1OCF_HEARTBEAT_IPSEC(7) OCF resource agents OCF_HEARTBEAT_IPSEC(7)
2
6 ocf_heartbeat_ipsec - Handles IPSEC tunnels for VIPs
7
9 ipsec [start | stop | monitor | meta-data]
10
12 This is a Resource Agent to manage IPSEC tunnels associated with a
13 Virtual IP Address. It's meant to be collocated with a specific VIP,
14 and will manage setting up or down a specific tunnel.
15
17 tunnel
18 The name of the tunnel to be monitored.
19 (unique, required, string, no default)
21 vip
23 Virtual IP address that the tunnel is using.
24 (unique, required, string, no default)
26 confdir
28 The directory where the IPSEC tunnel configurations can be found.
29 (optional, string, default "/etc/ipsec.d/")
31 fallbacktunnel
33 The name of the tunnel to fall back to when the main tunnel is put
34 down.
35 (unique, optional, string, no default)
37
39 This resource agent supports the following actions (operations):
40 start
42 Starts the resource. Suggested minimum timeout: 20s.
43 stop
45 Stops the resource. Suggested minimum timeout: 20s.
46 monitor
48 Performs a detailed status check. Suggested minimum timeout: 20s.
49 Suggested interval: 10s.
50 reload
52 Suggested minimum timeout: 20s.
53 meta-data
55 Retrieves resource agent metadata (internal use only). Suggested
56 minimum timeout: 5s.
57
59 The following is an example configuration for a ipsec resource using
60 the crm(8) shell:
61 primitive p_ipsec ocf:heartbeat:ipsec \
63 params \
64 tunnel=string \
65 vip=string \
66 op monitor timeout="20s" interval="10s" depth="0"
67
69 The following is an example configuration for a ipsec resource using
70 pcs(8)
71 pcs resource create p_ipsec ocf:heartbeat:ipsec \
73 tunnel=string \
74 vip=string \
75 op monitor timeout="20s" interval="10s" OCF_CHECK_LEVEL="0"
76
78 http://clusterlabs.org/
79
81 ClusterLabs contributors (see the resource agent source for information
82 about individual authors)
83resource-agents UNKNOWN 01/25/2023 OCF_HEARTBEAT_IPSEC(7)