I setup a Corosync/Pacemaker cluster + HAproxy using the following guide on Ubuntu 14.04 LTS:
http://www.sebastien-han.fr/blog/2012/04/15/active-passive-failover-cluster-on-a-mysql-galera-cluster-with-haproxy-lsb-agent/
I have not added the virtual ip setup, only two nodes, both with Haproxy installed on them. I am using the lsb:haproxy and my config is as follows:
To test everything, I kill the haproxy process by running the following command:
sudo kill -9 [PID#]
I then check the status of my cluster and receive the following error message: "Failed actions: insufficient privileges". I did not change haproxy user/group definition and my aisexec{} is using root for both user and group.
What should my permissions be if I want Corosync/Pacemaker to manage Haproxy?
EDIT: When I run the below service stop command, haproxy restarts as expected. Checking crm status
haproxy daemon is running like normal
# sudo service haproxy stop
# sudo crm status
HaproxyHA (lsb:haproxy): Started node1
Failed Actions:
But when I kill the pid manually, I keep seeing the error:
# sudo kill -9 $PID
HaproxyHA (lsb:haproxy): Started node1 (unmanaged) FAILED
Failed Actions:
After implementing change Federico mentioned (/bin/kill $pid || return 7)
it doesn't change my problem and I find this in my logs:
pengine: warning: unpack_rsc_op: Processing failed op stop for HaproxyHA on node1: not running (7)
Best Answer
I think the problem is in the init script, it does not respect the LSB spec.
If you look at the function
haproxy_stop
, in file/etc/init.d/haproxy
:In particularly, the line
/bin/kill $pid || return 4
. This makes the case that the process is killed the return value is 4, which according to the spec this is: user had insufficient privileges. Which is not correct.You can try to change by:
the correct way is stop daemon with killproc(8) and if this fails
killproc
sets the return value according to LSB.Eg.