diff options
| author | Jan Pokorný <jpokorny@redhat.com> | 2013-01-29 18:20:13 +0100 |
|---|---|---|
| committer | Jan Pokorný <jpokorny@redhat.com> | 2013-01-29 18:25:12 +0100 |
| commit | dbebf0be9cb077864aac9d6d60783b53ee50a2a5 (patch) | |
| tree | 98eaed1a6bd19c0c8f925fec9a0655a5c9466b4d /corosync.trang.rng | |
| parent | f781e6e0c5ce428b18485d7d05df91962c04c007 (diff) | |
| download | rnc2rng-dbebf0be9cb077864aac9d6d60783b53ee50a2a5.tar.gz rnc2rng-dbebf0be9cb077864aac9d6d60783b53ee50a2a5.tar.xz rnc2rng-dbebf0be9cb077864aac9d6d60783b53ee50a2a5.zip | |
Massive update so it works for corosync.rnc and several others
- continued style cleanup
- some files moved to "unused" dir
- added several files for testing and the ones like TODO and HACKING
Signed-off-by: Jan Pokorný <jpokorny@redhat.com>
Diffstat (limited to 'corosync.trang.rng')
| -rw-r--r-- | corosync.trang.rng | 907 |
1 files changed, 907 insertions, 0 deletions
diff --git a/corosync.trang.rng b/corosync.trang.rng new file mode 100644 index 0000000..e53e6a0 --- /dev/null +++ b/corosync.trang.rng @@ -0,0 +1,907 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + style guide (RELAX NG Compact only): + * '##' comments are wrapped at 50/80 (first line/rest), 2-spaced sentence + separator, AsciiDoc formatting is used within them + * sort everything you can to ease the lookup +--> +<grammar xmlns:a="http://relaxng.org/ns/compatibility/annotations/1.0" xmlns:a4doc="http://people.redhat.com/jpokorny/ns/a4doc" xmlns="http://relaxng.org/ns/structure/1.0" datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes"> + <start> + <ref name="corosync"/> + </start> + <define name="corosync"> + <element name="corosync"> + <interleave> + <optional> + <ref name="logging"/> + </optional> + <optional> + <ref name="nodelist"/> + </optional> + <optional> + <ref name="quorum"/> + </optional> + <ref name="totem"/> + <optional> + <ref name="uidgid"/> + </optional> + </interleave> + </element> + </define> + <define name="macro.logging_attributes"> + <optional> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="debug" a:defaultValue="off"> + <a:documentation>This specifies whether debug output is +logged for this particular logger. Also can contain value trace, what +is highest level of debug informations.</a:documentation> + <choice> + <value>off</value> + <value>on</value> + </choice> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="logfile_priority" a:defaultValue="info"> + <a:documentation>This specifies the logfile level for this particular subsystem. Ignored +if *debug* is 'on'. Possible values are: 'alert', 'crit', 'debug' +(same as *debug =* 'on'), 'emerg', 'err', 'info', 'notice' and 'warning'.</a:documentation> + <choice> + <value>alert</value> + <value>crit</value> + <value>debug</value> + <value>emerg</value> + <value>err</value> + <value>info</value> + <value>notice</value> + <value>warning</value> + </choice> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="syslog_facility" a:defaultValue="daemon"> + <a:documentation>This specifies the syslog facility type +that will be used for any messages sent to syslog. Options are +'daemon', 'local0', 'local1', 'local2', 'local3', 'local4', 'local5', +'local6' and 'local7'.</a:documentation> + <choice> + <value>daemon</value> + <value>local0</value> + <value>local1</value> + <value>local2</value> + <value>local3</value> + <value>local4</value> + <value>local5</value> + <value>local6</value> + <value>local7</value> + </choice> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="syslog_priority" a:defaultValue="info"> + <a:documentation>This specifies the syslog level for this +particular subsystem. Ignored if *debug* is 'on'. Possible values are: +'alert', 'crit', 'debug' (same as *debug =* 'on'), 'emerg', 'err', +'info', 'notice' and 'warning'.</a:documentation> + <choice> + <value>alert</value> + <value>crit</value> + <value>debug</value> + <value>emerg</value> + <value>err</value> + <value>info</value> + <value>notice</value> + <value>warning</value> + </choice> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="to_logfile" a:defaultValue="no"> + <a:documentation>This specifies the destination +of logging output. + +Please note, if you are using *to_logfile* and want to rotate the file, +use `logrotate(8)` with the option `copytruncate`, e.g. + +---- +/var/log/corosync.log { + missingok + compress + notifempty + daily + rotate 7 + copytruncate +} +----</a:documentation> + <choice> + <value>no</value> + <value>yes</value> + </choice> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="to_stderr" a:defaultValue="yes"> + <a:documentation>This specifies the destination +of logging output.</a:documentation> + <choice> + <value>no</value> + <value>yes</value> + </choice> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="to_syslog" a:defaultValue="yes"> + <a:documentation>This specifies the destination +of logging output.</a:documentation> + <choice> + <value>no</value> + <value>yes</value> + </choice> + </attribute> + </optional> + </define> + <define name="logging"> + <element name="logging"> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="timestamp" a:defaultValue="off"> + <a:documentation>This specifies that a timestamp is placed +on all log messages.</a:documentation> + <choice> + <value>off</value> + <value>on</value> + </choice> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="fileline" a:defaultValue="off"> + <a:documentation>This specifies that file and line should +be printed.</a:documentation> + <choice> + <value>off</value> + <value>on</value> + </choice> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="function_name" a:defaultValue="off"> + <a:documentation>This specifies that the code function name +should be printed.</a:documentation> + <choice> + <value>off</value> + <value>on</value> + </choice> + </attribute> + </optional> + <ref name="macro.logging_attributes"/> + <zeroOrMore> + <ref name="logger_subsys"/> + </zeroOrMore> + </element> + </define> + <define name="logger_subsys"> + <element name="logger_subsys"> + <ref name="macro.logging_attributes"/> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="subsys"> + <a:documentation>This specifies the subsystem identity +(name) for which logging is specified. This is the name used by +a service in the `log_init` call. E.g., 'CPG'. +This option is required.</a:documentation> + </attribute> + </element> + </define> + <define name="nodelist"> + <element name="nodelist"> + <optional> + <ref name="node"/> + </optional> + </element> + </define> + <define name="node"> + <element name="node"> + <group> + <optional> + <!-- + XXX: implied check + CFG: corosync.conf, cluster.conf + --> + <attribute name="noid"> + <a:documentation>This configuration option is optional when +using IPv4 and required when using IPv6. This is a 32 bit value +specifying the node identifier delivered to the cluster membership +service. If this is not specified with IPv4, the node id will be +determined from the 32 bit IP address the system to which the system +is bound with ring identifier of 0. The node identifier value of zero +is reserved and should not be used.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="ring0_addr"> + <a:documentation>This specifies IP address of one of the nodes for particular ring +as denoted by its number (instead 0, there can be higher numbers).</a:documentation> + </attribute> + <optional> + <attribute name="ring1_addr"/> + </optional> + <optional> + <attribute name="ring2_addr"/> + </optional> + <optional> + <attribute name="ring3_addr"/> + </optional> + <optional> + <attribute name="ring4_addr"/> + </optional> + <optional> + <attribute name="ring5_addr"/> + </optional> + <optional> + <attribute name="ring6_addr"/> + </optional> + <optional> + <attribute name="ring7_addr"/> + </optional> + <optional> + <attribute name="ring8_addr"/> + </optional> + <optional> + <attribute name="ring9_addr"/> + </optional> + </group> + <!-- NOTE: Augeas lens for corosync.conf counts on X = 0..9 only --> + </element> + </define> + <define name="quorum"> + <element name="quorum"> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="allow_downscale" a:defaultValue="0"> + <a:documentation>This enables Downscale feature +(see `votequorum(5)`).</a:documentation> + <choice> + <value>0</value> + <value>1</value> + </choice> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="auto_tie_breaker" a:defaultValue="0"> + <a:documentation>This enables Auto Tie Breaker feature +(see `votequorum(5)`).</a:documentation> + <choice> + <value>0</value> + <value>1</value> + </choice> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="expected_votes"> + <a:documentation>This specifies the number of expected votes, overriding the number +implied by the number of *node* items within *nodes*.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="last_man_standing" a:defaultValue="0"> + <a:documentation>This enables Last Man Standing feature +(see `votequorum(5)`).</a:documentation> + <choice> + <value>0</value> + <value>1</value> + </choice> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="last_man_standing_window" a:defaultValue="0"> + <a:documentation>This specifies the tunable for Last Man +Standing feature (see `votequorum(5)`).</a:documentation> + <data type="nonNegativeInteger"/> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="provider"> + <a:documentation>This specifies the quorum algorithm to use. +As of now, only 'corosync_votequorum' is supported.</a:documentation> + <value>corosync_votequorum</value> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="two_node" a:defaultValue="0"> + <a:documentation>This enables two node cluster operations +(see `votequorum(5)`).</a:documentation> + <choice> + <value>0</value> + <value>1</value> + </choice> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="wait_for_all" a:defaultValue="0"> + <a:documentation>This enables Wait For All feature +(see `votequorum(5)`).</a:documentation> + <choice> + <value>0</value> + <value>1</value> + </choice> + </attribute> + </optional> + </element> + </define> + <define name="totem"> + <element name="totem"> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="clear_node_high_bit" a:defaultValue="no" a4doc:discretion-hint="The clusters behavior is undefined if this option is enabled on only a subset of the cluster (for example during a rolling upgrade)."> + <a:documentation>This configuration option is optional and +is only relevant when no *nodeid* is specified. Some corosync clients +require a signed 32 bit nodeid that is greater than zero however by +default corosync uses all 32 bits of the IPv4 address space when +generating a nodeid. Set this option to 'yes' to force the high bit +to be zero and therefor ensure the nodeid is a positive signed 32 bit +integer.</a:documentation> + <choice> + <value>no</value> + <value>yes</value> + </choice> + </attribute> + </optional> + <optional> + <!-- + CFG: corosync.conf, cluster.conf + NOTE: not a direct mapping in cluster.conf (top-level tag instead) + --> + <attribute name="cluster_name"> + <a:documentation>This specifies the name of cluster and it's +used for automatic generating of multicast address.</a:documentation> + </attribute> + </optional> + <optional> + <!-- + XXX: implied check + CFG: corosync.conf, cluster.conf + --> + <attribute name="consensus" a:defaultValue="1200"> + <a:documentation>This timeout specifies in milliseconds how +long to wait for consensus to be achieved before starting a new round +of membership configuration. The minimum value for *consensus* must be +1.2 * *token*. + +This value will be automatically calculated at 1.2 * *token* if +the user doesn't specify a *consensus* value. + +For two node clusters, a *consensus* larger then the *join* timeout but +less then *token* is safe. For three node or larger clusters, +*consensus* should be larger then token. There is an increasing risk +of odd membership changes, which still guarantee virtual synchrony, +as node count grows if *consensus* is less than *token*.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- + XXX: missing nss? + CFG: corosync.conf + --> + <attribute name="crypto_cipher" a:defaultValue="aes256"> + <a:documentation>This specifies which cipher should be used +to encrypt all messages. Valid values are 'none' (no encryption), +'aes256', 'aes192', 'aes128' and '3des'.</a:documentation> + <choice> + <value>3des</value> + <value>aes128</value> + <value>aes192</value> + <value>aes256</value> + <value>none</value> + </choice> + </attribute> + </optional> + <optional> + <!-- CFG: undocumented --> + <attribute name="crypto_compat"> + <choice> + <value>2.0</value> + <value>2.2</value> + </choice> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="crypto_hash" a:defaultValue="sha1"> + <a:documentation>This specifies which HMAC authentication +should be used to authenticate all messages. Valid values are 'none' +(no authentication), 'md5', 'sha1', 'sha256', 'sha384' and 'sha512'.</a:documentation> + <choice> + <value>none</value> + <value>md5</value> + <value>sha1</value> + <value>sha256</value> + <value>sha384</value> + <value>sha512</value> + </choice> + </attribute> + </optional> + <optional> + <!-- CFG: undocumented --> + <attribute name="crypto_type"> + <choice> + <value>3des</value> + <value>aes128</value> + <value>aes192</value> + <value>aes256</value> + <value>nss</value> + </choice> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="downcheck" a:defaultValue="1000"> + <a:documentation>This timeout specifies in milliseconds how +long to wait before checking that a network interface is back up after +it has been downed.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="fail_recv_const" a:defaultValue="2500"> + <a:documentation>This constant specifies how many rotations +of the token without receiving any of the messages when messages should +be received may occur before a new configuration is formed.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="heartbeat_failures_allowed" a:defaultValue="0"> + <a:documentation>Configures the optional HeartBeating +mechanism for faster failure detection. Keep in mind that engaging this +mechanism in lossy networks could cause faulty loss declaration as +the mechanism relies on the network for heartbeating. + +So as a rule of thumb use this mechanism if you require improved +failure in low to medium utilized networks. + +This constant specifies the number of heartbeat failures the system +should tolerate before declaring heartbeat failure, e.g., 3. +Also if this value is not set or is 0 then the heartbeat mechanism is +not engaged in the system and token rotation is the method of failure +detection. Zero disables the mechanism.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="hold" a:defaultValue="180" a4doc:danger-hint="It is not recommended to override this value without guidance from the corosync community."> + <a:documentation>This timeout specifies in milliseconds +how long the token should be held by the representative when +the protocol is under low utilization.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="join" a:defaultValue="50"> + <a:documentation>This timeout specifies in milliseconds how +long to wait for join messages in the membership protocol.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="max_messages" a:defaultValue="17"> + <a:documentation>This constant specifies the maximum number +of messages that may be sent by one processor on receipt of the token. +The *max_messages* parameter is limited to 256000 / *netmtu* to prevent +overflow of the kernel transmit buffers.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="max_network_delay" a:defaultValue="50"> + <a:documentation>This constant specifies in milliseconds +the approximate delay that your network takes to transport one packet +from one machine to another. This value is to be set by system engineers +and please don't change it if not sure as this effects the failure +detection mechanism using heartbeat.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="merge" a:defaultValue="200"> + <a:documentation>This timeout specifies in milliseconds how +long to wait before checking for a partition when no multicast traffic +is being sent. If multicast traffic is being sent, the merge detection +happens automatically as a function of the protocol.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="miss_count_const" a:defaultValue="5"> + <a:documentation>This constant defines the maximum number +of times on receipt of a token a message is checked for retransmission +before a retransmission occurs. This parameter is useful to modify for +switches that delay multicast packets compared to unicast packets. +The default setting works well for nearly all modern switches.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="netmtu" a:defaultValue="1500"> + <a:documentation>This specifies the network maximum transmit +unit. To set this value beyond 1500, the regular frame MTU, requires +ethernet devices that support large, or also called jumbo, frames. +If any device in the network doesn't support large frames, the protocol +will not operate properly. The hosts must also have their mtu size set +from 1500 to whatever frame size is specified here. + +Please note while some NICs or switches +claim large frame support, they support 9000 MTU as the maximum frame +size including the IP header. Setting the *netmtu* and host MTUs to 9000 +will cause totem to use the full 9000 bytes of the frame. Then Linux +will add a 18 byte header moving the full frame size to 9018. +As a result some hardware will not operate properly with this size +of data. A *netmtu* of 8982 seems to work for the few large frame devices +that have been tested. Some manufacturers claim large frame support +when in fact they support frame sizes of 4500 bytes. + +When sending multicast traffic, if the network frequently reconfigures, +chances are that some device in the network doesn't support large frames. + +Choose hardware carefully if intending to use large frame support.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- CFG: undocumented --> + <attribute name="nodeid"> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="rrp_autorecovery_check_timeout" a:defaultValue="1000"> + <a:documentation>This specifies the time in milliseconds +to check if the failed ring can be auto-recovered.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- + XXX: implied check: active,passive -> count(interface) <= 2 + CFG: corosync.conf, cluster.conf + --> + <attribute name="rrp_mode"> + <a:documentation>This specifies the mode of redundant ring, +which may be 'none', 'active', or 'passive'. Active replication offers +none`, active, or passive. Active replication offers +slightly lower latency from transmit to delivery in faulty network +environments but with less performance. Passive replication may nearly +double the speed of the totem protocol if the protocol doesn't become +CPU bound. The final option is none, in which case only one network +interface will be used to operate the totem protocol. + +If only one *interface* directive is specified, 'none' is automatically +chosen. If multiple *interface* directives are specified, only 'active' +or 'passive' may be chosen. + +The maximum number of *interface* directives that is allowed for either +mode ('active' or 'passive') is 2.</a:documentation> + <choice> + <value>active</value> + <value>none</value> + <value>passive</value> + </choice> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="rrp_problem_count_mcast_threshold"> + <a:documentation>This specifies the number of times +a problem is detected with multicast before setting the link faulty for +passive RRP mode. This variable is unused in active RRP mode. + +The default is 10 times *rrp_problem_count_threshold*.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- + XXX: implied check + CFG: corosync.conf, cluster.conf + --> + <attribute name="rrp_problem_count_threshold" a:defaultValue="10"> + <a:documentation>This specifies the number of times +a problem is detected with a link before setting the link faulty. +Once a link is set faulty, no more data is transmitted upon it. Also, +the problem counter is no longer decremented when the problem count +timeout expires. + +A problem is detected whenever all tokens from the proceeding +processor have not been received within the *rrp_token_expired_timeout*. +The *rrp_problem_count_threshold* * *rrp_token_expired_timeout* should be +at least 50 milliseconds less then the *token* timeout, or a complete +reconfiguration may occur.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="rrp_problem_count_timeout" a:defaultValue="2000"> + <a:documentation>This specifies the time in milliseconds +to wait before decrementing the problem count by 1 for a particular ring +to ensure a link is not marked faulty for transient network failures.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="rrp_token_expired_timeout" a:defaultValue="47" a4doc:danger-hint="It is not recommended to override this value without guidance from the corosync community."> + <a:documentation>This specifies the time in milliseconds +to increment the problem counter for the redundant ring protocol after +not having received a token from all rings for a particular processor. + +This value will automatically be calculated from the *token* timeout +and *problem_count_threshold* but may be overridden.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- + XXX: implied check/migration to current items + CFG: corosync.conf, cluster.conf + --> + <attribute name="secauth" a:defaultValue="on" a4doc:deprecation-hint="It's recomended to use combination of *crypto_cipher* and *crypto_hash*."> + <a:documentation>This specifies that HMAC/SHA1 authentication should be used +to authenticate all messages. It further specifies that all data +should be encrypted with the nss library and aes256 encryption +algorithm to protect data from eavesdropping. + +Enabling this option adds a encryption header to every message sent +by totem which reduces total throughput. Also encryption and +authentication consume extra CPU cycles in corosync.</a:documentation> + <choice> + <value>off</value> + <value>on</value> + </choice> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="send_join" a:defaultValue="0" a4doc:danger-hint="Seek advice from the corosync mailing list if trying to run larger configurations."> + <a:documentation>This timeout specifies in milliseconds +an upper range between 0 and *send_join* to wait before sending a join +message. For eprecationtions with less then 32 nodes, this parameter +is not necessary. For larger rings, this parameter is necessary +to ensure the NIC is not overflowed with join messages on formation of +a new ring. A reasonable value for large rings (128 nodes) would be +80msec. Other timer values must also change if this value is changed.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="seqno_unchanged_const" a:defaultValue="30"> + <a:documentation>This constant specifies how many rotations +of the token without any multicast traffic should occur before the hold +timer is started.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- CFG: undocumented --> + <attribute name="threads"> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="token" a:defaultValue="1000"> + <a:documentation>This timeout specifies in milliseconds +until a token loss is declared after not receiving a token. This is +the time spent detecting a failure of a processor in the current +configuration. Reforming a new configuration takes about 50 +milliseconds in addition to this timeout.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="token_retransmit" a:defaultValue="238" a4doc:danger-hint="It is not recommended to override this value without guidance from the corosync community."> + <a:documentation>This timeout specifies in milliseconds +after how long before receiving a token the token is retransmitted. +This will be automatically calculated if token is modified.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="token_retransmits_before_loss_const" a:defaultValue="4"> + <a:documentation>This value identifies how many token +retransmits should be attempted before forming a new configuration. +If this value is set, retransmit and hold will be automatically +calculated from *retransmits_before_loss* and token.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="transport" a:defaultValue="udp"> + <choice> + <value>iba</value> + <value>udp</value> + <value>udpu</value> + </choice> + </attribute> + </optional> + <attribute name="version"> + <a:documentation>This option controls the transport +mechanism used. If the interface to which corosync is binding is +an RDMA interface such as RoCEE or Infiniband, the 'iba' parameter +may be specified. To avoid the use of multicast entirely, a unicast +transport parameter 'udpu' can be specified. This requires specifying +the list of members in *nodelist* directive, that could potentially make +up the membership before deployment.</a:documentation> + <!-- CFG: corosync.conf --> + <a:documentation>This specifies the version of +the configuration file. Currently the only valid value for this +option is '2'.</a:documentation> + <data type="unsignedInt"/> + </attribute> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="vsftype" a:defaultValue="ykd"> + <a:documentation>This option controls the virtual +synchrony filter type used to identify a primary component. +The preferred choice is YKD dynamic linear voting, however, for +clusters larger then 32 nodes YKD consumes alot of memory. For large +scale clusters that are created by changing the MAX_PROCESSORS_COUNT +#define in the C code totem.h file, the virtual synchrony filter 'none' +is recommended but then AMF and DLCK services (which are currently +experimental) are not safe for use.</a:documentation> + <choice> + <value>none</value> + <value>ykd</value> + </choice> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="window_size" a:defaultValue="50"> + <a:documentation>This constant specifies the maximum number +of messages that may be sent on one token rotation. If all processors +perform equally well, this value could be large (300), which would +introduce higher latency from origination to delivery for very large +rings. To reduce latency in large rings (16+), the defaults are a safe +compromise. If 1 or more slow processor(s) are present among fast +processors, *window_size* should be no larger then 256000 / *netmtu* +to avoid overflow of the kernel receive buffers. The user is notified +of this by the display of a retransmit list in the notification logs. +There is no loss of data, but performance is reduced when these errors +occur.</a:documentation> + <data type="unsignedInt"/> + </attribute> + </optional> + <zeroOrMore> + <ref name="interface"/> + </zeroOrMore> + </element> + </define> + <define name="interface"> + <element name="interface"> + <optional> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="bindnetaddr"> + <a:documentation>This specifies the network address +the corosync executive should bind to. +*bindnetaddr* should be an IP address configured on the system, or +a network address. + +For example, if the local interface is `192.168.5.92` with netmask +`255.255.255.0`, you should set *bindnetaddr* to `192.168.5.92` or +`192.168.5.0`. If the local interface is `192.168.5.92` with netmask +`255.255.255.192`, set *bindnetaddr* to `192.168.5.92` or `192.168.5.64`, +and so forth. + +This may also be an IPv6 address, in which case IPv6 networking will be +used. In this case, the exact address must be specified and there is no +automatic selection of the network interface within a specific subnet +as with IPv4. + +If IPv6 networking is used, the *nodeid* field in *nodelist* must be +specified.</a:documentation> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf --> + <attribute name="broadcast" a:defaultValue="no"> + <a:documentation>This is optional and can be set to 'yes'. If it is set to 'yes', +the broadcast address will be used for communication. If this option +is set, *mcastaddr* should not be set.</a:documentation> + <choice> + <value>no</value> + <value>yes</value> + </choice> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="mcastaddr"> + <a:documentation>This is the multicast address used +by corosync executive. The default should work for most networks, but +the network administrator should be queried about a multicast address +to use. Avoid `224.x.x.x` because this is a "config" multicast address. + +This may also be an IPv6 multicast address, in which case IPv6 networking +will be used. If IPv6 networking is used, the *nodeid* field in +*nodelist* must be specified. + +It's not needed to use this option if *cluster_name* option is used. +If both options are used, *mcastaddr* has higher priority.</a:documentation> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="mcastport"> + <a:documentation>This specifies the UDP port number. +It is possible to use the same multicast address on a network with +the corosync services configured for different UDP ports. Please note +corosync uses two UDP ports *mcastport* (for mcast receives) and +*mcastport* - 1 (for mcast sends). If you have multiple clusters +on the same network using the same *mcastaddr* please configure +the **mcastport**s with a gap.</a:documentation> + <data type="unsignedShort"/> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="ringnumber"> + <a:documentation>This specifies the ring number for +the interface. When using the redundant ring protocol, each interface +should specify separate ring numbers to uniquely identify to +the membership protocol which interface to use for which redundant ring. +The *ringnumber* must start at 0.</a:documentation> + <data type="unsignedByte"/> + </attribute> + </optional> + <optional> + <!-- CFG: corosync.conf, cluster.conf --> + <attribute name="ttl" a:defaultValue="1"> + <a:documentation>This specifies the Time To Live (TTL). +If you run your cluster on a routed network then the default of '1' will +be too small. This option provides a way to increase this up to '255'. +The valid range is '0..255'. Note that this is only valid on multicast +transport types.</a:documentation> + <data type="unsignedByte"/> + </attribute> + </optional> + </element> + </define> +</grammar> +<!-- + uidgid = + element uidgid { + attribute uid {text}?, + attribute gid {text}? + } +--> |