Bug 1466694
Summary: | ocf::heartbeat:apache do not move when testurl not accessible from cluster members | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Strahil Nikolov <hunter86_bg> |
Component: | pacemaker | Assignee: | Ken Gaillot <kgaillot> |
Status: | CLOSED NOTABUG | QA Contact: | cluster-qe <cluster-qe> |
Severity: | medium | Docs Contact: | |
Priority: | unspecified | ||
Version: | 7.3 | CC: | abeekhof, cluster-maint, hunter86_bg |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2017-06-30 19:32:03 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Strahil Nikolov
2017-06-30 09:16:21 UTC
In step 2 the actual command is: firewall-cmd --remove-service=http It seems that the "bug" is not a bug.Here is the actual working resource: pcs resource create APACHE apache params \ configfile="/etc/httpd/conf/httpd.conf" testurl="/" \ testregex="CLUSTER.EXAMPLE.COM" op monitor interval=120s timeout=10s \ start-delay=5s OCF_CHECK_LEVEL=10 The testurl check is run from the same node that is running the apache resource (not from other cluster nodes), so it will succeed as long as the page is accessible locally. Most firewall configurations always allow local connections, even if the port if blocked to other hosts. And as you figured out, a monitor must be configured with OCF_CHECK_LEVEL=10 for the apache resource agent to run the testurl check. |