OCF_HEARTBEAT_PORTBL - Online Linux Manual PageSection : 7
Updated : 03/25/2021
Source : resource-agents UNKNOWN
Note : OCF resource agents
NAMEocf_heartbeat_portblock − Block and unblocks access to TCP and UDP ports
SYNOPSISportblock [start | stop | status | monitor | meta−data | validate−all]
DESCRIPTIONResource script for portblock. It is used to temporarily block ports using iptables. In addition, it may allow for faster TCP reconnects for clients on failover. Use that if there are long lived TCP connections to an HA service. This feature is enabled by setting the tickle_dir parameter and only in concert with action set to unblock. Note that the tickle ACK function is new as of version 3.0.2 and hasn't yet seen widespread use.
SUPPORTED PARAMETERSprotocol The protocol used to be blocked/unblocked. (required, string, no default) portno The port number used to be blocked/unblocked. (required, string, no default) action The action (block/unblock) to be done on the protocol::portno. (required, string, no default) reset_local_on_unblock_stop If for some reason the long lived server side TCP sessions won't be cleaned up by a reconfiguration/flush/stop of whatever services this portblock protects, they would linger in the connection table, even after the IP is gone and services have been switched over to another node. An example would be the default NFS kernel server. These "known" connections may seriously confuse and delay a later switchback. Enabling this option will cause this agent to try to get rid of these connections by injecting a temporary iptables rule to TCP−reset outgoing packets from the blocked ports, and additionally tickle them locally, just before it starts to DROP incoming packets on "unblock stop". (optional, boolean, default false) ip The IP address used to be blocked/unblocked. (optional, string, default "0.0.0.0/0") tickle_dir The shared or local directory (_must_ be absolute path) which stores the established TCP connections. (optional, string, no default) sync_script If the tickle_dir is a local directory, then the TCP connection state file has to be replicated to other nodes in the cluster. It can be csync2 (default), some wrapper of rsync, or whatever. It takes the file name as a single argument. For csync2, set it to "csync2 −xv". (optional, string, no default)
SUPPORTED ACTIONSThis resource agent supports the following actions (operations): start Starts the resource. Suggested minimum timeout: 20s. stop Stops the resource. Suggested minimum timeout: 20s. status Performs a status check. Suggested minimum timeout: 10s. Suggested interval: 10s. monitor Performs a detailed status check. Suggested minimum timeout: 10s. Suggested interval: 10s. meta−data Retrieves resource agent metadata (internal use only). Suggested minimum timeout: 5s. validate−all Performs a validation of the resource configuration. Suggested minimum timeout: 5s.
EXAMPLE CRM SHELLThe following is an example configuration for a portblock resource using the crm(8) shell: primitive p_portblock ocf:heartbeat:portblock \
params \
protocol=string \
portno=string \
action=string \
op monitor depth="0" timeout="10s" interval="10s"
EXAMPLE PCSThe following is an example configuration for a portblock resource using pcs(8) pcs resource create p_portblock ocf:heartbeat:portblock \
protocol=string \
portno=string \
action=string \
op monitor OCF_CHECK_LEVEL="0" timeout="10s" interval="10s"
SEE ALSOhttp://clusterlabs.org/
AUTHORClusterLabs contributors (see the resource agent source for information about individual authors) 0
Johanes Gumabo
Data Size : 15,089 byte
man-ocf_heartbeat_portblock.7Build : 2024-12-05, 20:55 :
Visitor Screen : x
Visitor Counter ( page / site ) : 2 / 202,553
Visitor ID : :
Visitor IP : 18.191.171.136 :
Visitor Provider : AMAZON-02 :
Provider Position ( lat x lon ) : 39.962500 x -83.006100 : x
Provider Accuracy Radius ( km ) : 1000 :
Provider City : Columbus :
Provider Province : Ohio , : ,
Provider Country : United States :
Provider Continent : North America :
Visitor Recorder : Version :
Visitor Recorder : Library :
Online Linux Manual Page : Version : Online Linux Manual Page - Fedora.40 - march=x86-64 - mtune=generic - 24.12.05
Online Linux Manual Page : Library : lib_c - 24.10.03 - march=x86-64 - mtune=generic - Fedora.40
Online Linux Manual Page : Library : lib_m - 24.10.03 - march=x86-64 - mtune=generic - Fedora.40
Data Base : Version : Online Linux Manual Page Database - 24.04.13 - march=x86-64 - mtune=generic - fedora-38
Data Base : Library : lib_c - 23.02.07 - march=x86-64 - mtune=generic - fedora.36
Very long time ago, I have the best tutor, Wenzel Svojanovsky . If someone knows the email address of Wenzel Svojanovsky , please send an email to johanes_gumabo@yahoo.co.id .
If error, please print screen and send to johanes_gumabo@yahoo.co.id
Under development. Support me via PayPal.