1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
|
#
# Pacemaker start-up configuration
#
# This file contains environment variables that affect Pacemaker behavior.
# They are not options stored in the Cluster Information Base (CIB) because
# they may be needed before the CIB is available.
#
## Logging
# PCMK_logfacility
#
# Enable logging via the system log or journal, using the specified log
# facility. Messages sent here are of value to all Pacemaker administrators.
# This can be disabled using "none", but that is not recommended. Allowed
# values:
#
# none
# daemon
# user
# local0
# local1
# local2
# local3
# local4
# local5
# local6
# local7
#
# Default: PCMK_logfacility="daemon"
# PCMK_logpriority
#
# Unless system logging is disabled using PCMK_logfacility=none, messages of
# the specified log severity and higher will be sent to the system log. The
# default is appropriate for most installations. Allowed values:
#
# emerg
# alert
# crit
# error
# warning
# notice
# info
# debug
#
# Default: PCMK_logpriority="notice"
# Warning: Debug logs may show sensitive configuration values.
# PCMK_logfile
#
# Unless set to "none", more detailed log messages will be sent to the
# specified file (in addition to the system log, if enabled). These messages
# may have extended information, and will include messages of info severity.
# This log is of more use to developers and advanced system administrators, and
# when reporting problems.
#
# Default: PCMK_logfile="@CRM_LOG_DIR@/pacemaker.log"
# PCMK_logfile_mode
#
# Pacemaker will set the permissions on the detail log to this value (see
# chmod(1)).
#
# Default: PCMK_logfile_mode="0660"
# PCMK_debug (Advanced Use Only)
#
# Whether to send debug severity messages to the detail log.
# This may be set for all subsystems (yes or no) or for specific
# (comma-separated) subsystems. Allowed subsystems are:
#
# pacemakerd
# pacemaker-attrd
# pacemaker-based
# pacemaker-controld
# pacemaker-execd
# pacemaker-fenced
# pacemaker-schedulerd
#
# Default: PCMK_debug="no"
# Example: PCMK_debug="pacemakerd,pacemaker-execd"
# Warning: Debug logs may show sensitive configuration values.
# PCMK_stderr (Advanced Use Only)
#
# Whether to send daemon log messages to stderr. This would be useful only
# during troubleshooting, when starting Pacemaker manually on the command line.
#
# Setting this option in this file is pointless, since this file is not read
# when starting Pacemaker manually. However, it can be set directly as an
# environment variable on the command line.
#
# Default: PCMK_stderr="no"
# PCMK_trace_functions (Advanced Use Only)
#
# Send debug and trace severity messages from these (comma-separated)
# source code functions to the detail log.
#
# Default: PCMK_trace_functions=""
# Example: PCMK_trace_functions="unpack_colocation_set,pcmk__cmp_instance"
# Warning: Trace logs may show sensitive configuration values.
# PCMK_trace_files (Advanced Use Only)
#
# Send debug and trace severity messages from all functions in these
# (comma-separated) source file names to the detail log.
#
# Default: PCMK_trace_files=""
# Example: PCMK_trace_files="remote.c,watchdog.c"
# Warning: Trace logs may show sensitive configuration values.
# PCMK_trace_formats (Advanced Use Only)
#
# Send trace severity messages that are generated by these (comma-separated)
# format strings in the source code to the detail log.
#
# Default: PCMK_trace_formats=""
# Example: PCMK_trace_formats="TLS handshake failed: %s (%d)"
# Warning: Trace logs may show sensitive configuration values.
# PCMK_trace_tags (Advanced Use Only)
#
# Send debug and trace severity messages related to these (comma-separated)
# resource IDs to the detail log.
#
# Default: PCMK_trace_tags=""
# Example: PCMK_trace_tags="client-ip,dbfs"
# Warning: Trace logs may show sensitive configuration values.
# PCMK_blackbox (Advanced Use Only)
#
# Enable blackbox logging globally (yes or no) or by subsystem. A blackbox
# contains a rolling buffer of all logs (of all severities). Blackboxes are
# stored under @CRM_BLACKBOX_DIR@ by default, and their contents can
# be viewed using the qb-blackbox(8) command.
#
# The blackbox recorder can be enabled at start using this variable, or at
# runtime by sending a Pacemaker subsystem daemon process a SIGUSR1 or SIGTRAP
# signal, and disabled by sending SIGUSR2 (see kill(1)). The blackbox will be
# written after a crash, assertion failure, or SIGTRAP signal.
#
# Default: PCMK_blackbox="no"
# Example: PCMK_blackbox="pacemaker-controld,pacemaker-fenced"
# Warning: Blackboxes may contain sensitive configuration values.
# PCMK_trace_blackbox (Advanced Use Only)
#
# Write a blackbox whenever the message at the specified function and line is
# logged. Multiple entries may be comma-separated.
#
# Default: PCMK_trace_blackbox=""
# Example: PCMK_trace_blackbox="remote.c:144,remote.c:149"
# Warning: Blackboxes may contain sensitive configuration values.
## Option overrides
# PCMK_node_start_state
#
# By default, the local host will join the cluster in an online or standby
# state when Pacemaker first starts depending on whether it was previously put
# into standby mode. If this variable is set to "standby" or "online", it will
# force the local host to join in the specified state.
#
# Default: PCMK_node_start_state="default"
# PCMK_node_action_limit
#
# If set, this overrides the node-action-limit cluster option for this node to
# specify the maximum number of jobs that can be scheduled on this node (or 0
# to use twice the number of CPU cores).
#
# Default: unset
# Example: PCMK_node_action_limit="1"
## Crash Handling
# PCMK_fail_fast
#
# By default, if a Pacemaker subsystem crashes, the main pacemakerd process
# will attempt to restart it. If this variable is set to "yes", pacemakerd
# will panic the local host instead.
#
# Default: PCMK_fail_fast="no"
# PCMK_panic_action
#
# Pacemaker panics the local node under certain conditions (for example, losing
# quorum when no-quorum-policy is "suicide", or being notified of the local
# node's own fencing when fence-reaction is "panic"). This variable determines
# the panic behavior. Allowed values:
#
# reboot Immediately reboot the host (not a clean reboot)
# off Immediately kill power to the host (not a clean shutdown)
# crash Trigger a kernel crash if possible, otherwise like reboot
# sync-reboot, sync-off, sync-crash
# "sync-" can be put in front of any of the above values to synchronize
# filesystems before panicking (making log messages more likely to be
# preserved, but with the risk that the host may be left active if the
# synchronization hangs)
#
# Default: PCMK_panic_action="reboot"
## Pacemaker Remote and remote CIB administration
# PCMK_remote_address
#
# By default, if the Pacemaker Remote service is run on the local node, it will
# listen for connections on all IP addresses. This may be set to one address to
# listen on instead, as a resolvable hostname or as a numeric IPv4 or IPv6
# address. When resolving names or listening on all addresses, IPv6 will be
# preferred if available. When listening on an IPv6 address, IPv4 clients will
# be supported via IPv4-mapped IPv6 addresses.
#
# Default: PCMK_remote_address=""
# Example: PCMK_remote_address="192.0.2.1"
# PCMK_remote_port
#
# Use this TCP port number for Pacemaker Remote node connections. This value
# must be the same on all nodes.
#
# Default: PCMK_remote_port="3121"
# PCMK_ca_file
#
# The location of a file containing trusted Certificate Authorities, used to
# verify client or server certificates. This file must be in PEM format and
# must be readable by Pacemaker daemons (that is, it must allow read permissions
# to either the @CRM_DAEMON_USER@ user or the @CRM_DAEMON_GROUP@ group).
# If set, along with PCMK_key_file and PCMK_cert_file, X509 authentication
# will be enabled for Pacemaker Remote and remote CIB connections.
#
# Default: PCMK_ca_file=""
# PCMK_cert_file
#
# The location of a file containing the signed certificate for the server
# side of the connection. This file must be in PEM format and must be
# readable by Pacemaker daemons (that is, it must allow read permissions
# to either the @CRM_DAEMON_USER@ user or the @CRM_DAEMON_GROUP@ group).
# If set, along with PCMK_ca_file and PCMK_key_file, X509 authentication
# will be enabled for Pacemaker Remote and remote CIB connections.
#
# Default: PCMK_cert_file=""
# PCMK_crl_file
#
# The location of a Certificate Revocation List file, in PEM format. This
# setting is optional for X509 authentication.
#
# Default: PCMK_crl_file=""
# PCMK_key_file
#
# The location of a file containing the private key for the matching PCMK_cert_file,
# in PEM format. This file must be readble by Pacemaker daemons (that is, it
# must allow read permissions to either the @CRM_DAEMON_USER@ user or the
# @CRM_DAEMON_GROUP@ group). If set, along with PCMK_ca_file and PCMK_cert_file,
# X509 authentication will be enabled for Pacemaker Remote and remote CIB
# connections.
#
# Default: PCMK_key_file=""
# PCMK_authkey_location
#
# As an alternative to using X509 authentication for Pacemaker Remote
# connections, use the contents of this file as the authorization key. This
# file must be readable by Pacemaker daemons (that is, it must allow read
# permissions to either the @CRM_DAEMON_USER@ user or the @CRM_DAEMON_GROUP@
# group), and its contents must be identical on all nodes.
#
# This is an alternative to using X509 certificates.
#
# Default: PCMK_authkey_location="@PACEMAKER_CONFIG_DIR@/authkey"
# PCMK_remote_pid1 (Advanced Use Only)
#
# When a bundle resource's "run-command" option is left to default, Pacemaker
# Remote runs as PID 1 in the bundle's containers. When it does so, it loads
# environment variables from the container's
# @PACEMAKER_CONFIG_DIR@/pcmk-init.env and performs the PID 1 responsibility of
# reaping dead subprocesses.
#
# This option controls whether those actions are performed when Pacemaker
# Remote is not running as PID 1. It is intended primarily for developer testing
# but can be useful when "run-command" is set to a separate, custom PID 1
# process that launches Pacemaker Remote.
#
# * If set to "full", Pacemaker Remote loads environment variables from
# @PACEMAKER_CONFIG_DIR@/pcmk-init.env and reaps dead subprocesses.
# * If set to "vars", Pacemaker Remote loads environment variables from
# @PACEMAKER_CONFIG_DIR@/pcmk-init.env but does not reap dead subprocesses.
# * If set to "default", Pacemaker Remote performs neither action.
#
# If Pacemaker Remote is running as PID 1, this option is ignored, and the
# behavior is the same as for "full".
#
# Default: PCMK_remote_pid1="default"
# PCMK_tls_priorities (Advanced Use Only)
#
# These GnuTLS cipher priorities will be used for TLS connections (whether for
# Pacemaker Remote connections or remote CIB access, when enabled). See:
#
# https://gnutls.org/manual/html_node/Priority-Strings.html
#
# Pacemaker will append ":+ANON-DH" for remote CIB access and ":+DHE-PSK:+PSK"
# for Pacemaker Remote connections, as they are required for the respective
# functionality.
#
# Default: PCMK_tls_priorities="@PCMK__GNUTLS_PRIORITIES@"
# Example: PCMK_tls_priorities="SECURE128:+SECURE192:-VERS-ALL:+VERS-TLS1.2"
# PCMK_dh_max_bits (Advanced Use Only)
#
# Set an upper bound on the bit length of the prime number generated for
# Diffie-Hellman parameters needed by TLS connections. The default is no
# maximum.
#
# The server (Pacemaker Remote daemon, or CIB manager configured to accept
# remote clients) will use this value to provide a ceiling for the value
# recommended by the GnuTLS library. The library will only accept a limited
# number of specific values, which vary by library version, so setting these is
# recommended only when required for compatibility with specific client
# versions.
#
# Clients do not use PCMK_dh_max_bits.
#
# Default: PCMK_dh_max_bits="0" (no maximum)
## Inter-process Communication
# PCMK_ipc_type (Advanced Use Only)
#
# Force use of a particular IPC method. Allowed values:
#
# shared-mem
# socket
# posix
# sysv
#
# Default: PCMK_ipc_type="shared-mem"
## Cluster type
# PCMK_cluster_type (Advanced Use Only)
#
# Specify the cluster layer to be used. If unset, Pacemaker will detect and use
# a supported cluster layer, if available. Currently, "corosync" is the only
# supported cluster layer. If multiple layers are supported in the future, this
# will allow overriding Pacemaker's automatic detection to select a specific
# one.
#
# Default: PCMK_cluster_type=""
## Developer Options
# PCMK_schema_directory (Advanced Use Only)
#
# Specify an alternate location for RNG schemas and XSL transforms.
#
# Default: PCMK_schema_directory="@PCMK_SCHEMA_DIR@"
# PCMK_remote_schema_directory (Advanced Use Only)
#
# Specify an alternate location on Pacemaker Remote nodes for storing newer
# RNG schemas and XSL transforms fetched from the cluster.
#
# Default: PCMK_remote_schema_directory="@PCMK__REMOTE_SCHEMA_DIR@"
# G_SLICE (Advanced Use Only)
#
# Affect the behavior of glib's memory allocator. Setting to "always-malloc"
# when running under valgrind will help valgrind track malloc/free better;
# setting to "debug-blocks" when not running under valgrind will perform
# (somewhat expensive) memory checks.
#
# Default: G_SLICE=""
# Example: G_SLICE="always-malloc"
# MALLOC_PERTURB_ (Advanced Use Only)
#
# Setting this to a decimal byte value will make malloc() initialize newly
# allocated memory and free() wipe it, to help catch uninitialized-memory and
# use-after-free bugs.
#
# Default: MALLOC_PERTURB_=""
# Example: MALLOC_PERTURB_="221"
# MALLOC_CHECK_ (Advanced Use Only)
#
# Setting this to 3 will make malloc() and friends print to stderr and abort
# for some (inexpensive) memory checks.
#
# Default: MALLOC_CHECK_=""
# Example: MALLOC_CHECK_="3"
# PCMK_valgrind_enabled (Advanced Use Only)
#
# Whether subsystem daemons should be run under valgrind. Allowed values are
# the same as for PCMK_debug.
#
# Default: PCMK_valgrind_enabled="no"
# PCMK_callgrind_enabled
#
# Whether subsystem daemons should be run under valgrind with the callgrind
# tool enabled. Allowed values are the same as for PCMK_debug.
#
# Default: PCMK_callgrind_enabled="no"
# VALGRIND_OPTS
#
# Pass these options to valgrind, when enabled (see valgrind(1)). "--vgdb=no"
# is specified because pacemaker-execd can lower privileges when executing
# commands, which would otherwise leave a bunch of unremovable files in /tmp.
#
# Default: VALGRIND_OPTS=""
VALGRIND_OPTS="--leak-check=full --trace-children=no --vgdb=no --num-callers=25 --log-file=@PCMK__PERSISTENT_DATA_DIR@/valgrind-%p --suppressions=@datadir@/pacemaker/tests/valgrind-pcmk.suppressions --gen-suppressions=all"
|
