GENERAL OPTIONS¶

-v

Enable some verbose debug logging.

-h

Display a concise summary of "sbd" options.

-n node

Set local node name; defaults to "uname -n". This should not need to be set.

-R

Do not enable realtime priority. By default, "sbd" runs at realtime priority, locks itself into memory, and also acquires highest IO priority to protect itself against interference from other processes on the system. This is a debugging-only option.

watch¶

Example usage:

        sbd -W -P watch

This command will make "sbd" start in daemon mode. It will constantly monitor corosync/pacemaker_remoted and optionally take Pacemaker's state into account.

"sbd" must be started on boot before the cluster stack! See below for enabling this according to your boot environment.

The options for this mode are rarely specified directly on the commandline directly, but most frequently set via /etc/sysconfig/sbd.

For this build withouth block device integration configuration of a watchdog is mandatory. The watchdog is activated at initial start of the sbd daemon.

There is one "sbd" process that acts as a master to which all watchers report; one for corosync/pacemaker_remote; and, optionally, one that handles the Pacemaker integration.

-W

Enable or disable use of the system watchdog to protect against the sbd processes failing and the node being left in an undefined state. Specify this once to enable, twice to disable.

Defaults to enabled.

-w /dev/watchdog

This can be used to override the default watchdog device used and should not usually be necessary.

-p /var/run/sbd.pid

This option can be used to specify a pidfile for the main sbd process.

-F N

Number of failures before a failing servant process will not be restarted immediately until the dampening delay has expired. If set to zero, servants will be restarted immediately and indefinitely. If set to one, a failed servant will be restarted once every -t seconds. If set to a different value, the servant will be restarted that many times within the dampening period and then delay.

Defaults to 1.

-t N

Dampening delay before faulty servants are restarted. Combined with "-F 1", the most logical way to tune the restart frequency of servant processes. Default is 5 seconds.

If set to zero, processes will be restarted indefinitely and immediately.

-P

Check Pacemaker quorum and node health.

-Z

Enable trace mode. Warning: this is unsafe for production, use at your own risk! Specifying this once will turn all reboots or power-offs, be they caused by self-fence decisions or messages, into a crashdump. Specifying this twice will just log them but not continue running.

-T

By default, the daemon will set the watchdog timeout as specified in the device metadata. However, this does not work for every watchdog device. In this case, you must manually ensure that the watchdog timeout used by the system correctly matches the SBD settings, and then specify this option to allow "sbd" to continue with start-up.

Configure a watchdog¶

The only purpose of this build of sbd is to give pacemaker access to a hardware watchdog. Thus it is mandatory that you configure your Linux system to load a watchdog driver with hardware assistance (as is available on most modern systems), such as hpwdt, iTCO_wdt, or others. As a fall-back, you can use the softdog module.

No other software must access the watchdog timer; it can only be accessed by one process at any given time. Some hardware vendors ship systems management software that use the watchdog for system resets (f.e. HP ASR daemon). Such software has to be disabled if the watchdog is to be used by SBD.

Configure SBD to start on boot¶

On systems using "sysvinit", the "openais" or "corosync" system start-up scripts must handle starting or stopping "sbd" as required before starting the rest of the cluster stack.

For "systemd", sbd simply has to be enabled using

        systemctl enable sbd.service

The daemon is brought online on each node before corosync and Pacemaker are started, and terminated only after all other cluster components have been shut down - ensuring that cluster resources are never activated without SBD supervision.

Configuration via sysconfig¶

The system instance of "sbd" is configured via /etc/sysconfig/sbd. In this file, you must specify the watchdog-device used, as well as any options to pass to the daemon:

        SBD_WATCHDOG_DEV=/dev/watchdog
        SBD_PACEMAKER="true"

General cluster properties¶

You must also enable STONITH in general, and set the stonith-watchdog-timeout to be at least twice the timeout you have configured for the hardware watchdog. If that timeout is 5 seconds, this is a possible configuration:

        property stonith-watchdog-timeout="10s"