CVE-2013-4408:s3:Ensure LookupRids() replies arrays are range checked.
[Samba.git] / ctdb / doc / ctdbd.conf.5.xml
bloba1f6db5ef61159cf3ddf1bc49df749953230be80
1 <?xml version="1.0" encoding="iso-8859-1"?>
2 <!DOCTYPE refentry
3         PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
4         "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
6 <refentry id="ctdbd.conf.5">
8   <refmeta>
9     <refentrytitle>ctdbd.conf</refentrytitle>
10     <manvolnum>5</manvolnum>
11     <refmiscinfo class="source">ctdb</refmiscinfo>
12     <refmiscinfo class="manual">CTDB - clustered TDB database</refmiscinfo>
13   </refmeta>
15   <refnamediv>
16     <refname>ctdbd.conf</refname>
17     <refpurpose>CTDB daemon configuration file</refpurpose>
18   </refnamediv>
20   <refsect1>
21     <title>DESCRIPTION</title>
23     <para>
24       This file contains CTDB configuration variables that are affect
25       the operation of CTDB.  The default location of this file is
26       <filename>/etc/ctdb/ctdbd.conf</filename>.
27     </para>
29     <para>
30       This file is a shell script (see
31       <citerefentry><refentrytitle>sh</refentrytitle>
32       <manvolnum>1</manvolnum></citerefentry>) but is usually limited
33       to simple variable assignments and shell-style comments.
34     </para>
36     <para>
37       CTDB configuration variables are grouped into several categories below.
38     </para>
40     <para>
41       Variables defined in this document can also be set in a
42       distribution-specific configuration file such as
43       <filename>/etc/sysconfig/ctdb</filename> (Red Hat) or
44       <filename>/etc/default/ctdb</filename> (Debian).  However, these
45       files should be reserved for variables used by the initscript.
46       A historical alternative is
47       <filename>/etc/ctdb/sysconfig/ctdb</filename> - this is
48       deprecated.
49     </para>
51   </refsect1>
53   <refsect1>
54     <title>
55       INITSCRIPT CONFIGURATION
56     </title>
58     <para>
59       Some options must be available to the initscript so they need to
60       be set in the distribution-specific initscript configuration,
61       such as <filename>/etc/sysconfig/ctdb</filename> or
62       <filename>/etc/default/ctdb</filename>.
63     </para>
65     <variablelist>
67       <varlistentry>
68         <term>CTDB_PIDFILE=<parameter>FILENAME</parameter></term>
69         <listitem>
70           <para>
71             FILENAME is the name of the file used to contain the
72             process ID (PID) of the main CTDB daemon when it is
73             running.  This is passed from the initscript to
74             <citerefentry><refentrytitle>ctdbd_wrapper</refentrytitle>
75             <manvolnum>1</manvolnum></citerefentry>.
76           </para>
78           <para>
79             Default is <filename>/var/run/ctdb/ctdbd.pid</filename>.
80             Corresponds to <option>--pidfile</option>.
81           </para>
82         </listitem>
83       </varlistentry>
85     </variablelist>
86   </refsect1>
88   <refsect1>
89     <title>
90       GLOBAL CONFIGURATION
91     </title>
93     <para>
94       These options may be used in the initscripts, daemon and
95       scripts.
96     </para>
98     <variablelist>
100       <varlistentry>
101         <term>CTDB_BASE=<parameter>DIRECTORY</parameter></term>
102         <listitem>
103           <para>
104             DIRECTORY containing CTDB scripts and configuration files.
105           </para>
106         </listitem>
107       </varlistentry>
109       <varlistentry>
110         <term>CTDB_VARDIR=<parameter>DIRECTORY</parameter></term>
111         <listitem>
112           <para>
113             DIRECTORY containing CTDB files that are modified at
114             runtime.
115           </para>
116           <para>
117             Defaults to <filename>/var/ctdb</filename>, unless
118             <filename>/var/lib/ctdb</filename> already exists in which
119             case it is used.
120           </para>
121         </listitem>
122       </varlistentry>
125     </variablelist>
126   </refsect1>
128   <refsect1>
129     <title>
130       DAEMON CONFIGURATION
131     </title>
133     <para>
134       Variables in this section are processed by
135       <citerefentry><refentrytitle>ctdbd_wrapper</refentrytitle>
136       <manvolnum>1</manvolnum></citerefentry> and are converted into
137       command-line arguments to
138       <citerefentry><refentrytitle>ctdbd</refentrytitle>
139       <manvolnum>1</manvolnum></citerefentry>.  Correspondence with
140       <citerefentry><refentrytitle>ctdbd</refentrytitle>
141       <manvolnum>1</manvolnum></citerefentry> options is shown for
142       each variable.  The the documentation for the relevant options
143       for more details.
144     </para>
146     <para>
147       Many of these variables are also used by event scripts.
148     </para>
150     <variablelist>
152       <varlistentry>
153         <term>CTDB_CAPABILITY_LMASTER=yes|no</term>
154         <listitem>
155           <para>
156             Defaults to yes.  Corresponds to <option>--no-lmaster</option>.
157           </para>
158         </listitem>
159       </varlistentry>
161       <varlistentry>
162         <term>CTDB_CAPABILITY_RECMASTER=yes|no</term>
163         <listitem>
164           <para>
165             Defaults to yes.  Corresponds to
166             <option>--no-recmaster</option>.
167           </para>
168         </listitem>
169       </varlistentry>
171       <varlistentry>
172         <term>CTDB_DBDIR=<parameter>DIRECTORY</parameter></term>
173         <listitem>
174           <para>
175             Defaults to <varname>CTDB_VARDIR</varname>.  Corresponds to
176             <option>--dbdir</option>.
177           </para>
178         </listitem>
179       </varlistentry>
181       <varlistentry>
182         <term>CTDB_DBDIR_PERSISTENT=<parameter>DIRECTORY</parameter></term>
183         <listitem>
184           <para>
185             Defaults to <varname>CTDB_VARDIR</varname>/persistent.
186             Corresponds to <option>--dbdir-persistent</option>.
187           </para>
188         </listitem>
189       </varlistentry>
191       <varlistentry>
192         <term>CTDB_DBDIR_STATE=<parameter>DIRECTORY</parameter></term>
193         <listitem>
194           <para>
195             Defaults to <varname>CTDB_VARDIR</varname>/state.
196             Corresponds to <option>--dbdir-state</option>.
197           </para>
198         </listitem>
199       </varlistentry>
201       <varlistentry>
202         <term>CTDB_DEBUGLEVEL=<parameter>DEBUGLEVEL</parameter></term>
203         <listitem>
204           <para>
205             Default is ERR (0).  Corresponds to <option>-d</option> or
206             <option>--debug</option>.
207           </para>
208         </listitem>
209       </varlistentry>
211       <varlistentry>
212         <term>CTDB_EVENT_SCRIPT_DIR=<parameter>DIRECTORY</parameter></term>
213         <listitem>
214           <para>
215             Default is <varname>CTDB_BASE</varname>/events.d, so usually
216             <filename>/etc/ctdb/events.d</filename>.  Corresponds to
217             <option>--event-script-dir</option>.
218           </para>
219         </listitem>
220       </varlistentry>
222       <varlistentry>
223         <term>CTDB_LOGFILE=<parameter>FILENAME</parameter></term>
224         <listitem>
225           <para>
226             Defaults to <filename>/var/log/log.ctdb</filename>.
227             Corresponds to <option>--logfile</option>.  See also
228             <citetitle>CTDB_SYSLOG</citetitle>.
229           </para>
230         </listitem>
231       </varlistentry>
233       <varlistentry>
234         <term>CTDB_LOG_RINGBUF_SIZE=<parameter>NUM</parameter></term>
235         <listitem>
236           <para>
237             Default is 0.  Corresponds to
238             <option>--log-ringbuf-size</option>.
239           </para>
240         </listitem>
241       </varlistentry>
243       <varlistentry>
244         <term>CTDB_LVS_PUBLIC_IP=<parameter>IPADDR</parameter></term>
245         <listitem>
246           <para>
247             No default.  Corresponds to "<option>--lvs</option>
248             <option>--single-public-ip IPADDR"</option>.
249           </para>
250         </listitem>
251       </varlistentry>
253       <varlistentry>
254         <term>CTDB_NODES=<parameter>FILENAME</parameter></term>
255         <listitem>
256           <para>
257             Default is <varname>CTDB_BASE</varname>/nodes, so usually
258             <filename>/etc/ctdb/nodes</filename>.  Corresponds to
259             <option>--nlist</option>.
260           </para>
261         </listitem>
262       </varlistentry>
264       <varlistentry>
265         <term>CTDB_NOTIFY_SCRIPT=<parameter>FILENAME</parameter></term>
266         <listitem>
267           <para>
268             No default, usually
269             <filename>/etc/ctdb/notify.sh</filename>.  Corresponds to
270             <option>--notification-script</option>.
271           </para>
272         </listitem>
273       </varlistentry>
275       <varlistentry>
276         <term>CTDB_MAX_PERSISTENT_CHECK_ERRORS=<parameter>NUM</parameter></term>
277         <listitem>
278           <para>
279             Default 0.  Corresponds to
280             <option>--max-persistent-check-errors</option>.
281           </para>
282         </listitem>
283       </varlistentry>
285       <varlistentry>
286         <term>CTDB_PUBLIC_ADDRESSES=<parameter>FILENAME</parameter></term>
287         <listitem>
288           <para>
289             No default, usually
290             <filename>/etc/ctdb/public_addresses</filename>.
291             Corresponds to <option>--public-addresses</option>.
292           </para>
293         </listitem>
294       </varlistentry>
296       <varlistentry>
297         <term>CTDB_PUBLIC_INTERFACE=<parameter>INTERFACE</parameter></term>
298         <listitem>
299           <para>
300             No default.  Corresponds to
301             <option>--public-interface</option>.
302           </para>
303         </listitem>
304       </varlistentry>
306       <varlistentry>
307         <term>CTDB_RECOVERY_LOCK=<parameter>FILENAME</parameter></term>
308         <listitem>
309           <para>
310             Defaults to
311             <filename>/some/place/on/shared/storage</filename>, which
312             should be change to a useful value.  Corresponds to
313             <option>--reclock</option>.
314           </para>
315         </listitem>
316       </varlistentry>
318       <varlistentry>
319         <term>CTDB_SCRIPT_LOG_LEVEL=<parameter>DEBUGLEVEL</parameter></term>
320         <listitem>
321           <para>
322             Defaults to ERR (0).  Corresponds to
323             <option>--script-log-level</option>.
324           </para>
325         </listitem>
326       </varlistentry>
328       <varlistentry>
329         <term>CTDB_SOCKET=<parameter>FILENAME</parameter></term>
330         <listitem>
331           <para>
332             Defaults to <filename>/tmp/ctdb.socket</filename>.
333             Corresponds to <option>--socket</option>.
334           </para>
335           <para>
336             If you change this then you probably want to set this in
337             root's enviroment (perhaps in a file in
338             <filename>/etc/profile.d</filename>) so that you can use
339             the <citerefentry><refentrytitle>ctdb</refentrytitle>
340             <manvolnum>1</manvolnum></citerefentry> command in a
341             straightforward manner.
342           </para>
343         </listitem>
344       </varlistentry>
346       <varlistentry>
347         <term>CTDB_START_AS_DISABLED=yes|no</term>
348         <listitem>
349           <para>
350             Default is no.  Corresponds to
351             <option>--start-as-disabled</option>.
352           </para>
353         </listitem>
354       </varlistentry>
356       <varlistentry>
357         <term>CTDB_START_AS_STOPPED=yes|no</term>
358         <listitem>
359           <para>
360             Default is no.  Corresponds to
361             <option>--start-as-stopped</option>.
362           </para>
363         </listitem>
364       </varlistentry>
366       <varlistentry>
367         <term>CTDB_SYSLOG=yes|no</term>
368         <listitem>
369           <para>
370             Default is no.  Corresponds to <option>--syslog</option>.
371           </para>
372         </listitem>
373       </varlistentry>
375       <varlistentry>
376         <term>CTDB_TRANSPORT=tcp|infiniband</term>
377         <listitem>
378           <para>
379             Defaults to tcp.  Corresponds to
380             <option>--transport</option>.
381           </para>
382         </listitem>
383       </varlistentry>
385     </variablelist>
387     <para>
388       While the following variables do not translate into daemon
389       options they are used by
390       <citerefentry><refentrytitle>ctdbd_wrapper</refentrytitle>
391       <manvolnum>1</manvolnum></citerefentry> when starting and
392       stopping <citerefentry><refentrytitle>ctdbd</refentrytitle>
393       <manvolnum>1</manvolnum></citerefentry>.
394     </para>
396     <variablelist>
398       <varlistentry>
399         <term>CTDB_SHUTDOWN_TIMEOUT=<parameter>NUM</parameter></term>
400         <listitem>
401           <para>
402             NUM is the number of seconds to wait for
403             <citerefentry><refentrytitle>ctdbd</refentrytitle>
404             <manvolnum>1</manvolnum></citerefentry> to shut down
405             gracefully before giving up and killing it.
406           </para>
408           <para>
409             Defaults is 30.
410           </para>
411         </listitem>
412       </varlistentry>
414       <varlistentry>
415         <term>CTDB_STARTUP_TIMEOUT=<parameter>NUM</parameter></term>
416         <listitem>
417           <para>
418             NUM is the number of seconds to wait for
419             <citerefentry><refentrytitle>ctdbd</refentrytitle>
420             <manvolnum>1</manvolnum></citerefentry> complete early
421             initialisation up to a point where it is unlikely to
422             abort.  If <command>ctdbd</command> doesn't complete the
423             "setup" event before this timeout then it is killed.
424           </para>
426           <para>
427             Defaults is 10.
428           </para>
429         </listitem>
430       </varlistentry>
432     </variablelist>
433   </refsect1>
435   <refsect1>
436     <title>NETWORK CONFIGURATION</title>
438     <refsect2>
439       <title>NAT GATEWAY</title>
441       <para>
442         NAT gateway is used to configure fallback routing for nodes
443         when they do not host any public IP addresses.  For example,
444         it allows unhealthy nodes to reliably communicate with
445         external infrastructure.  One node in a NAT gateway group will
446         be designated as the NAT gateway master node and other (slave)
447         nodes will be configured with fallback routes via the NAT
448         gateway master node.  For more information, see the
449         <citetitle>NAT GATEWAY</citetitle> section in
450         <citerefentry><refentrytitle>ctdb</refentrytitle>
451         <manvolnum>7</manvolnum></citerefentry>.
452       </para>
454       <variablelist>
456         <varlistentry>
457           <term>CTDB_NATGW_DEFAULT_GATEWAY=<parameter>IPADDR</parameter></term>
458           <listitem>
459             <para>
460               IPADDR is an alternate network gateway to use on the NAT
461               gateway master node.  A fallback default route is added
462               via this network gateway.
463             </para>
464             <para>
465               No default.
466             </para>
467           </listitem>
468         </varlistentry>
470         <varlistentry>
471           <term>CTDB_NATGW_NODES=<parameter>FILENAME</parameter></term>
472           <listitem>
473             <para>
474               FILENAME contains the list of nodes that belong to the
475               same NAT gateway group.
476             </para>
477             <para>
478               File format:
479               <screen>
480 <parameter>IPADDR</parameter>
481               </screen>
482             </para>
483             <para>
484               No default, usually
485               <filename>/etc/ctdb/natgw_nodes</filename> when enabled.
486             </para>
487           </listitem>
488         </varlistentry>
490         <varlistentry>
491           <term>CTDB_NATGW_PRIVATE_NETWORK=<parameter>IPADDR/MASK</parameter></term>
492           <listitem>
493             <para>
494               IPADDR/MASK is the private sub-network that is
495               internally routed via the NAT gateway master node.  This
496               is usually the private network that is used for node
497               addresses.
498             </para>
499             <para>
500               No default.
501             </para>
502           </listitem>
503         </varlistentry>
505         <varlistentry>
506           <term>CTDB_NATGW_PUBLIC_IFACE=<parameter>IFACE</parameter></term>
507           <listitem>
508             <para>
509               IFACE is the network interface on which the
510               CTDB_NATGW_PUBLIC_IP will be configured.
511             </para>
512             <para>
513               No default.
514             </para>
515           </listitem>
516         </varlistentry>
518         <varlistentry>
519           <term>CTDB_NATGW_PUBLIC_IP=<parameter>IPADDR/MASK</parameter></term>
520           <listitem>
521             <para>
522               IPADDR/MASK indicates the IP address that is used for
523               outgoing traffic (originating from
524               CTDB_NATGW_PRIVATE_NETWORK) on the NAT gateway master
525               node.  This <emphasis>must not</emphasis> be a
526               configured public IP address.
527             </para>
528             <para>
529               No default.
530             </para>
531           </listitem>
532         </varlistentry>
534         <varlistentry>
535           <term>CTDB_NATGW_SLAVE_ONLY=yes|no</term>
536           <listitem>
537             <para>
538               When set to "yes" a node can not be a NAT gateway master node.
539             </para>
540             <para>
541               Default is no.
542             </para>
543           </listitem>
544         </varlistentry>
546       </variablelist>
548       <refsect3>
549         <title>Example</title>
550         <screen>
551 CTDB_NATGW_NODES=/etc/ctdb/natgw_nodes
552 CTDB_NATGW_PRIVATE_NETWORK=192.168.1.0/24
553 CTDB_NATGW_DEFAULT_GATEWAY=10.0.0.1
554 CTDB_NATGW_PUBLIC_IP=10.0.0.227/24
555 CTDB_NATGW_PUBLIC_IFACE=eth0
556         </screen>
557       </refsect3>
559     </refsect2>
561     <refsect2>
562       <title>POLICY ROUTING</title>
564       <para>
565         A node running CTDB may be a component of a complex network
566         topology.  In particular, public addresses may be spread
567         across several different networks (or VLANs) and it may not be
568         possible to route packets from these public addresses via the
569         system's default route.  Therefore, CTDB has support for
570         policy routing via the <filename>13.per_ip_routing</filename>
571         eventscript.  This allows routing to be specified for packets
572         sourced from each public address.  The routes are added and
573         removed as CTDB moves public addresses between nodes.
574       </para>
576       <para>
577         For more information, see the <citetitle>POLICY
578         ROUTING</citetitle> section in
579         <citerefentry><refentrytitle>ctdb</refentrytitle>
580         <manvolnum>7</manvolnum></citerefentry>.
581       </para>
583       <variablelist>
584         <varlistentry>
585           <term>CTDB_PER_IP_ROUTING_CONF=<parameter>FILENAME</parameter></term>
586           <listitem>
587             <para>
588               FILENAME contains elements for constructing the desired
589               routes for each source address.
590             </para>
592             <para>
593               The special FILENAME value
594               <constant>__auto_link_local__</constant> indicates that no
595               configuration file is provided and that CTDB should
596               generate reasonable link-local routes for each public IP
597               address.
598             </para>
600             <para>
601               File format:
602               <screen>
603 <parameter>IPADDR</parameter> <parameter>DEST-IPADDR/MASK</parameter> <optional><parameter>GATEWAY-IPADDR</parameter></optional>
604               </screen>
605             </para>
607             <para>
608               No default, usually
609               <filename>/etc/ctdb/policy_routing</filename> when enabled.
610             </para>
611           </listitem>
612         </varlistentry>
614         <varlistentry>
615           <term>CTDB_PER_IP_ROUTING_RULE_PREF=<parameter>NUM</parameter></term>
616         <listitem>
617           <para>
618             NUM sets the priority (or preference) for the routing
619             rules that are added by CTDB.
620           </para>
622           <para>
623             This should be (strictly) greater than 0 and (strictly)
624             less than 32766.  A priority of 100 is recommended, unless
625             this conflicts with a priority already in use on the
626             system.  See
627             <citerefentry><refentrytitle>ip</refentrytitle>
628             <manvolnum>8</manvolnum></citerefentry>, for more details.
629           </para>
630         </listitem>
631         </varlistentry>
633         <varlistentry>
634           <term>
635             CTDB_PER_IP_ROUTING_TABLE_ID_LOW=<parameter>LOW-NUM</parameter>,
636             CTDB_PER_IP_ROUTING_TABLE_ID_HIGH=<parameter>HIGH-NUM</parameter>
637           </term>
638           <listitem>
639             <para>
640               CTDB determines a unique routing table number to use for
641               the routing related to each public address.  LOW-NUM and
642               HIGH-NUM indicate the minimum and maximum routing table
643               numbers that are used.
644             </para>
646             <para>
647               <citerefentry><refentrytitle>ip</refentrytitle>
648               <manvolnum>8</manvolnum></citerefentry> uses some
649               reserved routing table numbers below 255.  Therefore,
650               CTDB_PER_IP_ROUTING_TABLE_ID_LOW should be (strictly)
651               greater than 255.
652             </para>
654             <para>
655               CTDB uses the standard file
656               <filename>/etc/iproute2/rt_tables</filename> to maintain
657               a mapping between the routing table numbers and labels.
658               The label for a public address
659               <replaceable>ADDR</replaceable> will look like
660               ctdb.<replaceable>addr</replaceable>.  This means that
661               the associated rules and routes are easy to read (and
662               manipulate).
663             </para>
665             <para>
666               No default, usually 1000 and 9000.
667             </para>
668           </listitem>
669         </varlistentry>
670       </variablelist>
672       <refsect3>
673         <title>Example</title>
674         <screen>
675 CTDB_PER_IP_ROUTING_CONF=/etc/ctdb/policy_routing
676 CTDB_PER_IP_ROUTING_RULE_PREF=100
677 CTDB_PER_IP_ROUTING_TABLE_ID_LOW=1000
678 CTDB_PER_IP_ROUTING_TABLE_ID_HIGH=9000
679         </screen>
680       </refsect3>
682     </refsect2>
684     <refsect2>
685       <title>MISCELLANEOUS NETWORK CONFIGURATION</title>
687       <variablelist>
689         <varlistentry>
690           <term>CTDB_PARTIALLY_ONLINE_INTERFACES=yes|no</term>
691           <listitem>
692             <para>
693               Whether one or more offline interfaces should cause a
694               monitor event to fail if there are other interfaces that
695               are up.  If this is "yes" and a node has some interfaces
696               that are down then <command>ctdb status</command> will
697               display the node as "PARTIALLYONLINE".
698             </para>
700             <para>
701               Default is "no".
702             </para>
703           </listitem>
704         </varlistentry>
706       </variablelist>
707     </refsect2>
709   </refsect1>
711   <refsect1>
712     <title>SERVICE CONFIGURATION</title>
714     <para>
715       CTDB can be configured to manage and/or monitor various NAS (and
716       other) services via its eventscripts.
717     </para>
719     <para>
720       In the simplest case CTDB will manage a service.  This means the
721       service will be started and stopped along with CTDB, CTDB will
722       monitor the service and CTDB will do any required
723       reconfiguration of the service when public IP addresses are
724       failed over.
725     </para>
727     <refsect2>
728       <title>SAMBA</title>
730       <refsect3>
731         <title>Eventscripts</title>
733         <simplelist>
734           <member><filename>49.winbind</filename></member>
735           <member><filename>50.samba</filename></member>
736         </simplelist>
737       </refsect3>
739       <variablelist>
741         <varlistentry>
742           <term>CTDB_MANAGES_SAMBA=yes|no</term>
743           <listitem>
744             <para>
745               Should CTDB manage Samba?
746             </para>
747             <para>
748               Default is no.
749             </para>
750           </listitem>
751         </varlistentry>
753         <varlistentry>
754           <term>CTDB_MANAGES_WINBIND=yes|no</term>
755           <listitem>
756             <para>
757               Should CTDB manage Winbind?
758             </para>
759             <para>
760               Default is no.
761             </para>
762           </listitem>
763         </varlistentry>
765         <varlistentry>
766           <term>CTDB_SAMBA_CHECK_PORTS=<parameter>PORT-LIST</parameter></term>
767           <listitem>
768             <para>
769               When monitoring Samba, check TCP ports in
770               space-separated PORT-LIST.
771             </para>
772             <para>
773               Default is to monitor ports that Samba is configured to listen on.
774             </para>
775           </listitem>
776         </varlistentry>
778         <varlistentry>
779           <term>CTDB_SAMBA_SKIP_SHARE_CHECK=yes|no</term>
780           <listitem>
781             <para>
782               As part of monitoring, should CTDB skip the check for
783               the existence of each directory configured as share in
784               Samba.  This may be desirable if there is a large number
785               of shares.
786             </para>
787             <para>
788               Default is no.
789             </para>
790           </listitem>
791         </varlistentry>
793         <varlistentry>
794           <term>CTDB_SERVICE_NMB=<parameter>SERVICE</parameter></term>
795           <listitem>
796             <para>
797               Distribution specific SERVICE for managing nmbd.
798             </para>
799             <para>
800               Default is distribution-dependant.
801             </para>
802           </listitem>
803         </varlistentry>
804         <varlistentry>
805           <term>CTDB_SERVICE_SMB=<parameter>SERVICE</parameter></term>
806           <listitem>
807             <para>
808               Distribution specific SERVICE for managing smbd.
809             </para>
810             <para>
811               Default is distribution-dependant.
812             </para>
813           </listitem>
814         </varlistentry>
816         <varlistentry>
817           <term>CTDB_SERVICE_WINBIND=<parameter>SERVICE</parameter></term>
818           <listitem>
819             <para>
820               Distribution specific SERVICE for managing winbindd.
821             </para>
822             <para>
823               Default is "winbind".
824             </para>
825           </listitem>
826         </varlistentry>
828       </variablelist>
830     </refsect2>
832     <refsect2>
833       <title>NFS</title>
835       <para>
836         This includes parameters for the kernel NFS server and the
837         user-space
838         <ulink url="https://github.com/nfs-ganesha/nfs-ganesha/wiki">NFS-Ganesha</ulink>
839         server.
840       </para>
842       <refsect3>
843         <title>Eventscripts</title>
845         <simplelist>
846           <member><filename>60.nfs</filename></member>
847           <member><filename>60.ganesha</filename></member>
848         </simplelist>
849       </refsect3>
851       <variablelist>
853         <varlistentry>
854           <term>CTDB_CLUSTER_FILESYSTEM_TYPE=gpfs</term>
855           <listitem>
856             <para>
857               The type of cluster filesystem to use with NFS-ganesha.
858               Currently only "gpfs" is supported.
859             </para>
860             <para>
861               Default is "gpfs".
862             </para>
863           </listitem>
864         </varlistentry>
866         <varlistentry>
867           <term>CTDB_MANAGES_NFS=yes|no</term>
868           <listitem>
869             <para>
870               Should CTDB manage NFS?
871             </para>
872             <para>
873               Default is no.
874             </para>
875           </listitem>
876         </varlistentry>
878         <varlistentry>
879           <term>CTDB_MONITOR_NFS_THREAD_COUNT=yes|no</term>
880           <listitem>
881             <para>
882               Whether to monitor the NFS kernel server thread count.
883             </para>
884             <para>
885               This works around a limitation in some NFS initscripts
886               where some threads can be stuck in host filesystem calls
887               (perhaps due to slow storage), a restart occurs, some
888               threads don't exit, the start only adds the missing
889               number of threads, the stuck threads exit, and the
890               result is a lower than expected thread count.  Note that
891               if you must also set <varname>RPCNFSDCOUNT</varname>
892               (RedHat/Debian) or <varname>USE_KERNEL_NFSD_NUMBER</varname>
893               (SUSE) in your NFS configuration so the monitoring code
894               knows how many threads there should be - if neither of
895               these are set then this option will be ignored.
896             </para>
897             <para>
898               Default is no.
899             </para>
900           </listitem>
901         </varlistentry>
903         <varlistentry>
904           <term>CTDB_NFS_DUMP_STUCK_THREADS=<parameter>NUM</parameter></term>
905           <listitem>
906             <para>
907               NUM is the number of NFS kernel server threads to dump
908               stack traces for if some are still alive after stopping
909               NFS during a restart.
910             </para>
911             <para>
912               Default is 0.
913             </para>
914           </listitem>
915         </varlistentry>
917         <varlistentry>
918           <term>CTDB_NFS_SERVER_MODE=kernel|ganesha</term>
919           <listitem>
920             <para>
921               Selects which NFS server to be managed.
922             </para>
923             <para>
924               This replaces the deprecated variable
925               <varname>NFS_SERVER_MODE</varname>.
926             </para>
927             <para>
928               Default is "kernel".
929             </para>
930           </listitem>
931         </varlistentry>
933         <varlistentry>
934           <term>CTDB_NFS_SKIP_KNFSD_ALIVE_CHECK=yes|no</term>
935           <listitem>
936             <para>
937               During monitoring, should CTDB skip the
938               <command>rpcinfo</command> check that is used to see if
939               the NFS kernel server is functional.
940             </para>
941             <para>
942               Default is no.
943             </para>
944           </listitem>
945         </varlistentry>
947         <varlistentry>
948           <term>CTDB_NFS_SKIP_SHARE_CHECK=yes|no</term>
949           <listitem>
950             <para>
951               As part of monitoring, should CTDB skip the check for
952               the existence of each directory exported via NFS.  This
953               may be desirable if there is a large number of exports.
954             </para>
955             <para>
956               Default is no.
957             </para>
958           </listitem>
959         </varlistentry>
961         <varlistentry>
962           <term>CTDB_RPCINFO_LOCALHOST=<parameter>IPADDR</parameter>|<parameter>HOSTNAME</parameter></term>
963           <listitem>
964             <para>
965               IPADDR or HOSTNAME indicates the address that
966               <command>rpcinfo</command> should connect to when doing
967               <command>rpcinfo</command> check on RPC service during
968               monitoring.  Optimally this would be "localhost".
969               However, this can add some performance overheads.
970             </para>
971             <para>
972               Default is "127.0.0.1".
973             </para>
974           </listitem>
975         </varlistentry>
977         <varlistentry>
978           <term>CTDB_SKIP_GANESHA_NFSD_CHECK=yes|no</term>
979           <listitem>
980             <para>
981               As part of monitoring, should CTDB skip the check for
982               the existence of each directory exported via
983               NFS-Ganesha.  This may be desirable if there is a large
984               number of exports.
985             </para>
986             <para>
987               Default is no.
988             </para>
989           </listitem>
990         </varlistentry>
992       </variablelist>
994     </refsect2>
996     <refsect2>
997       <title>APACHE HTTPD</title>
999       <para>
1000         CTDB can manage the Apache web server.
1001       </para>
1003       <refsect3>
1004         <title>Eventscript</title>
1006         <simplelist>
1007           <member><filename>41.httpd</filename></member>
1008         </simplelist>
1009       </refsect3>
1011       <variablelist>
1012         <varlistentry>
1013           <term>CTDB_MANAGES_HTTPD=yes|no</term>
1014           <listitem>
1015             <para>
1016               Should CTDB manage the Apache web server?
1017             </para>
1018             <para>
1019               Default is no.
1020             </para>
1021           </listitem>
1022         </varlistentry>
1023       </variablelist>
1024     </refsect2>
1026     <refsect2>
1027       <title>CLAMAV</title>
1029       <para>
1030         CTDB has support to manage the popular anti-virus daemon
1031         ClamAV.
1032       </para>
1034       <refsect3>
1035         <title>Eventscript</title>
1037         <simplelist>
1038           <member><filename>31.clamd</filename></member>
1039         </simplelist>
1041         <para>
1042           This eventscript is not enabled by default.  Use
1043           <command>ctdb enablescript</command> to enable it.
1044         </para>
1046       </refsect3>
1048       <variablelist>
1050         <varlistentry>
1051           <term>CTDB_MANAGES_CLAMD=yes|no</term>
1052           <listitem>
1053             <para>
1054               Should CTDB manage ClamAV?
1055             </para>
1056             <para>
1057               Default is no.
1058             </para>
1059           </listitem>
1060         </varlistentry>
1062         <varlistentry>
1063           <term>CTDB_CLAMD_SOCKET=<parameter>FILENAME</parameter></term>
1064           <listitem>
1065             <para>
1066               FILENAME is the socket to monitor ClamAV.
1067             </para>
1068             <para>
1069               No default.
1070             </para>
1071           </listitem>
1072         </varlistentry>
1074       </variablelist>
1076     </refsect2>
1078     <refsect2>
1079       <title>ISCSI</title>
1081       <para>
1082         CTDB has support for managing the Linux iSCSI tgtd service.
1083       </para>
1085       <refsect3>
1086         <title>Eventscript</title>
1088         <simplelist>
1089           <member><filename>70.iscsi</filename></member>
1090         </simplelist>
1091       </refsect3>
1093       <variablelist>
1095         <varlistentry>
1096           <term>CTDB_MANAGES_ISCSI=yes|no</term>
1097           <listitem>
1098             <para>
1099               Should CTDB manage iSCSI tgtd?
1100             </para>
1101             <para>
1102               Default is no.
1103             </para>
1104           </listitem>
1105         </varlistentry>
1107         <varlistentry>
1108           <term>CTDB_START_ISCSI_SCRIPTS=<parameter>DIRECTORY</parameter></term>
1109           <listitem>
1110             <para>
1111               DIRECTORY on shared storage containing scripts to start
1112               tgtd for each public IP address.
1113             </para>
1114             <para>
1115               No default.
1116             </para>
1117           </listitem>
1118         </varlistentry>
1119       </variablelist>
1120     </refsect2>
1122     <refsect2>
1123       <title>MULTIPATHD</title>
1125       <para>
1126         CTDB can monitor multipath devices to ensure that active paths
1127         are available.
1128       </para>
1130       <refsect3>
1131         <title>Eventscript</title>
1133         <simplelist>
1134           <member><filename>20.multipathd</filename></member>
1135         </simplelist>
1137         <para>
1138           This eventscript is not enabled by default.  Use
1139           <command>ctdb enablescript</command> to enable it.
1140         </para>
1141       </refsect3>
1143       <variablelist>
1144         <varlistentry>
1145           <term>CTDB_MONITOR_MPDEVICES=<parameter>MP-DEVICE-LIST</parameter></term>
1146           <listitem>
1147             <para>
1148               MP-DEVICE-LIST is a list of multipath devices for CTDB to monitor?
1149             </para>
1150             <para>
1151               No default.
1152             </para>
1153           </listitem>
1154         </varlistentry>
1155       </variablelist>
1156     </refsect2>
1158     <refsect2>
1159       <title>VSFTPD</title>
1161       <para>
1162         CTDB can manage the vsftpd FTP server.
1163       </para>
1165       <refsect3>
1166         <title>Eventscript</title>
1168         <simplelist>
1169           <member><filename>40.vsftpd</filename></member>
1170         </simplelist>
1171       </refsect3>
1173       <variablelist>
1174         <varlistentry>
1175           <term>CTDB_MANAGES_VSFTPD=yes|no</term>
1176           <listitem>
1177             <para>
1178               Should CTDB manage the vsftpd FTP server?
1179             </para>
1180             <para>
1181               Default is no.
1182             </para>
1183           </listitem>
1184         </varlistentry>
1185       </variablelist>
1186     </refsect2>
1188     <refsect2>
1189       <title>
1190         SYSTEM RESOURCE MONITORING CONFIGURATION
1191       </title>
1193       <para>
1194         CTDB can experience seemingly random (performance and other)
1195         issues if system resources become too contrained.  Options in
1196         this section can be enabled to allow certain system resources to
1197         be checked.
1198       </para>
1200       <refsect3>
1201         <title>Eventscripts</title>
1203         <simplelist>
1204           <member><filename>00.ctdb</filename></member>
1205           <member><filename>40.fs_use</filename></member>
1206         </simplelist>
1208         <para>
1209           Filesystem usage monitoring is in
1210           <filename>40.fs_use</filename>.  This eventscript is not
1211           enabled by default.  Use <command>ctdb
1212           enablescript</command> to enable it.
1213         </para>
1214       </refsect3>
1216       <variablelist>
1218         <varlistentry>
1219           <term>CTDB_CHECK_FS_USE=<parameter>FS-LIMIT-LIST</parameter></term>
1220           <listitem>
1221             <para>
1222               FS-LIMIT-LIST is a space-separated list of
1223               <parameter>FILESYSTEM</parameter>:<parameter>LIMIT</parameter>
1224               pairs indicating that a node should be flagged unhealthy
1225               if the space used on FILESYSTEM reaches LIMIT%.
1226             </para>
1228             <para>
1229               No default.
1230             </para>
1232             <para>
1233               Note that this feature uses the
1234               <filename>40.fs_use</filename> eventscript, which is not
1235               enabled by default.  Use <command>ctdb
1236               enablescript</command> to enable it.
1237             </para>
1238           </listitem>
1239         </varlistentry>
1241         <varlistentry>
1242           <term>CTDB_CHECK_SWAP_IS_NOT_USED=yes|no</term>
1243           <listitem>
1244             <para>
1245               Should a warning be logged if swap space is in use.
1246             </para>
1247             <para>
1248               Default is no.
1249             </para>
1250           </listitem>
1251         </varlistentry>
1253         <varlistentry>
1254           <term>CTDB_MONITOR_FREE_MEMORY=<parameter>NUM</parameter></term>
1255           <listitem>
1256             <para>
1257               NUM is a lower limit on available system memory, expressed
1258               in megabytes.  If this is set and the amount of available
1259               memory falls below this limit then some debug information
1260               will be logged, the node will be disabled and then CTDB
1261               will be shut down.
1262             </para>
1263             <para>
1264               No default.
1265             </para>
1266           </listitem>
1267         </varlistentry>
1269         <varlistentry>
1270           <term>CTDB_MONITOR_FREE_MEMORY_WARN=<parameter>NUM</parameter></term>
1271           <listitem>
1272             <para>
1273               NUM is a lower limit on available system memory, expressed
1274               in megabytes.  If this is set and the amount of available
1275               memory falls below this limit then a warning will be
1276               logged.
1277             </para>
1278             <para>
1279               No default.
1280             </para>
1281           </listitem>
1282         </varlistentry>
1284       </variablelist>
1285     </refsect2>
1287     <refsect2>
1288       <title>MISCELLANEOUS SERVICE-RELATED CONFIGURATION</title>
1290       <variablelist>
1292         <varlistentry>
1293           <term>CTDB_MANAGED_SERVICES=<parameter>SERVICE-LIST</parameter></term>
1294           <listitem>
1295             <para>
1296               SERVICE-LIST is a space-separated list of SERVICEs that
1297               CTDB should manage.  This can be used as an alternative
1298               to the
1299               <varname>CTDB_MANAGES_<replaceable>SERVICE</replaceable></varname>
1300               variables.
1301             </para>
1302             <para>
1303               No default.
1304             </para>
1305           </listitem>
1306         </varlistentry>
1308         <varlistentry>
1309           <term>CTDB_SERVICE_AUTOSTARTSTOP=yes|no</term>
1310           <listitem>
1311             <para>
1312               When CTDB should start and stop services if they become
1313               managed or unmanaged.
1314             </para>
1315             <para>
1316               Default is no.
1317             </para>
1318           </listitem>
1319         </varlistentry>
1321       </variablelist>
1323     </refsect2>
1325   </refsect1>
1327   <refsect1>
1328     <title>
1329       TUNABLES CONFIGURATION
1330     </title>
1332     <para>
1333       CTDB tunables (see
1334       <citerefentry><refentrytitle>ctdbd-tunables</refentrytitle>
1335       <manvolnum>7</manvolnum></citerefentry>) can be set from the
1336       configuration file.  They are set as follows:
1338       <literallayout>
1339 CTDB_SET_<replaceable>TUNABLE</replaceable>=<replaceable>VALUE</replaceable>
1340       </literallayout>
1341     </para>
1343     <para>
1344       For example:
1346       <screen format="linespecific">
1347 CTDB_SET_MonitorInterval=20
1348       </screen>
1349     </para>
1350   </refsect1>
1352   <refsect1>
1353     <title>
1354       DEBUG AND TEST
1355     </title>
1357     <para>
1358       Variable in this section are for debugging and testing CTDB.
1359       They should not generally be needed.
1360     </para>
1362     <variablelist>
1364       <varlistentry>
1365         <term>CTDB_DEBUG_HUNG_SCRIPT=<parameter>FILENAME</parameter></term>
1366         <listitem>
1367           <para>
1368             FILENAME is a script to run to log debug information when
1369             an event script times out.
1370           </para>
1371           <para>
1372             Default is <filename><varname>CTDB_BASE</varname>/debug-hung-script.sh</filename>.
1373           </para>
1374         </listitem>
1375       </varlistentry>
1377       <varlistentry>
1378         <term>CTDB_DEBUG_LOCKS=<parameter>FILENAME</parameter></term>
1379         <listitem>
1380           <para>
1381             FILENAME is a script to run to log debug information when
1382             an CTDB fails to freeze databases during recovery.
1383           </para>
1384           <para>
1385             No default, usually
1386             <filename><varname>CTDB_BASE</varname>/debug_locks.sh</filename>.
1387           </para>
1388         </listitem>
1389       </varlistentry>
1391       <varlistentry>
1392         <term>CTDB_ETCDIR=<parameter>DIRECTORY</parameter></term>
1393         <listitem>
1394           <para>
1395             DIRECTORY containing system configuration files.  This is
1396             used to provide alternate configuration when testing and
1397             should not need to be changed from the default.
1398           </para>
1399           <para>
1400             Default is <filename>/etc</filename>.
1401           </para>
1402         </listitem>
1403       </varlistentry>
1405       <varlistentry>
1406         <term>CTDB_INIT_STYLE=debian|redhat|suse</term>
1407         <listitem>
1408           <para>
1409             This is the init style used by the Linux distribution (or
1410             other operating system) being used.  This is usually
1411             determined dynamically by checking the system.  This
1412             variable is used by the initscript to determine which init
1413             system primitives to use.  It is also used by some
1414             eventscripts to choose the name of initscripts for certain
1415             services, since these can vary between distributions.
1416           </para>
1417           <para>
1418             No fixed default.
1419           </para>
1420           <para>
1421             If this option needs to be changed from the calculated
1422             default for the initscript to function properly, then it
1423             must be set in the distribution-specific initscript
1424             configuration, such as
1425             <filename>/etc/sysconfig/ctdb</filename>
1426           </para>
1427         </listitem>
1428       </varlistentry>
1430       <varlistentry>
1431         <term>CTDB_MAX_CORRUPT_DB_BACKUPS=<parameter>NUM</parameter></term>
1432         <listitem>
1433           <para>
1434             NUM is the maximum number of volatile TDB database backups
1435             to be kept (for each database) when a corrupt database is
1436             found during startup.  Volatile TDBs are zeroed during
1437             startup so backups are needed to debug any corruption that
1438             occurs before a restart.
1439           </para>
1440           <para>
1441             Default is 10.
1442           </para>
1443         </listitem>
1444       </varlistentry>
1446       <varlistentry>
1447         <term>CTDB_RC_LOCAL=<parameter>FILENAME</parameter></term>
1448         <listitem>
1449           <para>
1450             FILENAME is a script fragment to be sourced by the
1451             <filename>functions</filename> that is sourced by scripts.
1452             On example use would be to override function definitions
1453             in unit tests.  As a sanity check, this file must be
1454             executable for it to be used.
1455           </para>
1456           <para>
1457             No default.
1458           </para>
1459         </listitem>
1460       </varlistentry>
1462       <varlistentry>
1463         <term>CTDB_RUN_TIMEOUT_MONITOR=yes|no</term>
1464         <listitem>
1465           <para>
1466             Whether CTDB should simulate timing out monitor events.
1467             This uses the <filename>99.timeout</filename> eventscript.
1468           </para>
1469           <para>
1470             Default is no.
1471           </para>
1472         </listitem>
1473       </varlistentry>
1475       <varlistentry>
1476         <term>CTDB_SCRIPT_DEBUGLEVEL=<parameter>NUM</parameter></term>
1477         <listitem>
1478           <para>
1479             NUM is the level debugging messages printed by CTDB
1480             scripts.  Setting this to a higher number (e.g. 4) will
1481             cause some scripts to log more messages.
1482           </para>
1483           <para>
1484             Default is 2.
1485           </para>
1486         </listitem>
1487       </varlistentry>
1489       <varlistentry>
1490         <term>CTDB_SUPPRESS_COREFILE=yes|no</term>
1491         <listitem>
1492           <para>
1493             Whether CTDB core files should be suppressed.
1494           </para>
1495           <para>
1496             Default is no.
1497           </para>
1498         </listitem>
1499       </varlistentry>
1501       <varlistentry>
1502         <term>CTDB_VALGRIND=yes|no|<parameter>COMMAND</parameter></term>
1503         <listitem>
1504           <para>
1505             If "yes", this causes
1506             <citerefentry><refentrytitle>ctdbd</refentrytitle>
1507             <manvolnum>1</manvolnum></citerefentry> to be run under
1508             <citerefentry><refentrytitle>valgrind</refentrytitle>
1509             <manvolnum>1</manvolnum></citerefentry> with logs going to
1510             <filename>/var/log/ctdb_valgrind</filename>.  If neither
1511             "yes" nor "no" then the value is assumed to be a COMMAND
1512             (e.g. a <command>valgrind</command> variation, a
1513             <citerefentry><refentrytitle>gdb</refentrytitle>
1514             <manvolnum>1</manvolnum></citerefentry> command) that is
1515             used in place of the default <command>valgrind</command>
1516             command.  In either case, the <option>--valgrind</option>
1517             option is passed to <command>ctdbd</command>.
1518           </para>
1519           <para>
1520             Default is no.
1521           </para>
1522         </listitem>
1523       </varlistentry>
1525     </variablelist>
1527   </refsect1>
1530   <refsect1>
1531     <title>FILES</title>
1533     <simplelist>
1534       <member><filename>/etc/ctdb/ctdbd.conf</filename></member>
1535       <member><filename>/etc/sysconfig/ctdb</filename></member>
1536       <member><filename>/etc/default/ctdb</filename></member>
1537       <member><filename>/etc/ctdb/sysconfig/ctdb</filename></member>
1538     </simplelist>
1539   </refsect1>
1541   <refsect1>
1542     <title>SEE ALSO</title>
1543     <para>
1544       <citerefentry><refentrytitle>ctdbd</refentrytitle>
1545       <manvolnum>1</manvolnum></citerefentry>,
1547       <citerefentry><refentrytitle>ctdbd_wrapper</refentrytitle>
1548       <manvolnum>1</manvolnum></citerefentry>,
1550       <citerefentry><refentrytitle>onnode</refentrytitle>
1551       <manvolnum>1</manvolnum></citerefentry>,
1553       <citerefentry><refentrytitle>ctdb</refentrytitle>
1554       <manvolnum>7</manvolnum></citerefentry>,
1556       <citerefentry><refentrytitle>ctdb-tunables</refentrytitle>
1557       <manvolnum>7</manvolnum></citerefentry>,
1559       <ulink url="http://ctdb.samba.org/"/>
1560     </para>
1561   </refsect1>
1563   <refentryinfo>
1564     <author>
1565       <contrib>
1566         This documentation was written by
1567         Amitay Isaacs,
1568         Martin Schwenke
1569       </contrib>
1570     </author>
1572     <copyright>
1573       <year>2007</year>
1574       <holder>Andrew Tridgell</holder>
1575       <holder>Ronnie Sahlberg</holder>
1576     </copyright>
1577     <legalnotice>
1578       <para>
1579         This program is free software; you can redistribute it and/or
1580         modify it under the terms of the GNU General Public License as
1581         published by the Free Software Foundation; either version 3 of
1582         the License, or (at your option) any later version.
1583       </para>
1584       <para>
1585         This program is distributed in the hope that it will be
1586         useful, but WITHOUT ANY WARRANTY; without even the implied
1587         warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
1588         PURPOSE.  See the GNU General Public License for more details.
1589       </para>
1590       <para>
1591         You should have received a copy of the GNU General Public
1592         License along with this program; if not, see
1593         <ulink url="http://www.gnu.org/licenses"/>.
1594       </para>
1595     </legalnotice>
1596   </refentryinfo>
1598 </refentry>