Provided by: crmsh_1.2.5+hg1034-1ubuntu3_all bug


       crm - Pacemaker command line interface for configuration and management


       crm [-D output_type] [-f file] [-c cib] [-H hist_src] [-hFRDw] [--version] [args]


       Pacemaker configuration is stored in a CIB file (Cluster Information Base). The CIB is a
       set of instructions coded in XML. Editing the CIB is a challenge, not only due to its
       complexity and a wide variety of options, but also because XML is more computer than user
       friendly. The crm shell alleviates this issue significantly by introducing small and
       simple configuration language. The CIB is translated into this language on the fly.

       crm is also a management tool. For management tasks it relies almost exclusively on other
       command line tools, such as crm_resource(8) or crm_attribute(8). Use of these programs is,
       however, plagued by the notorious weakness common to all UNIX tools: a multitude of
       options, necessary for operation and yet very hard to remember. crm tries to present a
       consistent interface to the user and to hide the arcane detail.

       It may be used either as an interactive shell or for single commands directly on the
       shell’s command line. It is also possible to feed it a set of commands from standard input
       or a file, thus turning it into a scripting tool. Templates with ready made configurations
       may help newbies learn about the cluster configuration or facilitate testing procedures.

       The crm shell is line oriented: every command must start and finish on the same line. It
       is possible to use a continuation character (\) to write one command in two or more lines.
       The continuation character is commonly used when displaying configurations.


       -f, --file=FILE
           Load commands from the given file. If the file is - then use terminal stdin.

       -c, --cib=CIB
           Start the session with the given shadow CIB file. Equivalent to cib use.

       -D, --display=OUTPUT_TYPE
           Choose one of the output options: plain, color, or uppercase. The default is color if
           the terminal emulation supports colors. Otherwise, plain is used.

       -F, --force
           Make crm proceed with doing changes even though it would normally ask user to confirm
           some of them. Mostly useful in scripts.

       -w, --wait
           Make crm wait for the cluster transition to finish (for the changes to take effect)
           after each processed line.

       -H, --history=DIR|FILE
           The history commands can examine either live cluster (default) or a report generated
           by hb_report. Use this option to specify a directory or file containing the report.

       -h, --help
           Print help page.

           Print crmsh version and build information (Mercurial Hg changeset hash).

       -R, --regression-tests
           Run in the regression test mode. Used mainly by the regression testing suite.

       -d, --debug
           Print some debug information. Used by developers. [Not yet refined enough to print
           useful information for other users.]


       Arguably the most important aspect of crm is the user interface. We begin with an informal
       introduction so that the reader may get acquainted with it and get a general feeling of
       the tool. It is probably best just to give some examples:

        1. Command line (one-shot) use:

               # crm resource stop www_app

        2. Interactive use:

               # crm
               crm(live)# resource
               crm(live)resource# unmanage tetris_1
               crm(live)resource# end
               crm(live)# node standby node4

        3. Cluster configuration:

               # crm configure<<EOF
                 # resources
                 primitive disk0 iscsi \
                   params portal=
                 primitive fs0 Filesystem \
                   params device=/dev/disk/by-label/disk0 directory=/disk0 fstype=ext3
                 primitive internal_ip IPaddr params ip=
                 primitive apache apache \
                   params configfile=/disk0/etc/apache2/site0.conf
                 primitive apcfence stonith:apcsmart \
                   params ttydev=/dev/ttyS0 hostlist="node1 node2" \
                   op start timeout=60s
                 primitive pingd pingd \
                   params name=pingd dampen=5s multiplier=100 host_list="r1 r2"
                 # monitor apache and the UPS
                 monitor apache 60s:30s
                 monitor apcfence 120m:60s
                 # cluster layout
                 group internal_www \
                   disk0 fs0 internal_ip apache
                 clone fence apcfence \
                   meta globally-unique=false clone-max=2 clone-node-max=1
                 clone conn pingd \
                   meta globally-unique=false clone-max=2 clone-node-max=1
                 location node_pref internal_www \
                   rule 50: #uname eq node1 \
                   rule pingd: defined pingd
                 # cluster properties
                 property stonith-enabled=true

       If you’ve ever done a CRM style configuration, you should be able to understand the above
       examples without much difficulties. The shell should provide a means to manage the cluster
       efficiently or put together a configuration in a concise manner.

       The (live) string in the prompt signifies that the current CIB in use is the cluster live
       configuration. It is also possible to work with the so-called shadow CIBs, i.e.
       configurations which are stored in files and aren’t active, but may be applied at any time
       to the cluster.

       Since the CIB is hierarchical such is the interface too. There are several levels and
       entering each of them enables the user to use a certain set of commands.


       Shadow CIB is a normal cluster configuration stored in a file. They may be manipulated in
       the same way like the live CIB, but these changes have no effect on the cluster resources.
       The administrator may choose to apply any of them to the cluster, thus replacing the
       running configuration with the one which is in the shadow CIB. The crm prompt always
       contains the name of the configuration which is currently in use or string live if we are
       using the current cluster configuration.

       At the configure level no changes take place before the commit command. Sometimes though,
       the administrator may start working with the running configuration, but change mind and
       instead of committing the changes to the cluster save them to a shadow CIB. This short
       configure session excerpt shows how:

               crm(live)configure# cib new test-2
               INFO: test-2 shadow CIB created
               crm(test-2)configure# commit


       Configuration templates are ready made configurations created by cluster experts. They are
       designed in such a way so that users may generate valid cluster configurations with
       minimum effort. If you are new to Pacemaker, templates may be the best way to start.

       We will show here how to create a simple yet functional Apache configuration:

               # crm configure
               crm(live)configure# template
               crm(live)configure template# list templates
               apache       filesystem   virtual-ip
               crm(live)configure template# new web <TAB><TAB>
               apache       filesystem   virtual-ip
               crm(live)configure template# new web apache
               INFO: pulling in template apache
               INFO: pulling in template virtual-ip
               crm(live)configure template# list
               web2-d       web2         vip2         web3         vip          web

       We enter the template level from configure. Use the list command to show templates
       available on the system. The new command creates a configuration from the apache template.
       You can use tab completion to pick templates. Note that the apache template depends on a
       virtual IP address which is automatically pulled along. The list command shows the just
       created web configuration, among other configurations (I hope that you, unlike me, will
       use more sensible and descriptive names).

       The show command, which displays the resulting configuration, may be used to get an idea
       about the minimum required changes which have to be done. All ERROR messages show the line
       numbers in which the respective parameters are to be defined:

               crm(live)configure template# show
               ERROR: 23: required parameter ip not set
               ERROR: 61: required parameter id not set
               ERROR: 65: required parameter configfile not set
               crm(live)configure template# edit

       The edit command invokes the preferred text editor with the web configuration. At the top
       of the file, the user is advised how to make changes. A good template should require from
       the user to specify only parameters. For example, the web configuration we created above
       has the following required and optional parameters (all parameter lines start with %%):

               $ grep -n ^%% ~/.crmconf/web
               23:%% ip
               31:%% netmask
               35:%% lvs_support
               61:%% id
               65:%% configfile
               71:%% options
               76:%% envfiles

       These lines are the only ones that should be modified. Simply append the parameter value
       at the end of the line. For instance, after editing this template, the result could look
       like this (we used tabs instead of spaces to make the values stand out):

               $ grep -n ^%% ~/.crmconf/web
               23:%% ip      
               31:%% netmask
               35:%% lvs_support
               61:%% id                websvc
               65:%% configfile        /etc/apache2/httpd.conf
               71:%% options
               76:%% envfiles

       As you can see, the parameter line format is very simple:

               %% <name> <value>

       After editing the file, use show again to display the configuration:

               crm(live)configure template# show
               primitive virtual-ip ocf:heartbeat:IPaddr \
                       params ip=""
               primitive apache ocf:heartbeat:apache \
                       params configfile="/etc/apache2/httpd.conf"
               monitor apache 120s:60s
               group websvc \
                       apache virtual-ip

       The target resource of the apache template is a group which we named websvc in this sample

       This configuration looks exactly as you could type it at the configure level. The point of
       templates is to save you some typing. It is important, however, to understand the
       configuration produced.

       Finally, the configuration may be applied to the current crm configuration (note how the
       configuration changed slightly, though it is still equivalent, after being digested at the
       configure level):

               crm(live)configure template# apply
               crm(live)configure template# cd ..
               crm(live)configure# show
               node xen-b
               node xen-c
               primitive apache ocf:heartbeat:apache \
                   params configfile="/etc/apache2/httpd.conf" \
                   op monitor interval="120s" timeout="60s"
               primitive virtual-ip ocf:heartbeat:IPaddr \
                   params ip=""
               group websvc apache virtual-ip

       Note that this still does not commit the configuration to the CIB which is used in the
       shell, either the running one (live) or some shadow CIB. For that you still need to
       execute the commit command.

       To complete our example, we should also define the preferred node to run the service:

               crm(live)configure# location websvc-pref websvc 100: xen-b

       If you are not happy with some resource names which are provided by default, you can
       rename them now:

               crm(live)configure# rename virtual-ip intranet-ip
               crm(live)configure# show
               node xen-b
               node xen-c
               primitive apache ocf:heartbeat:apache \
                       params configfile="/etc/apache2/httpd.conf" \
                       op monitor interval="120s" timeout="60s"
               primitive intranet-ip ocf:heartbeat:IPaddr \
                       params ip=""
               group websvc apache intranet-ip
               location websvc-pref websvc 100: xen-b

       To summarize, working with templates typically consists of the following steps:

       ·   new: create a new configuration from templates

       ·   edit: define parameters, at least the required ones

       ·   show: see if the configuration is valid

       ·   apply: apply the configuration to the configure level


       The amount of detail in a cluster makes all configurations prone to errors. By far the
       largest number of issues in a cluster is due to bad resource configuration. The shell can
       help quickly diagnose such problems. And considerably reduce your keyboard wear.

       Let’s say that we entered the following configuration:

               node xen-b
               node xen-c
               node xen-d
               primitive fencer stonith:external/libvirt \
                       params hypervisor_uri="qemu+tcp://" \
                           hostlist="xen-b xen-c xen-d" \
                       op monitor interval="2h"
               primitive svc ocf:heartbeat:Xinetd \
                       params service="systat" \
                       op monitor interval="30s"
               primitive intranet-ip ocf:heartbeat:IPaddr2 \
                       params ip="" \
                       op monitor interval="30s"
               primitive apache ocf:heartbeat:apache \
                       params configfile="/etc/apache2/httpd.conf" \
                       op monitor interval="120s" timeout="60s"
               group websvc apache intranet-ip
               location websvc-pref websvc 100: xen-b

       Before typing commit to submit the configuration to the cib we can make sure that all
       resources are usable on all nodes:

               crm(live)configure# rsctest websvc svc fencer

       It is important that resources being tested are not running on any nodes. Otherwise, the
       rsctest command will refuse to do anything. Of course, if the current configuration
       resides in a CIB shadow, then a commit is irrelevant. The point being that resources are
       not running on any node.  Note on stopping all resources

       Alternatively to not committing a configuration, it is also possible to tell Pacemaker not
       to start any resources:

               crm(live)configure# property stop-all-resources="yes"

       Almost none---resources of class stonith are still started. But shell is not as strict
       when it comes to stonith resources.

       Order of resources is significant insofar that a resource depends on all resources to its
       left. In most configurations, it’s probably practical to test resources in several runs,
       based on their dependencies.

       Apart from groups, crm does not interpret constraints and therefore knows nothing about
       resource dependencies. It also doesn’t know if a resource can run on a node at all in case
       of an asymmetric cluster. It is up to the user to specify a list of eligible nodes if a
       resource is not meant to run on every node.


       The crm makes extensive use of tab completion. The completion is both static (i.e. for crm
       commands) and dynamic. The latter takes into account the current status of the cluster or
       information from installed resource agents. Sometimes, completion may also be used to get
       short help on resource parameters. Here a few examples:

               crm(live)# resource
               crm(live)resource# <TAB><TAB>
               bye           failcount     move          restart       unmigrate
               cd            help          param         show          unmove
               cleanup       list          promote       start         up
               demote        manage        quit          status utilization
               end           meta          refresh       stop
               exit          migrate       reprobe       unmanage
               crm(live)resource# end
               crm(live)# configure
               crm(live)configure# primitive fence-1 <TAB><TAB>
               heartbeat:  lsb:        ocf:        stonith:
               crm(live)configure# primitive fence-1 stonith:<TAB><TAB>
               apcmaster                external/ippower9258     fence_legacy
               apcmastersnmp            external/kdumpcheck      ibmhmc
               apcsmart                 external/libvirt         ipmilan
               baytech                  external/nut             meatware
               bladehpi                 external/rackpdu         null
               cyclades                 external/riloe           nw_rpc100s
               drac3                    external/sbd             rcd_serial
               external/drac5           external/ssh             rps10
               external/dracmc-telnet   external/ssh-bad         ssh
               external/hmchttp         external/ssh-slow        suicide
               external/ibmrsa          external/vmware          wti_mpc
               external/ibmrsa-telnet   external/xen0            wti_nps
               external/ipmi            external/xen0-ha
               crm(live)configure# primitive fence-1 stonith:ipmilan params <TAB><TAB>
               auth=      hostname=  ipaddr=    login=     password=  port=      priv=
               crm(live)configure# primitive fence-1 stonith:ipmilan params auth=<TAB><TAB>
               auth* (string)
                   The authorization type of the IPMI session ("none", "straight", "md2", or "md5")
               crm(live)configure# primitive fence-1 stonith:ipmilan params auth=


       Resource definitions may be checked against the meta-data provided with the resource
       agents. These checks are currently carried out:

       ·   are required parameters set

       ·   existence of defined parameters

       ·   timeout values for operations

       The parameter checks are obvious and need no further explanation. Failures in these checks
       are treated as configuration errors.

       The timeouts for operations should be at least as long as those recommended in the
       meta-data. Too short timeout values are a common mistake in cluster configurations and,
       even worse, they often slip through if cluster testing was not thorough. Though operation
       timeouts issues are treated as warnings, make sure that the timeouts are usable in your
       environment. Note also that the values given are just advisory minimum---your resources
       may require longer timeouts.

       User may tune the frequency of checks and the treatment of errors by the check-frequency
       and check-mode preferences.

       Note that if the check-frequency is set to always and the check-mode to strict, errors are
       not tolerated and such configuration cannot be saved.


       By default, the users from the haclient group have full access to the cluster (or, more
       precisely, to the CIB). Access control lists allow for finer access control to the

       Access control lists consist of an ordered set of access rules. Each rule allows read or
       write access or denies access completely. Rules are typically combined to produce a
       specific role. Then, users may be assigned a role.

       For instance, this is a role which defines a set of rules allowing management of a single

               role bigdb_admin \
                   write meta:bigdb:target-role \
                   write meta:bigdb:is-managed \
                   write location:bigdb \
                   read ref:bigdb

       The first two rules allow modifying the target-role and is-managed meta attributes which
       effectively enables users in this role to stop/start and manage/unmanage the resource. The
       constraints write access rule allows moving the resource around. Finally, the user is
       granted read access to the resource definition.

       For proper operation of all Pacemaker programs, it is advisable to add the following role
       to all users:

               role read_all \
                   read cib

       For finer grained read access try with the rules listed in the following role:

               role basic_read \
                   read node attribute:uname \
                   read node attribute:type \
                   read property \
                   read status

       It is however possible that some Pacemaker programs (e.g. ptest) may not function
       correctly if the whole CIB is not readable.

       Some of the ACL rules in the examples above are expanded by the shell to XPath
       specifications. For instance, meta:bigdb:target-role is a shortcut for
       //primitive[@id='bigdb']/meta_attributes/nvpair[@name='target-role']. You can see the
       expansion by showing XML:

               crm(live) configure# show xml bigdb_admin
                 <acl_role id="bigdb_admin">
                     <write id="bigdb_admin-write"

       Many different XPath expressions can have equal meaning. For instance, the following two
       are equal, but only the first one is going to be recognized as shortcut:


       XPath is a powerful language, but you should try to keep your ACL xpaths simple and the
       builtin shortcuts should be used whenever possible.


       We define a small and simple language. Most commands consist of just a list of simple
       tokens. The only complex constructs are found at the configure level.

       The syntax is described in a somewhat informal manner: <> denotes a string, [] means that
       the construct is optional, the ellipsis (...) signifies that the previous construct may be
       repeated, | means pick one of many, and the rest are literals (strings, :, =).

       Show cluster status. The status is displayed by crm_mon. Supply additional arguments for
       more information or different format. See crm_mon(8) for more details.


                   status [<option> ...]

                   option :: bynode | inactive | ops | timing | failcounts

   cib (shadow CIBs)
       This level is for management of shadow CIBs. It is available both at the top level and the
       configure level.

       All the commands are implemented using cib_shadow(8) and the CIB_shadow environment
       variable. The user prompt always includes the name of the currently active shadow or the
       live CIB.

           Create a new shadow CIB. The live cluster configuration and status is copied to the
           shadow CIB. Specify withstatus if you want to edit the status section of the shadow
           CIB (see the cibstatus section). Add force to force overwriting the existing shadow

           To start with an empty configuration that is not copied from the live CIB, specify the
           empty keyword. (This also allows a shadow CIB to be created in case no cluster is


                       new <cib> [withstatus] [force] [empty]

           Delete an existing shadow CIB.


                       delete <cib>

           Copy the current cluster configuration into the shadow CIB.


                       reset <cib>

           Apply a shadow CIB to the cluster.


                       commit <cib>

           Choose a CIB source. If you want to edit the status from the shadow CIB specify
           withstatus (see cibstatus). Leave out the CIB name to switch to the running CIB.


                       use [<cib>] [withstatus]

           Print differences between the current cluster configuration and the active shadow CIB.



           List existing shadow CIBs.



           At times it may be useful to create a shadow file from the existing CIB. The CIB may
           be specified as file or as a PE input file number. The shell will look up files in the
           local directory first and then in the PE directory (typically /var/lib/pengine). Once
           the CIB file is found, it is copied to a shadow and this shadow is immediately
           available for use at both configure and cibstatus levels.

           If the shadow name is omitted then the target shadow is named after the input CIB

           Note that there are often more than one PE input file, so you may need to specify the
           full name.


                       import {<file>|<number>} [<shadow>]


                       import pe-warn-2222
                       import 2289 issue2

           Enter edit and manage the CIB status section level. See the CIB status management

       This level contains commands which show various information about the installed resource
       agents. It is available both at the top level and at the configure level.

           Print all resource agents' classes and, where appropriate, a list of available



           List available resource agents for the given class. If the class is ocf, supply a
           provider to get agents which are available only from that provider.


                       list <class> [<provider>]


                       list ocf pacemaker

       meta (info)
           Show the meta-data of a resource agent type. This is where users can find information
           on how to use a resource agent. It is also possible to get information from some
           programs: pengine, crmd, cib, and stonithd. Just specify the program name instead of
           an RA.


                       info [<class>:[<provider>:]]<type>
                       info <type> <class> [<provider>] (obsolete)


                       info apache
                       info ocf:pacemaker:Dummy
                       info stonith:ipmilan
                       info pengine

           List providers for a resource agent type. The class parameter defaults to ocf.


                       providers <type> [<class>]


                       providers apache

       At this level resources may be managed.

       All (or almost all) commands are implemented with the CRM tools such as crm_resource(8).

       status (show, list)
           Print resource status. If the resource parameter is left out status of all resources
           is printed.


                       status [<rsc>]

           Start a resource by setting the target-role attribute. If there are multiple meta
           attributes sets, the attribute is set in all of them. If the resource is a clone, all
           target-role attributes are removed from the children resources.

           For details on group management see options manage-children.


                       start <rsc>

           Stop a resource using the target-role attribute. If there are multiple meta attributes
           sets, the attribute is set in all of them. If the resource is a clone, all target-role
           attributes are removed from the children resources.

           For details on group management see options manage-children.


                       stop <rsc>

           Restart a resource. This is essentially a shortcut for resource stop followed by a
           start. The shell is first going to wait for the stop to finish, that is for all
           resources to really stop, and only then to order the start action. Due to this command
           entailing a whole set of operations, informational messages are printed to let the
           user see some progress.

           For details on group management see options manage-children.


                       restart <rsc>


                       # crm resource restart g_webserver
                       INFO: ordering g_webserver to stop
                       waiting for stop to finish .... done
                       INFO: ordering g_webserver to start

           Promote a master-slave resource using the target-role attribute.


                       promote <rsc>

           Demote a master-slave resource using the target-role attribute.


                       demote <rsc>

           Manage a resource using the is-managed attribute. If there are multiple meta
           attributes sets, the attribute is set in all of them. If the resource is a clone, all
           is-managed attributes are removed from the children resources.

           For details on group management see options manage-children.


                       manage <rsc>

           Unmanage a resource using the is-managed attribute. If there are multiple meta
           attributes sets, the attribute is set in all of them. If the resource is a clone, all
           is-managed attributes are removed from the children resources.

           For details on group management see options manage-children.


                       unmanage <rsc>

       migrate (move)
           Migrate a resource to a different node. If node is left out, the resource is migrated
           by creating a constraint which prevents it from running on the current node.
           Additionally, you may specify a lifetime for the constraint---once it expires, the
           location constraint will no longer be active.


                       migrate <rsc> [<node>] [<lifetime>] [force]

       unmigrate (unmove)
           Remove the constraint generated by the previous migrate command.


                       unmigrate <rsc>

           Show/edit/delete a parameter of a resource.


                       param <rsc> set <param> <value>
                       param <rsc> delete <param>
                       param <rsc> show <param>


                       param ip_0 show ip

           Sensitive parameters can be kept in local files rather than CIB in order to prevent
           accidental data exposure. Use the secret command to manage such parameters. stash and
           unstash move the value from the CIB and back to the CIB respectively. The set
           subcommand sets the parameter to the provided value. delete removes the parameter
           completely. show displays the value of the parameter from the local file. Use check to
           verify if the local file content is valid.


                       secret <rsc> set <param> <value>
                       secret <rsc> stash <param>
                       secret <rsc> unstash <param>
                       secret <rsc> delete <param>
                       secret <rsc> show <param>
                       secret <rsc> check <param>


                       secret fence_1 show password
                       secret fence_1 stash password
                       secret fence_1 set password secret_value

           Show/edit/delete a meta attribute of a resource. Currently, all meta attributes of a
           resource may be managed with other commands such as resource stop.


                       meta <rsc> set <attr> <value>
                       meta <rsc> delete <attr>
                       meta <rsc> show <attr>


                       meta ip_0 set target-role stopped

           Show/edit/delete a utilization attribute of a resource. These attributes describe
           hardware requirements. By setting the placement-strategy cluster property
           appropriately, it is possible then to distribute resources based on resource
           requirements and node size. See also node utilization attributes.


                       utilization <rsc> set <attr> <value>
                       utilization <rsc> delete <attr>
                       utilization <rsc> show <attr>


                       utilization xen1 set memory 4096

           Show/edit/delete the failcount of a resource.


                       failcount <rsc> set <node> <value>
                       failcount <rsc> delete <node>
                       failcount <rsc> show <node>


                       failcount fs_0 delete node2

           Cleanup resource status. Typically done after the resource has temporarily failed. If
           a node is omitted, cleanup on all nodes. If there are many nodes, the command may take
           a while.


                       cleanup <rsc> [<node>]

           Refresh CIB from the LRM status.


                       refresh [<node>]

           Probe for resources not started by the CRM.


                       reprobe [<node>]

           Start tracing RA for the given operation. The trace files are stored in
           $HA_VARLIB/trace_ra. If the operation to be traced is monitor, note that the number of
           trace files can grow very quickly.


                       trace <rsc> <op> [<interval>]


                       trace fs start

           Stop tracing RA for the given operation.


                       untrace <rsc> <op> [<interval>]


                       untrace fs start

       Node management and status commands.

           Show nodes' status as XML. If the node parameter is omitted then all nodes are shown.


                       status [<node>]

           Show a node definition. If the node parameter is omitted then all nodes are shown.


                       show [<node>]

           Set a node to standby status. The node parameter defaults to the node where the
           command is run. Additionally, you may specify a lifetime for the standby---if set to
           reboot, the node will be back online once it reboots. forever will keep the node in
           standby after reboot.


                       standby [<node>] [<lifetime>]

                       lifetime :: reboot | forever

           Set a node to online status. The node parameter defaults to the node where the command
           is run.


                       online [<node>]

           Set the node status to maintenance. This is equivalent to the cluster-wide
           maintenance-mode property but puts just one node into the maintenance mode. The node
           parameter defaults to the node where the command is run.


                       maintenance [<node>]

           Set the node’s maintenance status to off. The node should be now again fully
           operational and capable of running resource operations.


                       ready [<node>]

           Make CRM fence a node. This functionality depends on stonith resources capable of
           fencing the specified node. No such stonith resources, no fencing will happen.


                       fence <node>

           Resets and clears the state of the specified node. This node is afterwards assumed
           clean and offline. This command can be used to manually confirm that a node has been
           fenced (e.g., powered off).

           Be careful! This can cause data corruption if you confirm that a node is down that is,
           in fact, not cleanly down - the cluster will proceed as if the fence had succeeded,
           possibly starting resources multiple times.


                       clearstate <node>

           Delete a node. This command will remove the node from the CIB and, in case the cluster
           stack is running, use the appropriate program (crm_node or hb_delnode) to remove the
           node from the membership.

           If the node is still listed as active and a member of our partition we refuse to
           remove it. With the global force option (-F) we will try to delete the node anyway.


                       delete <node>

           Edit node attributes. This kind of attribute should refer to relatively static
           properties, such as memory size.


                       attribute <node> set <attr> <value>
                       attribute <node> delete <attr>
                       attribute <node> show <attr>


                       attribute node_1 set memory_size 4096

           Edit node utilization attributes. These attributes describe hardware characteristics
           as integer numbers such as memory size or the number of CPUs. By setting the
           placement-strategy cluster property appropriately, it is possible then to distribute
           resources based on resource requirements and node size. See also resource utilization


                       utilization <node> set <attr> <value>
                       utilization <node> delete <attr>
                       utilization <node> show <attr>


                       utilization node_1 set memory 16384
                       utilization node_1 show cpu

           Edit node attributes which are in the CIB status section, i.e. attributes which hold
           properties of a more volatile nature. One typical example is attribute generated by
           the pingd utility.


                       status-attr <node> set <attr> <value>
                       status-attr <node> delete <attr>
                       status-attr <node> show <attr>


                       status-attr node_1 show pingd

       A cluster may consist of two or more subclusters in different and distant locations. This
       set of commands supports such setups.

           Tickets are cluster-wide attributes. They can be managed at the site where this
           command is executed.

           It is then possible to constrain resources depending on the ticket availability (see
           the rsc_ticket command for more details).


                       ticket {grant|revoke|standby|activate|show|time|delete} <ticket>


                       ticket grant ticket1

       The user may set various options for the crm shell itself.

           Based on the skill-level setting, the user is allowed to use only a subset of
           commands. There are three levels: operator, administrator, and expert. The operator
           level allows only commands at the resource and node levels, but not editing or
           deleting resources. The administrator may do that and may also configure the cluster
           at the configure level and manage the shadow CIBs. The expert may do all.


                       skill-level <level>

                       level :: operator | administrator | expert
           Note on security

           The skill-level option is advisory only. There is nothing stopping any users change
           their skill level (see Access Control Lists (ACL) on how to enforce access control).

           Sufficient privileges are necessary in order to manage a cluster: programs such as
           crm_verify or crm_resource and, ultimately, cibadmin have to be run either as root or
           as the CRM owner user (typically hacluster). You don’t have to worry about that if you
           run crm as root. A more secure way is to run the program with your usual privileges,
           set this option to the appropriate user (such as hacluster), and setup the sudoers


                       user system-user


                       user hacluster

           The edit command invokes an editor. Use this to specify your preferred editor program.
           If not set, it will default to either the value of the EDITOR environment variable or
           to one of the standard UNIX editors (vi,emacs,nano).


                       editor program


                       editor vim

           The view command displays text through a pager. Use this to specify your preferred
           pager program. If not set, it will default to either the value of the PAGER
           environment variable or to one of the standard UNIX system pagers (less,more,pg).

           crm by default sorts CIB elements. If you want them appear in the order they were
           created, set this option to no.


                       sort-elements {yes|no}


                       sort-elements no

           In normal operation, crm runs a command and gets back immediately to process other
           commands or get input from the user. With this option set to yes it will wait for the
           started transition to finish. In interactive mode dots are printed to indicate


                       wait {yes|no}


                       wait yes

           crm can adorn configurations in two ways: in color (similar to for instance the ls
           --color command) and by showing keywords in upper case. Possible values are plain,
           color, and uppercase. It is possible to combine the latter two in order to get an
           upper case xmass tree. Just set this option to color,uppercase.

           With output set to color, a comma separated list of colors from this option are used
           to emphasize:

           ·   keywords

           ·   object ids

           ·   attribute names

           ·   attribute values

           ·   scores

           ·   resource references

           crm can show colors only if there is curses support for python installed (usually
           provided by the python-curses package). The colors are whatever is available in your
           terminal. Use normal if you want to keep the default foreground color.

           This user preference defaults to yellow,normal,cyan,red,green,magenta which is good
           for terminals with dark background. You may want to change the color scheme and save
           it in the preferences file for other color setups.


                   colorscheme yellow,normal,blue,red,green,magenta

           Semantic check of the CIB or elements modified or created may be done on every
           configuration change (always), when verifying (on-verify) or never. It is by default
           set to always. Experts may want to change the setting to on-verify.

           The checks require that resource agents are present. If they are not installed at the
           configuration time set this preference to never.

           See Configuration semantic checks for more details.

           Semantic check of the CIB or elements modified or created may be done in the strict
           mode or in the relaxed mode. In the former certain problems are treated as
           configuration errors. In the relaxed mode all are treated as warnings. The default is

           See Configuration semantic checks for more details.

           The shell (as in /bin/sh) parser strips quotes from the command line. This may
           sometimes make it really difficult to type values which contain white space. One
           typical example is the configure filter command. The crm shell will supply extra
           quotes around arguments which contain white space. The default is yes.  Note on quotes

           Adding quotes around arguments automatically has been introduced with version 1.2.2
           and it is technically a regression. Being a regression is the only reason the
           add-quotes option exists. If you have custom shell scripts which would break, just set
           the add-quotes option to no.

           For instance, with adding quotes enabled, it is possible to do the following:

                   # crm configure primitive d1 ocf:heartbeat:Dummy meta description="some description here"
                   # crm configure filter 'sed "s/hostlist=./&node-c /"' fencing

           Some resource management commands, such as resource stop, when the target resource is
           a group, may not always produce desired result. Each element, group and the primitive
           members, can have a meta attribute and those attributes may end up with conflicting
           values. Consider the following construct:

                   crm(live)# configure show svc fs virtual-ip
                   primitive fs ocf:heartbeat:Filesystem \
                           params device="/dev/drbd0" directory="/srv/nfs" fstype="ext3" \
                           op monitor interval="10s" \
                           meta target-role="Started"
                   primitive virtual-ip ocf:heartbeat:IPaddr2 \
                           params ip="" iflabel="1" \
                           op monitor interval="10s" \
                           op start interval="0" \
                           meta target-role="Started"
                   group svc fs virtual-ip \
                           meta target-role="Stopped"

           Even though the element svc should be stopped, the group is actually running because
           all its members have the target-role set to Started:

                   crm(live)# resource show svc
                   resource svc is running on: xen-f

           Hence, if the user invokes resource stop svc the intention is not clear. This
           preference gives the user an opportunity to better control what happens if attributes
           of group members have values which are in conflict with the same attribute of the
           group itself.

           Possible values are ask (the default), always, and never. If set to always, the crm
           shell removes all children attributes which have values different from the parent. If
           set to never, all children attributes are left intact. Finally, if set to ask, the
           user will be asked for each member what is to be done.

           Display all current settings.

           Save current settings to the rc file ($HOME/.config/crm/rc). On further crm runs, the
           rc file is automatically read and parsed.

       This level enables all CIB object definition commands.

       The configuration may be logically divided into four parts: nodes, resources, constraints,
       and (cluster) properties and attributes. Each of these commands support one or more basic
       CIB objects.

       Nodes and attributes describing nodes are managed using the node command.

       Commands for resources are:

       ·   primitive

       ·   monitor

       ·   group

       ·   clone

       ·   ms/master (master-slave)

       In order to streamline large configurations, it is possible to define a template which can
       later be referenced in primitives:

       ·   rsc_template

       In that case the primitive inherits all attributes defined in the template.

       There are three types of constraints:

       ·   location

       ·   colocation

       ·   order

       It is possible to define fencing order (stonith resource priorities):

       ·   fencing_topology

       Finally, there are the cluster properties, resource meta attributes defaults, and
       operations defaults. All are just a set of attributes. These attributes are managed by the
       following commands:

       ·   property

       ·   rsc_defaults

       ·   op_defaults

       In addition to the cluster configuration, the Access Control Lists (ACL) can be setup to
       allow access to parts of the CIB for users other than root and hacluster. The following
       commands manage ACL:

       ·   user

       ·   role

       The changes are applied to the current CIB only on ending the configuration session or
       using the commit command.

       Comments start with # in the first line. The comments are tied to the element which
       follows. If the element moves, its comments will follow.

           The node command describes a cluster node. Nodes in the CIB are commonly created
           automatically by the CRM. Hence, you should not need to deal with nodes unless you
           also want to define node attributes. Note that it is also possible to manage node
           attributes at the node level.


                       node <uname>[:<type>]
                         [attributes <param>=<value> [<param>=<value>...]]
                         [utilization <param>=<value> [<param>=<value>...]]

                       type :: normal | member | ping


                       node node1
                       node big_node attributes memory=64

           The primitive command describes a resource. It may be referenced only once in group,
           clone, or master-slave objects. If it’s not referenced, then it is placed as a single
           resource in the CIB.

           Operations may be specified in three ways. "Anonymous" as a simple list of "op"
           specifications. Use that if you don’t want to reference the set of operations
           elsewhere. That’s by far the most common way to define operations. If reusing
           operation sets is desired, use the "operations" keyword along with the id to give the
           operations set a name and the id-ref to reference another set of operations.

           Operation’s attributes which are not recognized are saved as instance attributes of
           that operation. A typical example is OCF_CHECK_LEVEL.

           For multistate resources, roles are specified as role=<role>.

           A template may be defined for resources which are of the same type and which share
           most of the configuration. See rsc_template for more information.


                       primitive <rsc> {[<class>:[<provider>:]]<type>|@<template>}
                         [params attr_list]
                         [meta attr_list]
                         [utilization attr_list]
                         [operations id_spec]
                           [op op_type [<attribute>=<value>...] ...]

                       attr_list :: [$id=<id>] <attr>=<val> [<attr>=<val>...] | $id-ref=<id>
                       id_spec :: $id=<id> | $id-ref=<id>
                       op_type :: start | stop | monitor


                       primitive apcfence stonith:apcsmart \
                         params ttydev=/dev/ttyS0 hostlist="node1 node2" \
                         op start timeout=60s \
                         op monitor interval=30m timeout=60s

                       primitive www8 apache \
                         params configfile=/etc/apache/www8.conf \
                         operations $id-ref=apache_ops

                       primitive db0 mysql \
                         params config=/etc/mysql/db0.conf \
                         op monitor interval=60s \
                         op monitor interval=300s OCF_CHECK_LEVEL=10

                       primitive r0 ocf:linbit:drbd \
                         params drbd_resource=r0 \
                         op monitor role=Master interval=60s \
                         op monitor role=Slave interval=300s

                       primitive xen0 @vm_scheme1 \
                         params xmfile=/etc/xen/vm/xen0

           Monitor is by far the most common operation. It is possible to add it without editing
           the whole resource. Also, long primitive definitions may be a bit uncluttered. In
           order to make this command as concise as possible, less common operation attributes
           are not available. If you need them, then use the op part of the primitive command.


                       monitor <rsc>[:<role>] <interval>[:<timeout>]


                       monitor apcfence 60m:60s

           Note that after executing the command, the monitor operation may be shown as part of
           the primitive definition.

           The group command creates a group of resources.


                       group <name> <rsc> [<rsc>...]
                         [meta attr_list]
                         [params attr_list]

                       attr_list :: [$id=<id>] <attr>=<val> [<attr>=<val>...] | $id-ref=<id>


                       group internal_www disk0 fs0 internal_ip apache \
                         meta target_role=stopped

           The clone command creates a resource clone. It may contain a single primitive resource
           or one group of resources.


                       clone <name> <rsc>
                         [meta attr_list]
                         [params attr_list]

                       attr_list :: [$id=<id>] <attr>=<val> [<attr>=<val>...] | $id-ref=<id>


                       clone cl_fence apc_1 \
                         meta clone-node-max=1 globally-unique=false

       ms (master)
           The ms command creates a master/slave resource type. It may contain a single primitive
           resource or one group of resources.


                       ms <name> <rsc>
                         [meta attr_list]
                         [params attr_list]

                       attr_list :: [$id=<id>] <attr>=<val> [<attr>=<val>...] | $id-ref=<id>


                       ms disk1 drbd1 \
                         meta notify=true globally-unique=false
           Note on id-ref usage

           Instance or meta attributes (‘params` and meta) may contain a reference to another set
           of attributes. In that case, no other attributes are allowed. Since attribute sets’
           ids, though they do exist, are not shown in the crm, it is also possible to reference
           an object instead of an attribute set. crm will automatically replace such a reference
           with the right id:

                   crm(live)configure# primitive a2 www-2 meta $id-ref=a1
                   crm(live)configure# show a2
                   primitive a2 ocf:heartbeat:apache \
                       meta $id-ref="a1-meta_attributes"

           It is advisable to give meaningful names to attribute sets which are going to be

           The rsc_template command creates a resource template. It may be referenced in
           primitives. It is used to reduce large configurations with many similar resources.


                       rsc_template <name> [<class>:[<provider>:]]<type>
                         [params attr_list]
                         [meta attr_list]
                         [utilization attr_list]
                         [operations id_spec]
                           [op op_type [<attribute>=<value>...] ...]

                       attr_list :: [$id=<id>] <attr>=<val> [<attr>=<val>...] | $id-ref=<id>
                       id_spec :: $id=<id> | $id-ref=<id>
                       op_type :: start | stop | monitor


                       rsc_template public_vm ocf:heartbeat:Xen \
                         op start timeout=300s \
                         op stop timeout=300s \
                         op monitor interval=30s timeout=60s \
                         op migrate_from timeout=600s \
                         op migrate_to timeout=600s
                       primitive xen0 @public_vm \
                         params xmfile=/etc/xen/xen0
                       primitive xen1 @public_vm \
                         params xmfile=/etc/xen/xen1

           location defines the preference of nodes for the given resource. The location
           constraints consist of one or more rules which specify a score to be awarded if the
           rule matches.


                       location <id> <rsc> {node_pref|rules}

                       node_pref :: <score>: <node>

                       rules ::
                         rule [id_spec] [$role=<role>] <score>: <expression>
                         [rule [id_spec] [$role=<role>] <score>: <expression> ...]

                       id_spec :: $id=<id> | $id-ref=<id>
                       score :: <number> | <attribute> | [-]inf
                       expression :: <simple_exp> [bool_op <simple_exp> ...]
                       bool_op :: or | and
                       simple_exp :: <attribute> [type:]<binary_op> <value>
                                     | <unary_op> <attribute>
                                     | date <date_expr>
                       type :: string | version | number
                       binary_op :: lt | gt | lte | gte | eq | ne
                       unary_op :: defined | not_defined

                       date_expr :: lt <end>
                                    | gt <start>
                                    | in_range start=<start> end=<end>
                                    | in_range start=<start> <duration>
                                    | date_spec <date_spec>
                       duration|date_spec ::
                                    | monthdays=<value>
                                    | weekdays=<value>
                                    | yearsdays=<value>
                                    | months=<value>
                                    | weeks=<value>
                                    | years=<value>
                                    | weekyears=<value>
                                    | moon=<value>


                       location conn_1 internal_www 100: node1

                       location conn_1 internal_www \
                         rule 50: #uname eq node1 \
                         rule pingd: defined pingd

                       location conn_2 dummy_float \
                         rule -inf: not_defined pingd or pingd number:lte 0

       colocation (collocation)
           This constraint expresses the placement relation between two or more resources. If
           there are more than two resources, then the constraint is called a resource set.

           Collocation resource sets have an extra attribute (sequential) to allow for sets of
           resources which don’t depend on each other in terms of state. The shell syntax for
           such sets is to put resources in parentheses.

           Sets cannot be nested.

           The optional ‘node-attribute` references an attribute in nodes’ instance attributes.


                       colocation <id> <score>: <rsc>[:<role>] <rsc>[:<role>] ...


                       colocation dummy_and_apache -inf: apache dummy
                       colocation c1 inf: A ( B C )

           This constraint expresses the order of actions on two resources or more resources. If
           there are more than two resources, then the constraint is called a resource set.

           Ordered resource sets have an extra attribute to allow for sets of resources whose
           actions may run in parallel. The shell syntax for such sets is to put resources in

           If the subsequent resource can start or promote after any one of the resources in a
           set has done, enclose the set in brackets ([ and ]).

           Sets cannot be nested.

           Three strings are reserved to specify a kind of order constraint: Mandatory, Optional,
           and Serialize. It is preferred to use one of these settings instead of score. Previous
           versions mapped scores 0 and inf to keywords advisory and mandatory. That is still
           valid but deprecated.  Note on resource sets' XML attributes

           The XML attribute require-all controls whether all resources in a set are, well,
           required. The bracketed sets actually have this attribute as well as sequential set to
           false. If you need a different combination, for whatever reason, just set one of the
           attributes within the set. Something like this:

                   crm(live)configure# order o1 Mandatory: [ A B sequential=true ] C

           It is up to you to find out whether such a combination makes sense.


                       order <id> {kind|<score>}: <rsc>[:<action>] <rsc>[:<action>] ...

                       kind :: Mandatory | Optional | Serialize


                       order c_apache_1 Mandatory: apache:start ip_1
                       order o1 Serialize: A ( B C )
                       order order_2 Mandatory: [ A B ] C

           This constraint expresses dependency of resources on cluster-wide attributes, also
           known as tickets. Tickets are mainly used in geo-clusters, which consist of multiple
           sites. A ticket may be granted to a site, thus allowing resources to run there.

           The loss-policy attribute specifies what happens to the resource (or resources) if the
           ticket is revoked. The default is either stop or demote depending on whether a
           resource is multi-state.

           See also the site set of commands.


                       rsc_ticket <id> <ticket_id>: <rsc>[:<role>] [<rsc>[:<role>] ...]

                       loss_policy_action :: stop | demote | fence | freeze


                       rsc_ticket ticket-A_public-ip ticket-A: public-ip
                       rsc_ticket ticket-A_bigdb ticket-A: bigdb loss-policy=fence
                       rsc_ticket ticket-B_storage ticket-B: drbd-a:Master drbd-b:Master

           Set the cluster (crm_config) options.


                       property [$id=<set_id>] <option>=<value> [<option>=<value> ...]


                       property stonith-enabled=true

           Set defaults for the resource meta attributes.


                       rsc_defaults [$id=<set_id>] <option>=<value> [<option>=<value> ...]


                       rsc_defaults failure-timeout=3m

           If multiple fencing (stonith) devices are available capable of fencing a node, their
           order may be specified by fencing_topology. The order is specified per node.

           Stonith resources can be separated by , in which case all of them need to succeed. If
           they fail, the next stonith resource (or set of resources) is used. In other words,
           use comma to separate resources which all need to succeed and whitespace for serial
           order. It is not allowed to use whitespace around comma.

           If the node is left out, the order is used for all nodes. That should reduce the
           configuration size in some stonith setups.


                       fencing_topology stonith_resources [stonith_resources ...]
                       fencing_topology fencing_order [fencing_order ...]

                       fencing_order :: <node>: stonith_resources [stonith_resources ...]

                       stonith_resources :: <rsc>[,<rsc>...]


                       fencing_topology poison-pill power
                       fencing_topology \
                           node-a: poison-pill power
                           node-b: ipmi serial

           An ACL role is a set of rules which describe access rights to CIB. Rules consist of an
           access right read, write, or deny and a specification denoting part of the
           configuration to which the access right applies. The specification can be an XPath or
           a combination of tag and id references. If an attribute is appended, then the
           specification applies only to that attribute of the matching element.

           There is a number of shortcuts for XPath specifications. The meta, params, and
           utilization shortcuts reference resource meta attributes, parameters, and utilization
           respectively. The location may be used to specify location constraints most of the
           time to allow resource move and unmove commands. The property references cluster
           properties. The node allows reading node attributes. nodeattr and nodeutil reference
           node attributes and node capacity (utilization). The status shortcut references the
           whole status section of the CIB. Read access to status is necessary for various
           monitoring tools such as crm_mon(8) (aka crm status).


                       role <role-id> rule [rule ...]

                       rule :: acl-right cib-spec [attribute:<attribute>]

                       acl-right :: read | write | deny

                       cib-spec :: xpath-spec | tag-ref-spec
                       xpath-spec :: xpath:<xpath> | shortcut
                       tag-ref-spec :: tag:<tag> | ref:<id> | tag:<tag> ref:<id>

                       shortcut :: meta:<rsc>[:<attr>]


                       role app1_admin \
                           write meta:app1:target-role \
                           write meta:app1:is-managed \
                           write location:app1 \
                           read ref:app1

           Users which normally cannot view or manage cluster configuration can be allowed access
           to parts of the CIB. The access is defined by a set of read, write, and deny rules as
           in role definitions or by referencing roles. The latter is considered best practice.


                       user <uid> {roles|rules}

                       roles :: role:<role-ref> [role:<role-ref> ...]
                       rules :: rule [rule ...]


                       user joe \
                           role:app1_admin \

           Set defaults for the operations meta attributes.


                       op_defaults [$id=<set_id>] <option>=<value> [<option>=<value> ...]


                       op_defaults record-pending=true

           CIB’s content is validated by a RNG schema. Pacemaker supports several, depending on
           version. Currently supported schemas are pacemaker-1.0, pacemaker-1.1, and

           Use this command to display or switch to another RNG schema.


                       schema [<schema>]


                       schema pacemaker-1.1

           The show command displays objects. It may display all objects or a set of objects. The
           user may also choose to see only objects which were changed. Optionally, the XML code
           may be displayed instead of the CLI representation.


                       show [xml] [<id> ...]
                       show [xml] changed

           This command invokes the editor with the object description. As with the show command,
           the user may choose to edit all objects or a set of objects.

           If the user insists, he or she may edit the XML edition of the object. If you do that,
           don’t modify any id attributes.


                       edit [xml] [<id> ...]
                       edit [xml] changed
           Note on renaming element ids

           The edit command sometimes cannot properly handle modifying element ids. In particular
           for elements which belong to group or ms resources. Group and ms resources themselves
           also cannot be renamed. Please use the rename command instead.

           This command filters the given CIB elements through an external program. The program
           should accept input on stdin and send output to stdout (the standard UNIX filter
           conventions). As with the show command, the user may choose to filter all or just a
           subset of elements.

           It is possible to filter the XML representation of objects, but probably not as useful
           as the configuration language. The presentation is somewhat different from what would
           be displayed by the show command---each element is shown on a single line, i.e. there
           are no backslashes and no other embelishments.

           Don’t forget to put quotes around the filter if it contains spaces.


                       filter <prog> [xml] [<id> ...]
                       filter <prog> [xml] changed


                       filter "sed '/^primitive/s/target-role=[^ ]*//'"
                       # crm configure filter "sed '/^primitive/s/target-role=[^ ]*//'"

           Delete one or more objects. If an object to be deleted belongs to a container object,
           such as a group, and it is the only resource in that container, then the container is
           deleted as well. Any related constraints are removed as well.


                       delete <id> [<id>...]

           This command takes the timeouts from the actions section of the resource agent
           meta-data and sets them for the operations of the primitive.


                       default-timeouts <id> [<id>...]
           Note on default-timeouts

           You may be happy using this, but your applications may not. And it will tell you so at
           the worst possible moment. You have been warned.

           Rename an object. It is recommended to use this command to rename a resource, because
           it will take care of updating all related constraints and a parent resource. Changing
           ids with the edit command won’t have the same effect.

           If you want to rename a resource, it must be in the stopped state.


                       rename <old_id> <new_id>

           Add or remove primitives in a group. The add subcommand appends the new group member
           by default. Should it go elsewhere, there are after and before clauses.


                       modgroup <id> add <id> [after <id>|before <id>]
                       modgroup <id> remove <id>


                       modgroup share1 add storage2 before share1-fs

           Refresh the internal structures from the CIB. All changes made during this session are



           The erase clears all configuration. Apart from nodes. To remove nodes, you have to
           specify an additional keyword nodes.

           Note that removing nodes from the live cluster may have some
           strange/interesting/unwelcome effects.


                       erase [nodes]

       ptest (simulate)
           Show PE (Policy Engine) motions using ptest(8) or crm_simulate(8).

           A CIB is constructed using the current user edited configuration and the status from
           the running CIB. The resulting CIB is run through ptest (or crm_simulate) to show
           changes which would happen if the configuration is committed.

           The status section may be loaded from another source and modified using the cibstatus
           level commands. In that case, the ptest command will issue a message informing the
           user that the Policy Engine graph is not calculated based on the current status
           section and therefore won’t show what would happen to the running but some imaginary

           If you have graphviz installed and X11 session, dotty(1) is run to display the changes

           Add a string of v characters to increase verbosity. ptest can also show allocation
           scores. utilization turns on information about the remaining capacity of nodes. With
           the actions option, ptest will print all resource actions.

           The ptest program has been replaced by crm_simulate in newer Pacemaker versions. In
           some installations both could be installed. Use simulate to enfore using crm_simulate.


                       ptest [nograph] [v...] [scores] [actions] [utilization]


                       ptest scores
                       ptest vvvvv
                       simulate actions

           Test resources with current resource configuration. If no nodes are specified, tests
           are run on all known nodes.

           The order of resources is significant: it is assumed that later resources depend on
           earlier ones.

           If a resource is multi-state, it is assumed that the role on which later resources
           depend is master.

           Tests are run sequentially to prevent running the same resource on two or more nodes.
           Tests are carried out only if none of the specified nodes currently run any of the
           specified resources. However, it won’t verify whether resources run on the other

           Superuser privileges are obviously required: either run this as root or setup the
           sudoers file appropriately.

           Note that resource testing may take some time.


                       rsctest <rsc_id> [<rsc_id> ...] [<node_id> ...]


                       rsctest my_ip websvc
                       rsctest websvc nodeB

   cib (shadow CIBs)
       This level is for management of shadow CIBs. It is available at the configure level to
       enable saving intermediate changes to a shadow CIB instead of to the live cluster. This
       short excerpt shows how:

               crm(live)configure# cib new test-2
               INFO: test-2 shadow CIB created
               crm(test-2)configure# commit

       Note how the current CIB in the prompt changed from live to test-2 after issuing the cib
       new command. See also the CIB shadow management for more information.

           Enter edit and manage the CIB status section level. See the CIB status management

           The specified template is loaded into the editor. It’s up to the user to make a good
           CRM configuration out of it. See also the template section.


                       template [xml] url


                       template two-apaches.txt

           Commit the current configuration to the CIB in use. As noted elsewhere, commands in a
           configure session don’t have immediate effect on the CIB. All changes are applied at
           one point in time, either using commit or when the user leaves the configure level. In
           case the CIB in use changed in the meantime, presumably by somebody else, the crm
           shell will refuse to apply the changes. If you know that it’s fine to still apply them
           add force.


                       commit [force]

           Verify the contents of the CIB which would be committed.



           If you get the CIB not supported error, which typically means that the current CIB
           version is coming from the older release, you may try to upgrade it to the latest
           revision. The command to perform the upgrade is:

                   # cibadmin --upgrade --force

           If we don’t recognize the current CIB as the old one, but you’re sure that it is, you
           may force the command.


                       upgrade [force]

           Save the current configuration to a file. Optionally, as XML. Use - instead of file
           name to write the output to stdout.


                       save [xml] <file>


                       save myfirstcib.txt

           Load a part of configuration (or all of it) from a local file or a network URL. The
           replace method replaces the current configuration with the one from the source. The
           update tries to import the contents into the current configuration. The file may be a
           CLI file or an XML file.


                       load [xml] <method> URL

                       method :: replace | update


                       load xml update myfirstcib.xml
                       load xml replace

           Create a graphviz graphical layout from the current cluster configuration.

           Currently, only dot (directed graph) is supported. It is essentially a visualization
           of resource ordering.

           The graph may be saved to a file which can be used as source for various graphviz
           tools (by default it is displayed in the user’s X11 session). Optionally, by
           specifying the format, one can also produce an image instead.

           For more or different graphviz attributes, it is possible to save the default set of
           attributes to an ini file. If this file exists it will always override the builtin
           settings. The exportsettings subcommand also prints the location of the ini file.


                       graph [<gtype> [<file> [<img_format>]]]
                       graph exportsettings

                       gtype :: dot
                       img_format :: `dot` output format (see the `-T` option)


                       graph dot
                       graph dot
                       graph dot clu1.conf.svg svg

           Even though we promissed no xml, it may happen, but hopefully very very seldom, that
           an element from the CIB cannot be rendered in the configuration language. In that
           case, the element will be shown as raw xml, prefixed by this command. That element can
           then be edited like any other. If the shell finds out that after the change it can
           digest it, then it is going to be converted into the normal configuration language.
           Otherwise, there is no need to use xml for configuration.


                       xml <xml>

       User may be assisted in the cluster configuration by templates prepared in advance.
       Templates consist of a typical ready configuration which may be edited to suit particular
       user needs.

       This command enters a template level where additional commands for configuration/template
       management are available.

           Create a new configuration from one or more templates. Note that configurations and
           templates are kept in different places, so it is possible to have a configuration name
           equal a template name.

           If you already know which parameters are required, you can set them directly on the
           command line.

           The parameter name id is set by default to the name of the configuration.


                       new <config> <template> [<template> ...] [params name=value ...]"


                       new vip virtual-ip
                       new bigfs ocfs2 params device=/dev/sdx8 directory=/bigfs

           Load an existing configuration. Further edit, show, and apply commands will refer to
           this configuration.


                       load <config>

           Edit current or given configuration using your favourite editor.


                       edit [<config>]

           Remove a configuration. The loaded (active) configuration may be removed by force.


                       delete <config> [force]

           List existing configurations or templates.


                       list [templates]

           Copy the current or given configuration to the current CIB. By default, the CIB is
           replaced, unless the method is set to "update".


                       apply [<method>] [<config>]

                       method :: replace | update

           Process the current or given configuration and display the result.


                       show [<config>]

       The status section of the CIB keeps the current status of nodes and resources. It is
       modified only on events, i.e. when some resource operation is run or node status changes.
       For obvious reasons, the CRM has no user interface with which it is possible to affect the
       status section. From the user’s point of view, the status section is essentially a
       read-only part of the CIB. The current status is never even written to disk, though it is
       available in the PE (Policy Engine) input files which represent the history of cluster
       motions. The current status may be read using the cibadmin -Q command.

       It may sometimes be of interest to see how status changes would affect the Policy Engine.
       The set of ‘cibstatus` level commands allow the user to load status sections from various
       sources and then insert or modify resource operations or change nodes’ state.

       The effect of those changes may then be observed by running the ptest command at the
       configure level or simulate and run commands at this level. The ptest runs with the user
       edited CIB whereas the latter two commands run with the CIB which was loaded along with
       the status section.

       The simulate and run commands as well as all status modification commands are implemented
       using crm_simulate(8).

           Load a status section from a file, a shadow CIB, or the running cluster. By default,
           the current (live) status section is modified. Note that if the live status section is
           modified it is not going to be updated if the cluster status changes, because that
           would overwrite the user changes. To make crm drop changes and resume use of the
           running cluster status, run load live.

           All CIB shadow configurations contain the status section which is a snapshot of the
           status section taken at the time the shadow was created. Obviously, this status
           section doesn’t have much to do with the running cluster status, unless the shadow CIB
           has just been created. Therefore, the ptest command by default uses the running
           cluster status section.


                       load {<file>|shadow:<cib>|live}


                       load bug-12299.xml
                       load shadow:test1

           The current internal status section with whatever modifications were performed can be
           saved to a file or shadow CIB.

           If the file exists and contains a complete CIB, only the status section is going to be
           replaced and the rest of the CIB will remain intact. Otherwise, the current user
           edited configuration is saved along with the status section.

           Note that all modifications are saved in the source file as soon as they are run.


                       save [<file>|shadow:<cib>]


                       save bug-12299.xml

           Show the origin of the status section currently in use. This essentially shows the
           latest load argument.



           Show the current status section in the XML format. Brace yourself for some unreadable
           output. Add changed option to get a human readable output of all changes.


                       show [changed]

           Change the node status. It is possible to throw a node out of the cluster, make it a
           member, or set its state to unclean.

               Set the node_statecrmd attribute to online and the expected and join attributes to
               member. The effect is that the node becomes a cluster member.

               Set the node_statecrmd attribute to offline and the expected attribute to empty.
               This makes the node cleanly removed from the cluster.

               Set the node_statecrmd attribute to offline and the expected attribute to member.
               In this case the node has unexpectedly disappeared.


                       node <node> {online|offline|unclean}


                       node xen-b unclean

           Edit the outcome of a resource operation. This way you can tell CRM that it ran an
           operation and that the resource agent returned certain exit code. It is also possible
           to change the operation’s status. In case the operation status is set to something
           other than done, the exit code is effectively ignored.


                       op <operation> <resource> <exit_code> [<op_status>] [<node>]

                       operation :: probe | monitor[:<n>] | start | stop |
                          promote | demote | notify | migrate_to | migrate_from
                       exit_code :: <rc> | success | generic | args |
                          unimplemented | perm | installed | configured | not_running |
                          master | failed_master
                       op_status :: pending | done | cancelled | timeout | notsupported | error

                       n :: the monitor interval in seconds; if omitted, the first
                          recurring operation is referenced
                       rc :: numeric exit code in range 0..9


                       op start d1 xen-b generic
                       op start d1 xen-b 1
                       op monitor d1 xen-b not_running
                       op stop d1 xen-b 0 timeout

           Set the quorum value.


                       quorum <bool>


                       quorum false

           Modify the ticket status. Tickets can be granted and revoked. Granted tickets could be
           activated or put in standby.


                       ticket <ticket> {grant|revoke|activate|standby}


                       ticket ticketA grant

           Run the policy engine with the edited status section.

           Add a string of v characters to increase verbosity. Specify scores to see allocation
           scores also. utilization turns on information about the remaining capacity of nodes.

           If you have graphviz installed and X11 session, dotty(1) is run to display the changes


                       run [nograph] [v...] [scores] [utilization]



           Run the policy engine with the edited status section and simulate the transition.

           Add a string of v characters to increase verbosity. Specify scores to see allocation
           scores also. utilization turns on information about the remaining capacity of nodes.

           If you have graphviz installed and X11 session, dotty(1) is run to display the changes


                       simulate [nograph] [v...] [scores] [utilization]



       Examining Pacemaker’s history is a particularly involved task. The number of subsystems to
       be considered, the complexity of the configuration, and the set of various information
       sources, most of which are not exactly human readable, keep analyzing resource or node
       problems accessible to only the most knowledgeable. Or, depending on the point of view, to
       the most persistent. The following set of commands has been devised in hope to make
       cluster history more accessible.

       Of course, looking at all history could be time consuming regardless of how good tools at
       hand are. Therefore, one should first say which period he or she wants to analyze. If not
       otherwise specified, the last hour is considered. Logs and other relevant information is
       collected using hb_report. Since this process takes some time and we always need fresh
       logs, information is refreshed in a much faster way using pssh(1). If python-pssh is not
       found on the system, examining live cluster is still possible though not as comfortable.

       Apart from examining live cluster, events may be retrieved from a report generated by
       hb_report (see also the -H option). In that case we assume that the period stretching the
       whole report needs to be investigated. Of course, it is still possible to further reduce
       the time range.

       If you think you may have found a bug or just need clarification from developers or your
       support, the session pack command can help create a report. This is an example:

               crm(live)history# timeframe "Jul 18 12:00" "Jul 18 12:30"
               crm(live)history# session save strange_restart
               crm(live)history# session pack
               Report saved in .../strange_restart.tar.bz2

       In order to reduce report size and allow developers to concentrate on the issue, you
       should beforehand limit the time frame. Giving a meaningful session name helps too.

           The info command shows most important information about the cluster.





           The latest command shows a bit of recent history, more precisely whatever happened
           since the last cluster change (the latest transition). If the transition is running,
           the shell will first wait until it finishes.





       limit (timeframe)
           All history commands look at events within certain period. It defaults to the last
           hour for the live cluster source. There is no limit for the hb_report source. Use this
           command to set the timeframe.

           The time period is parsed by the dateutil python module. It covers wide range of date
           formats. For instance:

           ·   3:00 (today at 3am)

           ·   15:00 (today at 3pm)

           ·   2010/9/1 2pm (September 1st 2010 at 2pm)

           We won’t bother to give definition of the time specification in usage below. Either
           use common sense or read the dateutil documentation.

           If dateutil is not available, then the time is parsed using strptime and only the kind
           as printed by date(1) is allowed:

           ·   Tue Sep 15 20:46:27 CEST 2010


                       limit [<from_time> [<to_time>]]


                       limit 10:15
                       limit 15h22m 16h
                       limit "Sun 5 20:46" "Sun 5 22:00"

           Events to be examined can come from the current cluster or from a hb_report report.
           This command sets the source. source live sets source to the running cluster and
           system logs. If no source is specified, the current source information is printed.

           In case a report source is specified as a file reference, the file is going to be
           unpacked in place where it resides. This directory is not removed on exit.


                       source [<dir>|<file>|live]


                       source live
                       source /tmp/customer_case_22.tar.bz2
                       source /tmp/customer_case_22

           This command makes sense only for the live source and makes crm collect the latest
           logs and other relevant information from the logs. If you want to make a completely
           new report, specify force.


                       refresh [force]

           How much detail to show from the logs.


                       detail <detail_level>

                       detail_level :: small integer (defaults to 0)


                       detail 1

           In case the host this program runs on is not part of the cluster, it is necessary to
           set the list of nodes.


                       setnodes node <node> [<node> ...]


                       setnodes node_a node_b

           Show actions and any failures that happened on all specified resources on all nodes.
           Normally, one gives resource names as arguments, but it is also possible to use
           extended regular expressions. Note that neither groups nor clones or master/slave
           names are ever logged. The resource command is going to expand all of these
           appropriately, so that clone instances or resources which are part of a group are


                       resource <rsc> [<rsc> ...]


                       resource bigdb public_ip
                       resource my_.*_db2
                       resource ping_clone

           Show important events that happened on a node. Important events are node lost and
           join, standby and online, and fence. Use either node names or extended regular


                       node <node> [<node> ...]


                       node node1

           Show messages logged on one or more nodes. Leaving out a node name produces combined
           logs of all nodes. Messages are sorted by time and, if the terminal emulations
           supports it, displayed in different colours depending on the node to allow for easier

           The sorting key is the timestamp as written by syslog which normally has the maximum
           resolution of one second. Obviously, messages generated by events which share the same
           timestamp may not be sorted in the same way as they happened. Such close events may
           actually happen fairly often.


                       log [<node>]


                       log node-a

           If a log is infested with irrelevant messages, those messages may be excluded by
           specifying a regular expression. The regular expressions used are Python extended.
           This command is additive. To drop all regular expressions, use exclude clear. Run
           exclude only to see the current list of regular expressions. Excludes are saved along
           with the history sessions.


                       exclude [<regex>|clear]


                       exclude kernel.*ocfs2

           Every event in the cluster results in generating one or more Policy Engine (PE) files.
           These files describe future motions of resources. The files are listed as full paths
           in the current report directory. Add v to also see the creation time stamps.


                       peinputs [{<range>|<number>} ...] [v]

                       range :: <n1>:<n2>


                       peinputs 440:444 446
                       peinputs v

           This command will print actions planned by the PE and run graphviz (dotty) to display
           a graphical representation of the transition. Of course, for the latter an X11 session
           is required. This command invokes ptest(8) in background.

           The showdot subcommand runs graphviz (dotty) to display a graphical representation of
           the .dot file which has been included in the report. Essentially, it shows the
           calculation produced by pengine which is installed on the node where the report was
           produced. In optimal case this output should not differ from the one produced by the
           locally installed pengine.

           The log subcommand shows the full log for the duration of the transition.

           A transition can also be saved to a CIB shadow for further analysis or use with cib or
           configure commands (use the save subcommand). The shadow file name defaults to the
           name of the PE input file.

           If the PE input file number is not provided, it defaults to the last one, i.e. the
           last transition. The last transition can also be referenced with number 0. If the
           number is negative, then the corresponding transition relative to the last one is

           If there are warning and error PE input files or different nodes were the DC in the
           observed timeframe, it may happen that PE input file numbers collide. In that case
           provide some unique part of the path to the file.

           After the ptest output, logs about events that happened during the transition are


                       transition [<number>|<index>|<file>] [nograph] [v...] [scores] [actions] [utilization]
                       transition showdot [<number>|<index>|<file>]
                       transition log [<number>|<index>|<file>]
                       transition save [<number>|<index>|<file> [name]]


                       transition 444
                       transition -1
                       transition pe-error-3.bz2
                       transition node-a/pengine/pe-input-2.bz2
                       transition showdot 444
                       transition log
                       transition save 0 enigma-22

           Every transition is saved as a PE file. Use this command to render that PE file either
           as configuration or status. The configuration output is the same as crm configure


                       show <pe> [status]

                       pe :: <number>|<index>|<file>|live


                       show 2066
                       show pe-input-2080.bz2 status

           Create a graphviz graphical layout from the PE file (the transition). Every transition
           contains the cluster configuration which was active at the time. See also generate a
           directed graph from configuration.


                       graph <pe> [<gtype> [<file> [<img_format>]]]

                       gtype :: dot
                       img_format :: `dot` output format (see the `-T` option)


                       graph -1
                       graph 322 dot
                       graph 322 dot clu1.conf.svg svg

           A transition represents a change in cluster configuration or state. Use diff to see
           what has changed between two transitions.

           If you want to specify the current cluster configuration and status, use the string

           Normally, the first transition specified should be the one which is older, but we are
           not going to enforce that.

           Note that a single configuration update may result in more than one transition.


                       diff <pe> <pe> [status] [html]

                       pe :: <number>|<index>|<file>|live


                       diff 2066 2067
                       diff pe-input-2080.bz2 live status

           Sometimes you may want to get back to examining a particular history period or bug
           report. In order to make that easier, the current settings can be saved and later

           If the current history being examined is coming from a live cluster the logs, PE
           inputs, and other files are saved too, because they may disappear from nodes. For the
           existing reports coming from hb_report, only the directory location is saved (not to
           waste space).

           A history session may also be packed into a tarball which can then be sent to support.

           Leave out subcommand to see the current session.


                       session [{save|load|delete} <name> | pack [<name>] | update | list]


                       session save bnc966622
                       session load rsclost-2
                       session list

   end (cd, up)
       The end command ends the current level and the user moves to the parent level. This
       command is available everywhere.



       The help command prints help for the current level or for the specified topic (command).
       This command is available everywhere.


                   help [<topic>]

   quit (exit, bye)
       Leave the program.


       Even though all sensible configurations (and most of those that are not) are going to be
       supported by the crm shell, I suspect that it may still happen that certain XML constructs
       may confuse the tool. When that happens, please file a bug report.

       The crm shell will not try to update the objects it does not understand. Of course, it is
       always possible to edit such objects in the XML format.


       Dejan Muhamedagic, <> and many OTHERS


       crm_resource(8), crm_attribute(8), crm_mon(8), cib_shadow(8), ptest(8), dotty(1),
       crm_simulate(8), cibadmin(8)


       Copyright (C) 2008-2011 Dejan Muhamedagic. Free use of this software is granted under the
       terms of the GNU General Public License (GPL).