8.5. Cluster Management Console (CMC)

The Cluster Management Console provides you with a web interface to monitor the performance of the cluster and to make dynamic changes to the configuration. We showed you how to use CMC to help administer your cluster in the previous chapter. In this section, we will explain how it works.

CMC runs as a daemon on each ATM system in the cluster. It is started with an initialization script, /etc/init.d/cmcd. The daemon process is called cmc, which will show up if you do a ps x listing. (Actually, it will show up twice -- one process listens for incoming connections, and the other monitors traffic on the ATM.) The CMC daemon listens on TCP port 910 for incoming secure HTTP connections. You should always access the Cluster Management Console (CMC) from the following URL ``https://virtualhost:910'' from the system client rather than from service nodes.

When a browser initiates a connection on port 910, the CMC daemon requests that the client authenticates itself. Communication is secured using the SSL protocol, so the password will be encrypted before being sent across the network. Information passed between the browser and the ATM will also be encrypted, so none of the information displayed or entered in CMC can be intercepted. The browser will pop up a user name and password request. The `tlclbadmin' user account should be used when connecting to CMC. You can also use the `root' account, but may have less functionality when doing so. The `tlclbadmin' account is created during installation, and will initially have the same password as the `root' user.

The first time you connect to CMC, the browser may also pop up an alert telling you about the security certificate on the CMC system. The SSL certificate was generated when you installed Turbolinux Cluster LoadBalancer 10. You can have your certificate validated by a commercial certificate authority such as VeriSign or Thawte. However, the process of obtaining such a certificate is rather involved and is not necessary. If you do obtain such a certificate, store it in the cmc-cert-key.pem file in the /etc/clusterserver directory.

CMC gathers much of its information from the kernel module via the /proc/net/cluster files. All of the `Internal Module Status' sections on the Status page of CMC come directly from the /proc files. They are formatted nicely, and even allow you to dynamically change some of the settings. Note that if you change these settings dynamically, the changes will not persist when the ATM is restarted. To change settings permanently, you will need to make the changes to the configuration file. The other information on the Status page is gathered using command line utilities and log files. The commands and file names are listed with each section.

CMC allows you to stop and start the clusterserverd daemon on the ATM. Be aware that if you stop or restart the primary ATM, the backup ATMs may take over the primary ATM responsibilities, so the system you are looking at may no longer be the primary ATM after you restart it.

As was discussed earlier, the CMC daemon communicates with the Cluster Server daemon via TCP port 17101. This communication channel is used to allow CMC to control some aspects of the clusterserverd daemon.