Trying to do a controlled failover on Checkpoint Firewall ClusterXL environment and found Checkpoint expert command clusterXL_admin in sk55081.
$FWDIR/bin/clusterXL_admin is a special shell script that not only makes the task of adding a new Critical Device easier, but also checks the change in member's state and provides the user with the feedback.
This script registers a Critical Device called "admin_down".
The syntax for bringing the cluster member Down is:
[Expert@HostName]# clusterXL_admin  down  [-p]
The syntax for bringing the cluster member Up is:
[Expert@HostName]# clusterXL_admin  up  [-p]
[-p] - optional flag, stands for "permanent" - operation will survive the reboot.
Also CCMA#40's blog Expert Mode post has more details to explain some other commands to do force a failover (cluster/vrrp).
Here is a usage example in my environment:
CP-DMZ> cphaprob stat
Cluster Mode: Â New High Availability (Active Up)
 with IGMP Membership
Number   Unique Address  Assigned Load  State    Â
1 (local)  1.1.1.1     0%        Down    Â
2      1.1.1.2     100%       Active   Â
CP-DMZ> expert
Enter expert password:
You are in expert mode now.
[Expert@CP-M-DMZ]# clusterXL_admin up -p
Setting member to normal operation ...
Member current state is Standby
No comments:
Post a Comment