Giters

spclops / hawk

A web-based GUI for managing and monitoring the Pacemaker High-Availability cluster resource manager

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

HA Web Konsole (Hawk)

Overview

Hawk is a web-based GUI for managing and monitoring Pacemaker HA clusters. It is generally intended to be run on every node in the cluster, so that you can just point your web browser at any node to access it, e.g.:

Hawk requires users to log in prior to providing access to the cluster. The same rules apply as for the python GUI; you need to log in as a user in the haclient group. The easiest thing to do is assign a password to the hacluster user, then log in using that account. Note that you will need to configure this user account on every node you want to use Hawk on.

Once logged in, you will see a screen showing the current state of the cluster. Three views are possible (summary, tree and table), selectable with the buttons on the top right of the screen. The navigation bar down the left hand side provides access to the history explorer, setup wizard, cluster properties, resource and constraints configuration. The little tools menu next to the logout link gives you the simulator, cluster diagram and hb_report generation.

Management operations (start, stop, online, standby, etc.) can be performed by clicking the little menu icon to the right of any node or resource on the status screen.

More detailed usage documentation is available in the SUSE Linux Enterprise High Availability Extension documentation

Installation

IMPORTANT NOTE: As of 2013-04-20, the master branch in this repo builds against rails 3.2. This works fine on SUSE Linux, but the below instructions have not yet been tested/verified on other distros. If you run into trouble, you might try the rails-2_3 branch in the meantime.

Dependencies

Hawk is a Ruby on Rails app which runs from a standalone instance of lighttpd. All required Ruby gems are bundled into the Hawk package at build time. Its runtime dependencies are thus:

  • pacemaker

  • lighttpd

  • ruby

When building Hawk from source, you will also need:

  • rubygems

  • rubygem-rake

  • rubygem-rails >= 3.2

  • rubygem-gettext

  • rubygem-gettext_i18n_rails

  • rubygem-fast_gettext

  • ruby-fcgi (openSUSE/SLES only)

  • fdupes (openSUSE/SLES only)

  • pam-devel

  • glib2-devel

  • libxml2-devel

  • libpacemaker-devel (openSUSE/SLES)

  • pacemaker-libs-devel (Fedora)

Installing The Easy Way

Hawk is included with SLE HA 11 SP1, openSUSE 11.4, and later SUSE releases. Just install the RPM, then run:

# chkconfig hawk on
# rchawk start

Installing The Other Easy Way

If you have a SUSE- or Fedora-based system, you can build an RPM easily from the source tree. Just clone this git repo, and run "make rpm". Note that as of 2012-04-27, Hawk expects rails 2.3.x, not rails 3.

Once built, install the RPM on your cluster nodes and:

# chkconfig hawk on
# /etc/init.d/hawk start

The Hard Way

If the above RPM build doesn’t work for you, you can build and install straight from the source tree, but read the Makefile first to ensure you’ll be happy with the outcome!

# make
# sudo make install

The above will install in /srv/www/hawk and run from a SUSE-style init script. To install somewhere else (e.g.: /var/www/hawk) and/or to use a Red Hat-style init script, try:

# make WWW_BASE=/var/www INIT_STYLE=redhat
# sudo make WWW_BASE=/var/www INIT_STYLE=redhat install

A Note on SSL Certificates

The Hawk init script will automatically generate a self-signed SSL certificate, in /etc/lighttpd/certs/hawk-combined.pem. If you want to use your own certificate, replace this file with one of your creation. Note that this is a combined key and certificate, i.e. you’ll need to cat key cert > hawk-combined.pem.

Hacking Hawk

Hacking an instance of Hawk that was installed from an RPM is annoying, not least because you have to keep restarting it to have any changed files reloaded. Instead, it’s easiest to just run it under WEBrick from within the source tree, but first you need to run make to build the hawk_chkpwd and hawk_invoke helper binaries, then install them setuid-root, group=haclient in /usr/sbin. You should end up with something like:

# ls /usr/sbin/hawk_* -l
-rwsr-x--- 1 root haclient 9884 2011-04-14 22:56 /usr/sbin/hawk_chkpwd
-rwsr-x--- 1 root haclient 9928 2011-04-14 22:56 /usr/sbin/hawk_invoke
-rwxr-xr-x 1 root root 9992 2011-04-14 22:56 /usr/sbin/hawk_monitor

hawk_chkpwd is almost identical to unix2_chkpwd, except it restricts acccess to users in the haclient group, and doesn’t inject any delay when invoked by the hacluster user (which is the user Hawk’s lighttpd instance runs as).

hawk_invoke allows the hacluster user to run a small assortment of Pacemaker CLI tools as another user in order to support Pacemaker’s ACL feature. It is used by Hawk when performing various management tasks.

hawk_monitor is not installed setuid-root. It exists to be polled by the web browser, to facilitate near-realtime updates of the cluster status display. It is not used when running Hawk via WEBrick.

Once you’ve got the above built and installed, run:

# sudo -u hacluster script/rails s

This will give you Hawk running via HTTP (not HTTPS), on port 3000, e.g.:

Note that automatic status updates won’t work in this mode, because requests for /monitor aren’t routed to /usr/sbin/hawk_monitor. To force a status update every few seconds, try:

Finally, an alternative to running WEBrick as hacluster (which may require fiddling with file permissions in your source directory, depending on how restrictive your defaults are), you can just rsync the source tree to a development cluster node, then and run it as root there.

Questions, Feedback, etc.

Please direct comments, feedback, questions etc. to tserong@suse.com and/or the Pacemaker mailing list.

About

A web-based GUI for managing and monitoring the Pacemaker High-Availability cluster resource manager

License:GNU General Public License v2.0