LLMpediaThe first transparent, open encyclopedia generated by LLMs

crmsh

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: Pacemaker (software) Hop 5
Expansion Funnel Raw 50 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted50
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
crmsh
Namecrmsh
Titlecrmsh
DeveloperClusterLabs
Released2007
Programming languagePython
Operating systemLinux
GenreHigh-availability cluster management
LicenseGNU General Public License

crmsh crmsh is a command-line shell and scripting interface for managing high-availability clusters using the Pacemaker resource manager and Corosync messaging stack. It provides administrators with a compact syntax to configure, query, and control cluster resources, nodes, and constraints while integrating with popular Linux distributions and system tools. crmsh is designed to simplify orchestration of resource agents and policy-driven failover for enterprise workloads.

Overview

crmsh functions as an interactive shell and non-interactive utility for administering clustered services coordinated by Pacemaker, Corosync, and the underlying Linux operating environment. It exposes abstractions for resources, constraints, node attributes, and fencing operations that reflect cluster state stored in the Cluster Information Base (CIB). Administrators can use crmsh to manipulate the CIB, manage resource agents from the Linux-HA project, and script complex failover scenarios compatible with distributions such as Red Hat Enterprise Linux, CentOS, and Debian.

History and Development

crmsh originated within the ecosystem of the Linux-HA community and early Heartbeat users seeking a concise interface to cluster control. Development accelerated as Pacemaker emerged as the preferred resource manager and as Corosync was adopted as the messaging layer following work by Red Hat. Contributors included maintainers from ClusterLabs and volunteers from distributions including SUSE and Canonical. Over time crmsh incorporated support for evolving standards such as the Open Cluster Framework and integrated with tools used by projects like OpenStack and Kubernetes where persistent services require HA characteristics.

Features and Architecture

crmsh provides a shell environment implemented in Python that interacts with Pacemaker via its native command sockets and the CIB. Key features include a rich command set for resource primitives (OCF and LSB agents), constraints (location, order, colocation), and node administration (standby, reboot, maintenance). The architecture centers on translating human-friendly commands into XML CIB edits and invoking fencing through mechanisms compatible with STONITH implementations such as fence_ilo, fence_ipmilan, and fence_xvm. crmsh supports transaction semantics, dry-run modes, and integration with policy engines used in Red Hat Cluster Suite and enterprise orchestration stacks.

Usage and Commands

Users invoke crmsh interactively with a prompt or run single commands non-interactively. Typical operations include creating primitives with OCF resource agents like those in Linux-HA and configuring constraints that reference hosts managed by systemd or legacy init systems. Commands follow verbs such as configure, node, resource, constraint, and status, which map to CRUD operations on the CIB and to queries against Pacemaker’s state. Advanced CLI features enable diffing CIB revisions, extracting resource history for troubleshooting with tools like socat and tcpdump, and automating recoveries through scripts that interface with Ansible or SaltStack.

Integration and Extensions

crmsh integrates with ecosystem components: resource agents from the Open Cluster Framework (OCF), fencing agents from the fence-agents collection, and service managers like systemd. Extensions include glue code for Nagios or Icinga monitoring, hooks for OpenStack orchestration, and adapters enabling cluster-aware deployment from Jenkins pipelines. Community-contributed modules provide interoperability with virtualization platforms such as KVM, Xen Project, and oVirt, and with storage solutions like DRBD and Ceph for stateful services. Packaging and distribution have been contributed by teams at Debian, SUSE, and Red Hat.

Security and Authentication

crmsh relies on the security model of Pacemaker and Corosync for authenticated messaging and on transport-layer protections provided by the host operating system. Management operations require appropriate system privileges and often integrate with local access controls such as sudo policies and SELinux contexts on Red Hat Enterprise Linux and Fedora. Fencing and STONITH operations are critical for data integrity, using authenticated agents like fence_ilo and fence_ipmilan that interface with hardware management subsystems such as IPMI and iLO. Auditing of CIB changes can be correlated with system logs managed by rsyslog or journald to track administrative actions.

Comparison with Other Cluster Management Tools

crmsh is focused on Pacemaker/Coroqsync-centric clusters and differs from graphical cluster managers and broader orchestration platforms. Compared with vendor GUIs like pcs (Pacemaker Configuration System) or Hawk2 from SUSE, crmsh emphasizes scripting and compact CLI operations rather than web-based dashboards. Unlike container orchestrators such as Kubernetes or Docker Swarm, crmsh targets traditional VM and service failover with explicit resource agents and STONITH. For service-level automation, tools like Ansible and Chef may call crmsh to effect cluster changes, while full-featured monitoring suites such as Prometheus may integrate with crmsh-managed resources for health checks. crmsh remains a pragmatic choice for administrators requiring fine-grained control over Pacemaker-managed high-availability services.

Category:Cluster management software