[[ch-admin]]
== Common administrative tasks

This chapter outlines typical administrative tasks encountered during
day-to-day operations. It does not cover troubleshooting tasks, these
are covered in detail in <<ch-troubleshooting>>.

[[s-check-status]]
=== Checking DRBD status

[[s-drbd-overview]]
==== Retrieving status with +drbd-overview+

The most convenient way to look at DRBD's status is the
indexterm:[drbd-overview]+drbd-overview+ utility.

----------------------------
# drbd-overview
0:home                 Connected Primary/Secondary
  UpToDate/UpToDate C r--- /home        xfs  200G 158G 43G  79%
1:data                 Connected Primary/Secondary
  UpToDate/UpToDate C r--- /mnt/ha1     ext3 9.9G 618M 8.8G 7%
2:nfs-root             Connected Primary/Secondary
  UpToDate/UpToDate C r--- /mnt/netboot ext3 79G  57G  19G  76%
----------------------------


[[s-proc-drbd]]
==== Status information in +/proc/drbd+

indexterm:[/proc/drbd]+/proc/drbd+ is a virtual file displaying
real-time status information about all DRBD resources currently
configured. You may interrogate this file's contents using this
command:

----------------------------
$ cat /proc/drbd
version: 8.4.0 (api:1/proto:86-100)
GIT-hash: 09b6d528b3b3de50462cd7831c0a3791abc665c3 build by linbit@buildsystem.linbit, 2011-10-12 09:07:35
 0: cs:Connected ro:Secondary/Secondary ds:UpToDate/UpToDate C r-----
    ns:0 nr:0 dw:0 dr:656 al:0 bm:0 lo:0 pe:0 ua:0 ap:0 ep:1 wo:b oos:0
 1: cs:Connected ro:Primary/Secondary ds:UpToDate/UpToDate C r---
    ns:0 nr:0 dw:0 dr:0 al:0 bm:0 lo:0 pe:0 ua:0 ap:0 ep:1 wo:b oos:0
 2: cs:Connected ro:Secondary/Primary ds:UpToDate/UpToDate C r---
    ns:0 nr:0 dw:0 dr:0 al:0 bm:0 lo:0 pe:0 ua:0 ap:0 ep:1 wo:b oos:0
----------------------------

The first line, prefixed with +version:+, shows the DRBD version used
on your system. The second line contains information about this
specific build.

The other four lines in this example form a block that is repeated for
every DRBD device configured, prefixed by the device minor number. In
this case, this is +0+, corresponding to the device +/dev/drbd0+.

The resource-specific output from +/proc/drbd+ contains various pieces
of information about the resource:

.+cs+ (connection state)
indexterm:[connection state]Status of the network connection. See
<<s-connection-states>>for details about the various connection
states.

.+ro+ (roles)
indexterm:[resource]Roles of the nodes. The role of the local node is
displayed first, followed by the role of the partner node shown after
the slash. See <<s-roles>>for details about the possible resource
roles.

.+ds+ (disk states)
indexterm:[disk state]State of the hard disks. Prior to the slash the
state of the local node is displayed, after the slash the state of the
hard disk of the partner node is shown. See <<s-disk-states>>for
details about the various disk states.

.Replication protocol
Replication protocol used by the resource. Either +A+, +B+ or +C+. See
<<s-replication-protocols>> for details.

.I/O Flags
Six state flags reflecting the I/O status of this resource. See
<<s-io-flags>> for a detailed explanation of these flags.

.Performance indicators
A number of counters and gauges reflecting the resource's utilization
and performance. See <<s-performance-indicators>> for details.



[[s-connection-states]]
==== Connection states

indexterm:[connection state]A resource's connection state can be
observed either by monitoring +/proc/drbd+, or by issuing the `drbdadm
cstate` command:

----------------------------
# drbdadm cstate <resource>
Connected
----------------------------

A resource may have one of the following connection states:

.+StandAlone+
indexterm:[connection state]No network configuration available. The
resource has not yet been connected, or has been administratively
disconnected (using `drbdadm disconnect`), or has dropped its
connection due to failed authentication or split brain.

.+Disconnecting+
indexterm:[connection state]Temporary state during disconnection. The
next state is +StandAlone+.

.+Unconnected+
indexterm:[connection state]Temporary state, prior to a connection
attempt. Possible next states: +WFConnection+ and +WFReportParams+.

.+Timeout+
indexterm:[connection state]Temporary state following a timeout in the
communication with the peer. Next state: +Unconnected+.

.+BrokenPipe+
indexterm:[connection state]Temporary state after the connection to
the peer was lost. Next state: +Unconnected+.

.+NetworkFailure+
indexterm:[connection state]Temporary state after the connection to
the partner was lost. Next state: +Unconnected+.

.+ProtocolError+
indexterm:[connection state]Temporary state after the connection to
the partner was lost. Next state: +Unconnected+.

.+TearDown+
indexterm:[connection state]Temporary state. The peer is closing the
connection. Next state: +Unconnected+.

.+WFConnection+
indexterm:[connection state]This node is waiting until the peer node
becomes visible on the network.

.+WFReportParams+
indexterm:[connection state]TCP connection has been established, this
node waits for the first network packet from the peer.

.+Connected+
indexterm:[connection state]A DRBD connection has been established,
data mirroring is now active. This is the normal state.

.+StartingSyncS+
indexterm:[connection state]Full synchronization, initiated by the
administrator, is just starting. The next possible states are:
+SyncSource+ or +PausedSyncS+.

.+StartingSyncT+
indexterm:[connection state]Full synchronization, initiated by the
administrator, is just starting. Next state: +WFSyncUUID+.

.+WFBitMapS+
indexterm:[connection state]Partial synchronization is just
starting. Next possible states: +SyncSource+ or +PausedSyncS+.

.+WFBitMapT+
indexterm:[connection state]Partial synchronization is just
starting. Next possible state: +WFSyncUUID+.

.+WFSyncUUID+
indexterm:[connection state]Synchronization is about to begin. Next
possible states: +SyncTarget+ or +PausedSyncT+.

.+SyncSource+
indexterm:[connection state]Synchronization is currently running, with
the local node being the source of synchronization.

.+SyncTarget+
indexterm:[connection state]Synchronization is currently running, with
the local node being the target of synchronization.

.+PausedSyncS+
indexterm:[connection state]The local node is the source of an ongoing
synchronization, but synchronization is currently paused. This may be
due to a dependency on the completion of another synchronization
process, or due to synchronization having been manually interrupted by
`drbdadm pause-sync`.

.+PausedSyncT+
indexterm:[connection state]The local node is the target of an ongoing
synchronization, but synchronization is currently paused. This may be
due to a dependency on the completion of another synchronization
process, or due to synchronization having been manually interrupted by
`drbdadm pause-sync`.

.+VerifyS+
indexterm:[connection state]On-line device verification is currently
running, with the local node being the source of verification.

.+VerifyT+
indexterm:[connection state]On-line device verification is currently
running, with the local node being the target of verification.


[[s-roles]]
==== Resource roles

indexterm:[resource]A resource's role can be observed either by
monitoring +/proc/drbd+, or by issuing the indexterm:[drbdadm]
`drbdadm role` command:

----------------------------
# drbdadm role <resource>
Primary/Secondary
----------------------------

The local resource role is always displayed first, the remote resource
role last.

You may see one of the following resource roles:

.+Primary+
The resource is currently in the primary role, and may be read from
and written to. This role only occurs on one of the two nodes, unless
<<s-dual-primary-mode,dual-primary mode>> is enabled.

.+Secondary+
The resource is currently in the secondary role. It normally receives
updates from its peer (unless running in disconnected mode), but may
neither be read from nor written to. This role may occur on one
or both nodes.

.+Unknown+
The resource's role is currently unknown. The local resource role
never has this status. It is only displayed for the peer's resource
role, and only in disconnected mode.


[[s-disk-states]]
==== Disk states

A resource's disk state can be observed either by monitoring
+/proc/drbd+, or by issuing the `drbdadm dstate` command:

----------------------------
# drbdadm dstate <resource>
UpToDate/UpToDate
----------------------------

The local disk state is always displayed first, the remote disk state
last.

Both the local and the remote disk state may be one of the following:

.+Diskless+
indexterm:[disk state]No local block device has been assigned to the
DRBD driver. This may mean that the resource has never attached to its
backing device, that it has been manually detached using `drbdadm
detach`, or that it automatically detached after a lower-level I/O
error.

.+Attaching+
indexterm:[disk state]Transient state while reading meta data.

.+Failed+
indexterm:[disk state]Transient state following an I/O failure report
by the local block device. Next state: +Diskless+.

.+Negotiating+
indexterm:[disk state]Transient state when an +Attach+ is carried out on
an already-+Connected+ DRBD device.

.+Inconsistent+
indexterm:[disk state]The data is inconsistent. This status occurs
immediately upon creation of a new resource, on both nodes (before the
initial full sync). Also, this status is found in one node (the
synchronization target) during synchronization.

.+Outdated+
indexterm:[disk state]Resource data is consistent, but
<<s-outdate,outdated>>.

.+DUnknown+
indexterm:[disk state]This state is used for the peer disk if no
network connection is available.

.+Consistent+
indexterm:[disk state]Consistent data of a node without
connection. When the connection is established, it is decided whether
the data is +UpToDate+ or +Outdated+.

.+UpToDate+
indexterm:[disk state]Consistent, up-to-date state of the data. This
is the normal state.

[[s-io-flags]]
==== I/O state flags

The I/O state flag field in +/proc/drbd+ contains information about
the current state of I/O operations associated with the
resource. There are six such flags in total, with the following
possible values:

. I/O suspension. Either +r+ for _running_ or +s+ for _suspended_
  I/O. Normally +r+.

. Serial resynchronization. When a resource is awaiting
  resynchronization, but has deferred this because of a +resync-after+
  dependency, this flag becomes +a+. Normally +-+.

. Peer-initiated sync suspension. When resource is awaiting
  resynchronization, but the peer node has suspended it for any
  reason, this flag becomes +p+. Normally +-+.

. Locally initiated sync suspension. When resource is awaiting
  resynchronization, but a user on the local node has suspended it,
  this flag becomes +u+. Normally +-+.

. Locally blocked I/O. Normally +-+. May be one of the following
  flags:

** +d+: I/O blocked for a reason internal to DRBD, such as a
   transient disk state.
** +b+: Backing device I/O is blocking.
** +n+: Congestion on the network socket.
** +a+: Simultaneous combination of blocking device I/O and network congestion.

. Activity Log update suspension. When updates to the Activity Log are
  suspended, this flag becomes +s+. Normally +-+.

[[s-performance-indicators]]
==== Performance indicators

The second line of +/proc/drbd+ information for each resource contains
the following counters and gauges:

.+ns+ (network send)
Volume of net data sent to the partner via the network connection; in
Kibyte.

.+nr+ (network receive)
Volume of net data received by the partner via the network connection;
in Kibyte.

.+dw+ (disk write)
Net data written on local hard disk; in Kibyte.

.+dr+ (disk read)
Net data read from local hard disk; in Kibyte.

.+al+ (activity log)
Number of updates of the activity log area of the meta data.

.+bm+ (bit map)
Number of updates of the bitmap area of the meta data.

.+lo+ (local count)
Number of open requests to the local I/O sub-system issued by DRBD.

.+pe+ (pending)
Number of requests sent to the partner, but that have not yet been
answered by the latter.

.+ua+ (unacknowledged)
Number of requests received by the partner via the network connection,
but that have not yet been answered.

.+ap+ (application pending)
Number of block I/O requests forwarded to DRBD, but not yet answered
by DRBD.

.+ep+ (epochs)
Number of epoch objects. Usually 1. Might increase under I/O load when
using either the +barrier+ or the +none+ write ordering method.

.+wo+ (write order)
Currently used write ordering method: +b+(barrier), +f+(flush),
+d+(drain) or +n+(none).

.+oos+ (out of sync)
Amount of storage currently out of sync; in Kibibytes.


[[s-enable-disable]]
=== Enabling and disabling resources

[[s-enable-resource]]
==== Enabling resources

indexterm:[resource]Normally, all configured DRBD resources are
automatically enabled

* by a cluster resource management application at its discretion,
  based on your cluster configuration, or

* by the +/etc/init.d/drbd+ init script on system startup.

If, however, you need to enable resources manually for any reason, you
may do so by issuing the command

----------------------------
# drbdadm up <resource>
----------------------------

As always, you may use the keyword +all+ instead of a specific
resource name if you want to enable all resources configured in
+/etc/drbd.conf+ at once.

[[s-disable-resource]]
==== Disabling resources

indexterm:[resource]You may temporarily disable specific resources by
issuing the command

----------------------------
# drbdadm down <resource>
----------------------------

Here, too, you may use the keyword +all+ in place of a resource name if
you wish to temporarily disable all resources listed in
+/etc/drbd.conf+ at once.

[[s-reconfigure]]
=== Reconfiguring resources

indexterm:[resource]DRBD allows you to reconfigure resources while
they are operational. To that end,

* make any necessary changes to the resource configuration in
  +/etc/drbd.conf+,

* synchronize your +/etc/drbd.conf+ file between both nodes,

* issue the indexterm:[drbdadm]`drbdadm adjust <resource>` command on
  both nodes.

`drbdadm adjust` then hands off to `drbdsetup` to make the necessary
adjustments to the configuration. As always, you are able to review
the pending `drbdsetup` invocations by running `drbdadm` with the
+-d+ (dry-run) option.

NOTE: When making changes to the +common+ section in +/etc/drbd.conf+,
you can adjust the configuration for all resources in one run, by
issuing `drbdadm adjust all`.

[[s-switch-resource-roles]]
=== Promoting and demoting resources

indexterm:[resource]Manually switching a <<s-resource-roles,resource's
role>> from secondary to primary (promotion) or vice versa (demotion)
is done using the following commands:

----------------------------
# drbdadm primary <resource>
# drbdadm secondary <resource>
----------------------------

In <<s-single-primary-mode,single-primary mode>> (DRBD's default), any
resource can be in the primary role on only one node at any given time
while the <<s-connection-states,connection state>> is
+Connected+. Thus, issuing `drbdadm primary <resource>` on one node
while _<resource>_ is still in the primary role on the peer will
result in an error.

A resource configured to allow <<s-dual-primary-mode,dual-primary
mode>> can be switched to the primary role on both nodes.

[[s-manual-fail-over]]
=== Basic Manual Fail-over

If not using Pacemaker and looking to handle fail-overs manually in a
passive/active configuration the process is as follows.

On the current primary node stop any applications or services using the DRBD device,
unmount the DRBD device, and demote the resource to secondary.

----------------------------
# umount /dev/drbd/by-res/<resource>
# drbdadm secondary <resource>
----------------------------

Now on the node we wish to make primary promote the resource and mount the device.

----------------------------
# drbdadm primary <resource>
# mount /dev/drbd/by-res/<resource> <mountpoint>
----------------------------

[[s-upgrading-drbd]]
=== Upgrading DRBD

Upgrading DRBD is a fairly simple process. This section will cover
the process of upgrading from 8.3.x to 8.4.x, however this process
should work for all upgrades.

[[s-updating-your-repo]]
==== Updating your repository

Due to the number of changes between the 8.3 and 8.4 branches we
have created separate repositories for each. Perform this repository
update on both servers.

[[s-RHEL-systems]]
===== RHEL/CentOS systems

Edit your /etc/yum.repos.d/linbit.repo file to reflect the following
changes.

----------------------------
[drbd-8.4]
name=DRBD 8.4
baseurl=http://packages.linbit.com/<hash>/8.4/rhel6/<arch>
gpgcheck=0
----------------------------

NOTE: You will have to populate the <hash> and <arch> variables. The
<hash> is provided by LINBIT support services.

[[s-Debian-Systems]]
===== Debian/Ubuntu systems

Edit /etc/apt/sources.list to reflect the following changes.

----------------------------
deb http://packages.linbit.com/<hash>/8.4/debian squeeze main
----------------------------

NOTE: You will have to populate the <hash> variable. The
<hash> is provided by LINBIT support services.

Next you will want to add the DRBD signing key to your trusted keys.

----------------------------
# gpg --keyserver subkeys.pgp.net --recv-keys  0x282B6E23
# gpg --export -a 282B6E23 | apt-key add -
----------------------------

Lastly perform an apt-get update so Debian recognizes the updated repo.

----------------------------
apt-get update
----------------------------

[[s-Upgrading-the-packages]]
==== Upgrading the packages

Before you begin make sure your resources are in sync. The output of
'cat /proc/drbd' should show UpToDate/UpToDate.

----------------------------
bob# cat /proc/drbd

version: 8.3.12 (api:88/proto:86-96)
GIT-hash: e2a8ef4656be026bbae540305fcb998a5991090f build by buildsystem@linbit, 2011-10-28 10:20:38
 0: cs:Connected ro:Secondary/Primary ds:UpToDate/UpToDate C r-----
    ns:0 nr:33300 dw:33300 dr:0 al:0 bm:0 lo:0 pe:0 ua:0 ap:0 ep:1 wo:b oos:0
----------------------------

Now that you know the resources are in sync, start by upgrading the
secondary node. This can be done manually or if you're using
Pacemaker put the node in standby mode. Both processes are covered
below.  If you're running Pacemaker do not use the manual method.

* Manual Method
----------------------------
bob# /etc/init.d/drbd stop
----------------------------

* Pacemaker

Put the secondary node into standby mode. In this example bob is secondary.

----------------------------
bob# crm node standby bob
----------------------------

NOTE: You can watch the status of your cluster using 'crm_mon -rf' or watch
'cat /proc/drbd' until it shows "Unconfigured" for your resources.

Now update your packages with either yum or apt.

----------------------------
bob# yum upgrade
----------------------------

----------------------------
bob# apt-get upgrade
----------------------------

Once the upgrade is finished will now have the latest DRBD 8.4 kernel
module and drbd-utils on your secondary node, bob. Start DRBD.

* Manually
----------------------------
bob# /etc/init.d/drbd start
----------------------------

* Pacemaker 
----------------------------
# crm node online bob
----------------------------

The output of 'cat /proc/drbd' on bob should show 8.4.x and look similar
to this.

----------------------------
version: 8.4.1 (api:1/proto:86-100)
GIT-hash: 91b4c048c1a0e06777b5f65d312b38d47abaea80 build by buildsystem@linbit, 2011-12-20 12:58:48
 0: cs:Connected ro:Secondary/Primary ds:UpToDate/UpToDate C r-----
    ns:0 nr:12 dw:12 dr:0 al:0 bm:0 lo:0 pe:0 ua:0 ap:0 ep:1 wo:b oos:0
----------------------------

NOTE: On the primary node, alice, 'cat /proc/drbd' will still show the
prior version, until you upgrade it.

At this point the cluster has two different versions of DRBD. Stop
any service using DRBD and then DRBD on the primary node, alice, and promote
bob. Again this can be done either manually or via the Pacemaker shell.

* Manually
----------------------------
alice # umount /dev/drbd/by-res/r0
alice # /etc/init.d/drbd stop
bob # drbdadm primary r0
bob # mount /dev/drbd/by-res/r0/0 /mnt/drbd
----------------------------
Please note that the mount command now references '/0' which defines
the volume number of a resource. See <<s-recent-changes-volumes>> for
more information on the new volumes feature.

* Pacemaker
----------------------------
# crm node standby alice
----------------------------

WARNING: This will interrupt running services by stopping them and
migrating them to the secondary server, bob.

At this point you can safely upgrade DRBD by using yum or apt.

----------------------------
alice# yum upgrade
----------------------------

----------------------------
alice# apt-get upgrade
----------------------------

Once the upgrade is complete you will now have the latest version
of DRBD on alice and can start DRBD.

* Manually
----------------------------
alice# /etc/init.d/drbd start
----------------------------

* Pacemaker
----------------------------
alice# crm node online alice
----------------------------

NOTE: Services will still be located on bob and will remain there
until you migrate them back.

Both servers should now show the latest version of DRBD in a connected
state.

----------------------------
version: 8.4.1 (api:1/proto:86-100)
GIT-hash: 91b4c048c1a0e06777b5f65d312b38d47abaea80 build by buildsystem@linbit, 2011-12-20 12:58:48
 0: cs:Connected ro:Secondary/Primary ds:UpToDate/UpToDate C r-----
    ns:0 nr:12 dw:12 dr:0 al:0 bm:0 lo:0 pe:0 ua:0 ap:0 ep:1 wo:b oos:0
----------------------------

==== Migrating your configs

DRBD 8.4 is backward compatible with the 8.3 configs however some
syntax has changed. See <<s-recent-changes-config>> for
a full list of changes. In the meantime you can port your old
configs fairly easily by using 'drbdadm dump all' command. This
will output both a new global config followed by the
new resource config files. Take this output and make changes
accordingly.

[[s-downgrading-drbd84]]
=== Downgrading DRBD 8.4 to 8.3

If you're currently running DRBD 8.4 and would like to revert to 8.3
there are several steps you will have to follow. This section assumes
you still have the 8.4 kernel module and 8.4 utilities installed.

Stop any services accessing the DRBD resources, unmount, and demote
the devices to Secondary. Then perform the following commands.

NOTE: These steps will have to be completed on both servers.

----------------------------
drbdadm down all
drbdadm apply-al all
rmmod drbd
----------------------------

If you're using the LINBIT repositories you can remove the packages using
`apt-get remove drbd8-utils drbd8-module-`uname -r`` or 
`yum remove drbd kmod-drbd`

Now that 8.4 is removed reinstall 8.3. You can do this either by changing
your repositories back to the 8.3 repos, or by following the steps located
http://www.drbd.org/users-guide-8.3/p-build-install-configure.html[in the
8.3 User's Guide]

WARNING: If you migrated your configs to the 8.4 format be sure to revert
them back to the 8.3 format. See <<s-recent-changes-config>> for the options
you need to revert.

Once 8.3 is re-installed you can start your DRBD resources either manually
using `drbdadm` or `/etc/init.d/drbd start`.

[[s-enable-dual-primary]]
=== Enabling dual-primary mode

Dual-primary mode allows a resource to assume the primary role
simultaneously on both nodes. Doing so is possible on either a
permanent or a temporary basis.

[NOTE]
===============================
Dual-primary mode requires that the resource is configured to
replicate synchronously (protocol C). Because of this it is latency
sensitive, and ill suited for WAN environments.

Additionally, as both resources are always primary, any interruption in the
network between nodes will result in a split-brain.
===============================

[[s-enable-dual-primary-permanent]]
==== Permanent dual-primary mode

indexterm:[dual-primary mode]To enable dual-primary mode, set the
+allow-two-primaries+ option to +yes+ in the +net+ section of your
resource configuration:

[source,drbd]
----------------------------
resource <resource>
  net {
    protocol C;
    allow-two-primaries yes;
  }
  ...
}
----------------------------

After that, do not forget to synchronize the configuration between nodes. Run
`drbdadm adjust <resource>` on both nodes.

You can now change both nodes to role primary at the same time with `drbdadm
primary <resource>`.

[[s-enable-dual-primary-temporary]]
==== Temporary dual-primary mode

To temporarily enable dual-primary mode for a resource normally
running in a single-primary configuration, issue the following
command:

----------------------------
# drbdadm net-options --protocol=C --allow-two-primaries <resource>
----------------------------

To end temporary dual-primary mode, run the same command as above but with
+--allow-two-primaries=no+ (and your desired replication protocol, if
applicable).


==== Automating promotion on system startup

When a resource is configured to support dual-primary mode, it may
also be desirable to automatically switch the resource into the
primary role upon system (or DRBD) startup.

[source,drbd]
----------------------------
resource <resource>
  startup {
    become-primary-on both;
  }
  ...
}
----------------------------

The +/etc/init.d/drbd+ system init script parses this option on
startup and promotes resources accordingly.

NOTE: The +become-primary-on+ approach is not required, nor
recommended, in <<ch-pacemaker,Pacemaker-managed>> DRBD
configurations. In Pacemaker configuration, resource promotion and
demotion should always be handled by the cluster manager.


[[s-use-online-verify]]
=== Using on-line device verification

[[s-online-verify-enable]]
==== Enabling on-line verification

indexterm:[on-line device verification]<<s-online-verify,On-line
device verification>> is not enabled for resources by default. To
enable it, add the following lines to your resource configuration in
+/etc/drbd.conf+:

[source,drbd]
----------------------------
resource <resource>
  net {
    verify-alg <algorithm>;
  }
  ...
}
----------------------------

_<algorithm>_ may be any message digest algorithm supported by the
kernel crypto API in your system's kernel configuration. Normally, you
should be able to choose at least from +sha1+, +md5+, and +crc32c+.

If you make this change to an existing resource, as always,
synchronize your +drbd.conf+ to the peer, and run `drbdadm adjust
<resource>` on both nodes.

[[s-online-verify-invoke]]
==== Invoking on-line verification

indexterm:[on-line device verification]After you have enabled on-line
verification, you will be able to initiate a verification run using
the following command:

----------------------------
# drbdadm verify <resource>
----------------------------

When you do so, DRBD starts an online verification run for
_<resource>_, and if it detects any blocks not in sync, will mark
those blocks as such and write a message to the kernel log. Any
applications using the device at that time can continue to do so
unimpeded, and you may also <<s-switch-resource-roles,switch resource
roles>> at will.

If out-of-sync blocks were detected during the verification run, you
may resynchronize them using the following commands after verification
has completed:

----------------------------
# drbdadm disconnect <resource>
# drbdadm connect <resource>
----------------------------


[[s-online-verify-automate]]
==== Automating on-line verification

indexterm:[on-line device verification]Most users will want to
automate on-line device verification. This can be easily
accomplished. Create a file with the following contents, named
+/etc/cron.d/drbd-verify+ on _one_ of your nodes:

[source,drbd]
----------------------------
42 0 * * 0    root    /sbin/drbdadm verify <resource>
----------------------------

This will have +cron+ invoke a device verification every Sunday at 42
minutes past midnight.

If you have enabled on-line verification for all your resources (for
example, by adding +verify-alg <algorithm>+ to the +common+ section
in +/etc/drbd.conf+), you may also use:

[source,drbd]
----------------------------
42 0 * * 0    root    /sbin/drbdadm verify all
----------------------------


[[s-configure-sync-rate]]
=== Configuring the rate of synchronization

indexterm:[synchronization]Normally, one tries to ensure that
background synchronization (which makes the data on the
synchronization target temporarily inconsistent) completes as quickly
as possible. However, it is also necessary to keep background
synchronization from hogging all bandwidth otherwise available for
foreground replication, which would be detrimental to application
performance. Thus, you must configure the synchronization bandwidth to
match your hardware -- which you may do in a permanent fashion or
on-the-fly.

IMPORTANT: It does not make sense to set a synchronization rate that
is higher than the maximum write throughput on your secondary
node. You must not expect your secondary node to miraculously be able
to write faster than its I/O subsystem allows, just because it happens
to be the target of an ongoing device synchronization.

Likewise, and for the same reasons, it does not make sense to set a
synchronization rate that is higher than the bandwidth available on
the replication network.

[[s-configure-sync-rate-permanent]]
==== Permanent fixed sync rate configuration

The maximum bandwidth a resource uses for background
re-synchronization is determined by the +rate+ option
for a resource. This must be included in the resource configuration's
+disk+ section in +/etc/drbd.conf+:

[source,drbd]
----------------------------
resource <resource>
  disk {
    resync-rate 40M;
    ...
  }
  ...
}
----------------------------

Note that the rate setting is given in _bytes_, not _bits_ per second; the 
default unit is _Kibibyte_, so a value of +4096+ would be interpreted as +4MiB+.

TIP: A good rule of thumb for this value is to use about 30% of the
available replication bandwidth. Thus, if you had an I/O subsystem
capable of sustaining write throughput of 180MB/s, and a Gigabit
Ethernet network capable of sustaining 110 MB/s network throughput
(the network being the bottleneck), you would calculate:

[[eq-sync-rate-example1]]
.Syncer rate example, 110MB/s effective available bandwidth
image::sync-rate-example1[]

Thus, the recommended value for the +rate+ option would be +33M+.

By contrast, if you had an I/O subsystem with a maximum throughput of
80MB/s and a Gigabit Ethernet connection (the I/O subsystem being the
bottleneck), you would calculate:

[[eq-sync-rate-example2]]
.Syncer rate example, 80MB/s effective available bandwidth
image::sync-rate-example2[]

In this case, the recommended value for the +rate+ option would be
+24M+.

[[s-configure-sync-rate-temporary]]
==== Temporary fixed sync rate configuration

It is sometimes desirable to temporarily adjust the sync rate. For
example, you might want to speed up background re-synchronization
after having performed scheduled maintenance on one of your cluster
nodes. Or, you might want to throttle background re-synchronization if
it happens to occur at a time when your application is extremely busy
with write operations, and you want to make sure that a large portion
of the existing bandwidth is available to replication.

For example, in order to make most bandwidth of a Gigabit Ethernet
link available to re-synchronization, issue the following command:

----------------------------
# drbdadm disk-options --resync-rate=110M <resource>
----------------------------

You need to issue this command on only one of the nodes.

To revert this temporary setting and re-enable the synchronization
rate set in +/etc/drbd.conf+, issue this command:

----------------------------
# drbdadm adjust <resource>
----------------------------

[[s-configure-sync-rate-variable]]
==== Variable sync rate configuration

Specifically in configurations where multiple DRBD resources share a
single replication/synchronization network, fixed-rate synchronization
may not be an optimal approach. In this case, you should configure
variable-rate synchronization. In this mode, DRBD uses an automated
control loop algorithm to determine, and permanently adjust, the
synchronization rate. This algorithm ensures that there is always
sufficient bandwidth available for foreground replication, greatly
mitigating the impact that background synchronization has on
foreground I/O.

The optimal configuration for variable-rate synchronization may vary
greatly depending on the available network bandwidth, application I/O
pattern and link congestion. Ideal configuration settings also depend
on whether <<s-drbd-proxy,DRBD Proxy>> is in use or not. It may be
wise to engage professional consultancy in order to optimally
configure this DRBD feature. An _example_ configuration (which assumes
a deployment in conjunction with DRBD Proxy) is provided below:

[source,drbd]
----------------------------
resource <resource> {
  disk {
    c-plan-ahead 200;
    c-max-rate 10M;
    c-fill-target 15M;
  }
}
----------------------------

TIP: A good starting value for +c-fill-target+ is _BDP&times;3_, where
BDP is your bandwidth delay product on the replication link.


[[s-configure-checksum-sync]]
=== Configuring checksum-based synchronization

indexterm:[checksum-based
synchronization]<<p-checksum-sync,Checksum-based synchronization>> is
not enabled for resources by default. To enable it, add the following
lines to your resource configuration in +/etc/drbd.conf+:

[source,drbd]
----------------------------
resource <resource>
  net {
    csums-alg <algorithm>;
  }
  ...
}
----------------------------

_<algorithm>_ may be any message digest algorithm supported by the
kernel crypto API in your system's kernel configuration. Normally, you
should be able to choose at least from +sha1+, +md5+, and +crc32c+.

If you make this change to an existing resource, as always,
synchronize your +drbd.conf+ to the peer, and run `drbdadm adjust
<resource>` on both nodes.

[[s-configure-congestion-policy]]
=== Configuring congestion policies and suspended replication

In an environment where the replication bandwidth is highly variable
(as would be typical in WAN replication setups), the replication link
may occasionally become congested. In a default configuration, this
would cause I/O on the primary node to block, which is sometimes
undesirable.

Instead, you may configure DRBD to _suspend_ the ongoing replication
in this case, causing the Primary's data set to _pull ahead_ of the
Secondary. In this mode, DRBD keeps the replication channel open -- it
never switches to disconnected mode -- but does not actually replicate
until sufficient bandwith becomes available again.

The following example is for a DRBD Proxy configuration:

[source,drbd]
----------------------------
resource <resource> {
  net {
    on-congestion pull-ahead;
    congestion-fill 2G;
    congestion-extents 2000;
    ...
  }
  ...
}
----------------------------

It is usually wise to set both +congestion-fill+ and
+congestion-extents+ together with the +pull-ahead+ option.

A good value for +congestion-fill+ is 90%

* of the allocated DRBD proxy buffer memory, when replicating over
  DRBD Proxy, or
* of the TCP network send buffer, in non-DRBD Proxy setups.

A good value for +congestion-extents+ is 90% of your configured
+al-extents+ for the affected resources.


[[s-configure-io-error-behavior]]
=== Configuring I/O error handling strategies

indexterm:[I/O errors]indexterm:[drbd.conf]DRBD's
<<s-handling-disk-errors,strategy for handling lower-level I/O
errors>> is determined by the +on-io-error+ option, included in the
resource +disk+ configuration in +/etc/drbd.conf+:

[source,drbd]
----------------------------
resource <resource> {
  disk {
    on-io-error <strategy>;
    ...
  }
  ...
}
----------------------------

You may, of course, set this in the +common+ section too, if you want
to define a global I/O error handling policy for all resources.

_<strategy>_ may be one of the following options:

. +detach+
This is the default and recommended option. On the occurrence of a
lower-level I/O error, the node drops its backing device, and
continues in diskless mode.

. +pass_on+
This causes DRBD to report the I/O error to the upper layers. On the
primary node, it is reported to the mounted file system. On the
secondary node, it is ignored (because the secondary has no upper
layer to report to).

. +call-local-io-error
Invokes the command defined as the local I/O error handler. This
requires that a corresponding +local-io-error+ command invocation is
defined in the resource's +handlers+ section. It is entirely left to
the administrator's discretion to implement I/O error handling using
the command (or script) invoked by +local-io-error+.

NOTE: Early DRBD versions (prior to 8.0) included another option,
+panic+, which would forcibly remove the node from the cluster by way
of a kernel panic, whenever a local I/O error occurred. While that
option is no longer available, the same behavior may be mimicked via
the +local-io-error+/+ call-local-io-error+ interface. You should do so
only if you fully understand the implications of such behavior.


You may reconfigure a running resource's I/O error handling strategy
by following this process:

* Edit the resource configuration in +/etc/drbd.d/<resource>.res+.

* Copy the configuration to the peer node.

* Issue `drbdadm adjust <resource>` on both nodes.


[[s-configure-integrity-check]]
=== Configuring replication traffic integrity checking

indexterm:[replication traffic integrity
checking]<<s-integrity-check,Replication traffic integrity checking>>
is not enabled for resources by default. To enable it, add the
following lines to your resource configuration in +/etc/drbd.conf+:

[source,drbd]
----------------------------
resource <resource>
  net {
    data-integrity-alg <algorithm>;
  }
  ...
}
----------------------------

_<algorithm>_ may be any message digest algorithm supported by the
kernel crypto API in your system's kernel configuration. Normally, you
should be able to choose at least from +sha1+, +md5+, and +crc32c+.

If you make this change to an existing resource, as always,
synchronize your +drbd.conf+ to the peer, and run `drbdadm adjust
<resource>` on both nodes.

[[s-resizing]]
=== Resizing resources

[[s-growing-online]]
==== Growing on-line

indexterm:[resource]If the backing block devices can be grown while in
operation (online), it is also possible to increase the size of a DRBD
device based on these devices during operation. To do so, two criteria
must be fulfilled:

. The affected resource's backing device must be one managed by a
  logical volume management subsystem, such as LVM.

. The resource must currently be in the +Connected+ connection state.

Having grown the backing block devices on both nodes, ensure that only
one node is in primary state. Then enter on one node:

----------------------------
# drbdadm resize <resource>
----------------------------

This triggers a synchronization of the new section. The
synchronization is done from the primary node to the secondary node.

If the space you're adding is clean, you can skip syncing the additional
space by using the --assume-clean option. 

----------------------------
# drbdadm -- --assume-clean resize <resource>
----------------------------

[[s-growing-offline]]
==== Growing off-line

indexterm:[resource]When the backing block devices on both nodes are
grown while DRBD is inactive, and the DRBD resource is using
<<s-external-meta-data,external meta data>>, then the new size is
recognized automatically. No administrative intervention is
necessary. The DRBD device will have the new size after the next
activation of DRBD on both nodes and a successful establishment of a
network connection.

If however the DRBD resource is configured to use
<<s-internal-meta-data,internal meta data>>, then this meta data must
be moved to the end of the grown device before the new size becomes
available. To do so, complete the following steps:

WARNING: This is an advanced procedure. Use at your own discretion.

* Unconfigure your DRBD resource:

[source,drbd]
----------------------------
# drbdadm down <resource>
----------------------------

* Save the meta data in a text file prior to shrinking:
----------------------------
# drbdadm dump-md <resource> > /tmp/metadata
----------------------------

You must do this on both nodes, using a separate dump file for every
node. _Do not_ dump the meta data on one node, and simply copy the
dump file to the peer. This will not work.

* Grow the backing block device on both nodes.

* Adjust the size information ( +la-size-sect+) in the file
  +/tmp/metadata+ accordingly, on both nodes. Remember that
  +la-size-sect+ must be specified in sectors.

* Re-initialize the metadata area:

----------------------------
# drbdadm create-md <resource>
----------------------------

* Re-import the corrected meta data, on both nodes:
----------------------------
# drbdmeta_cmd=$(drbdadm -d dump-md <resource>)
# ${drbdmeta_cmd/dump-md/restore-md} /tmp/metadata
Valid meta-data in place, overwrite? [need to type 'yes' to confirm]
yes
Successfully restored meta data
----------------------------

NOTE: This example uses +bash+ parameter substitution. It may or may
not work in other shells. Check your +SHELL+ environment variable if
you are unsure which shell you are currently using.

* Re-enable your DRBD resource:
----------------------------
# drbdadm up <resource>
----------------------------

* On one node, promote the DRBD resource:
----------------------------
# drbdadm primary <resource>
----------------------------

* Finally, grow the file system so it fills the extended size of the
  DRBD device.


[[s-shrinking-online]]
==== Shrinking on-line


WARNING: Online shrinking is only supported with external metadata.

indexterm:[resource]Before shrinking a DRBD device, you _must_ shrink
the layers above DRBD, i.e. usually the file system. Since DRBD cannot
ask the file system how much space it actually uses, you have to be
careful in order not to cause data loss.

NOTE: Whether or not the _filesystem_ can be shrunk on-line depends on
the filesystem being used. Most filesystems do not support on-line
shrinking. XFS does not support shrinking at all.

To shrink DRBD on-line, issue the following command _after_ you have
shrunk the file system residing on top of it:

[source,drbd]
----------------------------
# drbdadm resize --size=<new-size> <resource>
----------------------------

You may use the usual multiplier suffixes for _<new-size>_ (K, M, G
etc.). After you have shrunk DRBD, you may also shrink the containing
block device (if it supports shrinking).

[[s-shrinking-offline]]
==== Shrinking off-line

indexterm:[resource]If you were to shrink a backing block device while
DRBD is inactive, DRBD would refuse to attach to this block device
during the next attach attempt, since it is now too small (in case
external meta data is used), or it would be unable to find its meta
data (in case internal meta data is used). To work around these
issues, use this procedure (if you cannot use
<<s-shrinking-online,on-line shrinking>>):


WARNING: This is an advanced procedure. Use at your own discretion.

* Shrink the file system from one node, while DRBD is still
  configured.

* Unconfigure your DRBD resource:

----------------------------
# drbdadm down <resource>
----------------------------

* Save the meta data in a text file prior to shrinking:

----------------------------
# drbdadm dump-md <resource> > +/tmp/metadata+
----------------------------

You must do this on both nodes, using a separate dump file for every
node. _Do not_ dump the meta data on one node, and simply copy the dump
file to the peer. This will not work.

* Shrink the backing block device on both nodes.

* Adjust the size information ( +la-size-sect+) in the file
  +/tmp/metadata+ accordingly, on both nodes. Remember that
  +la-size-sect+ must be specified in sectors.

* _Only if you are using internal metadata_ (which at this time have
  probably been lost due to the shrinking process), re-initialize the
  metadata area:

----------------------------
# drbdadm create-md <resource>
----------------------------

* Re-import the corrected meta data, on both nodes:

----------------------------
# drbdmeta_cmd=$(drbdadm -d dump-md <resource>)
# ${drbdmeta_cmd/dump-md/restore-md} /tmp/metadata
Valid meta-data in place, overwrite? [need to type 'yes' to confirm]
yes
Successfully restored meta data
----------------------------

NOTE: This example uses +bash+ parameter substitution. It may or may not
work in other shells. Check your +SHELL+ environment variable if you
are unsure which shell you are currently using.

* Re-enable your DRBD resource:

----------------------------
# drbdadm up <resource>
----------------------------


[[s-disable-flushes]]
=== Disabling backing device flushes

CAUTION: You should only disable device flushes when running DRBD on
devices with a battery-backed write cache (BBWC). Most storage
controllers allow to automatically disable the write cache when the
battery is depleted, switching to write-through mode when the battery
dies. It is strongly recommended to enable such a feature.

Disabling DRBD's flushes when running without BBWC, or on BBWC with a
depleted battery, is _likely to cause data loss_ and should not be
attempted.

DRBD allows you to enable and disable <<s-disk-flush-support,backing
device flushes>> separately for the replicated data set and DRBD's own
meta data. Both of these options are enabled by default. If you wish
to disable either (or both), you would set this in the +disk+ section
for the DRBD configuration file, +/etc/drbd.conf+.

To disable disk flushes for the replicated data set, include the
following line in your configuration:

[source,drbd]
----------------------------
resource <resource>
  disk {
    disk-flushes no;
    ...
  }
  ...
}
----------------------------


To disable disk flushes on DRBD's meta data, include the following
line:

[source,drbd]
----------------------------
resource <resource>
  disk {
    md-flushes no;
    ...
  }
  ...
}
----------------------------

After you have modified your resource configuration (and synchronized
your +/etc/drbd.conf+ between nodes, of course), you may enable these
settings by issuing this command on both nodes:

----------------------------
# drbdadm adjust <resource>
----------------------------


[[s-configure-split-brain-behavior]]
=== Configuring split brain behavior

[[s-split-brain-notification]]
==== Split brain notification

DRBD invokes the +split-brain+ handler, if configured, at any time
split brain is _detected_. To configure this handler, add the
following item to your resource configuration:

----------------------------
resource <resource>
  handlers {
    split-brain <handler>;
    ...
  }
  ...
}
----------------------------

_<handler>_ may be any executable present on the system.

The DRBD distribution contains a split brain handler script that
installs as +/usr/lib/drbd/notify-split-brain.sh+. It simply sends a
notification e-mail message to a specified address. To configure the
handler to send a message to +root@localhost+ (which is expected to be
an email address that forwards the notification to a real system
administrator), configure the +split-brain handler+as follows:

----------------------------
resource <resource>
  handlers {
    split-brain "/usr/lib/drbd/notify-split-brain.sh root";
    ...
  }
  ...
}
----------------------------

After you have made this modification on a running resource (and
synchronized the configuration file between nodes), no additional
intervention is needed to enable the handler. DRBD will simply invoke
the newly-configured handler on the next occurrence of split brain.

[[s-automatic-split-brain-recovery-configuration]]
==== Automatic split brain recovery policies

In order to be able to enable and configure DRBD's automatic split
brain recovery policies, you must understand that DRBD offers several
configuration options for this purpose. DRBD applies its split brain
recovery procedures based on the number of nodes in the Primary role
at the time the split brain is detected. To that end, DRBD examines
the following keywords, all found in the resource's +net+ configuration
section:

.+after-sb-0pri+
Split brain has just been detected, but at this time the resource is
not in the Primary role on any host. For this option, DRBD understands
the following keywords:

* +disconnect+: Do not recover automatically, simply invoke the
  +split-brain+ handler script (if configured), drop the connection and
  continue in disconnected mode.


* +discard-younger-primary+: Discard and roll back the modifications
  made on the host which assumed the Primary role last.

* +discard-least-changes+: Discard and roll back the modifications on
the host where fewer changes occurred.

* +discard-zero-changes+: If there is any host on which no changes
  occurred at all, simply apply all modifications made on the other
  and continue.

.+after-sb-1pri+
Split brain has just been detected, and at this time the resource is
in the Primary role on one host. For this option, DRBD understands the
following keywords:

* +disconnect+: As with +after-sb-0pri+, simply invoke the
  +split-brain+ handler script (if configured), drop the connection
  and continue in disconnected mode.

* +consensus+: Apply the same recovery policies as specified in
  +after-sb-0pri+. If a split brain victim can be selected after
  applying these policies, automatically resolve. Otherwise, behave
  exactly as if +disconnect+ were specified.

* +call-pri-lost-after-sb+: Apply the recovery policies as specified
  in +after-sb-0pri+. If a split brain victim can be selected after
  applying these policies, invoke the +pri-lost-after-sb+ handler on
  the victim node. This handler must be configured in the
  +handlers+ section and is expected to forcibly remove the node from
  the cluster.

* +discard-secondary+: Whichever host is currently in the Secondary
  role, make that host the split brain victim.

+after-sb-2pri+.
Split brain has just been detected, and at this time the resource is
in the Primary role on both hosts. This option accepts the same
keywords as +after-sb-1pri+ except +discard-secondary+ and +consensus+.

NOTE: DRBD understands additional keywords for these three options,
which have been omitted here because they are very rarely used. Refer
to <<re-drbdconf>> for details on split brain recovery keywords not
discussed here.

For example, a resource which serves as the block device for a GFS or
OCFS2 file system in dual-Primary mode may have its recovery policy
defined as follows:

----------------------------
resource <resource> {
  handlers {
    split-brain "/usr/lib/drbd/notify-split-brain.sh root"
    ...
  }
  net {
    after-sb-0pri discard-zero-changes;
    after-sb-1pri discard-secondary;
    after-sb-2pri disconnect;
    ...
  }
  ...
}
----------------------------


[[s-three-nodes]]
=== Creating a three-node setup

A three-node setup involves one DRBD device _stacked_ atop another.

[[s-stacking-considerations]]
==== Device stacking considerations

The following considerations apply to this type of setup:

* The stacked device is the active one. Assume you have configured one
  DRBD device +/dev/drbd0+, and the stacked device atop it is
  +/dev/drbd10+, then +/dev/drbd10+ will be the device that you mount
  and use.

* Device meta data will be stored twice, on the underlying DRBD device
  _and_ the stacked DRBD device. On the stacked device, you must always
  use <<s-internal-meta-data,internal meta data>>. This means that the
  effectively available storage area on a stacked device is slightly
  smaller, compared to an unstacked device.

* To get the stacked upper level device running, the underlying device
  must be in the primary role.

* To be able to synchronize the backup node, the stacked device on the
  active node must be up and in the primary role.


[[s-three-node-config]]
==== Configuring a stacked resource

In the following example, nodes are named +alice+, +bob+, and
+charlie+, with +alice+ and +bob+ forming a two-node cluster, and
+charlie+ being the backup node.

[source,drbd]
----------------------------
resource r0 {
  net {
    protocol C;
  }

  on alice {
    device     /dev/drbd0;
    disk       /dev/sda6;
    address    10.0.0.1:7788;
    meta-disk internal;
  }

  on bob {
    device    /dev/drbd0;
    disk      /dev/sda6;
    address   10.0.0.2:7788;
    meta-disk internal;
  }
}

resource r0-U {
  net {
    protocol A;
  }

  stacked-on-top-of r0 {
    device     /dev/drbd10;
    address    192.168.42.1:7788;
  }

  on charlie {
    device     /dev/drbd10;
    disk       /dev/hda6;
    address    192.168.42.2:7788; # Public IP of the backup node
    meta-disk  internal;
  }
}
----------------------------

As with any +drbd.conf+ configuration file, this must be distributed
across all nodes in the cluster -- in this case, three nodes. Notice
the following extra keyword not found in an unstacked resource
configuration:

.+stacked-on-top-of+
This option informs DRBD that the resource which contains it is a
stacked resource. It replaces one of the +on+ sections normally found
in any resource configuration. Do not use +stacked-on-top-of+ in an
lower-level resource.

NOTE: It is not a requirement to use <<fp-protocol-a,Protocol A>> for
stacked resources. You may select any of DRBD's replication protocols
depending on your application.

[[s-three-node-enable]]
==== Enabling stacked resources

To enable a stacked resource, you first enable its lower-level
resource and promote it:
----------------------------
drbdadm up r0
drbdadm primary r0
----------------------------

As with unstacked resources, you must create DRBD meta data on the
stacked resources. This is done using the following command:

----------------------------
# drbdadm create-md --stacked r0-U
----------------------------

Then, you may enable the stacked resource:

---------------------------
# drbdadm up --stacked r0-U
# drbdadm primary --stacked r0-U
----------------------------

After this, you may bring up the resource on the backup node, enabling
three-node replication:

----------------------------
# drbdadm create-md r0-U
# drbdadm up r0-U
----------------------------

In order to automate stacked resource management, you may integrate
stacked resources in your cluster manager configuration. See
<<s-pacemaker-stacked-resources>> for information on doing this in a
cluster managed by the Pacemaker cluster management framework.

[[s-using-drbd-proxy]]
=== Using DRBD Proxy

[[s-drbd-proxy-deployment-considerations]]
==== DRBD Proxy deployment considerations

The <<s-drbd-proxy,DRBD Proxy>> processes can either be located
directly on the machines where DRBD is set up, or they can be placed
on distinct dedicated servers. A DRBD Proxy instance can serve as a
proxy for multiple DRBD devices distributed across multiple nodes.

DRBD Proxy is completely transparent to DRBD. Typically you will
expect a high number of data packets in flight, therefore the activity
log should be reasonably large. Since this may cause longer re-sync
runs after the crash of a primary node, it is recommended to enable
DRBD's +csums-alg+ setting.

[[s-drbd-proxy-installation]]
==== Installation

To obtain DRBD Proxy, please contact your Linbit sales
representative. Unless instructed otherwise, please always use the
most recent DRBD Proxy release.

To install DRBD Proxy on Debian and Debian-based systems, use the dpkg
tool as follows (replace version with your DRBD Proxy version, and
architecture with your target architecture):

----------------------------
# dpkg -i drbd-proxy_3.0.0_amd64.deb
----------------------------

To install DRBD Proxy on RPM based systems (like SLES or RHEL) use
the rpm tool as follows (replace version with your DRBD Proxy version,
and architecture with your target architecture):

----------------------------
# rpm -i drbd-proxy-3.0-3.0.0-1.x86_64.rpm
----------------------------

Also install the DRBD administration program drbdadm since it is
required to configure DRBD Proxy.

This will install the DRBD proxy binaries as well as an init script
which usually goes into +/etc/init.d+. Please always use the init
script to start/stop DRBD proxy since it also configures DRBD Proxy
using the +drbdadm+ tool.

[[s-drbd-proxy-license]]
==== License file

When obtaining a license from Linbit, you will be sent a DRBD Proxy
license file which is required to run DRBD Proxy. The file is called
+drbd-proxy.license+, it  must be copied into the +/etc+ directory of the
target machines, and be owned by the user/group +drbdpxy+.

----------------------------
# cp drbd-proxy.license /etc/
----------------------------


[[s-drbd-proxy-configuration]]
==== Configuration

DRBD Proxy is configured in DRBD's main configuration file. It is
configured by an additional options section called +proxy+ and
additional +proxy on+ sections within the host sections.

Below is a DRBD configuration example for proxies running directly on
the DRBD nodes:

[source,drbd]
----------------------------
resource r0 {
        net {
          protocol A;
        }
        device     minor 0;
        disk       /dev/sdb1;
        meta-disk  /dev/sdb2;

        proxy {
                memlimit 100M;
                plugin {
                        zlib level 9;
                }
        }

        on alice {
                address 127.0.0.1:7789;
                proxy on alice {
                        inside 127.0.0.1:7788;
                        outside 192.168.23.1:7788;
                }
        }

        on bob {
                address 127.0.0.1:7789;
                proxy on bob {
                        inside 127.0.0.1:7788;
                        outside 192.168.23.2:7788;
                }
        }
}
----------------------------

The +inside+ IP address is used for communication between DRBD and the
DRBD Proxy, whereas the +outside+ IP address is used for communication
between the proxies.

[[s-drbd-proxy-controlling]]
==== Controlling DRBD Proxy

+drbdadm+ offers the +proxy-up+ and +proxy-down+ subcommands to
configure or delete the connection to the local DRBD Proxy process of
the named DRBD resource(s). These commands are used by the +start+ and
+stop+ actions which +/etc/init.d/drbdproxy+ implements.

The DRBD Proxy has a low level configuration tool, called
+drbd-proxy-ctl+. When called without any option it operates in
interactive mode.

To pass a command directly, avoiding interactive mode, use
the '-c' parameter followed by the command.

To display the available commands use:
----------------------------
# drbd-proxy-ctl -c "help"
----------------------------

Note the double quotes around the command being passed.


[source,drbd]
----------------------------
add connection <name> <listen-lan-ip>:<port> <remote-proxy-ip>:<port>
   <local-proxy-wan-ip>:<port> <local-drbd-ip>:<port>
   Creates a communication path between two DRBD instances.

set memlimit <name> <memlimit-in-bytes>
   Sets memlimit for connection <name>

del connection <name>
   Deletes communication path named name.

show
   Shows currently configured communication paths.

show memusage
   Shows memory usage of each connection.

show [h]subconnections
   Shows currently established individual connections
   together with some stats. With h outputs bytes in human
   readable format.

show [h]connections
   Shows currently configured connections and their states
   With h outputs bytes in human readable format.

shutdown
   Shuts down the drbd-proxy program. Attention: this
   unconditionally terminates any DRBD connections running.

Examples:
	drbd-proxy-ctl -c "list hconnections"
		prints configured connections and their status to stdout
             Note that the quotes are required.

	drbd-proxy-ctl -c "list subconnections" | cut -f 2,9,13
		prints some more detailed info about the individual connections

	watch -n 1 'drbd-proxy-ctl -c "show memusage"'
		monitors memory usage.
             Note that the quotes are required as listed above.

----------------------------

While the commands above are only accepted from UID 0 (ie., the +root+ user),
there's one (information gathering) command that can be used by any user
(provided that unix permissions allow access on the proxy socket at
+/var/run/drbd-proxy/drbd-proxy-ctl.socket+); see the init script at
+/etc/init.d/drbdproxy+ about setting the rights.

----------------------------
print details
   This prints detailed statistics for the currently active connections.
   Can be used for monitoring, as this is the only command that may be sent by a user with UID

quit
   Exits the client program (closes control connection).
----------------------------


[[s-drbd-proxy-plugins]]
==== About DRBD Proxy plugins

Since DRBD proxy 3.0 the proxy allows to enable a few specific
plugins for the WAN connection. +
The currently available plugins are +zlib+ and
+lzma+.

The +zlib+ plugin uses the GZIP algorithm for compression.
The advantage is fairly low CPU usage.

The +lzma+ plugin uses the liblzma2 library. It can
use dictionaries of several hundred MiB; these allow for very
efficient delta-compression of repeated data, even for small changes.
+lzma+ needs much more CPU and memory, but results in much better
compression than +zlib+. The +lzma+ plugin has to be enabled in your license.

Please contact Linbit to find the best settings for your environment - it
depends on the CPU (speed, threading count), memory, input and
the available output bandwidth.

Please note that the older +compression on+ in the
+proxy+ section is deprecated, and will be removed in
a future release. +
Currently it is treated as +zlib level 9+.


[[s-drbd-proxy-bwlimit]]
==== Using a WAN Side Bandwidth Limit

With DRBD-utils 8.4.4 and DRBD Proxy version 3.1.1 there is experimental 
support for a per-connection bandwidth limit in the proxy configuration 
section, via the the +bwlimit+ option.

This will make the corresponding sending thread sleep a bit after sending 
a chunk of data, to use not more than (approximately) the specified bandwidth.

// Please note that, to avoid surplus CPU load, the sending happens in pieces of up to two seconds' worth


The value +0+ means _no_ limitation, and is the default.

--------------------------
	proxy {
		bwlimit 2M;
		...
	}
--------------------------

The example above would restrict the outgoing rate over the WAN connection to 
approximately 2MiB per second, leaving room on the wire for other data.


[[s-drbd-proxy-troubleshoot]]
==== Troubleshooting

DRBD proxy logs via syslog using the +LOG_DAEMON+ facility. Usually
you will find DRBD Proxy messages in +/var/log/daemon.log+.

Enabling debug mode in DRBD Proxy can be done with the following command.

--------------------------
# drbd-proxy-ctl -c 'set loglevel debug'
--------------------------

For example, if proxy fails to connect it will log something like
+Rejecting connection because I can't connect on the other side+. In
that case, please check if DRBD is running (not in StandAlone mode) on
both nodes and if both proxies are running. Also double-check your
configuration.
