Scroll to navigation

OCF_HEARTBEAT_IPSEC(7) OCF resource agents OCF_HEARTBEAT_IPSEC(7)

NAME

ocf_heartbeat_ipsec - Handles IPSEC tunnels for VIPs

SYNOPSIS

ipsec [start | stop | monitor | meta-data]

DESCRIPTION

This is a Resource Agent to manage IPSEC tunnels associated with a Virtual IP Address. It's meant to be collocated with a specific VIP, and will manage setting up or down a specific tunnel.

SUPPORTED PARAMETERS

tunnel
The name of the tunnel to be monitored.

(unique, required, string, no default)

vip

Virtual IP address that the tunnel is using.

(unique, required, string, no default)

confdir

The directory where the IPSEC tunnel configurations can be found.

(optional, string, default "/etc/ipsec.d/")

fallbacktunnel

The name of the tunnel to fall back to when the main tunnel is put down.

(unique, optional, string, no default)

SUPPORTED ACTIONS

This resource agent supports the following actions (operations):

start

Starts the resource. Suggested minimum timeout: 20s.

stop

Stops the resource. Suggested minimum timeout: 20s.

monitor

Performs a detailed status check. Suggested minimum timeout: 20s. Suggested interval: 10s.

reload

Suggested minimum timeout: 20s.

meta-data

Retrieves resource agent metadata (internal use only). Suggested minimum timeout: 5s.

EXAMPLE CRM SHELL

The following is an example configuration for a ipsec resource using the crm(8) shell: 

primitive p_ipsec ocf:heartbeat:ipsec \
  params \
    tunnel=string \
    vip=string \
  op monitor timeout="20s" interval="10s" depth="0"

EXAMPLE PCS

The following is an example configuration for a ipsec resource using pcs(8) 

pcs resource create p_ipsec ocf:heartbeat:ipsec \
  tunnel=string \
  vip=string \
  op monitor timeout="20s" interval="10s" OCF_CHECK_LEVEL="0"

SEE ALSO

http://clusterlabs.org/

AUTHOR

ClusterLabs contributors (see the resource agent source for information about individual authors)
12/17/2020 resource-agents UNKNOWN