« What a timesaver: reptyr!
Puppet oddities »

Corosync authkeys

When setting up Pacemaker clusters I tend to reuse my Pacemaker Puppet module in which I distribute a cluster-specific authkey file.

My workflow has always been:

  1. Log on to a host that has corosync installed, but not part of a cluster
  2. Run corosync-keygen
  3. Transfer the generated /etc/corosync/authkey to my Puppet GIT repo on my local machine

You don’t want to run corosync-keygen on an existing cluster as it will overwrite /etc/corosync/authkey.

As it seemed quite a hassle to compile corosync on my Mac just to be able to run corosync-keygen and so delved a bit deeper, finding this post on the openais mailing list: http://lists.linuxfoundation.org/pipermail/openais/2010-February/013845.html

My workflow has thus simplified to:

dd if=/dev/random of=files/authkey bs=1 count=128

Sweet!

This entry was posted on Thursday, March 28th, 2013 at 10:35 am and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.

One Response to “Corosync authkeys”

  1. Björn says:
    January 14, 2014 at 11:09 am

    Hi,

    just found your site and wanted to note, that there is another fast way to generate that authkey:

    echo -ne “auth 1\n1 sha1 `echo “”|sha512sum|cut -c1-128`” > /etc/corosync/authkey

    works perfect.

    Regards
    Björn