1 <?xml version="1.0" encoding="iso-8859-1"?>
3 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
4 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
6 <refentry id="ctdb-script.options.5">
9 <refentrytitle>ctdb-script.options</refentrytitle>
10 <manvolnum>5</manvolnum>
11 <refmiscinfo class="source">ctdb</refmiscinfo>
12 <refmiscinfo class="manual">CTDB - clustered TDB database</refmiscinfo>
16 <refname>ctdb-script.options</refname>
17 <refpurpose>CTDB scripts configuration files</refpurpose>
21 <title>DESCRIPTION</title>
24 Each CTDB script has 2 possible locations for its configuration options:
31 <filename>/usr/local/etc/ctdb/script.options</filename>
35 This is a catch-all global file for general purpose
36 scripts and for options that are used in multiple event
44 <parameter>SCRIPT</parameter>.options
49 <filename><parameter>SCRIPT</parameter></filename> are
50 placed in a file alongside the script, with a ".script"
51 suffix added. This style is usually recommended for event
56 Options in this script-specific file override those in
65 These files should include simple shell-style variable
66 assignments and shell-style comments.
72 <title>NETWORK CONFIGURATION</title>
75 <title>10.interface</title>
78 This event script handles monitoring of interfaces using by
86 CTDB_PARTIALLY_ONLINE_INTERFACES=yes|no
90 Whether one or more offline interfaces should cause a
91 monitor event to fail if there are other interfaces that
92 are up. If this is "yes" and a node has some interfaces
93 that are down then <command>ctdb status</command> will
94 display the node as "PARTIALLYONLINE".
98 Note that CTDB_PARTIALLY_ONLINE_INTERFACES=yes is not
99 generally compatible with NAT gateway or LVS. NAT
100 gateway relies on the interface configured by
101 CTDB_NATGW_PUBLIC_IFACE to be up and LVS replies on
102 CTDB_LVS_PUBLIC_IFACE to be up. CTDB does not check if
103 these options are set in an incompatible way so care is
104 needed to understand the interaction.
117 <title>11.natgw</title>
120 Provides CTDB's NAT gateway functionality.
124 NAT gateway is used to configure fallback routing for nodes
125 when they do not host any public IP addresses. For example,
126 it allows unhealthy nodes to reliably communicate with
127 external infrastructure. One node in a NAT gateway group will
128 be designated as the NAT gateway master node and other (slave)
129 nodes will be configured with fallback routes via the NAT
130 gateway master node. For more information, see the
131 <citetitle>NAT GATEWAY</citetitle> section in
132 <citerefentry><refentrytitle>ctdb</refentrytitle>
133 <manvolnum>7</manvolnum></citerefentry>.
139 <term>CTDB_NATGW_DEFAULT_GATEWAY=<parameter>IPADDR</parameter></term>
142 IPADDR is an alternate network gateway to use on the NAT
143 gateway master node. If set, a fallback default route
144 is added via this network gateway.
147 No default. Setting this variable is optional - if not
148 set that no route is created on the NAT gateway master
155 <term>CTDB_NATGW_NODES=<parameter>FILENAME</parameter></term>
158 FILENAME contains the list of nodes that belong to the
159 same NAT gateway group.
164 <parameter>IPADDR</parameter> <optional>slave-only</optional>
168 IPADDR is the private IP address of each node in the NAT
172 If "slave-only" is specified then the corresponding node
173 can not be the NAT gateway master node. In this case
174 <varname>CTDB_NATGW_PUBLIC_IFACE</varname> and
175 <varname>CTDB_NATGW_PUBLIC_IP</varname> are optional and
180 <filename>/usr/local/etc/ctdb/natgw_nodes</filename> when enabled.
186 <term>CTDB_NATGW_PRIVATE_NETWORK=<parameter>IPADDR/MASK</parameter></term>
189 IPADDR/MASK is the private sub-network that is
190 internally routed via the NAT gateway master node. This
191 is usually the private network that is used for node
201 <term>CTDB_NATGW_PUBLIC_IFACE=<parameter>IFACE</parameter></term>
204 IFACE is the network interface on which the
205 CTDB_NATGW_PUBLIC_IP will be configured.
214 <term>CTDB_NATGW_PUBLIC_IP=<parameter>IPADDR/MASK</parameter></term>
217 IPADDR/MASK indicates the IP address that is used for
218 outgoing traffic (originating from
219 CTDB_NATGW_PRIVATE_NETWORK) on the NAT gateway master
220 node. This <emphasis>must not</emphasis> be a
221 configured public IP address.
230 <term>CTDB_NATGW_STATIC_ROUTES=<parameter>IPADDR/MASK[@GATEWAY]</parameter> ...</term>
233 Each IPADDR/MASK identifies a network or host to which
234 NATGW should create a fallback route, instead of
235 creating a single default route. This can be used when
236 there is already a default route, via an interface that
237 can not reach required infrastructure, that overrides
238 the NAT gateway default route.
241 If GATEWAY is specified then the corresponding route on
242 the NATGW master node will be via GATEWAY. Such routes
244 <varname>CTDB_NATGW_DEFAULT_GATEWAY</varname> is not
245 specified. If GATEWAY is not specified for some
246 networks then routes are only created on the NATGW
247 master node for those networks if
248 <varname>CTDB_NATGW_DEFAULT_GATEWAY</varname> is
252 This should be used with care to avoid causing traffic
253 to unnecessarily double-hop through the NAT gateway
254 master, even when a node is hosting public IP addresses.
255 Each specified network or host should probably have a
256 corresponding automatically created link route or static
268 <title>Example</title>
270 CTDB_NATGW_NODES=/usr/local/etc/ctdb/natgw_nodes
271 CTDB_NATGW_PRIVATE_NETWORK=192.168.1.0/24
272 CTDB_NATGW_DEFAULT_GATEWAY=10.0.0.1
273 CTDB_NATGW_PUBLIC_IP=10.0.0.227/24
274 CTDB_NATGW_PUBLIC_IFACE=eth0
278 A variation that ensures that infrastructure (ADS, DNS, ...)
279 directly attached to the public network (10.0.0.0/24) is
280 always reachable would look like this:
283 CTDB_NATGW_NODES=/usr/local/etc/ctdb/natgw_nodes
284 CTDB_NATGW_PRIVATE_NETWORK=192.168.1.0/24
285 CTDB_NATGW_PUBLIC_IP=10.0.0.227/24
286 CTDB_NATGW_PUBLIC_IFACE=eth0
287 CTDB_NATGW_STATIC_ROUTES=10.0.0.0/24
290 Note that <varname>CTDB_NATGW_DEFAULT_GATEWAY</varname> is
298 <title>13.per_ip_routing</title>
301 Provides CTDB's policy routing functionality.
305 A node running CTDB may be a component of a complex network
306 topology. In particular, public addresses may be spread
307 across several different networks (or VLANs) and it may not be
308 possible to route packets from these public addresses via the
309 system's default route. Therefore, CTDB has support for
310 policy routing via the <filename>13.per_ip_routing</filename>
311 eventscript. This allows routing to be specified for packets
312 sourced from each public address. The routes are added and
313 removed as CTDB moves public addresses between nodes.
317 For more information, see the <citetitle>POLICY
318 ROUTING</citetitle> section in
319 <citerefentry><refentrytitle>ctdb</refentrytitle>
320 <manvolnum>7</manvolnum></citerefentry>.
325 <term>CTDB_PER_IP_ROUTING_CONF=<parameter>FILENAME</parameter></term>
328 FILENAME contains elements for constructing the desired
329 routes for each source address.
333 The special FILENAME value
334 <constant>__auto_link_local__</constant> indicates that no
335 configuration file is provided and that CTDB should
336 generate reasonable link-local routes for each public IP
343 <parameter>IPADDR</parameter> <parameter>DEST-IPADDR/MASK</parameter> <optional><parameter>GATEWAY-IPADDR</parameter></optional>
349 <filename>/usr/local/etc/ctdb/policy_routing</filename>
357 CTDB_PER_IP_ROUTING_RULE_PREF=<parameter>NUM</parameter>
361 NUM sets the priority (or preference) for the routing
362 rules that are added by CTDB.
366 This should be (strictly) greater than 0 and (strictly)
367 less than 32766. A priority of 100 is recommended, unless
368 this conflicts with a priority already in use on the
370 <citerefentry><refentrytitle>ip</refentrytitle>
371 <manvolnum>8</manvolnum></citerefentry>, for more details.
378 CTDB_PER_IP_ROUTING_TABLE_ID_LOW=<parameter>LOW-NUM</parameter>,
379 CTDB_PER_IP_ROUTING_TABLE_ID_HIGH=<parameter>HIGH-NUM</parameter>
383 CTDB determines a unique routing table number to use for
384 the routing related to each public address. LOW-NUM and
385 HIGH-NUM indicate the minimum and maximum routing table
386 numbers that are used.
390 <citerefentry><refentrytitle>ip</refentrytitle>
391 <manvolnum>8</manvolnum></citerefentry> uses some
392 reserved routing table numbers below 255. Therefore,
393 CTDB_PER_IP_ROUTING_TABLE_ID_LOW should be (strictly)
398 CTDB uses the standard file
399 <filename>/etc/iproute2/rt_tables</filename> to maintain
400 a mapping between the routing table numbers and labels.
401 The label for a public address
402 <replaceable>ADDR</replaceable> will look like
403 ctdb.<replaceable>addr</replaceable>. This means that
404 the associated rules and routes are easy to read (and
409 No default, usually 1000 and 9000.
416 <title>Example</title>
418 CTDB_PER_IP_ROUTING_CONF=/usr/local/etc/ctdb/policy_routing
419 CTDB_PER_IP_ROUTING_RULE_PREF=100
420 CTDB_PER_IP_ROUTING_TABLE_ID_LOW=1000
421 CTDB_PER_IP_ROUTING_TABLE_ID_HIGH=9000
428 <title>91.lvs</title>
431 Provides CTDB's LVS functionality.
435 For a general description see the <citetitle>LVS</citetitle>
436 section in <citerefentry><refentrytitle>ctdb</refentrytitle>
437 <manvolnum>7</manvolnum></citerefentry>.
444 CTDB_LVS_NODES=<parameter>FILENAME</parameter>
448 FILENAME contains the list of nodes that belong to the
454 <parameter>IPADDR</parameter> <optional>slave-only</optional>
458 IPADDR is the private IP address of each node in the LVS
462 If "slave-only" is specified then the corresponding node
463 can not be the LVS master node. In this case
464 <varname>CTDB_LVS_PUBLIC_IFACE</varname> and
465 <varname>CTDB_LVS_PUBLIC_IP</varname> are optional and
470 <filename>/usr/local/etc/ctdb/lvs_nodes</filename> when enabled.
477 CTDB_LVS_PUBLIC_IFACE=<parameter>INTERFACE</parameter>
481 INTERFACE is the network interface that clients will use
482 to connection to <varname>CTDB_LVS_PUBLIC_IP</varname>.
483 This is optional for slave-only nodes.
491 CTDB_LVS_PUBLIC_IP=<parameter>IPADDR</parameter>
495 CTDB_LVS_PUBLIC_IP is the LVS public address. No
507 <title>SERVICE CONFIGURATION</title>
510 CTDB can be configured to manage and/or monitor various NAS (and
511 other) services via its eventscripts.
515 In the simplest case CTDB will manage a service. This means the
516 service will be started and stopped along with CTDB, CTDB will
517 monitor the service and CTDB will do any required
518 reconfiguration of the service when public IP addresses are
523 <title>20.multipathd</title>
526 Provides CTDB's Linux multipathd service management.
530 It can monitor multipath devices to ensure that active paths
537 CTDB_MONITOR_MPDEVICES=<parameter>MP-DEVICE-LIST</parameter>
541 MP-DEVICE-LIST is a list of multipath devices for CTDB to monitor?
552 <title>31.clamd</title>
555 This event script provide CTDB's ClamAV anti-virus service
560 This eventscript is not enabled by default. Use <command>ctdb
561 enablescript</command> to enable it.
568 CTDB_CLAMD_SOCKET=<parameter>FILENAME</parameter>
572 FILENAME is the socket to monitor ClamAV.
585 <title>49.winbind</title>
588 Provides CTDB's Samba winbind service management.
595 CTDB_SERVICE_WINBIND=<parameter>SERVICE</parameter>
599 Distribution specific SERVICE for managing winbindd.
602 Default is "winbind".
612 <title>50.samba</title>
615 Provides the core of CTDB's Samba file service management.
622 CTDB_SAMBA_CHECK_PORTS=<parameter>PORT-LIST</parameter>
626 When monitoring Samba, check TCP ports in
627 space-separated PORT-LIST.
630 Default is to monitor ports that Samba is configured to listen on.
637 CTDB_SAMBA_SKIP_SHARE_CHECK=yes|no
641 As part of monitoring, should CTDB skip the check for
642 the existence of each directory configured as share in
643 Samba. This may be desirable if there is a large number
654 CTDB_SERVICE_NMB=<parameter>SERVICE</parameter>
658 Distribution specific SERVICE for managing nmbd.
661 Default is distribution-dependant.
667 CTDB_SERVICE_SMB=<parameter>SERVICE</parameter>
671 Distribution specific SERVICE for managing smbd.
674 Default is distribution-dependant.
684 <title>60.nfs</title>
687 This event script (along with 06.nfs) provides CTDB's NFS
692 This includes parameters for the kernel NFS server.
693 Alternative NFS subsystems (such as <ulink
694 url="https://github.com/nfs-ganesha/nfs-ganesha/wiki">NFS-Ganesha</ulink>)
695 can be integrated using <varname>CTDB_NFS_CALLOUT</varname>.
702 CTDB_NFS_CALLOUT=<parameter>COMMAND</parameter>
706 COMMAND specifies the path to a callout to handle
707 interactions with the configured NFS system, including
708 startup, shutdown, monitoring.
711 Default is the included
712 <command>nfs-linux-kernel-callout</command>.
719 CTDB_NFS_CHECKS_DIR=<parameter>DIRECTORY</parameter>
723 Specifies the path to a DIRECTORY containing files that
724 describe how to monitor the responsiveness of NFS RPC
725 services. See the README file for this directory for an
726 explanation of the contents of these "check" files.
729 CTDB_NFS_CHECKS_DIR can be used to point to different
730 sets of checks for different NFS servers.
733 One way of using this is to have it point to, say,
734 <filename>/usr/local/etc/ctdb/nfs-checks-enabled.d</filename>
735 and populate it with symbolic links to the desired check
736 files. This avoids duplication and is upgrade-safe.
740 <filename>/usr/local/etc/ctdb/nfs-checks.d</filename>,
741 which contains NFS RPC checks suitable for Linux kernel
749 CTDB_NFS_SKIP_SHARE_CHECK=yes|no
753 As part of monitoring, should CTDB skip the check for
754 the existence of each directory exported via NFS. This
755 may be desirable if there is a large number of exports.
765 CTDB_RPCINFO_LOCALHOST=<parameter>IPADDR</parameter>|<parameter>HOSTNAME</parameter>
769 IPADDR or HOSTNAME indicates the address that
770 <command>rpcinfo</command> should connect to when doing
771 <command>rpcinfo</command> check on IPv4 RPC service during
772 monitoring. Optimally this would be "localhost".
773 However, this can add some performance overheads.
776 Default is "127.0.0.1".
783 CTDB_RPCINFO_LOCALHOST6=<parameter>IPADDR</parameter>|<parameter>HOSTNAME</parameter>
787 IPADDR or HOSTNAME indicates the address that
788 <command>rpcinfo</command> should connect to when doing
789 <command>rpcinfo</command> check on IPv6 RPC service
790 during monitoring. Optimally this would be "localhost6"
791 (or similar). However, this can add some performance
802 CTDB_NFS_STATE_FS_TYPE=<parameter>TYPE</parameter>
806 The type of filesystem used for a clustered NFS' shared
814 CTDB_NFS_STATE_MNT=<parameter>DIR</parameter>
818 The directory where a clustered NFS' shared state will be
829 <title>70.iscsi</title>
832 Provides CTDB's Linux iSCSI tgtd service management.
839 CTDB_START_ISCSI_SCRIPTS=<parameter>DIRECTORY</parameter>
843 DIRECTORY on shared storage containing scripts to start
844 tgtd for each public IP address.
862 CTDB checks the consistency of databases during startup.
866 <title>00.ctdb</title>
871 <term>CTDB_MAX_CORRUPT_DB_BACKUPS=<parameter>NUM</parameter></term>
874 NUM is the maximum number of volatile TDB database
875 backups to be kept (for each database) when a corrupt
876 database is found during startup. Volatile TDBs are
877 zeroed during startup so backups are needed to debug
878 any corruption that occurs before a restart.
892 <title>SYSTEM RESOURCE MONITORING</title>
900 Provides CTDB's filesystem and memory usage monitoring.
904 CTDB can experience seemingly random (performance and other)
905 issues if system resources become too constrained. Options in
906 this section can be enabled to allow certain system resources
907 to be checked. They allows warnings to be logged and nodes to
908 be marked unhealthy when system resource usage reaches the
909 configured thresholds.
913 Some checks are enabled by default. It is recommended that
914 these checks remain enabled or are augmented by extra checks.
915 There is no supported way of completely disabling the checks.
922 CTDB_MONITOR_FILESYSTEM_USAGE=<parameter>FS-LIMIT-LIST</parameter>
926 FS-LIMIT-LIST is a space-separated list of
927 <parameter>FILESYSTEM</parameter>:<parameter>WARN_LIMIT</parameter><optional>:<parameter>UNHEALTHY_LIMIT</parameter></optional>
928 triples indicating that warnings should be logged if the
929 space used on FILESYSTEM reaches WARN_LIMIT%. If usage
930 reaches UNHEALTHY_LIMIT then the node should be flagged
931 unhealthy. Either WARN_LIMIT or UNHEALTHY_LIMIT may be
932 left blank, meaning that check will be omitted.
936 Default is to warn for each filesystem containing a
938 (<literal>volatile database directory</literal>,
939 <literal>persistent database directory</literal>,
940 <literal>state database directory</literal>)
941 with a threshold of 90%.
948 CTDB_MONITOR_MEMORY_USAGE=<parameter>MEM-LIMITS</parameter>
952 MEM-LIMITS takes the form
953 <parameter>WARN_LIMIT</parameter><optional>:<parameter>UNHEALTHY_LIMIT</parameter></optional>
954 indicating that warnings should be logged if memory
955 usage reaches WARN_LIMIT%. If usage reaches
956 UNHEALTHY_LIMIT then the node should be flagged
957 unhealthy. Either WARN_LIMIT or UNHEALTHY_LIMIT may be
958 left blank, meaning that check will be omitted.
961 Default is 80, so warnings will be logged when memory
969 CTDB_MONITOR_SWAP_USAGE=<parameter>SWAP-LIMITS</parameter>
973 SWAP-LIMITS takes the form
974 <parameter>WARN_LIMIT</parameter><optional>:<parameter>UNHEALTHY_LIMIT</parameter></optional>
975 indicating that warnings should be logged if
976 swap usage reaches WARN_LIMIT%. If usage reaches
977 UNHEALTHY_LIMIT then the node should be flagged
978 unhealthy. Either WARN_LIMIT or UNHEALTHY_LIMIT may be
979 left blank, meaning that check will be omitted.
982 Default is 25, so warnings will be logged when swap
995 <title>EVENT SCRIPT DEBUGGING</title>
1005 <term>CTDB_DEBUG_HUNG_SCRIPT_STACKPAT=<parameter>REGEXP</parameter></term>
1008 REGEXP specifies interesting processes for which stack
1009 traces should be logged when debugging hung eventscripts
1010 and those processes are matched in pstree output.
1011 REGEXP is an extended regexp so choices are separated by
1012 pipes ('|'). However, REGEXP should not contain
1013 parentheses. See also the <citerefentry><refentrytitle>ctdb.conf</refentrytitle>
1014 <manvolnum>5</manvolnum></citerefentry>
1015 [event] "debug script" option.
1018 Default is "exportfs|rpcinfo".
1029 <title>FILES</title>
1032 <member><filename>/usr/local/etc/ctdb/script.options</filename></member>
1037 <title>SEE ALSO</title>
1039 <citerefentry><refentrytitle>ctdbd</refentrytitle>
1040 <manvolnum>1</manvolnum></citerefentry>,
1042 <citerefentry><refentrytitle>ctdb</refentrytitle>
1043 <manvolnum>7</manvolnum></citerefentry>,
1045 <ulink url="http://ctdb.samba.org/"/>
1052 This documentation was written by
1060 <holder>Andrew Tridgell</holder>
1061 <holder>Ronnie Sahlberg</holder>
1065 This program is free software; you can redistribute it and/or
1066 modify it under the terms of the GNU General Public License as
1067 published by the Free Software Foundation; either version 3 of
1068 the License, or (at your option) any later version.
1071 This program is distributed in the hope that it will be
1072 useful, but WITHOUT ANY WARRANTY; without even the implied
1073 warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
1074 PURPOSE. See the GNU General Public License for more details.
1077 You should have received a copy of the GNU General Public
1078 License along with this program; if not, see
1079 <ulink url="http://www.gnu.org/licenses"/>.