs.res with a text editor.
    2. For a dual-NIC system, add the following content to the file.

      Replace the variables in the content with the actual values for your environment:

      resource serviced-dfs {
         volume 0 {
            device /dev/drbd0;
            disk Isvcs-Storage;
            meta-disk internal;
         }
         volume 1 {
            device /dev/drbd1;
            disk Metadata-Storage;
            meta-disk internal;
         }
         volume 2 {
            device /dev/drbd2;
            disk App-Data-Storage;
            meta-disk internal;
         }
         syncer   {
            rate 30M;
         }
         net      {
            after-sb-0pri discard-zero-changes;               
            after-sb-1pri discard-secondary;
         }
         on Primary-Public-Name {
            address Primary-Private-IP:7789;
         }
         on Secondary-Public-Name {
            address Secondary-Private-IP:7789;
         }
      }
    3. For a single-NIC system, add the following content to the file.

      Replace the variables in the content with the actual values for your environment:

      resource serviced-dfs {
         volume 0 {
            device /dev/drbd0;
            disk Isvcs-Storage;
            meta-disk internal;
         }
         volume 1 {
            device /dev/drbd1;
            disk Metadata-Storage;
            meta-disk internal;
         }
         volume 2 {
            device /dev/drbd2;
            disk App-Data-Storage;
            meta-disk internal;
         }
         syncer   {
            rate 30M;
         }
         net      {
            after-sb-0pri discard-zero-changes;               
            after-sb-1pri discard-secondary;
         }
         on Primary-Public-Name {
            address Primary-Public-IP:7789;
         }
         on Secondary-Public-Name {
            address Secondary-Public-IP:7789;
         }
      }
    4. Save the file, and then close the editor.
  7. On both nodes, create device metadata and enable the new DRBD resource.
    drbdadm create-md all && drbdadm up all