Geo Clustering for SUSE Linux Enterprise High Availability 12 SP1
Release Notes #
Geo Clustering for SUSE Linux Enterprise High Availability is a suite of clustering technologies that enable enterprises to implement highly available Linux clusters and eliminate single points of failure. This document gives an overview of features of Geo Clustering for SUSE Linux Enterprise High Availability and their limitations. Some sections do not apply to a particular architecture or product, this is explicitly marked.
Manuals can be found in the docu directory of
the installation media for SUSE Linux Enterprise High Availability Extension 12 SP1. Any
documentation (if installed) can be found in the
/usr/share/doc/ directory of the installed
system.
- 1 Geo Clustering for SUSE Linux Enterprise High Availability
- 2 What's New?
- 3 Supported Deployment Scenarios of Geo Clustering for SUSE Linux Enterprise High Availability 12 SP1
- 4 Support Statement for Geo Clustering for SUSE Linux Enterprise High Availability 12 SP1
- 5 New Features and Known Issues
- 6 How to Obtain Source Code
- 7 More Information and Feedback
1 Geo Clustering for SUSE Linux Enterprise High Availability #
Geo Clustering for SUSE Linux Enterprise High Availability 12 SP1 extends the support of SUSE Linux Enterprise High Availability Extension 12 SP1 for the use case of multi-site geographically resilient clusters.
Used with SUSE Linux Enterprise Server 12 SP1 and SUSE Linux Enterprise High Availability Extension 12 SP1, it helps firms maintain business continuity, protect data integrity, and reduce unplanned downtime for their mission-critical Linux workloads.
2 What's New? #
- IP Relocation Resource Agent
Switch DNS/network to backup data center in case of a fail-over.
- GEO Cluster Status
HAWK displays the status of a Geo Cluster for easier access and monitoring.
- Arbitrator
Multi-tenancy booth arbitrator for managing multiple Geo clusters.
- Configuration Replication Between GEO Sites
Configuration replication between GEO sites reduces manual admin work while keeping track for configuration changes.
See https://www.suse.com/releasenotes/x86_64/SLE-HA/12-SP1/ (https://www.suse.com/releasenotes/x86_64/SLE-HA/12/) for what's new in the base SUSE Linux Enterprise High Availability Extension 12 SP1.
3 Supported Deployment Scenarios of Geo Clustering for SUSE Linux Enterprise High Availability 12 SP1 #
See the release notes of SUSE Linux Enterprise High Availability Extension 12 SP1 for the discussion of which scenarios require Geo Clustering for SUSE Linux Enterprise High Availability 12.
4 Support Statement for Geo Clustering for SUSE Linux Enterprise High Availability 12 SP1 #
Support requires an appropriate subscription from SUSE. For more information, see: http://www.suse.com/products/server/.
General Support Statement
The following definitions apply:
L1: Installation and problem determination - technical support designed to provide compatibility information, installation and configuration assistance, usage support, on-going maintenance and basic troubleshooting. Level 1 Support is not intended to correct product defect errors.
L2: Reproduction of problem isolation - technical support designed to duplicate customer problems, isolate problem areas and potential issues, and provide resolution for problems not resolved by Level 1 Support.
L3: Code Debugging and problem resolution - technical support designed to resolve complex problems by engaging engineering in patch provision, resolution of product defects which have been identified by Level 2 Support.
SUSE will only support the usage of original (unchanged or not recompiled) packages.
5 New Features and Known Issues #
5.1 Security #
5.1.1 Booth Authentification #
Booth can authenticate clients and servers.
5.1.2 Booth Can Authenticate Clients and Servers #
If no authentication is used and the network (either LAN within a site or WAN) is not secure, a malicious party can disrupt booth operation causing a failover or other malfunction.
This is copied verbatim from README:
Authentication ============== In order to prevent malicious parties from affecting booth operation, booth server can authenticate both clients (connecting over TCP) and other booth servers (connecting over UDP). The authentication is based on SHA1 HMAC (Keyed-Hashing Message Authentication) and shared key. The HMAC implementation is provided by the libgcrypt library. Message encryption is not included as the information exchanged between various booth parties does not seem to justify that. Every message (packet) contains a hash code computed from the combination of payload and the secret key. Whoever has the secret key can then verify that the message is authentic. The shared key is used by both the booth client and the booth server, hence it needs to be copied to all nodes at each site and all arbitrators. Of course, a secure channel is required for key transfer. It is recommended to use csync2 or ssh. Timestamps are included and verified to fend against replay attacks. Certain time skew, 10 minutes by default, is tolerated. Packets either not older than that or with a timestamp more recent than the previous one from the same peer are accepted. The time skew can be configured in the booth configuration file. There is no way to configure booth to use a hash different from SHA1. That should not be a problem in practice as SHA1 provides sufficient security (the lesser MD5 would too).
5.2 Performance, Robustness and Stability #
5.2.1 Booth Now Processes Clients in a Non-blocking Manner #
A very slow or misbehaving client could block the booth process indefinitely.
Booth now processes clients in a non-blocking manner.
5.2.2 Booth Now Runs External Test Programs Asynchronously #
External checks used to be run synchronously (
before-acquire-handler
in the configuration file). A blocked external test program could therefore keep the booth process waiting and missing events or timing out and in general misbehaving.
External test programs are now run asynchronously.
6 How to Obtain Source Code #
This SUSE product includes materials licensed to SUSE under the GNU General Public License (GPL). The GPL requires SUSE to provide the source code that corresponds to the GPL-licensed material. The source code is available for download at http://www.suse.com/download-linux/source-code.html. Also, for up to three years after distribution of the SUSE product, upon request, SUSE will mail a copy of the source code. Requests should be sent by e-mail to mailto:sle_source_request@suse.com or as otherwise instructed at http://www.suse.com/download-linux/source-code.html. SUSE may charge a reasonable fee to recover distribution costs.
7 More Information and Feedback #
Read the READMEs on the CDs.
Get detailed changelog information about a particular package from the RPM:
rpm --changelog -qp <FILENAME>.rpm
<FILENAME>. is the name of the RPM.
Check the
ChangeLogfile in the top level of CD1 for a chronological log of all changes made to the updated packages.Find more information in the
docudirectory of CD1 of the Geo Clustering for SUSE Linux Enterprise High Availability CDs. This directory includes a PDF version of the High Availability Guide.http://www.suse.com/documentation/sle_ha/ contains additional or updated documentation for Geo Clustering for SUSE Linux Enterprise High Availability.
Visit http://www.suse.com/products/ for the latest product news from SUSE and http://www.suse.com/download-linux/source-code.html for additional information on the source code of SUSE Linux Enterprise products.
Copyright © 2015 SUSE LLC.
Thanks for using Geo Clustering for SUSE Linux Enterprise High Availability in your business.
The SUSE Linux Enterprise High Availability Extension Team.