Install DRBD on Debian

by Pierre-Yves Landuré — last modified Feb 27, 2017 12:18

DRBD is a distributed storage infrastructure for GNU/Linux. It allow the replication of bloc peripherals (disks, partitions, logical volumes, etc...) between servers. This howto ease its installation on Debian.

This howto is tested on:

Debian 7.0 Wheezy

Prerequisites

This howto recommends:

the use of LVM, as described by Setup and use the Logical Volume Manager (LVM) on Debian.
a IPSec peer to peer VPN between the cluster members, as described by Setup a peer to peer IPSec VPN tunnel (transport mode) on Debian.

the high-availability cluster software Heartbeat, as described by Install Heartbeat on Debian.

Create a partition to be assigned to the distributed RAID on each member of the RAID cluster. All paritions must have the same size.

Parameters

Provide the ressource name of the distributed RAID:

RESOURCE="r0"

Provide the distributed RAID mount point:

MOUNT_POINT="/shared"

Provide the name of the network interface used by the distributed RAID:

NET_DEV="eth0"

Provide the hostnames of the distributed RAID members, as well asa the name of assigned partitions on each hosts (the partitions must be of same size on each host). The format is:

one host by line.
hostname and partition on the same line, separated by a colon (:).
the primary host must be on first line.

MEMBERS="host1.domain.com:/dev/vhd1/shared
host2.domain.com/dev/vhd1/shared"

Installation

Compute the resource configuration filename:

CONFIG_FILE="/etc/drbd.d/${RESOURCE}.res"

Detect the resource partition, if defined:

RESOURCE_DEV=""
if [ -e "${CONFIG_FILE}" ]; then
  RESOURCE_DEV="$(command grep --max-count='1' 'device' "${CONFIG_FILE}" \
      | command sed -e 's/^.*device[ \t]*\([^; \t]*\)[; \t]*$/\1/')"
fi

Compute the resource partition name, if needed:

if [ -z "${RESOURCE_DEV}" ]; then
  if [ -d '/etc/drbd.d' ]; then
    RESOURCE_DEV="/dev/drbd$(command grep -r "device" '/etc/drbd.d' \
        | command sed -e 's/^.*device[ \t]*\([^; \t]*\)[; \t]*$/\1/' \
        | command sort | command uniq | command wc -l)"
  else
    RESOURCE_DEV="/dev/drbd0"
  fi
fi

Environment preparation

Install the needed software:

command apt-get install drbd8-utils drbdlinks

Create the mount point, if needed:

command mkdir --parents "${MOUNT_POINT}"

Configuration

Enable the failure management defaults (reboot when the distributed RAID completely lost its integrity):

command sed -i \
    -e 's/# pri-on-incon-degr/pri-on-incon-degr/' \
    -e 's/# pri-lost-after-sb/pri-lost-after-sb/' \
    -e 's/# local-io-error/local-io-error/' \
    -e 's/# split-brain/split-brain/' \
    -e 's/# out-of-sync/out-of-sync/' \
  '/etc/drbd.d/global_common.conf'

Generate the resource configuration:

PRIMARY_HOST=""
RESOURCE_CONFIG=""
LOCAL_DEV=""
for HOST_DEV in ${MEMBERS}; do
  DRBD_HOST="$(echo "${HOST_DEV}" | command cut --delimiter=':' --fields=1)"
  DRBD_DEV="$(echo "${HOST_DEV}" | command cut --delimiter=':' --fields=2)"

  if [ "${DRBD_HOST}" = "$(command hostname --fqdn)" ]; then
    DRBD_HOST="$(command hostname)"
    LOCAL_DEV="${DRBD_DEV}"
    HOST_IP="$(command ifconfig "${NET_DEV}" \
      | command grep 'inet ' \
      | command sed -e 's/^.*inet [^:]*:\([^ ]*\) .*$/\1/')"
  else
    HOST_IP="$(command getent ahostsv4 "${DRBD_HOST}" \
      | command cut --delimiter=" " --fields=1 \
      | command tail -n 1)"
  fi

  if [ -z "${PRIMARY_HOST}" ]; then
    PRIMARY_HOST="${DRBD_HOST}"
  fi

  RESOURCE_CONFIG="${RESOURCE_CONFIG}
  on ${DRBD_HOST} {
    address ${HOST_IP}:7788;
    disk    ${DRBD_DEV};
  }
"
done

Create the resource configuration file:

echo "resource ${RESOURCE} {
  device ${RESOURCE_DEV};

  meta-disk internal;

  disk {
    on-io-error detach;
  }

  startup {
    wfc-timeout  60;
    degr-wfc-timeout 30;
    become-primary-on ${PRIMARY_HOST};
  }

  # Split brain recovery policies.
  net {
    after-sb-0pri discard-older-primary;
    after-sb-1pri call-pri-lost-after-sb;
    after-sb-2pri call-pri-lost-after-sb;
  }

${RESOURCE_CONFIG}
}
" > "${CONFIG_FILE}"

Finalization

The following is to be run after all of distributed RAID members are configured.

Initialization

Clear the local partition assigned to the distributed RAID:

if [ -e "${LOCAL_DEV}" ]; then
  command umount "${LOCAL_DEV}"
  command dd if='/dev/zero' bs=512 count=512 of="${LOCAL_DEV}"
fi

Initialize the resource:

command drbdadm create-md "${RESOURCE}"

Make sur the drbd module is loaded:

command modprobe drbd

Start the distributed RAID:

command drbdadm up "${RESOURCE}"

Primary server initialization

Raise the synchronization speed between the servers:

if [ "${PRIMARY_HOST}" = "$(command hostname)" ]; then
  command drbdsetup "${RESOURCE_DEV}" syncer -r 1000M
fi

Start the secondary servers synchronization from the local primary server:

if [ "${PRIMARY_HOST}" = "$(command hostname)" ]; then
  command drbdadm -- --overwrite-data-of-peer primary "${RESOURCE}"
fi

The synchronization process between the different servers can be long, function of the RAID1 chosen size. Display the synchronization status with:

command cat '/proc/drbd'

Reset the synchronization speed after the initial synchronization ended:

if [ "${PRIMARY_HOST}" = "$(command hostname)" ]; then
  command drbdadm adjust "${RESOURCE}"
fi

Partition setup

Format the partition:

if [ "${PRIMARY_HOST}" = "$(command hostname)" ]; then
  command mkfs.ext4 "${RESOURCE_DEV}"
fi

Setup the mount point on the primary server, if heartbeat is not installed:

if [ "${PRIMARY_HOST}" = "$(command hostname)" \
    -a -z "$(command grep "${RESOURCE_DEV}" '/etc/fstab')" \
    -a ! -e '/etc/ha.d/haresources' ]; then
  echo "${RESOURCE}    ${MOUNT_POINT}    ext4    defaults    0    2"
fi

Mount the partition on the primary server, if heartbeat is not installed:

if [ "${PRIMARY_HOST}" = "$(command hostname)" \
    -a ! -e '/etc/ha.d/haresources' ]; then
  command mount "${MOUNT_POINT}"
fi

Heartbeat setup

Setup DRBD to use Heartbeat:

if [ -e '/etc/ha.d/haresources' ]; then
  command sed -i \
      -e '/after-resync-target/a\
\
\t\toutdate-peer "/usr/lib/heartbeat/drbd-peer-outdater -t 5";' \
    '/etc/drbd.d/global_common.conf'
fi

Allow Heartbeat to manage DRBD configuration:

if [ -e '/etc/ha.d/haresources' ]; then
  /usr/sbin/dpkg-statoverride --add --update 'root' 'haclient' 4750 '/sbin/drbdsetup'
  /usr/sbin/dpkg-statoverride --add --update 'root' 'haclient' 4750 '/sbin/drbdmeta'
fi

Reload the configuration:

command drbdadm adjust "${RESOURCE}"

Configure Heartbeat to manage DRBD primary server switch:

if [ -e '/etc/ha.d/haresources' ]; then
  command sed -i \
      -e "0,/.*/s|.*$|& drbddisk::${RESOURCE} Filesystem::${RESOURCE_DEV}::${MOUNT_POINT}::ext4|" \
    '/etc/ha.d/haresources'
fi

Reload Heartbeat configuration:

if [ -e '/etc/ha.d/haresources' ]; then
  command service heartbeat reload
fi

Hardening the security

Block the access to tcp port 7788 excepted for the cluster members by following:

Filter the access to a network port with iptables on Debian

Thanks

Thanks to GuiguiAbloc (fr) for Cluster Haute-Disponibilité chez OVH, avec IpFailover, Heartbeat et DRBD via IPSEC (fr).
Thanks to DRBD (fr) authors in documentation Ubuntu francophone (fr).
Thanks to DRBD (en) developers.