Home / HA

High Availability

Pacemaker, Corosync, PCS cluster management, resource agents, and STONITH fencing.

Overview

Pacemaker + Corosync provides high-availability clustering on RHEL 10. PCS (Pacemaker/Corosync Configuration System) is the management tool.

# Install HA packages on all nodes
sudo dnf install -y pacemaker corosync pcs fence-agents-all

# Set password for hacluster user (same on all nodes)
sudo passwd hacluster

# Enable and start pcsd
sudo systemctl enable --now pcsd

# Firewall (on all nodes)
sudo firewall-cmd --permanent --add-service=high-availability
sudo firewall-cmd --reload

Cluster Setup

# Authorize nodes (run on any node)
sudo pcs cluster auth node1 node2 node3

# Create cluster
sudo pcs cluster setup mycluster node1 node2 node3

# Start on all nodes
sudo pcs cluster start --all

# Enable on boot
sudo pcs cluster enable --all

# Verify status
sudo pcs status
sudo pcs cluster status

# View corosync membership
sudo corosync-cmapctl | grep member

Resource Agents

# Create a virtual IP resource
sudo pcs resource create vip ocf:heartbeat:IPaddr2 ip=10.0.0.100 cidr_netmask=24 op monitor interval=30s

# Create an Apache resource
sudo pcs resource create httpd systemd:httpd op monitor interval=30s

# Create a resource group (ensures co-location and ordered start)
sudo pcs group add webgroup vip httpd

# List resources
sudo pcs resource

# Disable a resource (without deleting)
sudo pcs resource disable httpd

# Delete a resource
sudo pcs resource delete httpd

STONITH (Fencing)

# List available fence agents
ls /usr/libexec/pcs/fence_agent/
# Or: pcs stonith devices list  (list configured devices)

# Configure STONITH (example: IPMI)
sudo pcs stonith create fence-ipmi fence_ipmilan \
  pcmk_host_list=node1 node2 node3 \
  ipaddr=ipmi-mgmt.example.com \
  login=admin passwd=secret

# Disable STONITH enforcement (testing only, NOT for production)
sudo pcs property set stonith-enabled=false

# Re-enable for production
sudo pcs property set stonith-enabled=true

# View fencing devices
sudo pcs stonith show

Constraints

# Colocation (run together on same node)
sudo pcs constraint colocation add httpd vip INFINITY

# Ordering (start vip before httpd)
sudo pcs constraint order vip then httpd

# Location (prefer a specific node)
sudo pcs constraint location vip score=100 node1

# List all constraints
sudo pcs constraint

# Remove a constraint
sudo pcs constraint delete location-vip-node1

Corosync Configuration

# View corosync config
sudo cat /etc/corosync/corosync.conf

# Quorum configuration
sudo pcs quorum status

# Enable two-node (no-quorum policy)
sudo pcs quorum update auto_tie_breaker=1

# Synchronize config to all nodes
sudo pcs cluster sync
📚 Reference

RHEL 10 HA Guide · ClusterLabs