3.3. Environment Variables for Daemon Start-up
Authentication and encryption of the connection between cluster nodes and nodes running pacemaker_remote is achieved using with
TLS-PSK encryption/authentication over TCP (port 3121 by default). This means that both the cluster node and remote node must share the same private key. By default, this key is placed at
/etc/pacemaker/authkey
on each node.
You can change the default port and/or key location for Pacemaker and pacemaker_remote via environment variables. How these variables are set varies by OS, but usually they are set in the /etc/sysconfig/pacemaker
or /etc/default/pacemaker
file.
#==#==# Pacemaker Remote
# Use a custom directory for finding the authkey.
PCMK_authkey_location=/etc/pacemaker/authkey
#
# Specify a custom port for Pacemaker Remote connections
PCMK_remote_port=3121