'\" t .\" Title: ocf_heartbeat_ipsec .\" Author: ClusterLabs contributors (see the resource agent source for information about individual authors) .\" Generator: DocBook XSL Stylesheets v1.79.1 .\" Date: 12/17/2020 .\" Manual: OCF resource agents .\" Source: resource-agents UNKNOWN .\" Language: English .\" .TH "OCF_HEARTBEAT_IPSEC" "7" "12/17/2020" "resource-agents UNKNOWN" "OCF resource agents" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .\" http://bugs.debian.org/507673 .\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html .\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" ----------------------------------------------------------------- .\" * set default formatting .\" ----------------------------------------------------------------- .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) .ad l .\" ----------------------------------------------------------------- .\" * MAIN CONTENT STARTS HERE * .\" ----------------------------------------------------------------- .SH "NAME" ocf_heartbeat_ipsec \- Handles IPSEC tunnels for VIPs .SH "SYNOPSIS" .HP \w'\fBipsec\fR\ 'u \fBipsec\fR [start | stop | monitor | meta\-data] .SH "DESCRIPTION" .PP This is a Resource Agent to manage IPSEC tunnels associated with a Virtual IP Address\&. It\*(Aqs meant to be collocated with a specific VIP, and will manage setting up or down a specific tunnel\&. .SH "SUPPORTED PARAMETERS" .PP \fBtunnel\fR .RS 4 The name of the tunnel to be monitored\&. .sp (unique, required, string, no default) .RE .PP \fBvip\fR .RS 4 Virtual IP address that the tunnel is using\&. .sp (unique, required, string, no default) .RE .PP \fBconfdir\fR .RS 4 The directory where the IPSEC tunnel configurations can be found\&. .sp (optional, string, default "/etc/ipsec\&.d/") .RE .PP \fBfallbacktunnel\fR .RS 4 The name of the tunnel to fall back to when the main tunnel is put down\&. .sp (unique, optional, string, no default) .RE .SH "SUPPORTED ACTIONS" .PP This resource agent supports the following actions (operations): .PP \fBstart\fR .RS 4 Starts the resource\&. Suggested minimum timeout: 20s\&. .RE .PP \fBstop\fR .RS 4 Stops the resource\&. Suggested minimum timeout: 20s\&. .RE .PP \fBmonitor\fR .RS 4 Performs a detailed status check\&. Suggested minimum timeout: 20s\&. Suggested interval: 10s\&. .RE .PP \fBreload\fR .RS 4 Suggested minimum timeout: 20s\&. .RE .PP \fBmeta\-data\fR .RS 4 Retrieves resource agent metadata (internal use only)\&. Suggested minimum timeout: 5s\&. .RE .SH "EXAMPLE CRM SHELL" .PP The following is an example configuration for a ipsec resource using the \fBcrm\fR(8) shell: .sp .if n \{\ .RS 4 .\} .nf primitive p_ipsec ocf:heartbeat:ipsec \e params \e tunnel=\fIstring\fR \e vip=\fIstring\fR \e op monitor timeout="20s" interval="10s" depth="0" .fi .if n \{\ .RE .\} .SH "EXAMPLE PCS" .PP The following is an example configuration for a ipsec resource using \fBpcs\fR(8) .sp .if n \{\ .RS 4 .\} .nf pcs resource create p_ipsec ocf:heartbeat:ipsec \e tunnel=\fIstring\fR \e vip=\fIstring\fR \e op monitor timeout="20s" interval="10s" OCF_CHECK_LEVEL="0" .fi .if n \{\ .RE .\} .SH "SEE ALSO" .PP \m[blue]\fB\%http://clusterlabs.org/\fR\m[] .SH "AUTHOR" .PP \fBClusterLabs contributors (see the resource agent source for information about individual authors)\fR