[Samba] CTDB Question w/ Winbind
Martin Schwenke
martin at meltin.net
Tue Oct 6 05:46:21 UTC 2020
Hi Bob,
On Mon, 5 Oct 2020 09:31:59 -0400, Robert Buck <robert.buck at som.com>
wrote:
> It seems as though, when I go from `clustering = no` to `clustering = yes`,
> if I do a domain join, it will fail. However, if I do a `systemctl restart
> ctdb` (knowing full well it will fail every time), if after this I add a
> sleep(15), then do a domain join, then do a `systemctl restart ctdb`, then
> the join will have worked, AND CTDB will start properly. So in a nutshell,
> in Ansible,
> - do all the samba setup without clustering on, even winbind setup; verify
> it works
> - do all the ctdb setup and turn clustering on, but we must again
> domain-join, but only after having run restart-ctdb once first, then after
> the join, do another restart-ctdb
> Only then does the system come to a stable point.
>
> This appears to be the only way to have a repeatable deployment process of
> CTDB over multiple regions globally.
>
> Any thoughts or recommendations?
I think we need to document this better. ;-)
Although we've tried to explain things well in the wiki there are still
gaps... and this is one of them. Although some of the tutorials around
the place are dated they fill in some of these gaps nicely.
So, I'll repeat what Ralph said but with a few more words of
explanation... :-)
When clustering is enabled a new set of databases, managed by CTDB,
replaces those that were being used before. This means that even if a
node was previously joined to a domain it will no longer be joined
after you enable clustering. The credentials have basically
disappeared... unless you (immediately?) disable clustering again.
In general, before you enable the 49.winbind and 50.samba event
scripts, you should start CTDB and join the domain.
Then you can enable those scripts and restart CTDB so it will start the
services.
Since you mention Ansible, I'll point you at autocluster, which I
rewrote (last year?) using Vagrant and Ansible. It is a testing tool
to generate virtual clusters for (developer) testing of Clustered
Samba. It has a lot of clues that need to make their way into
documentation. We don't do releases but there is a git repository at:
https://git.samba.org/?p=autocluster.git;a=summary
Here's the sequence of tasks that we use to configure a "nas" node:
https://git.samba.org/?p=autocluster.git;a=blob;f=ansible/node/roles/nas/tasks/main.yml;h=0c444bd77c0a883b1c608fcd6398592be8e962de;hb=73b6a2844e827b4c2c2b5d5946cc14c7c61d7d75
In particular, this file disables the event scripts:
https://git.samba.org/?p=autocluster.git;a=blob;f=ansible/node/roles/nas/tasks/generic/ctdb.yml;h=0271d2a11cff0e9359e115f20c5e641e3279c3ea;hb=73b6a2844e827b4c2c2b5d5946cc14c7c61d7d75
and later the domain is joined:
https://git.samba.org/?p=autocluster.git;a=blob;f=ansible/node/roles/nas/tasks/generic/ctdb-with-samba-nfs.yml;h=b6f9c6d2354e4922535d9048648df4e9e5161689;hb=73b6a2844e827b4c2c2b5d5946cc14c7c61d7d75
Note that I'm not an Ansible expert and these Ansible playbooks aren't
necessarily idempotent. At the moment it all works well enough and I
hope to get opportunities to clean it up more later. It is very much
aimed at developer testing... but it would be cool if a subset of it
could be used to configure "real" Samba clusters.
However, given that you mentioned Ansible I figure that it might
document certain things for you nice and clearly. It isn't missing
anything obvious because we use it to build several test clusters each
night.
One day later this week I'll try to take a look at the wiki and add some
documentation for joining a domain...
peace & happiness,
martin
More information about the samba
mailing list