Edit Cluster Properties

Use the Edit task to change the Resources, Security, Tuning, and Other options for a cluster.

Fields

The first section contains the name of the selected cluster. You cannot change the name of the cluster.

Resources
The Resources section contains the controlling node name and multicast IP address for the selected cluster.
Controlling node
Displays the default controlling node. You can select a different node to use as the communications link between a cluster and the Director UI. All actions performed with the Director UI are performed on the controlling node. For those changes to become effective on the other nodes in a cluster, you must synchronize the cluster. For additional information about synchronizing a cluster, see Verify and Synchronize a Cluster.
Cluster multicast address
Displays the IP address that is used by the PowerHA® SystemMirror software to send messages to peer nodes when a node failure occurs in a cluster with no sites.
Active Repository disk
Displays the location that is used by PowerHA SystemMirror software to store configuration data for clusters with no sites.
Security
The Security section contains the security level and type of security certificate. The security settings that you configure determine the security level and methods that are used to secure cluster communications.
Security level
Select a security level from the menu.
Node Security Configuration
Indicates the type of certificate and associated key that the cluster uses for authentication and to provide secure communications. Select one of the following security node identity types for the new cluster:
  • Open SSL Certificates - Selecting this option indicates that the nodes within the cluster are to use certificates and associated public/private key pairs that were obtained from a public Certificate Authority, such as VeriSign.
  • SSH Certificates - Selecting this option indicates that the cluster is to use a certificate and associated encryption key. When you select this option you must also specify the absolute path and file names for the Certificate and the associated Key.
  • Self Signed Certificates - Selecting this option indicates that the nodes in the cluster are to use certificates and their associated public/private key pairs that are self-generated. This is the default setting.
Symmetric algorithm
Specifies the algorithm that is used to generate a symmetric key that is shared among the nodes in the cluster to encrypt communications within the cluster. Select one of the following algorithms to use for symmetric key generation:
  1. DES (Data Encryption Standard) - Generates a 56-bit symmetric key. This is the default setting.
  2. 3DES (Triple Data Encryption Algorithm) - Uses three DES keys to generate a longer, more secure symmetric key.
  3. AES (Advanced Encryption Standard) - Generates a symmetric key with a minimum size of 128 bits and provides the strongest encryption security.
Asymmetric algorithm
Displays the asymmetric algorithm type.
Automatically distribute certificates
Specifies whether certificates for the nodes within the cluster are to be distributed automatically.
Periodic refresh rate
Specifies the length of time before the certificates and keys for the nodes in the cluster are refreshed or regenerated. The format is hh:mm:ss. Use 0 to disable the field.
Grace period
Specifies the length of time in which messages from an outdated symmetric or public key are valid and accepted by nodes within the cluster. An encryption key, whether a symmetric key or a public key from a certificate, is outdated when a new key is generated based on the periodic refresh rate. The format is hh:mm:ss.
Certificate location
This field is available only when the Security node Identity is set to Custom Certificate/Key. Enter the absolute path and file name for the location of the custom certificate.
Key location
This field is available only when the Security node Identity is set to Custom Certificate/Key. Enter the absolute path and file name for the location of the key associated with the custom certificate.
Tuning
The Tuning section contains Heartbeat frequency and Grace period information.
Heartbeat frequency (seconds)
Controls the frequency in which the node communicates across the various enabled heart beating sources, as defined by hb_src_xxx attributes.

The value is in the number of seconds that a node may consider another node ’X’ to be DOWN if it receives no incoming heartbeats from node ’X’.

CAA uses this attribute to control the frequency of Gossip Packets, the aggregate heartbeat message sent by gateway servers in linked clusters and the interval based heartbeating algorithms that tick over SAN and DISK.

The value can be mentioned 1 to 20. The default value is 5.

Grace period (seconds)
Controls the behavior of the node monitor which periodically evaluates the set of activated heart beating sources to determine whether a node is UP or DOWN.

This attribute specifies the amount of time in seconds that the node monitor must wait after it makes the determination that another node is DOWN before posting it as DOWN. Default is 10. Range of 5-30.
Site heartbeat frequency (seconds)
Specifies the time in seconds for the health management layer to wait before declaring the inter site link as failed.

A site failure detection could drive switch to another link and continue the communication. If all the links have failed, the preparation for declaring the site as failed starts.

Hence site failure is declared when the last link fails and potentially the specified time in seconds has elapsed.

Site failure indication time is the addition of the values specified by the Node failure detection timeout and Link failure detection timeout and Node failure grace time fields.

Other
The Other section contains verification and synchronization information.
Automatically verify cluster configuration
To automatically verify a cluster configuration, select the Yes option from the pull-down menu. When the Yes option is selected, the automatic verification occurs once each day.
Hour (00-23)
To specify the hour when the cluster configuration is automatically verified, select the hour from the menu; where 00 is 12:00 a.m. and 23 is 11:00 p.m.
Inter-Site recovery
Select the inter-site recovery for resource groups.

This is the action that the PowerHA SystemMirror takes when a resource group cannot be brought to online state on its primary site.

The default action is to fallover the resource group to its backup site.

Select the Notify option if you want PowerHA SystemMirror to run the notify method instead of inter-site fallover during a resource failure. This option makes the resource group move into Error state during failure.

Notify script or executable
The full pathname of a user defined method to display the notification when the resource fails. Configuring this method is strongly recommended when the failure action of Notify is used.