Archive for March, 2013

Corosync authkeys

Thursday, March 28th, 2013

When setting up Pacemaker clusters I tend to reuse my Pacemaker Puppet module in which I distribute a cluster-specific authkey file.

My workflow has always been:

  1. Log on to a host that has corosync installed, but not part of a cluster
  2. Run corosync-keygen
  3. Transfer the generated /etc/corosync/authkey to my Puppet GIT repo on my local machine

You don’t want to run corosync-keygen on an existing cluster as it will overwrite /etc/corosync/authkey.

As it seemed quite a hassle to compile corosync on my Mac just to be able to run corosync-keygen and so delved a bit deeper, finding this post on the openais mailing list: http://lists.linuxfoundation.org/pipermail/openais/2010-February/013845.html

My workflow has thus simplified to:

dd if=/dev/random of=files/authkey bs=1 count=128

Sweet!